Удаление вирусов и троянов. Защита компьютера. › Помощь в удалении вирусов, троянов, рекламы и других зловредов › Компьютер работает только в safe mode
- This topic has 1 ответ, 1 участник, and was last updated 14 years, 2 months назад by northerngull.
-
АвторСообщения
-
18 сентября, 2010 в 9:00 дп #18690
Добрый день!
Вдруг возникла такая проблема с ноутбуком — в нормальном режиме компьютер фактически перестал работать — никакие программы запустить нельзя (пишет, что у Windows нет device, patch чтобы открыть файл), не работает звук (его можно включить, но через секунду автоматически ставится mute), интернет тоже не работает, все зависает. Попробовав удалить какую-то программу, выскочило сообщение, что не хватает прав администратора, хотя этих настроек я не меняла. Загружается в безопасном режиме — тогда работает интернет, программы, но звук не работает.
Где-то 3 недели назад я схватила my security shield, вылечила с помощью советов со спайваре. Но потом были небольшие глюки — файрфокс вис, bногда компьюетер выдавал в начале темный экран с проверкой на consistency. Последние обновления установленные — firefox и adobe flash. Антивирус (avast) и антималваре ничего не нашли, плюс стоял Online Armor.
Заранее большое спасибо!
ьюLogfile of random’s system information tool 1.08 (written by random/random)
Run by K at 2010-09-18 09:51:42
Microsoft Windows 7 Home Premium
System drive C: has 247 GB (83%) free of 297 GB
Total RAM: 3935 MB (79% free)Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:51:48, on 18.09.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode with network supportRunning processes:
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:Program Files (x86)Mozilla Firefoxplugin-container.exe
C:Program Files (x86)SkypePhoneSkype.exe
C:UsersKDownloadsRSIT.exe
C:Program Files (x86)trend microK.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 — Hosts: яю127.0.0.1 localhost
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: AskBar BHO — {201f27d4-3704-41d6-89c1-aa35e39143ed} — C:Program Files (x86)AskBarDisbarbinaskBar.dll
O2 — BHO: (no name) — {5C255C8A-E604-49b4-9D64-90988571CECB} — (no file)
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~2MICROS~2Office12GR469A~1.DLL
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O3 — Toolbar: Ask Toolbar — {3041d03e-fd4b-44e0-b742-2d9b88305f98} — C:Program Files (x86)AskBarDisbarbinaskBar.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [LaunchUserRequestedPrograms] «C:Program FilesSonyFirst ExperienceMiniprogram.exe»
O4 — HKLM..Run: [RegistrationReminder] «C:Program FilesSonyFirst ExperienceOOBEFcdRegistration.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [SmartWiHelper] «C:Program Files (x86)SonySmartWi Connection UtilitySmartWiHelper.exe» /WindowsStartup
O4 — HKLM..Run: [VAIOSurvey] «C:Program Files (x86)SonyVAIO SurveyVAIO Sat Survey.exe»
O4 — HKLM..Run: [ISBMgr.exe] «C:Program Files (x86)SonyISB UtilityISBMgr.exe»
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Common FilesJavaJava Updatejusched.exe»
O4 — HKLM..Run: [GrooveMonitor] «C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [avast5] «C:Program FilesAlwil SoftwareAvast5avastUI.exe» /nogui
O4 — HKCU..Run: [swg] «C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [Skype] «C:Program Files (x86)SkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [Octoshape Streaming Services] «C:UsersKAppDataRoamingOctoshapeOctoshape Streaming ServicesOctoshapeClient.exe» -inv:bootrun
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘NETWORK SERVICE’)
O4 — Startup: Punto Switcher.lnk = C:Program Files (x86)YandexPunto Switcherpunto.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Google Sidewiki… — res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~2MICROS~2Office12REFIEBAR.DLL
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~2MICROS~2Office12GRA32A~1.DLL
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: ArcSoft Connect Daemon (ACDaemon) — ArcSoft Inc. — C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: avast! Antivirus — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Mail Scanner — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Web Scanner — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) — Unknown owner — C:WindowsSystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32fxsresm.dll,-118 (Fax) — Unknown owner — C:Windowssystem32fxssvc.exe (file missing)
O23 — Service: Google Update Service (gupdate) (gupdate) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 — Service: IviRegMgr — InterVideo — C:Program Files (x86)Common FilesInterVideoRegMgriviRegMgr.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Online Armor Helper Service (OAcat) — Unknown owner — C:Program Files (x86)Online ArmorOAcat.exe
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Roxio UPnP Renderer 10 — Sonic Solutions — C:Program Files (x86)RoxioDigital Home 10RoxioUPnPRenderer10.exe
O23 — Service: Roxio Upnp Server 10 — Sonic Solutions — C:Program Files (x86)RoxioDigital Home 10RoxioUpnpService10.exe
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: Realtek Audio Service (RtkAudioService) — Realtek Semiconductor — C:Program FilesRealtekAudioHDARtkAudioService64.exe
O23 — Service: Intel(R) Sample Collector (SampleCollector) — Intel Corporation — C:Program FilesSonyVAIO Carecollsvc.exe
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: VAIO Media plus Content Importer (SOHCImp) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHCImp.exe
O23 — Service: VAIO Media plus Database Manager (SOHDBSvr) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHDBSvr.exe
O23 — Service: VAIO Media plus Digital Media Server (SOHDms) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHDms.exe
O23 — Service: VAIO Media plus Device Searcher (SOHDs) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHDs.exe
O23 — Service: VAIO Media plus Playlist Manager (SOHPlMgr) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHPlMgr.exe
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) — Unknown owner — C:Windowssystem32sppsvc.exe (file missing)
O23 — Service: Online Armor (SvcOnlineArmor) — Unknown owner — C:Program Files (x86)Online Armoroasrv.exe
O23 — Service: CamMonitor (uCamMonitor) — ArcSoft, Inc. — C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: VAIO Entertainment TV Device Arbitration Service — Sony Corporation — C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzHardwareResourceManagerVzHardwareResourceManagerVzHardwareResourceManager.exe
O23 — Service: VAIO Event Service — Sony Corporation — C:Program Files (x86)SonyVAIO Event ServiceVESMgr.exe
O23 — Service: VAIO Power Management — Sony Corporation — C:Program FilesSonyVAIO Power ManagementSPMService.exe
O23 — Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: VAIO Content Folder Watcher (VCFw) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedVAIO Content Folder WatcherVCFw.exe
O23 — Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) — Sony Corporation — C:Program FilesSonyVCM Intelligent Analyzing ManagerVcmIAlzMgr.exe
O23 — Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) — Sony Corporation — C:Program FilesSonyVCM Intelligent Network Service ManagerVcmINSMgr.exe
O23 — Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) — Sony Corporation — C:Program FilesCommon FilesSony SharedVcmXmlVcmXmlIfHelper64.exe
O23 — Service: VAIO Entertainment UPnP Client Adapter (Vcsw) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: VAIO Entertainment Database Service (VzCdbSvc) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe
O23 — Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) — Unknown owner — C:Windowssystem32WatWatAdminSvc.exe (file missing)
O23 — Service: @%systemroot%system32wbengine.exe,-104 (wbengine) — Unknown owner — C:Windowssystem32wbengine.exe (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)—
End of file — 13124 bytes======Scheduled tasks folder======
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO — C:Program Files (x86)AskBarDisbarbinaskBar.dll [2008-11-18 333192][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~2MICROS~2Office12GR469A~1.DLL [2006-10-26 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-07-14 278192][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll [2010-06-03 814648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2010-08-04 41760][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} — Ask Toolbar — C:Program Files (x86)AskBarDisbarbinaskBar.dll [2008-11-18 333192]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-07-14 278192][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«LaunchUserRequestedPrograms»=C:Program FilesSonyFirst ExperienceMiniprogram.exe [2009-08-26 68608]
«RegistrationReminder»=C:Program FilesSonyFirst ExperienceOOBEFcdRegistration.exe [2009-07-14 268288]
«Adobe Reader Speed Launcher»=C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2009-02-28 35696]
«SmartWiHelper»=C:Program Files (x86)SonySmartWi Connection UtilitySmartWiHelper.exe [2009-08-27 79872]
«VAIOSurvey»=C:Program Files (x86)SonyVAIO SurveyVAIO Sat Survey.exe [2008-07-25 385024]
«ISBMgr.exe»=C:Program Files (x86)SonyISB UtilityISBMgr.exe [2009-05-26 317288]
«SunJavaUpdateSched»=C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [2010-05-14 248552]
«GrooveMonitor»=C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe [2006-10-26 31016]
«avast5″=C:Program FilesAlwil SoftwareAvast5avastUI.exe [2010-09-07 2838912][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-09-03 39408]
«Skype»=C:Program Files (x86)SkypePhoneSkype.exe [2010-05-13 26192168]
«Octoshape Streaming Services»=C:UsersKAppDataRoamingOctoshapeOctoshape Streaming ServicesOctoshapeClient.exe [2009-01-08 70936]C:UsersKAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Punto Switcher.lnk — C:Program Files (x86)YandexPunto Switcherpunto.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyVESWinlogon]
C:Windowssystem32VESWinlogon.dll [2009-07-01 98304][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WebCheck — {E6FB5E20-DE35-11CF-9C87-00AA005127ED}[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~2MICROS~2Office12GR469A~1.DLL [2006-10-26 2210608][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=credssp.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAFD]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«ConsentPromptBehaviorUser»=2
«EnableUIADesktopToggle»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=1
«NoActiveDesktopChanges»=1
«ForceActiveDesktopOn»=0[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
======File associations======
.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2010-09-18 09:51:42 —-D—- C:rsit
2010-09-18 09:51:42 —-D—- C:Program Files (x86)trend micro
2010-09-17 23:55:25 —-A—- C:WindowsSysWOW64driversmbamswissarmy.sys
2010-09-17 23:55:24 —-D—- C:Program Files (x86)Malwarebytes’ Anti-Malware
2010-09-17 23:45:01 —-A—- C:Windowsntbtlog.txt
2010-09-17 18:29:22 —-D—- C:ProgramDataNOS
2010-09-17 18:29:22 —-D—- C:Program Files (x86)NOS
2010-09-15 23:11:33 —-A—- C:WindowsSysWOW64iertutil.dll
2010-09-02 12:03:30 —-D—- C:UsersKAppDataRoamingOnlineArmor
2010-09-02 12:03:30 —-D—- C:ProgramDataOnlineArmor
2010-09-02 12:00:50 —-A—- C:WindowsSysWOW64driversoahlp64.sys
2010-09-02 12:00:50 —-A—- C:Windowsoaevent.dll
2010-09-02 12:00:49 —-A—- C:WindowsSysWOW64driversOAmon.sys
2010-09-02 12:00:49 —-A—- C:WindowsSysWOW64driversOADriver.sys
2010-09-02 12:00:41 —-D—- C:Program Files (x86)Online Armor
2010-09-01 15:06:17 —-D—- C:_OTM
2010-09-01 13:45:57 —-D—- C:UsersKAppDataRoamingMalwarebytes
2010-09-01 13:45:42 —-D—- C:ProgramDataMalwarebytes
2010-08-30 21:18:28 —-D—- C:ProgramDataSun
2010-08-30 21:18:28 —-D—- C:Program Files (x86)Common FilesJava
2010-08-30 21:18:16 —-A—- C:WindowsSysWOW64javaws.exe
2010-08-30 21:18:16 —-A—- C:WindowsSysWOW64javaw.exe
2010-08-30 21:18:16 —-A—- C:WindowsSysWOW64java.exe
2010-08-30 21:18:16 —-A—- C:WindowsSysWOW64deployJava1.dll
2010-08-30 13:49:55 —-SHD—- C:ProgramDataMSHVDZS
2010-08-30 13:49:30 —-SHD—- C:ProgramData3228f27
2010-08-19 14:27:48 —-A—- C:WindowsSysWOW64schannel.dll
2010-08-19 14:27:34 —-A—- C:WindowsSysWOW64shell32.dll
2010-08-19 14:27:26 —-A—- C:WindowsSysWOW64mshtml.dll
2010-08-19 14:27:26 —-A—- C:WindowsSysWOW64ieframe.dll
2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64wininet.dll
2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64urlmon.dll
2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64mstime.dll
2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64msfeedsbs.dll
2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64jsproxy.dll
2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64ieui.dll
2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64iepeers.dll
2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64iedkcs32.dll
2010-08-19 14:27:23 —-A—- C:WindowsSysWOW64msfeedssync.exe
2010-08-19 14:27:17 —-A—- C:WindowsSysWOW64ntkrnlpa.exe
2010-08-19 14:27:16 —-A—- C:WindowsSysWOW64ntoskrnl.exe
2010-08-19 14:27:12 —-A—- C:WindowsSysWOW64rtutils.dll
2010-08-19 14:27:06 —-A—- C:WindowsSysWOW64iccvid.dll
2010-08-19 14:26:54 —-A—- C:WindowsSysWOW64msxml3.dll======List of files/folders modified in the last 1 months======
2010-09-18 09:51:43 —-D—- C:WindowsTemp
2010-09-18 09:51:42 —-D—- C:Program Files (x86)
2010-09-18 09:40:47 —-D—- C:UsersKAppDataRoamingSkype
2010-09-18 09:36:26 —-D—- C:WindowsPrefetch
2010-09-17 23:55:25 —-D—- C:WindowsSysWOW64drivers
2010-09-17 23:54:13 —-D—- C:WindowsSystem32
2010-09-17 23:54:13 —-D—- C:Windowsinf
2010-09-17 23:45:01 —-D—- C:Windows
2010-09-17 23:34:35 —-D—- C:Windowstracing
2010-09-17 18:29:22 —-HD—- C:ProgramData
2010-09-17 18:00:05 —-D—- C:Program Files (x86)Mozilla Firefox
2010-09-17 12:13:58 —-SHD—- C:System Volume Information
2010-09-16 09:23:18 —-D—- C:Windowswinsxs
2010-09-16 09:22:44 —-D—- C:WindowsSysWOW64
2010-09-09 22:35:14 —-D—- C:WindowsTasks
2010-09-09 22:35:13 —-D—- C:WindowsAppCompat
2010-09-09 22:35:12 —-D—- C:Windowsregistration
2010-09-07 16:11:54 —-A—- C:WindowsSysWOW64aswBoot.exe
2010-09-05 18:34:59 —-D—- C:ProgramDataArcSoft
2010-09-02 17:28:48 —-D—- C:ProgramDataNorton
2010-09-02 17:28:48 —-D—- C:Program Files (x86)Norton Security Scan
2010-09-02 17:28:46 —-D—- C:ProgramDataSymantec
2010-09-02 17:24:34 —-D—- C:Program Files (x86)Common FilesSymantec Shared
2010-09-01 11:57:45 —-D—- C:Program Files (x86)DivX
2010-09-01 11:57:17 —-D—- C:ProgramDataDivX
2010-09-01 11:27:09 —-SHD—- C:WindowsInstaller
2010-09-01 11:27:09 —-SHD—- C:Config.Msi
2010-09-01 11:27:09 —-D—- C:Program Files (x86)Common FilesDivX Shared
2010-08-30 21:18:28 —-D—- C:Program Files (x86)Common Files
2010-08-30 21:18:10 —-D—- C:Program Files (x86)Java
2010-08-20 09:50:46 —-D—- C:WindowsMicrosoft.NET
2010-08-20 09:50:37 —-RSD—- C:Windowsassembly
2010-08-20 06:35:56 —-D—- C:WindowsSysWOW64migration
2010-08-20 06:35:56 —-D—- C:Program Files (x86)Internet Explorer======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:Windowssystem32DRIVERSiaStor.sys []
R0 PxHlpa64;PxHlpa64; C:WindowsSystem32DriversPxHlpa64.sys []
R0 rdyboost;ReadyBoost; C:WindowsSystem32driversrdyboost.sys []
R1 aswRdr;aswRdr; C:WindowsSysWOW64driversaswRdr.sys []
R1 OAmon;OAmon; ??C:WindowsSysWOW64DriversOAmon.sys [2010-08-27 37872]
R1 vwififlt;Virtual WiFi Filter Driver; C:Windowssystem32DRIVERSvwififlt.sys []
R2 rimsptsk;rimsptsk; C:Windowssystem32DRIVERSrimssn64.sys []
R2 risdptsk;risdptsk; C:Windowssystem32DRIVERSrisdsn64.sys []
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:Windowssystem32DRIVERSApfiltr.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:Windowssystem32DRIVERSathrx.sys []
R3 OAnet;OnlineArmor Service; C:Windowssystem32DRIVERSoanet.sys []
R3 SFEP;Sony Firmware Extension Parser; C:Windowssystem32DRIVERSSFEP.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:Windowssystem32DRIVERSvwifimp.sys []
S1 aswSP;aswSP; C:WindowsSysWOW64driversaswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:WindowsSysWOW64driversaswTdi.sys []
S1 OADevice;OADriver; ??C:WindowsSysWow64DriversOADriver.sys [2010-08-27 53840]
S1 oahlpXX;Online Armor helper driver; ??C:Windowssyswow64driversoahlp64.sys [2010-08-27 54896]
S2 aswFsBlk;aswFsBlk; C:WindowsSysWOW64driversaswFsBlk.sys []
S2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys []
S2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys []
S2 regi;regi; ??C:Windowssystem32driversregi.sys []
S2 XAudio;XAudio; C:Windowssystem32DRIVERSXAudio64.sys []
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:Windowssystem32DRIVERSArcSoftKsUFilter.sys []
S3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:Windowssystem32DRIVERSBthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:Windowssystem32DRIVERSbthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:WindowsSystem32DriversBTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:WindowsSystem32DriversBTHUSB.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:Windowssystem32DRIVERSewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:Windowssystem32DRIVERSewusbdev.sys []
S3 igfx;igfx; C:Windowssystem32DRIVERSigdkmd64.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHD64.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:Windowssystem32driversIntcHdmi.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:Windowssystem32DRIVERSnetw5v64.sys []
S3 pciide;pciide; C:Windowssystem32DRIVERSpciide.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:Windowssystem32DRIVERSrfcomm.sys []
S3 RTHDMIAzAudService;Service for HDMI; C:Windowssystem32driversRtHDMIVX.sys []
S3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:Windowssystem32DRIVERSVSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:Windowssystem32DRIVERSVSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:Windowssystem32DRIVERSVSTCNXT6.SYS []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-09-07 40384]
S2 gupdate;Google Update Service (gupdate); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2009-09-03 133104]
S2 HsfXAudioService;HsfXAudioService; C:Windowssystem32svchost.exe [2009-07-14 20992]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [2009-06-05 354840]
S2 IviRegMgr;IviRegMgr; C:Program Files (x86)Common FilesInterVideoRegMgriviRegMgr.exe [2007-01-05 112152]
S2 OAcat;Online Armor Helper Service; C:Program Files (x86)Online ArmorOAcat.exe [2010-08-27 380272]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:Program Files (x86)RoxioDigital Home 10RoxioUpnpService10.exe [2009-06-26 362992]
S2 RtkAudioService;Realtek Audio Service; C:Program FilesRealtekAudioHDARtkAudioService64.exe [2009-07-24 189984]
S2 SvcOnlineArmor;Online Armor; C:Program Files (x86)Online Armoroasrv.exe [2010-08-27 3638240]
S2 uCamMonitor;CamMonitor; C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Event Service;VAIO Event Service; C:Program Files (x86)SonyVAIO Event ServiceVESMgr.exe [2009-07-01 204648]
S2 VAIO Power Management;VAIO Power Management; C:Program FilesSonyVAIO Power ManagementSPMService.exe [2009-08-22 411496]
S2 VCFw;VAIO Content Folder Watcher; C:Program Files (x86)Common FilesSony SharedVAIO Content Folder WatcherVCFw.exe [2009-07-22 642920]
S2 VzCdbSvc;VAIO Entertainment Database Service; C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe [2009-07-23 206336]
S3 ACDaemon;ArcSoft Connect Daemon; C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe [2010-03-18 113152]
S3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-09-07 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-09-07 40384]
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-09-03 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program Files (x86)Microsoft OfficeOffice12GrooveAuditService.exe [2006-10-26 65824]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-27 441136]
S3 ose;Office Source Engine; C:Program Files (x86)Common FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:Program Files (x86)RoxioDigital Home 10RoxioUPnPRenderer10.exe [2009-06-26 313840]
S3 SampleCollector;Intel(R) Sample Collector; C:Program FilesSonyVAIO Carecollsvc.exe [2009-09-16 167424]
S3 SOHCImp;VAIO Media plus Content Importer; C:Program Files (x86)Common FilesSony SharedSOHLibSOHCImp.exe [2009-07-28 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager; C:Program Files (x86)Common FilesSony SharedSOHLibSOHDBSvr.exe [2009-07-28 70952]
S3 SOHDms;VAIO Media plus Digital Media Server; C:Program Files (x86)Common FilesSony SharedSOHLibSOHDms.exe [2009-07-28 427304]
S3 SOHDs;VAIO Media plus Device Searcher; C:Program Files (x86)Common FilesSony SharedSOHLibSOHDs.exe [2009-07-28 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager; C:Program Files (x86)Common FilesSony SharedSOHLibSOHPlMgr.exe [2009-07-28 91432]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzHardwareResourceManagerVzHardwareResourceManagerVzHardwareResourceManager.exe [2009-07-23 69632]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:Program FilesSonyVCM Intelligent Analyzing ManagerVcmIAlzMgr.exe [2009-06-26 468264]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:Program FilesSonyVCM Intelligent Network Service ManagerVcmINSMgr.exe [2009-06-26 357672]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:Program FilesCommon FilesSony SharedVcmXmlVcmXmlIfHelper64.exe [2009-06-18 110888]
S3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe [2009-07-23 313264]
S3 WatAdminSvc;@%SystemRoot%system32WatWatUX.exe,-601; C:Windowssystem32WatWatAdminSvc.exe []
EOF
18 сентября, 2010 в 9:01 дп #31433info.txt logfile of random’s system information tool 1.08 2010-09-18 09:51:49
======Uninstall list======
—>»C:Program Files (x86)InstallShield Installation Information{70991E0A-1108-437E-BA7D-085702C670C0}setup.exe» -runfromtemp -l0x0009 -removeonly
—>»C:Program Files (x86)InstallShield Installation Information{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}setup.exe» -runfromtemp -l0x0009 -removeonly
—>»C:Program Files (x86)InstallShield Installation Information{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}setup.exe» -runfromtemp -l0x0009 -removeonly
—>C:Program Files (x86)DivXDivXCodecUninstall.exe /CODEC
—>C:Program Files (x86)InstallShield Installation Information{00721C5E-5B17-494C-95E5-208415864F62}setup.exe -runfromtemp -l0x0009 -removeonly
—>C:Program Files (x86)InstallShield Installation Information{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}setup.exe -runfromtemp -l0x0009 -removeonly
—>C:Program Files (x86)InstallShield Installation Information{3D173DC5-4AE5-4B3F-9819-3977DD11B1D0}setup.exe -runfromtemp -l0x0009 -removeonly
—>C:Program Files (x86)InstallShield Installation Information{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}setup.exe -runfromtemp -l0x0409
—>C:Program Files (x86)InstallShield Installation Information{B2C4A8C4-AA20-425D-9FEE-C78039238C81}setup.exe -runfromtemp -l0x0009 -removeonly
—>C:Program Files (x86)InstallShield Installation Information{B34B6E67-FCDD-4E03-8742-B5701427FAFB}setup.exe -runfromtemp -l0x0009 -removeonly
—>C:WindowsSysWOW64MacromedFlashuninstall_activeX.exe
—>C:WindowsSysWOW64MacromedFlashuninstall_plugin.exe
Adobe Download Manager—>»C:Windowssystem32rundll32.exe» «C:Program Files (x86)NOSbingetPlus_Helper_3004.dll»,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX—>MsiExec.exe /X{B7B3E9B3-FB14-4927-894B-E9124509AF5A}
Adobe Flash Player 10 Plugin—>MsiExec.exe /X{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}
Adobe Reader 9.1.2—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Application Manager for VAIO—>C:Program Files (x86)SonyVAIO Uninstallervaiouninstaller.exe
ArcSoft Magic-i Visual Effects 2—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{7BB90344-0647-468E-925A-7F69F7983421}Setup.exe» -l0x9
ArcSoft WebCam Companion 3—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}Setup.exe» -l0x9
Ask Toolbar—>»C:Program Files (x86)AskBarDisunins000.exe»
avast! Free Antivirus—>C:Program FilesAlwil SoftwareAvast5aswRunDll.exe «C:Program FilesAlwil SoftwareAvast5Setupsetiface.dll» RunSetup
Choice Guard—>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Click to Disc Editor—>C:Program Files (x86)InstallShield Installation Information{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}setup.exe -runfromtemp -l0x0409
Click to Disc—>C:Program Files (x86)InstallShield Installation Information{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}setup.exe -runfromtemp -l0x0009 -removeonly
Compatibility Pack for the 2007 Office system—>MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DivX Player—>C:Program Files (x86)DivXDivXPlayerUninstall.exe /PLAYER
Foxit Reader—>C:Program Files (x86)Foxit SoftwareFoxit ReaderUninstall.exe
Google Chrome—>»C:Program Files (x86)GoogleChromeApplication6.0.472.59Installersetup.exe» —uninstall —system-level
Google Toolbar for Internet Explorer—>»C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarManager_223E2B8E7BAD9544.exe» /uninstall
Google Toolbar for Internet Explorer—>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper—>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Java(TM) 6 Update 21—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
Junk Mail filter update—>MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Malwarebytes’ Anti-Malware—>»C:Program Files (x86)Malwarebytes’ Anti-Malwareunins000.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007—>MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office Home and Student 2007—>»C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007—>MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007—>MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007—>MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)—>MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007—>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007—>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007—>MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007—>MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007—>MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant—>MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (English) 2007—>MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]—>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.4148—>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works—>MsiExec.exe /I{67E03279-F703-408F-B4BF-46B5FC8D70CD}
Mozilla Firefox (3.6.10)—>C:Program Files (x86)Mozilla Firefoxuninstallhelper.exe
MSVCRT—>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)—>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Music Transfer—>C:Program Files (x86)InstallShield Installation Information{CE2121C6-C94D-4A73-8EA4-6943F33EE335}setup.exe -runfromtemp -l0x0009 -removeonly
Online Armor 4.5—>»C:Program Files (x86)Online Armorunins000.exe»
Punto Switcher 3.1—>C:Program Files (x86)YandexPunto Switcheruninstall.exe
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -removeonly
Roxio Central Audio—>MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Central Copy—>MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Central Core—>MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Central Data—>MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Central Tools—>MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Easy Media Creator 10 LJ—>C:ProgramDataUninstall{537BF16E-7412-448C-95D8-846E85A1D817}setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817}
Roxio Easy Media Creator Home—>MsiExec.exe /I{FE51662F-D8F6-43B5-99D9-D4894AF00F83}
Setting Utility Series—>»C:Program Files (x86)InstallShield Installation Information{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}setup.exe» -runfromtemp -l0x0009 -removeonly
Skype Toolbars—>MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SmartWi Connection Utility—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}setup.exe» -l0x9 -removeonly
Sony Home Network Library—>»C:Program Files (x86)InstallShield Installation Information{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}setup.exe» -runfromtemp -l0x0009 -removeonly
Sony Picture Utility—>C:Program Files (x86)InstallShield Installation Information{D5068583-D569-468B-9755-5FBF5848F46F}setup.exe -runfromtemp -l0x0009 uninstall -removeonly
SopCast 3.0.3—>C:Program Files (x86)SopCastuninst.exe
Update for Office 2007 (KB934528)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Office System 2007 Setup (KB929722)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
VAIO Care—>»C:Program Files (x86)InstallShield Installation Information{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}setup.exe» -runfromtemp -l0x0019 -removeonly
VAIO Content Metadata Intelligent Analyzing Manager—>C:Program Files (x86)InstallShield Installation Information{0A5F02E5-1A52-4F85-892C-A35227641C75}setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Content Metadata Intelligent Network Service Manager—>C:Program Files (x86)InstallShield Installation Information{3B1168DE-1F8C-471C-AC49-0CA52F096170}setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Content Metadata Manager Settings—>C:Program Files (x86)InstallShield Installation Information{7395DD51-0D1A-47A7-9993-742073ECF4CE}setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Content Metadata XML Interface Library—>C:Program Files (x86)InstallShield Installation Information{949419DF-F4AF-4693-B60A-522B24F233C6}setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Content Monitoring Settings—>»C:Program Files (x86)InstallShield Installation Information{23825B69-36DF-4DAD-9CFD-118D11D80F16}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Control Center—>»C:Program Files (x86)InstallShield Installation Information{72042FA6-5609-489F-A8EA-3C2DD650F667}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Data Restore Tool—>C:Program Files (x86)InstallShield Installation Information{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}setup.exe -runfromtemp -l0x0009 -removeonly
VAIO DVD Menu Data Basic—>C:Program Files (x86)InstallShield Installation Information{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Entertainment Platform—>»C:Program Files (x86)InstallShield Installation Information{6B1F20F2-6321-4669-A58C-33DF8E7517FF}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Event Service—>»C:Program Files (x86)InstallShield Installation Information{C7477742-DDB4-43E5-AC8D-0259E1E661B1}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Help and Support—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{D47FE987-EA3D-424B-9886-B752501D7CE7}setup.exe» -l0x9 -removeonly
VAIO Media plus Opening Movie—>»C:Program Files (x86)InstallShield Installation Information{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Media plus—>»C:Program Files (x86)InstallShield Installation Information{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Movie Story Template Data—>C:Program Files (x86)InstallShield Installation Information{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Movie Story—>C:Program Files (x86)InstallShield Installation Information{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}setup.exe -runfromtemp -l0x0009 -removeonly
VAIO OOBE and Startup Assistant—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{1B500D37-E7CF-480B-8054-8A563594EC4E}setup.exe» -l0x9 -removeonly
VAIO Original Function Settings—>»C:Program Files (x86)InstallShield Installation Information{A63E7492-A0BC-4BB9-89A7-352965222380}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Power Management—>»C:Program Files (x86)InstallShield Installation Information{5F5867F0-2D23-4338-A206-01A76C823924}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Presentation Support—>»C:Program Files (x86)InstallShield Installation Information{2018C019-30D9-4240-8C01-0865C10DCF5A}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Quick Web Access—>MsiExec.exe /I{931FE23C-BB40-4C7A-A594-DB35908D8E83}
VAIO Quick Web Access—>MsiExec.exe /x{931FE23C-BB40-4C7A-A594-DB35908D8E83} CUSTOM_HAVE_DIALOG=Yes
VAIO Survey—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{34B37A74-125E-4406-87BA-E4BD3D097AE5}setup.exe» -l0x9 -removeonly
VAIO Update 4—>»C:Program Files (x86)InstallShield Installation Information{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}setup.exe» -runfromtemp -l0x0009 -removeonly
VAIO Wallpaper Contents—>»C:Program Files (x86)InstallShield Installation Information{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}setup.exe» -runfromtemp -l0x0009 -removeonly
VLC media player 1.0.5—>C:Program Files (x86)VideoLANVLCuninstall.exe
Windows Live Call—>MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}
Windows Live Communications Platform—>MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials—>C:Program Files (x86)Windows LiveInstallerwlarp.exe
Windows Live Essentials—>MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}
Windows Live Mail—>MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Messenger—>MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Movie Maker Beta—>MsiExec.exe /X{2208D65A-1BF9-485E-A308-1BA6CADCDC1D}
Windows Live Photo Gallery—>MsiExec.exe /X{F73A5B18-EB75-4B2C-B32D-9457576E2417}
Windows Live Sign-in Assistant—>MsiExec.exe /I{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}
Windows Live Sync—>MsiExec.exe /X{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}
Windows Live Upload Tool—>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer—>MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
Windows Media Player Firefox Plugin—>MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinDVD BD for VAIO—>C:Program Files (x86)InstallShield Installation Information{20471B27-D702-4FE8-8DEC-0702CC8C0A85}setup.exe -runfromtemp -l0x0409
WinDVD BD for VAIO—>C:Program Files (x86)InstallShield Installation Information{20471B27-D702-4FE8-8DEC-0702CC8C0A85}setup.exe -runfromtemp -l0x0409
WinRAR archiver—>C:Program Files (x86)WinRARuninstall.exe======Hosts File======
::1 localhost
======System event log======
Computer Name: monstriashka
Event Code: 1014
Message: Name resolution for the name http://www.away.com timed out after none of the configured DNS servers responded.
Record Number: 28998
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20100304154032.574364-000
Event Type: Warning
User: NT AUTHORITYNETWORK SERVICEComputer Name: monstriashka
Event Code: 1014
Message: Name resolution for the name http://www.ebookers.com timed out after none of the configured DNS servers responded.
Record Number: 28992
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20100304153935.105558-000
Event Type: Warning
User: NT AUTHORITYNETWORK SERVICEComputer Name: monstriashka
Event Code: 7009
Message: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
Record Number: 28941
Source Name: Service Control Manager
Time Written: 20100304153751.255645-000
Event Type: Error
User:Computer Name: monstriashka
Event Code: 7000
Message: The HsfXAudioService service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Record Number: 28937
Source Name: Service Control Manager
Time Written: 20100304153750.740844-000
Event Type: Error
User:Computer Name: monstriashka
Event Code: 7009
Message: A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.
Record Number: 28935
Source Name: Service Control Manager
Time Written: 20100304153750.725244-000
Event Type: Error
User:=====Application event log=====
Computer Name: WIN-E4FRIB8Q5HN
Event Code: 33
Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}WksCal.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 1239
Source Name: SideBySide
Time Written: 20091023133124.000000-000
Event Type: Error
User:Computer Name: WIN-E4FRIB8Q5HN
Event Code: 33
Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}WksWP.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 1238
Source Name: SideBySide
Time Written: 20091023133124.000000-000
Event Type: Error
User:Computer Name: WIN-E4FRIB8Q5HN
Event Code: 33
Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}wksss.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 1237
Source Name: SideBySide
Time Written: 20091023133124.000000-000
Event Type: Error
User:Computer Name: WIN-E4FRIB8Q5HN
Event Code: 33
Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}wksdb.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 1236
Source Name: SideBySide
Time Written: 20091023133124.000000-000
Event Type: Error
User:Computer Name: WIN-E4FRIB8Q5HN
Event Code: 33
Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}WksCal.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 1235
Source Name: SideBySide
Time Written: 20091023133124.000000-000
Event Type: Error
User:=====Security event log=====
Computer Name: WIN-E4FRIB8Q5HN
Event Code: 4624
Message: An account was successfully logged on.Subject:
Security ID: S-1-5-18
Account Name: WIN-E4FRIB8Q5HN$
Account Domain: WORKGROUP
Logon ID: 0x3e7Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}Process Information:
Process ID: 0x244
Process Name: C:WindowsSystem32services.exeNetwork Information:
Workstation Name:
Source Network Address: —
Source Port: —Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: —
Package Name (NTLM only): —
Key Length: 0This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
— Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
— Transited services indicate which intermediate services have participated in this logon request.
— Package name indicates which sub-protocol was used among the NTLM protocols.
— Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 918
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091023133130.791026-000
Event Type: Audit Success
User:Computer Name: WIN-E4FRIB8Q5HN
Event Code: 4672
Message: Special privileges assigned to new logon.Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 917
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091023133128.529023-000
Event Type: Audit Success
User:Computer Name: WIN-E4FRIB8Q5HN
Event Code: 4624
Message: An account was successfully logged on.Subject:
Security ID: S-1-5-18
Account Name: WIN-E4FRIB8Q5HN$
Account Domain: WORKGROUP
Logon ID: 0x3e7Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}Process Information:
Process ID: 0x244
Process Name: C:WindowsSystem32services.exeNetwork Information:
Workstation Name:
Source Network Address: —
Source Port: —Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: —
Package Name (NTLM only): —
Key Length: 0This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
— Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
— Transited services indicate which intermediate services have participated in this logon request.
— Package name indicates which sub-protocol was used among the NTLM protocols.
— Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 916
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091023133128.529023-000
Event Type: Audit Success
User:Computer Name: WIN-E4FRIB8Q5HN
Event Code: 4738
Message: A user account was changed.Subject:
Security ID: S-1-5-21-58730894-3101112194-262402868-500
Account Name: Administrator
Account Domain: WIN-E4FRIB8Q5HN
Logon ID: 0x2df08Target Account:
Security ID: S-1-5-21-58730894-3101112194-262402868-500
Account Name: Administrator
Account Domain: WIN-E4FRIB8Q5HNChanged Attributes:
SAM Account Name: —
Display Name: —
User Principal Name: —
Home Directory: —
Home Drive: —
Script Path: —
Profile Path: —
User Workstations: —
Password Last Set: —
Account Expires: —
Primary Group ID: —
AllowedToDelegateTo: —
Old UAC Value: 0x211
New UAC Value: 0x211
User Account Control: —
User Parameters: —
SID History: —
Logon Hours: —Additional Information:
Privileges: —
Record Number: 915
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091023133127.047020-000
Event Type: Audit Success
User:Computer Name: WIN-E4FRIB8Q5HN
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-58730894-3101112194-262402868-500
Account Name: Administrator
Domain Name: WIN-E4FRIB8Q5HN
Logon ID: 0x2df08
Record Number: 914
Source Name: Microsoft-Windows-Eventlog
Time Written: 20091023133119.574003-000
Event Type: Audit Success
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program Files (x86)Common FilesRoxio Shared10.0DLLShared;C:Program Files (x86)Common FilesRoxio SharedDLLShared;C:Program Files (x86)Common FilesDivX Shared
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
«PROCESSOR_ARCHITECTURE»=AMD64
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«USERNAME»=SYSTEM
«windir»=%SystemRoot%
«PSModulePath»=%SystemRoot%system32WindowsPowerShellv1.0Modules
«NUMBER_OF_PROCESSORS»=2
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
«PROCESSOR_REVISION»=170a
«configsetroot»=%SystemRoot%ConfigSetRoot
«RoxioCentral»=C:Program Files (x86)Common FilesRoxio Shared10.0Roxio Central36
«EMC_AUTOPLAY»=C:Program Files (x86)Common FilesRoxio Shared
«SAFEBOOT_OPTION»=NETWORK
EOF
-
АвторСообщения
- Для ответа в этой теме необходимо авторизоваться.