- This topic has 13 ответов, 2 участника, and was last updated 14 years, 8 months назад by
.
-
Сообщения
-
Здравствуйте!
Собственно столкнулся с такой проблемой:
1. Не обновляется nod32, лицензионный.
2. Не открываются сайты антивирусных програм, таких как: http://www.esetnod32.ru, http://www.kaspersky.ru, http://www.drweb.com
3. Не открывается сайт EMS http://www.emspost.ru
Началось три дня назад, думал сбой в сетке… как оказалось нет…Очень прошу помощи!
Заранее спасибо!Logfile of random’s system information tool 1.06 (written by random/random)
Run by Андрей at 2010-02-14 01:47:19
Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (36%) free of 36 GB
Total RAM: 3071 MB (68% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:47:40, on 14.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21148)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesLogitechBluetoothLBTServ.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSeagateSchedule2schedul2.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:WINDOWSsystem32inetsrvinetinfo.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
C:WINDOWSsystem32PnkBstrA.exe
E:Alcohol 120StarWindStarWindServiceAE.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32dllhost.exe
C:WINDOWSSystem32vssvc.exe
C:WINDOWSsystem32dllhost.exe
C:Program FilesTaskSwitchXPTaskSwitchXP.exe
C:Program FilesLogitechiTouchiTouch.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesAnalog DevicesSoundMAXSmax4.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:Program FilesAnalog DevicesCoresmax4pnp.exe
C:Program FilesASUSAI SuiteAiNapAiNap.exe
C:Program FilesASUSAI SuiteAiGear3CpuPowerMonitor.exe
C:Program FilesASUSAI RemoteAiRemote.exe
C:Program FilesLogitechSetPointLBTWiz.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesSeagateDiscWizardDiscWizardMonitor.exe
C:Program FilesASUSAASP1.00.59aaCenter.exe
C:Program FilesSeagateDiscWizardTimounterMonitor.exe
C:Program FilesCommon FilesSeagateSchedule2schedhlp.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesVistaDriveIconVistaDrv.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
C:Program FilesVisualTaskTipsVisualTaskTips.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program FilesLogitechProfilerlwemon.exe
C:Program FilesSoftlandBackup4all 3Backup4all.exe
C:Documents and SettingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe
C:Program FilesSoftlandBackup4all 3Backup4all.exe
C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:Program FilesCommon FilesLogishrdKHAL2KHALMNPR.EXE
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclMSBTSrv.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesATI TechnologiesATI.ACECore-Staticccc.exe
C:Program FilesSoftlandBackup4all 3b4aSched.Exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsАндрейРабочий столRSIT.exe
C:Program Filestrend microАндрей.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.lofisnet.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:Documents and SettingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — — (no file)
F2 — REG:system.ini: UserInit=c:windowssystem32userinit.exe,\?globalrootsystemrootsystem32r2qngyc.exe,
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — D:Download Masterdmiehlp.dll
O2 — BHO: QIPBHO — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:Documents and SettingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll
O3 — Toolbar: QT Breadcrumbs Address Bar — {af83e43c-dd2b-4787-826b-31b17dee52ed} — mscoree.dll (file missing)
O4 — HKLM..Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 — HKLM..Run: [TaskSwitchXP] C:Program FilesTaskSwitchXPTaskSwitchXP.exe
O4 — HKLM..Run: [JMB36X IDE Setup] C:WINDOWSRaidToolxInsIDE.exe
O4 — HKLM..Run: [36X Raid Configurer] C:WINDOWSsystem32xRaidSetup.exe boot
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [zBrowser Launcher] C:Program FilesLogitechiTouchiTouch.exe
O4 — HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentmagent.exe -LM
O4 — HKLM..Run: [SoundMAX] «C:Program FilesAnalog DevicesSoundMAXSmax4.exe» /tray
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe
O4 — HKLM..Run: [Ai Remote Help] «C:Program FilesASUSAI RemoteAiRc.exe» -r
O4 — HKLM..Run: [ASUS UpdateChecker] C:Program FilesASUSUpdateCheckerUpdateChecker.exe
O4 — HKLM..Run: [Ai Nap] «C:Program FilesASUSAI SuiteAiNapAiNap.exe»
O4 — HKLM..Run: [CPU Power Monitor] «C:Program FilesASUSAI SuiteAiGear3CpuPowerMonitor.exe»
O4 — HKLM..Run: [Cpu Level Up help] C:Program FilesASUSAI SuiteCpuLevelUpHelp.exe
O4 — HKLM..Run: [ASUS Energy Saving] «C:Program FilesASUSAI SuiteEnergySavingPwSave.exe»
O4 — HKLM..Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [DiscWizardMonitor.exe] C:Program FilesSeagateDiscWizardDiscWizardMonitor.exe
O4 — HKLM..Run: [AcronisTimounterMonitor] C:Program FilesSeagateDiscWizardTimounterMonitor.exe
O4 — HKLM..Run: [Acronis Scheduler2 Service] «C:Program FilesCommon FilesSeagateSchedule2schedhlp.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [plugin] «C:Program Filesplugin.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [VisualTaskTips] C:Program FilesVisualTaskTipsVisualTaskTips.exe noTrayIcon
O4 — HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — HKCU..Run: [Start WingMan Profiler] «C:Program FilesLogitechProfilerlwemon.exe» /noui
O4 — HKCU..Run: [AlcoholAutomount] «E:Alcohol 120axcmd.exe» /automount
O4 — HKCU..Run: [Backup4all 3] «C:Program FilesSoftlandBackup4all 3Backup4all.exe» /s
O4 — HKCU..Run: [Backup4all Scheduler] «C:Program FilesSoftlandBackup4all 3b4aSched.Exe»
O4 — HKCU..Run: [SJelite3Launch] C:Documents and SettingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe
O4 — HKCU..Run: [PC Suite Tray] «C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VisualTaskTips] C:Program FilesVisualTaskTipsVisualTaskTips.exe noTrayIcon (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘Default user’)
O4 — Startup: Strong DC++.lnk = E:StrongDCStrongDC.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — D:Download Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — D:Download Masterdmie.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Bonjour — {7F9DB11C-E358-4ca6-A83D-ACC663939424} — C:Program FilesBonjourExplorerPlugin.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Download Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Download Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{A80D0705-8D40-4C7D-AFE9-E8D841452343}: NameServer = 80.79.176.2,80.79.176.3
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSkype4COM.dll
O23 — Service: Acronis Scheduler2 Service (AcrSch2Svc) — Acronis — C:Program FilesCommon FilesSeagateSchedule2schedul2.exe
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Protection Technology — C:WINDOWSSystem32appdrvrem01.exe
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: Logitech Bluetooth Service (LBTServ) — Logitech, Inc. — C:Program FilesCommon FilesLogitechBluetoothLBTServ.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: PnkBstrA — Unknown owner — C:WINDOWSsystem32PnkBstrA.exe
O23 — Service: Stalker (Pro) Drivers Auto Removal (pr2ajtsc) (pr2ajtsc) — 1C: Multimedia — C:WINDOWSsystem32pr2ajtsc.exe
O23 — Service: ServiceLayer — Nokia — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — E:Alcohol 120StarWindStarWindServiceAE.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe—
End of file — 15775 bytes======Scheduled tasks folder======
C:WINDOWStasksb4a_bp6.job
C:WINDOWStasksb4a_Мои документы.job
C:WINDOWStasksOGALogon.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2009-02-12 2217848][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — D:Download Masterdmiehlp.dll [2009-03-06 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class — C:Documents and SettingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll [2009-07-14 150768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{af83e43c-dd2b-4787-826b-31b17dee52ed} — QT Breadcrumbs Address Bar — C:WINDOWSsystem32mscoree.dll [2008-07-25 282112][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Kernel and Hardware Abstraction Layer»=C:WINDOWSKHALMNPR.EXE [2008-12-18 76304]
«TaskSwitchXP»=C:Program FilesTaskSwitchXPTaskSwitchXP.exe [2007-03-09 62976]
«JMB36X IDE Setup»=C:WINDOWSRaidToolxInsIDE.exe [2007-03-20 36864]
«36X Raid Configurer»=C:WINDOWSsystem32xRaidSetup.exe [2007-03-21 1953792]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«zBrowser Launcher»=C:Program FilesLogitechiTouchiTouch.exe [2002-11-23 631362]
«Logitech Hardware Abstraction Layer»=C:WINDOWSKHALMNPR.EXE [2008-12-18 76304]
«GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2008-10-25 31072]
«MAgent»=C:Program FilesMail.RuAgentmagent.exe [2009-07-27 7975608]
«SoundMAX»=C:Program FilesAnalog DevicesSoundMAXSmax4.exe [2006-07-13 729088]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2008-08-18 1447168]
«SoundMAXPnP»=C:Program FilesAnalog DevicesCoresmax4pnp.exe [2006-12-18 868352]
«Ai Remote Help»=C:Program FilesASUSAI RemoteAiRc.exe [2007-09-03 3346432]
«ASUS UpdateChecker»=C:Program FilesASUSUpdateCheckerUpdateChecker.exe [2008-11-03 110592]
«Ai Nap»=C:Program FilesASUSAI SuiteAiNapAiNap.exe [2008-01-28 1413120]
«CPU Power Monitor»=C:Program FilesASUSAI SuiteAiGear3CpuPowerMonitor.exe [2008-01-09 627200]
«Cpu Level Up help»=C:Program FilesASUSAI SuiteCpuLevelUpHelp.exe [2007-11-30 881152]
«ASUS Energy Saving»=C:Program FilesASUSAI SuiteEnergySavingPwSave.exe [2008-01-28 1352704]
«Bluetooth Connection Assistant»=LBTWIZ.EXE -silent []
«BluetoothAuthenticationAgent»=bthprops.cpl,,BluetoothAuthenticationAgent []
«DiscWizardMonitor.exe»=C:Program FilesSeagateDiscWizardDiscWizardMonitor.exe [2007-09-04 1188864]
«AcronisTimounterMonitor»=C:Program FilesSeagateDiscWizardTimounterMonitor.exe [2007-09-04 1963768]
«Acronis Scheduler2 Service»=C:Program FilesCommon FilesSeagateSchedule2schedhlp.exe [2007-09-04 148760]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-01-11 39792]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2009-07-14 98304]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2009-11-10 417792]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-11-12 141600]
«plugin»=C:Program Filesplugin.exe [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 37376]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-01-02 132096]
«VisualTaskTips»=C:Program FilesVisualTaskTipsVisualTaskTips.exe [2008-06-23 65536]
«LDM»=C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-01-29 67128]
«Start WingMan Profiler»=C:Program FilesLogitechProfilerlwemon.exe [2006-07-05 60416]
«AlcoholAutomount»=E:Alcohol 120axcmd.exe [2009-03-17 203928]
«Backup4all 3″=C:Program FilesSoftlandBackup4all 3Backup4all.exe [2007-11-05 3133080]
«Backup4all Scheduler»=C:Program FilesSoftlandBackup4all 3b4aSched.Exe [2007-11-05 478360]
«SJelite3Launch»=C:Documents and SettingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe [2009-09-18 176128]
«PC Suite Tray»=C:Program FilesNokiaNokia PC Suite 7PCSuite.exe [2009-11-11 1451520]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Logitech Desktop Messenger.lnk — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exeC:Documents and SettingsАндрейГлавное менюПрограммыАвтозагрузка
Strong DC++.lnk — E:StrongDCStrongDC.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2009-07-15 155648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyLBTWlgn]
c:program filescommon fileslogitechbluetoothLBTWlgn.dll [2009-02-19 72208][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2009-02-12 2217848][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdfLoadGroup]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=1
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«C:Documents and SettingsАндрейLocal SettingsTempRar$EX00.406utorrent.exe»=»C:Documents and SettingsАндрейLocal SettingsTempRar$EX00.406utorrent.exe:*:Enabled:µTorrent»
«D:ut161[1]utorrent.exe»=»D:ut161[1]utorrent.exe:*:Enabled:µTorrent»
«C:Program FilesStarlink VideoLANvlc.exe»=»C:Program FilesStarlink VideoLANvlc.exe:*:Enabled:Stalink VideoLAN»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«E:Rockstar GamesRockstar Games Social ClubRGSCLauncher.exe»=»E:Rockstar GamesRockstar Games Social ClubRGSCLauncher.exe:*:Enabled:Rockstar Games Social Club»
«E:Rockstar GamesGrand Theft Auto IVLaunchGTAIV.exe»=»E:Rockstar GamesGrand Theft Auto IVLaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV»
«E:Rockstar GamesGrand Theft Auto IVGTAIV.exe»=»E:Rockstar GamesGrand Theft Auto IVGTAIV.exe:*:Enabled:Grand Theft Auto IV»
«E:VentriloVentrilo.exe»=»E:VentriloVentrilo.exe:*:Enabled:Ventrilo.exe»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«E:Gears of WarBinariesWarGame-G4WLive.exe»=»E:Gears of WarBinariesWarGame-G4WLive.exe:*:Enabled:Gears of War»
«E:uTorrentuTorrent.exe»=»E:uTorrentuTorrent.exe:*:Enabled:µTorrent»
«E:Race Driver GRIDGRID.exe»=»E:Race Driver GRIDGRID.exe:*:Enabled:Race Driver GRID»
«E:SREETFIGHTERIVStreetFighterIV.exe»=»E:SREETFIGHTERIVStreetFighterIV.exe:*:Enabled:STREET FIGHTER IV»
«E:S.T.A.L.K.E.RbinXR_3DA.exe»=»E:S.T.A.L.K.E.RbinXR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. (CLI)»
«E:S.T.A.L.K.E.RbindedicatedXR_3DA.exe»=»E:S.T.A.L.K.E.RbindedicatedXR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. (SRV)»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«E:С.Т.А.Л.К.Е.Р. — Чистое НебоbinxrEngine.exe»=»E:С.Т.А.Л.К.Е.Р. — Чистое НебоbinxrEngine.exe:*:Enabled:С.Т.А.Л.К.Е.Р. — Чистое Небо (CLI)»
«E:С.Т.А.Л.К.Е.Р. — Чистое НебоbindedicatedxrEngine.exe»=»E:С.Т.А.Л.К.Е.Р. — Чистое НебоbindedicatedxrEngine.exe:*:Enabled:С.Т.А.Л.К.Е.Р. — Чистое Небо (SRV)»
«C:WINDOWSsystem32PnkBstrA.exe»=»C:WINDOWSsystem32PnkBstrA.exe:*:Enabled:PnkBstrA»
«C:WINDOWSsystem32PnkBstrB.exe»=»C:WINDOWSsystem32PnkBstrB.exe:*:Enabled:PnkBstrB»
«E:Call of Duty 4 — Modern Warfareiw3mp.exe»=»E:Call of Duty 4 — Modern Warfareiw3mp.exe:*:Enabled:Call of Duty(R) 4 — Modern Warfare(TM)»
«E:S.T.A.L.K.E.R. — Зов ПрипятиbinxrEngine.exe»=»E:S.T.A.L.K.E.R. — Зов ПрипятиbinxrEngine.exe:*:Enabled:S.T.A.L.K.E.R. — Зов Припяти (CLI)»
«E:S.T.A.L.K.E.R. — Зов ПрипятиbindedicatedxrEngine.exe»=»E:S.T.A.L.K.E.R. — Зов ПрипятиbindedicatedxrEngine.exe:*:Enabled:S.T.A.L.K.E.R. — Зов Припяти (SRV)»
«E:Program FilesActivisionWolfensteinMPWolf2MP.exe»=»E:Program FilesActivisionWolfensteinMPWolf2MP.exe:*:Enabled:Wolfenstein(TM) «
«E:Program FilesActivisionWolfensteinMPWolf2MPLite.exe»=»E:Program FilesActivisionWolfensteinMPWolf2MPLite.exe:*:Enabled:Wolfenstein(TM) «
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
«C:Program FilesSkypePlugin ManagerskypePM.exe»=»C:Program FilesSkypePlugin ManagerskypePM.exe:*:Enabled:Skype Extras Manager»
«C:DOCUME~186A9~1LOCALS~1Temp�.25856410655000617.exe»=»C:DOCUME~186A9~1LOCALS~1Temp�.25856410655000617.exe:*:Enabled:RASS Server»
«»=»:*:Enabled:RASS Server»
«E:Assassin’s CreedAssassinsCreed_Dx9.exe»=»E:Assassin’s CreedAssassinsCreed_Dx9.exe:*:Enabled:Assassin’s Creed Dx9»
«E:Assassin’s CreedAssassinsCreed_Dx10.exe»=»E:Assassin’s CreedAssassinsCreed_Dx10.exe:*:Enabled:Assassin’s Creed Dx10»
«E:Assassin’s CreedAssassinsCreed_Launcher.exe»=»E:Assassin’s CreedAssassinsCreed_Launcher.exe:*:Enabled:Assassin’s Creed Update»
«D:SteamSteamAppscommonleft 4 dead 2left4dead2.exe»=»D:SteamSteamAppscommonleft 4 dead 2left4dead2.exe:*:Enabled:Left 4 Dead 2»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cf0c539c-e95c-11dd-a43e-806d6172696f}]
shellAutoRuncommand — F:monsetup.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d277d64a-b983-11dd-942f-806d6172696f}]
shellAutoRuncommand — F:Autorun.exe======List of files/folders created in the last 1 months======
2010-02-14 01:47:21 —-D—- C:Program Filestrend micro
2010-02-14 01:47:19 —-D—- C:rsit
2010-02-14 00:22:17 —-A—- C:WINDOWSsystem327WzYW4Q.exe
2010-02-13 23:03:23 —-A—- C:WINDOWSsystem32SKXvTUs.exe
2010-02-13 18:24:28 —-A—- C:WINDOWSsystem32v0DWEPF.exe
2010-02-13 16:22:51 —-A—- C:WINDOWSsystem328JXhX5R.exe
2010-02-13 15:22:32 —-A—- C:WINDOWSsystem32QtwhHFn.exe
2010-02-13 10:39:20 —-A—- C:WINDOWSsystem32X6mstvE.exe
2010-02-13 09:59:34 —-A—- C:WINDOWSsystem32O1nQLoW.exe
2010-02-13 02:03:05 —-A—- C:WINDOWSsystem32dubpDkV.exe
2010-02-12 08:37:02 —-A—- C:Program FilesCommon Fileskeylog.txt
2010-02-11 23:34:19 —-D—- C:Program FilesCommon Fileswm
2010-02-11 23:34:18 —-A—- C:WINDOWSsystem32R2QNgyc.exe
2010-02-09 12:07:27 —-HDC—- C:WINDOWS$NtUninstallWudf01007$
2010-02-09 12:01:58 —-D—- C:Program FilesCommon FilesPCSuite
2010-02-09 12:01:43 —-D—- C:Program FilesPC Connectivity Solution
2010-02-09 12:01:11 —-A—- C:WINDOWSsystem32wdfcoinstaller01007.dll
2010-02-09 12:01:11 —-A—- C:WINDOWSsystem32nmwcdcocls.dll
2010-02-03 23:19:13 —-D—- C:Documents and SettingsАндрейApplication DataUbisoft
2010-02-03 23:04:26 —-D—- C:Documents and SettingsAll UsersApplication DataUbisoft
2010-01-17 11:50:50 —-D—- C:Program FilesStanza======List of files/folders modified in the last 1 months======
2010-02-14 01:47:21 —-AD—- C:Program Files
2010-02-14 01:43:25 —-AD—- C:WINDOWSsystem32
2010-02-14 01:26:19 —-D—- C:Documents and SettingsАндрейApplication DataSkype
2010-02-14 01:22:00 —-D—- C:WINDOWSTemp
2010-02-14 01:22:00 —-D—- C:Documents and SettingsАндрейApplication DataskypePM
2010-02-14 00:59:58 —-D—- C:WINDOWSsystem32drivers
2010-02-14 00:24:48 —-D—- C:Program FilesMozilla Firefox
2010-02-14 00:23:59 —-D—- C:WINDOWSsystem32inetsrv
2010-02-14 00:22:40 —-D—- C:WINDOWSsystem32config
2010-02-14 00:22:26 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2010-02-14 00:22:06 —-D—- C:WINDOWSRegistration
2010-02-14 00:20:34 —-A—- C:WINDOWSSchedLgU.Txt
2010-02-13 23:17:23 —-A—- C:WINDOWSsystem.ini
2010-02-13 10:44:54 —-D—- C:Program FilesESET
2010-02-13 10:39:09 —-D—- C:WINDOWS
2010-02-13 10:18:17 —-HD—- C:WINDOWSinf
2010-02-13 10:18:17 —-D—- C:WINDOWSsystem32CatRoot
2010-02-13 10:17:55 —-D—- C:WINDOWSsystem32CatRoot2
2010-02-13 09:56:54 —-A—- C:WINDOWSntbtlog.txt
2010-02-13 02:03:31 —-D—- C:WINDOWSPrefetch
2010-02-12 08:37:02 —-AD—- C:Program FilesCommon Files
2010-02-09 17:04:56 —-A—- C:WINDOWSNeroDigital.ini
2010-02-09 13:40:44 —-D—- C:Program FilesICQ6.5
2010-02-09 12:10:18 —-D—- C:Documents and SettingsAll UsersApplication DataInstallations
2010-02-09 12:10:17 —-SHD—- C:WINDOWSInstaller
2010-02-09 12:10:17 —-D—- C:WINDOWSWinSxS
2010-02-09 12:10:06 —-D—- C:Program FilesCommon FilesNokia
2010-02-09 12:10:05 —-D—- C:Program FilesNokia
2010-02-09 12:02:03 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-02-09 11:13:30 —-D—- C:Documents and Settings
2010-02-03 23:21:44 —-A—- C:WINDOWSwinamp.ini
2010-02-03 22:58:54 —-RSD—- C:WINDOWSassembly
2010-02-03 22:58:31 —-D—- C:WINDOWSsystem32DirectX
2010-02-03 22:34:39 —-HD—- C:Program FilesInstallShield Installation Information
2010-01-30 01:04:37 —-D—- C:Documents and SettingsАндрейApplication DatauTorrent======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:WINDOWSSystem32Driversappdrv01.sys [2009-10-08 3069040]
R1 AsIO;AsIO; C:WINDOWSsystem32driversAsIO.sys [2007-12-17 12400]
R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2008-08-18 53256]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-08-18 34312]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-07-20 14720]
R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2004-05-05 4228]
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2008-08-18 39944]
R2 mdmxsdk;mdmxsdk; C:WINDOWSsystem32DRIVERSmdmxsdk.sys [2004-12-09 12544]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-07-08 62848]
R2 tifsfilter;Acronis True Image FS Filter; C:WINDOWSsystem32DRIVERStifsfilt.sys [2009-02-18 32768]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:WINDOWSsystem32driversAEAudio.sys [2006-08-07 93952]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2009-07-15 4407808]
R3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2008-07-20 17024]
R3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2008-07-20 18944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 HidBth;Минипорт Bluetooth HID Microsoft; C:WINDOWSsystem32DRIVERShidbth.sys [2008-07-20 25728]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-07-20 10368]
R3 HSF_DPV;HSF_DPV; C:WINDOWSsystem32DRIVERSHSF_DPV.sys [2005-08-22 1035008]
R3 HSFHWBS2;HSFHWBS2; C:WINDOWSsystem32DRIVERSHSFHWBS2.sys [2005-08-22 244480]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:WINDOWSsystem32DRIVERSL8042Kbd.sys [2008-12-18 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:WINDOWSsystem32DRIVERSLHidFilt.Sys [2008-12-18 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:WINDOWSsystem32DRIVERSLMouFilt.Sys [2008-12-18 37392]
R3 MODEMCSA;Устройство фильтрации потока Unimodem; C:WINDOWSsystem32driversMODEMCSA.sys [2008-07-20 16128]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-07-20 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2006-02-26 5810]
R3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2008-07-20 59136]
R3 RTHDMIAzAudService;Service for HDMI; C:WINDOWSsystem32driversRtHDMI.sys [2007-05-14 3526464]
R3 SenFiltService;SenFilt Service; C:WINDOWSsystem32driversSenfilt.sys [2006-03-17 392960]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-07-20 32384]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-07-20 30336]
R3 usbhub;Драйвер стандартного концентратора USB (Microsoft); C:WINDOWSsystem32DRIVERSusbhub.sys [2008-07-20 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-07-20 17152]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-07-20 25856]
R3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-07-20 15104]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-15 26368]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
R3 Wdf01000;Wdf01000; C:WINDOWSsystem32DRIVERSWdf01000.sys [2008-03-27 503008]
R3 winachsf;winachsf; C:WINDOWSsystem32DRIVERSHSF_CNXT.sys [2005-08-22 718464]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:WINDOWSsystem32driversWmBEnum.sys [2006-06-06 11136]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:WINDOWSsystem32driversWmFilter.sys [2006-06-06 21632]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:WINDOWSsystem32driversWmVirHid.sys [2006-06-06 6400]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:WINDOWSsystem32driversWmXlCore.sys [2006-06-06 46208]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSsystem32DRIVERSyk51x86.sys [2008-04-29 288896]
S2 DgiVecp;Team MFP Comm Driver; C:WINDOWSSystem32DriversDgiVecp.sys [2003-07-29 40448]
S3 aab4wm0n;aab4wm0n; C:WINDOWSsystem32driversaab4wm0n.sys []
S3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-07-20 60800]
S3 axobw6pi;axobw6pi; C:WINDOWSsystem32driversaxobw6pi.sys []
S3 BTHMODEM;Драйвер связи для модема Bluetooth; C:WINDOWSsystem32DRIVERSbthmodem.sys [2008-07-20 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2008-07-20 101120]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2008-07-20 272512]
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State; C:WINDOWSSystem32Driversfrmupgr.sys [2007-01-03 27536]
S3 itchfltr;iTouch Keyboard Filter; C:WINDOWSsystem32DRIVERSitchfltr.sys [2002-11-15 12640]
S3 LHidKE;Logitech SetPoint HID Mouse Filter Driver; C:WINDOWSsystem32DRIVERSLHidKE.Sys [2005-07-22 26112]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:WINDOWSsystem32DRIVERSLMouKE.Sys [2005-07-22 68864]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:WINDOWSSystem32DriversLUsbFilt.Sys [2008-09-26 28816]
S3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-07-20 61824]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversccdcmbo.sys [2009-10-06 22016]
S3 NPF;WinPcap Packet Driver (NPF); C:WINDOWSsystem32driversNPF.sys [2007-11-07 34064]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2007-11-21 104320]
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2009-10-06 7936]
S3 USBAAPL;Apple Mobile USB Driver; C:WINDOWSSystem32Driversusbaapl.sys [2009-08-28 40448]
S3 usbaudio;Аудио драйвер USB (WDM); C:WINDOWSsystem32driversusbaudio.sys [2008-07-20 60032]
S3 usbser;USB Modem Driver; C:WINDOWSsystem32driversusbser.sys [2008-07-20 26112]
S3 UsbserFilt;UsbserFilt; C:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2009-10-06 7936]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:WINDOWSsystem32driversWmHidLo.sys [2006-06-06 20864]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 sr;Драйвер фильтра восстановления системы; C:WINDOWSsystem32DRIVERSsr.sys [2008-04-15 73472]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2008-04-15 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:Program FilesCommon FilesSeagateSchedule2schedul2.exe [2007-09-04 410904]
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-07-09 144712]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2009-07-15 602112]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2008-08-18 468224]
R2 IISADMIN;IIS Admin; C:WINDOWSsystem32inetsrvinetinfo.exe [2008-04-15 15872]
R2 LBTServ;Logitech Bluetooth Service; C:Program FilesCommon FilesLogitechBluetoothLBTServ.exe [2009-02-19 121360]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe [2006-10-26 335872]
R2 PnkBstrA;PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [2009-10-03 66872]
R2 StarWindServiceAE;StarWind AE Service; E:Alcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 W3SVC;Веб-публикации; C:WINDOWSsystem32inetsrvinetinfo.exe [2008-04-15 15872]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2009-11-12 545568]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2009-10-27 657408]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WINDOWSSystem32appdrvrem01.exe [2009-10-08 316816]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2009-07-14 593920]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc); C:WINDOWSsystem32pr2ajtsc.exe [2007-08-15 411000]
S3 aspnet_state;Служба состояний ASP.NET; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-08-18 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]
EOF
info.txt logfile of random’s system information tool 1.06 2010-02-14 01:47:42
======Uninstall list======
—>»C:Program FilesCreative Installation InformationCREATIVE_SYNC_MANAGER_USetup.exe» /remove /l0x0009
—>»C:Program FilesCreative Installation InformationCREATIVE_VIDEO_CONVERTERSetup.exe» /remove /l0x0009
—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{11E83B33-972B-4512-A447-FF0FD0246EE9}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{23EFDB58-0874-4883-9810-EDA510B19FAE}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{27B9131D-CEFA-42C5-8D7D-56EFD80BAA25}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2BFBC62A-3353-443D-93BE-7AC641D9F342}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{5D1A81AA-ED90-11D6-86D3-00055DF3561E}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B100B05B-E290-41EF-9366-8BC4C76D7769}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BDFC3C8D-823E-4FCF-870B-E756B27CB57E}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D3568156-59C3-42DF-A520-2C25B6706C91}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E213C271-AEFA-481D-A9B4-914D88925B8D}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}setup.exe» -l0x9
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ACDSee Pro 2—>MsiExec.exe /I{D7BE6116-C735-4E1A-AC4E-0CC671C182F7}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 8 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A81200000003}
Adobe Shockwave Player 11.5—>»C:WINDOWSsystem32AdobeShockwave 11uninstaller.exe»
AI Remote—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0AFF134D-A6B4-4669-9573-36665FFD1F50}Setup.exe» -l0x9
AI Suite—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{310BC5E2-31AF-49BB-904D-E71EB93645DC}Setup.exe» -l0x9
Apple Application Support—>MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support—>MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoImpression—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6C5D7191-140A-11D6-B5A0-0050DA208A93}SETUP.EXE» -l0x19 -uninst
Assassin’s Creed—>C:Program FilesInstallShield Installation Information{8CFA9151-6404-409A-AF22-4632D04582FD}setup.exe -runfromtemp -l0x0019 -removeonly
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x0
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AviSynth 2.5—>»C:Program FilesAviSynth 2.5Uninstall.exe»
Backup4all 3—>»C:Program FilesSoftlandBackup4all 3unins000.exe»
Bonjour—>MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Bonjour—>MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Call of Duty(R) 4 — Modern Warfare(TM)—>C:Program FilesInstallShield Installation Information{E48469CC-635E-4FD5-A122-1497C286D217}setup.exe -runfromtemp -l0x0419
Catalyst Control Center — Branding—>MsiExec.exe /I{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}
CDDRV_Installer—>MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Command & Conquer™ Red Alert™ 3—>MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Counter-Strike: Source—>»C:WINDOWSunins000.exe»
Download Master version 5.5.10.1163—>»D:Download Masterunins000.exe»
EA Download Manager—>C:Program FilesElectronic ArtsEADMUninstall.exe
EPSON Copy Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B69CC1A5-0404-11D6-ABCB-005004C21D30}setup.exe» -l0x9 ADDREMOVEDLG
EPSON Photo Print—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9391F2BC-B6F3-4AAC-82CC-5A74A4ED388E}setup.exe» -l0x9 MyUninstall
EPSON Scan—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0E0131B2-CF18-40D9-A331-60A3746C1204}SETUP.EXE» -l0x19 UNINSTALL
EPSON Smart Panel—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6C11D561-620B-47DA-A693-4C597F3CDF40}SETUP.EXE» -l0x9 Uninstall
ESET NOD32 Antivirus—>MsiExec.exe /I{568EA1A6-E43E-4D0C-B5A0-F3D78E753D77}
Gears of War—>»C:Program FilesInstallShield Installation Information{1170D24F-42B7-40CF-AA1B-6395CE562354}Setup.exe» -runfromtemp -l0x0419 -removeonly
Gears of War—>MsiExec.exe /I{1170D24F-42B7-40CF-AA1B-6395CE562354}
Grand Theft Auto IV—>»C:Program FilesInstallShield Installation Information{579BA58C-F33D-4970-9953-B94B43768AC3}setup.exe» -runfromtemp -l0x0019 -removeonly
Half-Life 2: Lost Coast—>»D:Steamsteam.exe» steam://uninstall/340
HashTab 1.14—>C:WINDOWSsystem32htdel.bat
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=»»
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
ICQ6.5—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
Img2Ozf Version 2—>E:топографияunins000.exe
iRedSoft Image Resizer 2.22a —>C:WINDOWSuninstalliRedSoft Image Resizersetup.exe
iTunes—>MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}
Java(TM) 6 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
JMB36X Raid Configurer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}setup.exe» -l0x19 -removeonly
KhalInstallWrapper—>MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
K-Lite Mega Codec Pack 4.7.0—>»C:Program FilesK-Lite Codec Packunins000.exe»
L&H TTS3000 Deutsch—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSGED.inf, Uninstall
L&H TTS3000 Espaсol—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSSPE.inf, Uninstall
L&H TTS3000 Franзais—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSFRF.inf, Uninstall
L&H TTS3000 Italiano—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSITI.inf, Uninstall
L&H TTS3000 Russian—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSRUR.inf, Uninstall
Left 4 Dead 2—>»D:Steamsteam.exe» steam://uninstall/550
Lernout & Hauspie TruVoice American English TTS Engine—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFtv_enua.inf, Uninstall
Logitech Desktop Messenger—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}SETUP.exe» -l0x9 UNINSTALL -removeonly
Logitech Gaming Software—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{13AA6556-BA96-4468-A8B4-1AD4A75AD5A0}setup.exe» -l0x9 -removeonly
Logitech iTouch Software—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{036AA4D4-6D32-11D4-9875-00105ACE7734}setup.exe» -l0x9 UNINSTALL
Logitech SetPoint—>»C:Program FilesInstallShield Installation Information{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}setup.exe» -runfromtemp -l0x0019 -removeonly
Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Malwarebytes’ Anti-Malware—>»C:Program FilesMalwarebytes’ Anti-Malwareunins000.exe»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1 Security Update (KB953297)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM953297M953297Uninstall.msp»
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack — RUS—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0 Language Pack — RUSinstall.exe
Microsoft .NET Framework 2.0 Service Pack 2—>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2—>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 SP1setup.exe
Microsoft .NET Framework 3.5 SP1—>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows — LIVE —>MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5—>»C:WINDOWS$NtUninstallWdf01005$spuninstspuninst.exe»
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWdf01007$spuninstspuninst.exe»
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWudf01007$spuninstspuninst.exe»
Microsoft Visual C++ 2005 ATL Update kb973923 — x86 8.0.50727.4053—>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual Studio 2005 Tools for Office Runtime—>MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
MioTransfer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2F6DA398-707F-4D52-AE6A-7E812D1662D6}setup.exe» -l0x19
Monopoly by Parker Brothers—>E:Monopoly by Parker BrothersUNWISE.EXE /U E:Monopoly by Parker BrothersINSTALL.LOG
Mozilla Firefox (3.5.7)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSVC80_x86_v2—>MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86—>MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)—>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyAC 1.5.5—>»D:MyACunins000.exe»
Need for Speed™ Undercover—>MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
Nero Suite—>C:Program FilesCommon FilesAheadUninstallSetupx.exe /uninstall ExtraUninstallID=»»
Nokia Connectivity Cable Driver—>MsiExec.exe /I{C50EF365-2898-489A-B6C7-30DAA466E9A2}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
Nokia PC Suite—>MsiExec.exe /I{19DC9559-9C20-4A46-A67D-7ECBA52A2788}
Nokia Software Updater—>MsiExec.exe /X{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}
Norton PartitionMagic 8.0—>C:PROGRA~1COMMON~1INSTAL~1Driver9Intel 32IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
OGA Notifier 2.0.0048.0—>MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OpenAL—>»C:Program FilesOpenALOpenALwEAX.exe» /U /S
Paint.NET v3.35—>rundll32.exe advpack.dll,LaunchINFSection PaintDN.inf,Uninstall
PC Connectivity Solution—>MsiExec.exe /I{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}
Pcsx2 0.9.4 Watermoose—>»E:эмулятор пс2пс2Pcsx2_0.9.4unins000.exe»
Portal—>»D:Steamsteam.exe» steam://uninstall/400
PROMT Expert 8 Giant Try-Buy—>MsiExec.exe /I{A4F761F7-FBC8-49BF-BC37-15550C3EAA85}
QIP 2005 Uninstall—>»C:Program FilesQIPunqip.exe»
QIP.Online—>C:Program FilesQIP.OnlineUninstall.exe
QuickTime—>MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Race Driver GRID—>C:Program FilesInstallShield Installation Information{70BC658C-C358-416D-B301-15433F33BD56}setup.exe -runfromtemp -l0x0019 -removeonly
Realtek High Definition Audio Driver—>RtkUpd.exe -r -m
Rockstar Games Social Club—>»C:Program FilesInstallShield Installation Information{08B3869E-D282-424C-9AFC-870E04A4BA14}setup.exe» -runfromtemp -l0x0019 -removeonly
S.T.A.L.K.E.R. — Зов Припяти [v1.6.00]—>»E:S.T.A.L.K.E.R. — Зов Припятиunins000.exe»
S.T.A.L.K.E.R. [v1.0004]—>»E:STALKERunins000.exe»
Samsung ML-1710 Series—>C:WINDOWSSamsungML-1710SETUP.EXE
ScanToWeb—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}setup.exe» ADDREMOVEDLG
Seagate DiscWizard—>MsiExec.exe /X{81A60A13-224D-4637-8203-3EAC03B121A4}
Security Update for 2007 Microsoft Office System (KB969559)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for CAPICOM (KB931906)—>MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)—>MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB973593)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Skype web features—>MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundMAX—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F0A37341-D692-11D4-A984-009027EC0A9C}Setup.exe» -l0x19 -removeonly
Stanza—>»C:Program FilesStanzauninstall.exe»
Starlink VideoLAN—>C:Program FilesStarlink VideoLANuninstal.exe
STREET FIGHTER IV—>MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
Test Drive Unlimited Gold—>»D:Test Drive Unlimited Golduninstunins000.exe»
Update for 2007 Microsoft Office System (KB967642)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=»»
Update for Microsoft Office InfoPath 2007 (KB976416)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Outlook 2007 Junk Email Filter (kb976884)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}
Venta ZVoice 5.7 (удаление/восстановление)—>C:Program FilesVentaVenta ZVoice 5vfuninst.exe
Ventrilo Client—>MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Videora iPod Converter 3.08—>E:Video Converter 3uninstaller.exe
Vista Drive Icon—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVistaDrv.inf,Uninstall
Visual Task Tips—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVTTips3.inf,Uninstall
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Wolfenstein(TM) 1.1 Patch—>C:Program FilesInstallShield Installation Information{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}setup.exe -runfromtemp -l0x0409
Wolfenstein—>C:Program FilesInstallShield Installation Information{F9B37992-968C-4264-8449-489032FC28DE}setup.exe -runfromtemp -l0x0419
ZENcast Organizer—>»C:Program FilesCreative Installation InformationZENCAST_ORGANIZERSetup.exe» /remove /l0x0009
ZyXEL NetFriend 1.3.58—>»C:Program FilesZyXELNetFriendunins000.exe»
ZyXEL OMNI 56K PCI Plus Rev.3—>C:Program FilesCONEXANTCNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_200F14F1HXFSETUP.EXE -U -IZyx200F5.inf
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Вин Дизель Wheelman—>C:Program FilesInstallShield Installation Information{52612909-C9A1-4D4E-BFED-820B14119234}setup.exe -runfromtemp -l0x0019 -removeonly
Дополнительные аплеты панели управления—>rundll32.exe advpack.dll,LaunchINFSection CPLDAPU.inf,uninstall
еда выполнения Visual Studio 2005 Tools for Office, второй выпуск—>C:Program FilesCommon FilesMicrosoft SharedVSTO8.0Microsoft Visual Studio 2005 Tools for Office Runtimeinstall.exe
Исправление для Windows XP (KB961118)—>»C:WINDOWS$NtUninstallKB961118$spuninstspuninst.exe»
Исправление для Windows XP (KB970653-v3)—>»C:WINDOWS$NtUninstallKB970653-v3$spuninstspuninst.exe»
Исправление для Windows XP (KB976098-v2)—>»C:WINDOWS$NtUninstallKB976098-v2$spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB938127-v2)—>»C:WINDOWSie7updatesKB938127-v2-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB956390)—>»C:WINDOWSie7updatesKB956390-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB958215)—>»C:WINDOWSie7updatesKB958215-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB960714)—>»C:WINDOWSie7updatesKB960714-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB961260)—>»C:WINDOWSie7updatesKB961260-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB963027)—>»C:WINDOWSie7updatesKB963027-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB969897)—>»C:WINDOWSie7updatesKB969897-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB972260)—>»C:WINDOWSie7updatesKB972260-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB974455)—>»C:WINDOWSie7updatesKB974455-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB976325)—>»C:WINDOWSie7updatesKB976325-IE7spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923561)—>»C:WINDOWS$NtUninstallKB923561$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952004)—>»C:WINDOWS$NtUninstallKB952004$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB953155)—>»C:WINDOWS$NtUninstallKB953155$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956572)—>»C:WINDOWS$NtUninstallKB956572$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956744)—>»C:WINDOWS$NtUninstallKB956744$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956844)—>»C:WINDOWS$NtUninstallKB956844$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957095)—>»C:WINDOWS$NtUninstallKB957095$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958869)—>»C:WINDOWS$NtUninstallKB958869$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB959426)—>»C:WINDOWS$NtUninstallKB959426$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960803)—>»C:WINDOWS$NtUninstallKB960803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960859)—>»C:WINDOWS$NtUninstallKB960859$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961371)—>»C:WINDOWS$NtUninstallKB961371$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961373)—>»C:WINDOWS$NtUninstallKB961373$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961501)—>»C:WINDOWS$NtUninstallKB961501$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB968537)—>»C:WINDOWS$NtUninstallKB968537$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969059)—>»C:WINDOWS$NtUninstallKB969059$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969898)—>»C:WINDOWS$NtUninstallKB969898$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969947)—>»C:WINDOWS$NtUninstallKB969947$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB970238)—>»C:WINDOWS$NtUninstallKB970238$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB970430)—>»C:WINDOWS$NtUninstallKB970430$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB970483)—>»C:WINDOWS$NtUninstallKB970483$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971486)—>»C:WINDOWS$NtUninstallKB971486$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971557)—>»C:WINDOWS$NtUninstallKB971557$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971633)—>»C:WINDOWS$NtUninstallKB971633$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971657)—>»C:WINDOWS$NtUninstallKB971657$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971961)—>»C:WINDOWS$NtUninstallKB971961$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973346)—>»C:WINDOWS$NtUninstallKB973346$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973354)—>»C:WINDOWS$NtUninstallKB973354$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973507)—>»C:WINDOWS$NtUninstallKB973507$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973525)—>»C:WINDOWS$NtUninstallKB973525$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973869)—>»C:WINDOWS$NtUninstallKB973869$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973904)—>»C:WINDOWS$NtUninstallKB973904$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB974112)—>»C:WINDOWS$NtUninstallKB974112$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB974318)—>»C:WINDOWS$NtUninstallKB974318$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB974392)—>»C:WINDOWS$NtUninstallKB974392$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB974571)—>»C:WINDOWS$NtUninstallKB974571$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB975025)—>»C:WINDOWS$NtUninstallKB975025$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB975467)—>»C:WINDOWS$NtUninstallKB975467$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB954155)—>»C:WINDOWS$NtUninstallKB954155_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB968816)—>»C:WINDOWS$NtUninstallKB968816_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB973540)—>»C:WINDOWS$NtUninstallKB973540_WM9$spuninstspuninst.exe»
Обновление для Windows Internet Explorer 7 (KB976749)—>»C:WINDOWSie7updatesKB976749-IE7spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»
Обновление для Windows XP (KB968389)—>»C:WINDOWS$NtUninstallKB968389$spuninstspuninst.exe»
Обновление для Windows XP (KB971737)—>»C:WINDOWS$NtUninstallKB971737$spuninstspuninst.exe»
Обновление для Windows XP (KB973687)—>»C:WINDOWS$NtUninstallKB973687$spuninstspuninst.exe»
Обновление для Windows XP (KB973815)—>»C:WINDOWS$NtUninstallKB973815$spuninstspuninst.exe»
Пакет драйверов Windows — Nokia Modem (05/22/2008 3.8)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181Enokia_bluetooth.inf
Пакет драйверов Windows — Nokia Modem (05/22/2008 7.00.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9nokbtmdm.inf
Пакет драйверов Windows — Nokia Modem (06/01/2009 7.01.0.4)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_0777326F40B753DD4E385F058ADB286B70A301FEnokbtmdm.inf
Пакет драйверов Windows — Nokia Modem (10/05/2009 4.2)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokia_blue_AAB746D5658CCF4CAE7A35CED5F0ADA3C447A973nokia_bluetooth.inf
Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)—>C:PROGRA~1DIFXB4723E9A0713E5B1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294pccsmcfd.inf
С.Т.А.Л.К.Е.Р. — Чистое Небо—>»E:С.Т.А.Л.К.Е.Р. — Чистое Небоunins000.exe»======Security center information======
AV: ESET NOD32 Antivirus 3.0
======System event log======
Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21075
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21074
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21073
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21072
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21071
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:=====Application event log=====
Computer Name: ANDREI
Event Code: 105
Message: The service was started.Record Number: 5341
Source Name: ATI Smart
Time Written: 20090822114250.000000+240
Event Type: информация
User:Computer Name: ANDREI
Event Code: 4
Message: Bluetooth Hub switched to HCI modeRecord Number: 5340
Source Name: LBTServ
Time Written: 20090822114243.000000+240
Event Type: информация
User:Computer Name: ANDREI
Event Code: 2444
Message: MS DTC запустился со следующими настройками:Настройка безопасности (OFF = 0 и ON = 1):
Сетевое администрирование транзакций = 0,
Сетевые клиенты = 0,
Входящие распределенные транзакции по протоколу Native MSDTC Protocol = 0,
Исходящие распределенные транзакции по протоколу Native MSDTC Protocol = 0,
Протокол TIP = 0,
Транзакции XA = 0
Record Number: 5339
Source Name: MSDTC
Time Written: 20090821174613.000000+240
Event Type: информация
User:Computer Name: ANDREI
Event Code: 0
Message:
Record Number: 5338
Source Name: ServiceLayer
Time Written: 20090821174607.000000+240
Event Type: информация
User:Computer Name: ANDREI
Event Code: 0
Message:
Record Number: 5337
Source Name: iPod Service
Time Written: 20090821174607.000000+240
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesATI TechnologiesATI.ACECore-Static;C:Program FilesQuickTimeQTSystem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 23 Stepping 10, GenuineIntel
«PROCESSOR_REVISION»=170a
«NUMBER_OF_PROCESSORS»=4
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«RGSCLauncher»=E:Rockstar GamesRockstar Games Social Club
«RGSC»=E:Rockstar GamesRockstar Games Social Club1_0_0_0
«CLASSPATH»=.;C:Program FilesJavajre1.6.0_06libextQTJava.zip
«QTJAVA»=C:Program FilesJavajre1.6.0_06libextQTJava.zip
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Извиняюсь за столь значительную задержку с ответом, но как видите физически не хватает времени.
Судя по логу, компьютер заражён.
Но нужно выполнить дополнительную проверку.Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.Примечание: перед использованием Combofix обязательно установите Recovery console. Как это сделать будет описано на странице, ссылку на которую я привёл выше.
ComboFix 10-02-25.02 — Андрей 26.02.2010 2:33.1.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3071.2531 [GMT 3:00]
Running from: c:documents and settingsАндрейРабочий столComboFix.exe
Command switches used :: c:documents and settingsАндрейРабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.C:LOG.TXT
c:program filesCommon Fileskeylog.txt
c:program filesMail.RuAgentMradllnewmrasearch.dll
c:windowssrchasstnls302en.lex
c:windowssystem328JXhX5R.exe
c:windowssystem329804c90.exe
c:windowssystem32Cache
c:windowssystem32Config.cfg
c:windowssystem32driversnpf.sys
c:windowssystem32ealregsnapshot1.reg
c:windowssystem32Packet.dll
c:windowssystem32tmp89.tmp
c:windowssystem32WanPacket.dll
c:windowssystem32wpcap.dll
D:install.exe
I:install.exe.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
Legacy_NPF
Service_NPF((((((((((((((((((((((((( Files Created from 2010-01-25 to 2010-02-25 )))))))))))))))))))))))))))))))
.2010-02-19 18:56 . 2010-02-19 18:56 77824 —-a-w- c:windowssystem32rjU0dZJ.exe
2010-02-18 05:18 . 2010-02-18 05:18 78848 —-a-w- c:windowssystem32Aee2Uan.exe
2010-02-18 04:13 . 2010-02-18 04:13 78848 —-a-w- c:windowssystem32Lpkbnt4.exe
2010-02-17 09:54 . 2010-02-17 09:54 83968 —-a-w- c:windowssystem32gHqmFsZ.exe
2010-02-17 09:08 . 2010-02-17 09:08 83968 —-a-w- c:windowssystem32CUUip9Y.exe
2010-02-17 08:58 . 2010-02-17 08:58 83968 —-a-w- c:windowssystem32oh6jlmm.exe
2010-02-17 08:52 . 2010-02-17 08:52 83968 —-a-w- c:windowssystem32qypO8wq.exe
2010-02-17 07:48 . 2010-02-17 07:48 83968 —-a-w- c:windowssystem32CkhD9Ga.exe
2010-02-16 22:08 . 2010-02-16 22:08 83968 —-a-w- c:windowssystem32no5bVlY.exe
2010-02-16 09:10 . 2010-02-16 12:59
d
w- c:program filesICQ7.0
2010-02-15 15:08 . 2010-02-25 23:37
d
w- c:documents and settingsAll UsersUPSMON
2010-02-15 15:06 . 2010-02-25 23:38
d
w- c:program filesUPSMON
2010-02-15 15:05 . 2008-07-20 09:07 10240 -c—a-w- c:windowssystem32dllcachecompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 10240 —-a-w- c:windowssystem32driverscompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 -c—a-w- c:windowssystem32dllcachehidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 —-a-w- c:windowssystem32drivershidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 -c—a-w- c:windowssystem32dllcachebattc.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 —-a-w- c:windowssystem32driversbattc.sys
2010-02-14 10:28 . 2010-02-14 10:28 31744 —-a-w- c:windowssystem32bd4d22d1.exe
2010-02-13 22:47 . 2010-02-13 22:47
d
w- c:program filestrend micro
2010-02-13 22:47 . 2010-02-13 22:47
d
w- C:rsit
2010-02-13 15:24 . 2010-02-13 15:24 83968 —-a-w- c:windowssystem32v0DWEPF.exe
2010-02-13 12:22 . 2010-02-13 12:22 83968 —-a-w- c:windowssystem32QtwhHFn.exe
2010-02-13 07:39 . 2010-02-13 07:39 83968 —-a-w- c:windowssystem32X6mstvE.exe
2010-02-13 06:59 . 2010-02-13 06:59 83968 —-a-w- c:windowssystem32O1nQLoW.exe
2010-02-13 06:38 . 2010-02-13 06:38
d
w- c:documents and settingsАдминистраторDoctorWeb
2010-02-13 06:34 . 2010-02-13 06:34
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataMozilla
2010-02-12 23:03 . 2010-02-12 23:03 83968 —-a-w- c:windowssystem32dubpDkV.exe
2010-02-11 20:34 . 2010-02-11 20:34
d
w- c:program filesCommon Fileswm
2010-02-09 09:09 . 2010-02-09 08:59 24536384 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_ru.exe
2010-02-09 09:08 . 2010-02-09 09:08 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-02-09 09:08 . 2010-02-09 09:08 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-02-09 09:08 . 2010-02-09 09:08 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesCommon FilesPCSuite
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesPC Connectivity Solution
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerfltj.sys
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerflt.sys
2010-02-09 09:01 . 2009-10-06 08:52 22016 —-a-w- c:windowssystem32driversccdcmbo.sys
2010-02-09 09:01 . 2009-10-06 08:55 1112288 —-a-w- c:windowssystem32wdfcoinstaller01007.dll
2010-02-09 09:01 . 2009-10-06 08:52 660480 —-a-w- c:windowssystem32nmwcdcocls.dll
2010-02-09 09:01 . 2009-10-06 08:52 17664 —-a-w- c:windowssystem32driversccdcmb.sys
2010-02-09 08:59 . 2010-02-09 08:58 34864192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-02-09 08:59 . 2010-02-09 08:59 95232 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-02-09 08:59 . 2010-02-09 08:59 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-02-09 08:13 . 2010-02-09 08:13
d
w- c:documents and settings??????
2010-02-03 20:04 . 2010-02-03 20:04
d
w- c:documents and settingsAll UsersApplication DataUbisoft.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-25 23:37 . 2009-05-21 18:40
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-02-16 09:11 . 2008-11-23 17:54
d—h—w- c:program filesInstallShield Installation Information
2010-02-13 07:44 . 2008-11-23 18:02
d
w- c:program filesESET
2010-02-09 09:10 . 2008-11-23 19:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-02-09 09:10 . 2009-01-08 22:41
d
w- c:program filesCommon FilesNokia
2010-02-09 09:10 . 2008-11-23 19:23
d
w- c:program filesNokia
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-01-17 08:50 . 2010-01-17 08:50
d
w- c:program filesStanza
2010-01-17 08:47 . 2010-01-17 08:47 41704 —ha-w- c:windowssystem32mlfcache.dat
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:program filesMalwarebytes’ Anti-Malware
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2010-01-07 13:07 . 2010-01-12 09:52 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2010-01-07 13:07 . 2010-01-12 09:52 19160 —-a-w- c:windowssystem32driversmbam.sys
2010-01-03 11:06 . 2009-01-12 16:25
d
r- c:program filesSkype
2010-01-03 11:06 . 2010-01-03 11:06
d
w- c:program filesCommon FilesSkype
2010-01-03 11:06 . 2009-01-12 16:25
d
w- c:documents and settingsAll UsersApplication DataSkype
2009-12-30 05:17 . 2009-12-30 05:16
d
w- c:program filesiTunes
2009-12-30 05:17 . 2009-12-30 05:16
d
w- c:documents and settingsAll UsersApplication Data{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-30 05:16 . 2009-12-30 05:16
d
w- c:program filesiPod
2009-12-30 05:16 . 2008-12-02 13:09
d
w- c:program filesCommon FilesApple
2009-12-30 05:15 . 2009-12-30 05:15
d
w- c:program filesQuickTime
2009-12-30 05:11 . 2009-12-30 05:11 79144 —-a-w- c:documents and settingsAll UsersApplication DataApple ComputerInstaller CacheiTunes 9.0.2.25SetupAdmin.exe
2009-12-20 19:27 . 2009-12-20 19:27 1924200 —-a-w- c:documents and settingsAll UsersApplication DataNOSAdobe_Downloadsinstall_flash_player.exe
2009-08-31 13:55 . 2009-10-06 06:48 118000 —-a-w- c:program filesmozilla firefoxcomponentsqippipe.dll
.
Sigcheck
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32SfcFiles.dll
[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcacheSfcFiles.dll[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}»= «c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll» [2009-07-14 150768][HKEY_CLASSES_ROOTclsid{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO.1]
[HKEY_CLASSES_ROOTTypeLib{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO][HKEY_LOCAL_MACHINE~Browser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 09:08 150768 —-a-w- c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536]
«LDM»=»c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe» [2009-01-29 67128]
«Start WingMan Profiler»=»c:program filesLogitechProfilerlwemon.exe» [2006-07-05 60416]
«AlcoholAutomount»=»e:alcohol 120axcmd.exe» [2009-03-17 203928]
«Backup4all 3″=»c:program filesSoftlandBackup4all 3Backup4all.exe» [2007-11-05 3133080]
«Backup4all Scheduler»=»c:program filesSoftlandBackup4all 3b4aSched.Exe» [2007-11-05 478360]
«SJelite3Launch»=»c:documents and settingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe» [2009-09-18 176128]
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=»LBTWIZ.EXE -silent» [X]
«Kernel and Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«TaskSwitchXP»=»c:program filesTaskSwitchXPTaskSwitchXP.exe» [2007-03-09 62976]
«JMB36X IDE Setup»=»c:windowsRaidToolxInsIDE.exe» [2007-03-20 36864]
«36X Raid Configurer»=»c:windowssystem32xRaidSetup.exe» [2007-03-21 1953792]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«zBrowser Launcher»=»c:program filesLogitechiTouchiTouch.exe» [2002-11-22 631362]
«Logitech Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«MAgent»=»c:program filesMail.RuAgentmagent.exe» [2009-07-27 7975608]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-08-18 1447168]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«Ai Remote Help»=»c:program filesASUSAI RemoteAiRc.exe» [2007-09-03 3346432]
«ASUS UpdateChecker»=»c:program filesASUSUpdateCheckerUpdateChecker.exe» [2008-11-03 110592]
«Ai Nap»=»c:program filesASUSAI SuiteAiNapAiNap.exe» [2008-01-28 1413120]
«CPU Power Monitor»=»c:program filesASUSAI SuiteAiGear3CpuPowerMonitor.exe» [2008-01-09 627200]
«Cpu Level Up help»=»c:program filesASUSAI SuiteCpuLevelUpHelp.exe» [2007-11-30 881152]
«ASUS Energy Saving»=»c:program filesASUSAI SuiteEnergySavingPwSave.exe» [2008-01-28 1352704]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2008-04-15 110592]
«DiscWizardMonitor.exe»=»c:program filesSeagateDiscWizardDiscWizardMonitor.exe» [2007-09-04 1188864]
«AcronisTimounterMonitor»=»c:program filesSeagateDiscWizardTimounterMonitor.exe» [2007-09-04 1963768]
«Acronis Scheduler2 Service»=»c:program filesCommon FilesSeagateSchedule2schedhlp.exe» [2007-09-04 148760]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2009-07-14 98304]
«QuickTime Task»=»c:program filesQuickTimeQTTask.exe» [2009-11-10 417792]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2009-11-12 141600]
«UPSMON»=»c:program filesUPSMONUPSMON.exe» [2008-07-02 433664][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 37376]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» [2009-10-29 124928]
«IE7_013″=»rebuild.exe» [2007-11-01 114280]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-1-29 67128]
Logitech SetPoint.lnk — c:program filesLogitechSetPointSetPoint.exe [2009-3-24 809488][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLBTWlgn]
2009-02-18 21:30 72208 —-a-w- c:program filesCommon FilesLogitechBluetoothLBTWLgn.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
@=»»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«c:\Program Files\Starlink VideoLAN\vlc.exe»=
«e:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«e:\Ventrilo\Ventrilo.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«e:\Gears of War\Binaries\WarGame-G4WLive.exe»=
«e:\uTorrent\uTorrent.exe»=
«e:\Race Driver GRID\GRID.exe»=
«e:\SREETFIGHTERIV\StreetFighterIV.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\xrEngine.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\dedicated\xrEngine.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«e:\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\xrEngine.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\dedicated\xrEngine.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx9.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx10.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Launcher.exe»=
«c:\Program Files\ICQ7.0\ICQ.exe»=
«c:\Program Files\ICQ7.0\aolload.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«d:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26689:TCP»= 26689:TCPR0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc);c:windowssystem32driverspe3ajtsc.sys [15.08.2007 15:11 64640]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc);c:windowssystem32driversps7ajtsc.sys [15.08.2007 15:11 68744]
R0 sptd;sptd;c:windowssystem32driverssptd.sys [23.11.2008 20:22 721904]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [08.10.2009 2:40 3069040]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [18.08.2008 13:27 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [18.08.2008 13:25 468224]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc);c:windowssystem32pr2ajtsc.exe svc —> c:windowssystem32pr2ajtsc.exe svc [?]— Other Services/Drivers In Memory —
*NewlyCreated* — HELPSVC
*NewlyCreated* — UPSMONSERVICE[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
DcomLaunch REG_MULTI_SZ DcomLaunch TermService Netprotocol
.
Contents of the ‘Scheduled Tasks’ folder2010-02-25 c:windowsTasksb4a_bp6.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-25 c:windowsTasksb4a_Мои документы.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-25 c:windowsTasksOGALogon.job
— c:windowssystem32OGAEXEC.exe [2009-08-03 11:07]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.lofisnet.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:download masterdmieall.htm
IE: Закачать при помощи Download Master — d:download masterdmie.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} — c:program filesICQ7.0ICQ.exe
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:download masterdmaster.exe
TCP: {A80D0705-8D40-4C7D-AFE9-E8D841452343} = 80.79.176.2,80.79.176.3
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
FF — ProfilePath — c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.default
FF — prefs.js: browser.search.selectedEngine — QIP Search
FF — prefs.js: browser.startup.homepage — hxxp://info.starlink.ru/
FF — prefs.js: keyword.URL — hxxp://search.qip.ru/search?from=FF&query=
FF — component: c:program filesMozilla Firefoxcomponentsqippipe.dll
FF — component: c:program filesMozilla Firefoxextensions{B13721C7-F507-4982-B2E5-502A71474FED}componentsNPComponent.dll
FF — component: c:program filesNokiaNokia PC Suite 7bkmrksynccomponentsBkMrkExt.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesStarlink VideoLANnpvlc.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension—- FIREFOX POLICIES —-
FF — user.js: general.useragent.extra.zencast — Creative ZENcast v2.01.01.
— — — — ORPHANS REMOVED — — — —URLSearchHooks-{83821C2B-32A8-4DD7-B6D4-44309A78E668} — c:program filesMail.RuAgentMradllnewmrasearch.dll
HKLM-Run-plugin — c:program filesplugin.exe**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-26 02:38
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spdm.sys >>UNKNOWN [0x8ADA7938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
DriverDisk -> CLASSPNP.SYS @ 0xba11cf28
DriverACPI -> ACPI.sys @ 0xb9e66cb8
Driveratapi -> atapi.sys @ 0xb9de5b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
DeviceHarddisk0DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9cedbb0
PacketIndicateHandler -> NDIS.sys @ 0xb9cfab21
SendHandler -> NDIS.sys @ 0xb9cd887b
user & kernel MBR OK**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(936)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:program filescommon fileslogitechbluetoothLBTWlgn.dll
c:program filescommon fileslogitechbluetoothLBTServ.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(1008)
c:windowssystem32setupapi.dll— — — — — — — > ‘explorer.exe'(6140)
c:windowssystem32WININET.dll
c:program filesLogitechSetPointIMHook.dll
c:program filesVisualTaskTipsVttHooks.dll
c:program filesLogitechSetPointlgscroll.dll
c:windowssystem32COMRes.dll
c:windowsSystem32cscui.dll
c:program filesLogitechiTouchiTchHk.dll
c:windowssystem32msi.dll
c:windowssystem32SETUPAPI.dll
c:windowssystem32WPDShServiceObj.dll
c:program filesNokiaNokia PC Suite 7PhoneBrowser.dll
c:program filesNokiaNokia PC Suite 7NGSCM.DLL
c:program filesNokiaNokia PC Suite 7LangPhoneBrowser_rus.nlr
c:program filesNokiaNokia PC Suite 7ResourcePhoneBrowser_Nokia.ngr
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
c:windowssystem32credui.dll
c:windowssystem32MSVCP60.dll
.
Other Running Processes
.
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesLogitechBluetoothLBTServ.exe
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesSeagateSchedule2schedul2.exe
c:program filesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
c:program filesBonjourmDNSResponder.exe
c:windowssystem32inetsrvinetinfo.exe
c:program filesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
c:windowssystem32PnkBstrA.exe
e:alcohol 120StarWindStarWindServiceAE.exe
c:windowssystem32dllhost.exe
c:windowsSystem32vssvc.exe
c:program filesLogitechSetPointLBTWiz.exe
c:windowssystem32rundll32.exe
c:program filesASUSAASP1.00.59aaCenter.exe
c:program filesASUSAI RemoteAiRemote.exe
c:program filesATI TechnologiesATI.ACECore-StaticMOM.exe
c:windowssystem32dllhost.exe
c:program filesUPSMONUPSMON_Service.Exe
c:program filesCommon FilesLogishrdKHAL2KHALMNPR.EXE
c:windowssystem32msdtc.exe
c:program filesUPSMONUPSUSBInt3.exe
c:program filesPC Connectivity SolutionServiceLayer.exe
c:program filesATI TechnologiesATI.ACECore-Staticccc.exe
c:program filesiPodbiniPodService.exe
c:program filesPC Connectivity SolutionTransportsNclUSBSrv.exe
c:program filesPC Connectivity SolutionTransportsNclRSSrv.exe
c:program filesPC Connectivity SolutionTransportsNclMSBTSrv.exe
.
**************************************************************************
.
Completion time: 2010-02-26 02:39:46 — machine was rebooted
ComboFix-quarantined-files.txt 2010-02-25 23:39Pre-Run: 13 538 328 576 байт свободно
Post-Run: 15 286 509 568 байт свободноWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional RU» /noexecute=optin /fastdetect— — End Of File — — DA5173FB72912EEE676FEE9F12DE47C5
Запустите редактор реестра, для этого кликните Пуск, затем Выполнить, введите regedit и нажмите Enter.
В левой панели открывайте по очереде следующие ключи реестра:HKEY_LOCAL_MACHINE
software
microsoft
windows nt
currentversion
svchostВ правой панели найдите параметр DcomLaunch, и кликните по нему дважды.
Откроется окно, отредактируйте текст, чтобы былоDcomLaunch
TermServiceто есть удалите третию строчку Netprotocol.
Кликните OK и закройте редактор реестра.Откройте блокнот (Кликните Пуск, Выполнить, в строке ввода введите notepad и нажмите Enter) и вставьте в него следующий текст:
File::
c:windowssystem32rjU0dZJ.exe
c:windowssystem32Aee2Uan.exe
c:windowssystem32Lpkbnt4.exe
c:windowssystem32gHqmFsZ.exe
c:windowssystem32CUUip9Y.exe
c:windowssystem32oh6jlmm.exe
c:windowssystem32qypO8wq.exe
c:windowssystem32CkhD9Ga.exe
c:windowssystem32no5bVlY.exe
c:windowssystem32v0DWEPF.exe
c:windowssystem32QtwhHFn.exe
c:windowssystem32X6mstvE.exe
c:windowssystem32O1nQLoW.exe
MBR::Запишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.
Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.ComboFix 10-02-25.02 — Андрей 28.02.2010 15:13:29.3.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3071.2529 [GMT 3:00]
Running from: c:documents and settingsАндрейРабочий столComboFix.exe
Command switches used :: c:documents and settingsАндрейРабочий столCFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is activeFILE ::
«c:windowssystem32Aee2Uan.exe»
«c:windowssystem32CkhD9Ga.exe»
«c:windowssystem32CUUip9Y.exe»
«c:windowssystem32gHqmFsZ.exe»
«c:windowssystem32Lpkbnt4.exe»
«c:windowssystem32no5bVlY.exe»
«c:windowssystem32O1nQLoW.exe»
«c:windowssystem32oh6jlmm.exe»
«c:windowssystem32QtwhHFn.exe»
«c:windowssystem32qypO8wq.exe»
«c:windowssystem32rjU0dZJ.exe»
«c:windowssystem32v0DWEPF.exe»
«c:windowssystem32X6mstvE.exe»
.((((((((((((((((((((((((( Files Created from 2010-01-28 to 2010-02-28 )))))))))))))))))))))))))))))))
.2010-02-16 09:10 . 2010-02-16 12:59
d
w- c:program filesICQ7.0
2010-02-15 15:08 . 2010-02-28 12:17
d
w- c:documents and settingsAll UsersUPSMON
2010-02-15 15:06 . 2010-02-28 12:18
d
w- c:program filesUPSMON
2010-02-15 15:05 . 2008-07-20 09:07 10240 -c—a-w- c:windowssystem32dllcachecompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 10240 —-a-w- c:windowssystem32driverscompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 -c—a-w- c:windowssystem32dllcachehidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 —-a-w- c:windowssystem32drivershidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 -c—a-w- c:windowssystem32dllcachebattc.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 —-a-w- c:windowssystem32driversbattc.sys
2010-02-14 10:28 . 2010-02-14 10:28 31744 —-a-w- c:windowssystem32bd4d22d1.exe
2010-02-13 22:47 . 2010-02-13 22:47
d
w- c:program filestrend micro
2010-02-13 22:47 . 2010-02-13 22:47
d
w- C:rsit
2010-02-13 06:38 . 2010-02-13 06:38
d
w- c:documents and settingsАдминистраторDoctorWeb
2010-02-13 06:34 . 2010-02-13 06:34
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataMozilla
2010-02-12 23:03 . 2010-02-12 23:03 83968 —-a-w- c:windowssystem32dubpDkV.exe
2010-02-11 20:34 . 2010-02-11 20:34
d
w- c:program filesCommon Fileswm
2010-02-09 09:09 . 2010-02-09 08:59 24536384 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_ru.exe
2010-02-09 09:08 . 2010-02-09 09:08 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-02-09 09:08 . 2010-02-09 09:08 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-02-09 09:08 . 2010-02-09 09:08 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesCommon FilesPCSuite
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesPC Connectivity Solution
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerfltj.sys
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerflt.sys
2010-02-09 09:01 . 2009-10-06 08:52 22016 —-a-w- c:windowssystem32driversccdcmbo.sys
2010-02-09 09:01 . 2009-10-06 08:55 1112288 —-a-w- c:windowssystem32wdfcoinstaller01007.dll
2010-02-09 09:01 . 2009-10-06 08:52 660480 —-a-w- c:windowssystem32nmwcdcocls.dll
2010-02-09 09:01 . 2009-10-06 08:52 17664 —-a-w- c:windowssystem32driversccdcmb.sys
2010-02-09 08:59 . 2010-02-09 08:58 34864192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-02-09 08:59 . 2010-02-09 08:59 95232 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-02-09 08:59 . 2010-02-09 08:59 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-02-09 08:13 . 2010-02-09 08:13
d
w- c:documents and settings??????
2010-02-03 20:04 . 2010-02-03 20:04
d
w- c:documents and settingsAll UsersApplication DataUbisoft.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 12:18 . 2009-05-21 18:40
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-02-28 05:24 . 2008-11-23 17:16 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-02-26 09:24 . 2008-11-23 19:36
d
w- c:documents and settingsAll UsersApplication DataMicrosoft Help
2010-02-16 09:11 . 2008-11-23 17:54
d—h—w- c:program filesInstallShield Installation Information
2010-02-13 07:44 . 2008-11-23 18:02
d
w- c:program filesESET
2010-02-09 09:10 . 2008-11-23 19:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-02-09 09:10 . 2009-01-08 22:41
d
w- c:program filesCommon FilesNokia
2010-02-09 09:10 . 2008-11-23 19:23
d
w- c:program filesNokia
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-01-17 08:50 . 2010-01-17 08:50
d
w- c:program filesStanza
2010-01-17 08:47 . 2010-01-17 08:47 41704 —ha-w- c:windowssystem32mlfcache.dat
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:program filesMalwarebytes’ Anti-Malware
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2010-01-07 13:07 . 2010-01-12 09:52 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2010-01-07 13:07 . 2010-01-12 09:52 19160 —-a-w- c:windowssystem32driversmbam.sys
2010-01-05 09:48 . 2008-07-20 07:07 841216
w- c:windowssystem32wininet.dll
2010-01-05 09:48 . 2008-07-20 07:07 78336 —-a-w- c:windowssystem32ieencode.dll
2010-01-05 09:48 . 2008-07-20 07:07 17408 —-a-w- c:windowssystem32corpol.dll
2010-01-03 11:06 . 2009-01-12 16:25
d
r- c:program filesSkype
2010-01-03 11:06 . 2010-01-03 11:06
d
w- c:program filesCommon FilesSkype
2010-01-03 11:06 . 2009-01-12 16:25
d
w- c:documents and settingsAll UsersApplication DataSkype
2009-12-31 16:50 . 2008-04-15 12:00 353792 —-a-w- c:windowssystem32driverssrv.sys
2009-12-30 05:11 . 2009-12-30 05:11 79144 —-a-w- c:documents and settingsAll UsersApplication DataApple ComputerInstaller CacheiTunes 9.0.2.25SetupAdmin.exe
2009-12-20 19:27 . 2009-12-20 19:27 1924200 —-a-w- c:documents and settingsAll UsersApplication DataNOSAdobe_Downloadsinstall_flash_player.exe
2009-12-17 07:42 . 2008-11-23 17:11 345088 —-a-w- c:windowssystem32mspaint.exe
2009-12-14 07:10 . 2008-04-15 12:00 33280 —-a-w- c:windowssystem32csrsrv.dll
2009-12-09 10:03 . 2008-06-18 12:53 2147328
w- c:windowssystem32ntoskrnl.exe
2009-12-09 10:03 . 2008-07-20 12:07 2025984
w- c:windowssystem32ntkrnlpa.exe
2009-12-04 17:25 . 2008-07-20 07:07 456832 —-a-w- c:windowssystem32driversmrxsmb.sys
2009-08-31 13:55 . 2009-10-06 06:48 118000 —-a-w- c:program filesmozilla firefoxcomponentsqippipe.dll
.
Sigcheck
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32SfcFiles.dll
[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcacheSfcFiles.dll[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-02-28_05.41.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-23 17:13 . 2010-02-28 12:17 207101 c:windowssystem32inetsrvMetaBase.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}»= «c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll» [2009-07-14 150768][HKEY_CLASSES_ROOTclsid{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO.1]
[HKEY_CLASSES_ROOTTypeLib{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO][HKEY_LOCAL_MACHINE~Browser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 09:08 150768 —-a-w- c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536]
«LDM»=»c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe» [2009-01-29 67128]
«Start WingMan Profiler»=»c:program filesLogitechProfilerlwemon.exe» [2006-07-05 60416]
«AlcoholAutomount»=»e:alcohol 120axcmd.exe» [2009-03-17 203928]
«Backup4all 3″=»c:program filesSoftlandBackup4all 3Backup4all.exe» [2007-11-05 3133080]
«Backup4all Scheduler»=»c:program filesSoftlandBackup4all 3b4aSched.Exe» [2007-11-05 478360]
«SJelite3Launch»=»c:documents and settingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe» [2009-09-18 176128]
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=»LBTWIZ.EXE -silent» [X]
«Kernel and Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«TaskSwitchXP»=»c:program filesTaskSwitchXPTaskSwitchXP.exe» [2007-03-09 62976]
«JMB36X IDE Setup»=»c:windowsRaidToolxInsIDE.exe» [2007-03-20 36864]
«36X Raid Configurer»=»c:windowssystem32xRaidSetup.exe» [2007-03-21 1953792]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«zBrowser Launcher»=»c:program filesLogitechiTouchiTouch.exe» [2002-11-22 631362]
«Logitech Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«MAgent»=»c:program filesMail.RuAgentmagent.exe» [2009-07-27 7975608]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-08-18 1447168]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«Ai Remote Help»=»c:program filesASUSAI RemoteAiRc.exe» [2007-09-03 3346432]
«ASUS UpdateChecker»=»c:program filesASUSUpdateCheckerUpdateChecker.exe» [2008-11-03 110592]
«Ai Nap»=»c:program filesASUSAI SuiteAiNapAiNap.exe» [2008-01-28 1413120]
«CPU Power Monitor»=»c:program filesASUSAI SuiteAiGear3CpuPowerMonitor.exe» [2008-01-09 627200]
«Cpu Level Up help»=»c:program filesASUSAI SuiteCpuLevelUpHelp.exe» [2007-11-30 881152]
«ASUS Energy Saving»=»c:program filesASUSAI SuiteEnergySavingPwSave.exe» [2008-01-28 1352704]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2008-04-15 110592]
«DiscWizardMonitor.exe»=»c:program filesSeagateDiscWizardDiscWizardMonitor.exe» [2007-09-04 1188864]
«AcronisTimounterMonitor»=»c:program filesSeagateDiscWizardTimounterMonitor.exe» [2007-09-04 1963768]
«Acronis Scheduler2 Service»=»c:program filesCommon FilesSeagateSchedule2schedhlp.exe» [2007-09-04 148760]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2009-07-14 98304]
«QuickTime Task»=»c:program filesQuickTimeQTTask.exe» [2009-11-10 417792]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2009-11-12 141600]
«UPSMON»=»c:program filesUPSMONUPSMON.exe» [2008-07-02 433664][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 37376]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» [2010-01-05 124928]
«IE7_013″=»rebuild.exe» [2007-11-01 114280]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-1-29 67128]
Logitech SetPoint.lnk — c:program filesLogitechSetPointSetPoint.exe [2009-3-24 809488][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLBTWlgn]
2009-02-18 21:30 72208 —-a-w- c:program filesCommon FilesLogitechBluetoothLBTWLgn.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
@=»»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«c:\Program Files\Starlink VideoLAN\vlc.exe»=
«e:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«e:\Ventrilo\Ventrilo.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«e:\Gears of War\Binaries\WarGame-G4WLive.exe»=
«e:\uTorrent\uTorrent.exe»=
«e:\Race Driver GRID\GRID.exe»=
«e:\SREETFIGHTERIV\StreetFighterIV.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\xrEngine.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\dedicated\xrEngine.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«e:\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\xrEngine.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\dedicated\xrEngine.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx9.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx10.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Launcher.exe»=
«c:\Program Files\ICQ7.0\ICQ.exe»=
«c:\Program Files\ICQ7.0\aolload.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«d:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26689:TCP»= 26689:TCPR0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc);c:windowssystem32driverspe3ajtsc.sys [15.08.2007 15:11 64640]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc);c:windowssystem32driversps7ajtsc.sys [15.08.2007 15:11 68744]
R0 sptd;sptd;c:windowssystem32driverssptd.sys [23.11.2008 20:22 721904]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [08.10.2009 2:40 3069040]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [18.08.2008 13:27 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [18.08.2008 13:25 468224]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc);c:windowssystem32pr2ajtsc.exe svc —> c:windowssystem32pr2ajtsc.exe svc [?]— Other Services/Drivers In Memory —
*NewlyCreated* — UPSMONSERVICE
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
DcomLaunch REG_MULTI_SZ DcomLaunch TermService Netprotocol
.
Contents of the ‘Scheduled Tasks’ folder2010-02-27 c:windowsTasksb4a_bp6.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-27 c:windowsTasksb4a_Мои документы.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-28 c:windowsTasksOGALogon.job
— c:windowssystem32OGAEXEC.exe [2009-08-03 11:07]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.lofisnet.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:download masterdmieall.htm
IE: Закачать при помощи Download Master — d:download masterdmie.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} — c:program filesICQ7.0ICQ.exe
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:download masterdmaster.exe
TCP: {A80D0705-8D40-4C7D-AFE9-E8D841452343} = 80.79.176.2,80.79.176.3
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
FF — ProfilePath — c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.default
FF — prefs.js: browser.search.selectedEngine — QIP Search
FF — prefs.js: browser.startup.homepage — hxxp://info.starlink.ru/
FF — prefs.js: keyword.URL — hxxp://search.qip.ru/search?from=FF&query=
FF — component: c:program filesMozilla Firefoxcomponentsqippipe.dll
FF — component: c:program filesMozilla Firefoxextensions{B13721C7-F507-4982-B2E5-502A71474FED}componentsNPComponent.dll
FF — component: c:program filesNokiaNokia PC Suite 7bkmrksynccomponentsBkMrkExt.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesStarlink VideoLANnpvlc.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension—- FIREFOX POLICIES —-
FF — user.js: general.useragent.extra.zencast — Creative ZENcast v2.01.01.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 15:17
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spro.sys >>UNKNOWN [0x8ADB6938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
DriverDisk -> CLASSPNP.SYS @ 0xba11cf28
DriverACPI -> ACPI.sys @ 0xb9e66cb8
Driveratapi -> atapi.sys @ 0xb9de5b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
DeviceHarddisk0DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9cdbbb0
PacketIndicateHandler -> NDIS.sys @ 0xb9ce8b21
SendHandler -> NDIS.sys @ 0xb9cc687b
user & kernel MBR OK**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(936)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:program filescommon fileslogitechbluetoothLBTWlgn.dll
c:program filescommon fileslogitechbluetoothLBTServ.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(1008)
c:windowssystem32setupapi.dll— — — — — — — > ‘explorer.exe'(2180)
c:windowssystem32WININET.dll
c:program filesLogitechSetPointIMHook.dll
c:program filesVisualTaskTipsVttHooks.dll
c:program filesLogitechSetPointlgscroll.dll
c:windowssystem32COMRes.dll
c:windowsSystem32cscui.dll
c:program filesLogitechiTouchiTchHk.dll
c:windowssystem32SETUPAPI.dll
c:windowssystem32msi.dll
c:windowssystem32WPDShServiceObj.dll
c:program filesNokiaNokia PC Suite 7PhoneBrowser.dll
c:program filesNokiaNokia PC Suite 7NGSCM.DLL
c:program filesNokiaNokia PC Suite 7LangPhoneBrowser_rus.nlr
c:program filesNokiaNokia PC Suite 7ResourcePhoneBrowser_Nokia.ngr
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
c:windowssystem32credui.dll
c:windowssystem32MSVCP60.dll
.
Other Running Processes
.
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesLogitechBluetoothLBTServ.exe
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesSeagateSchedule2schedul2.exe
c:program filesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
c:program filesBonjourmDNSResponder.exe
c:windowssystem32inetsrvinetinfo.exe
c:program filesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
c:windowssystem32PnkBstrA.exe
e:alcohol 120StarWindStarWindServiceAE.exe
c:windowssystem32dllhost.exe
c:windowsSystem32vssvc.exe
c:windowssystem32dllhost.exe
c:windowssystem32msdtc.exe
c:program filesLogitechSetPointLBTWiz.exe
c:windowssystem32rundll32.exe
c:program filesASUSAASP1.00.59aaCenter.exe
c:program filesASUSAI RemoteAiRemote.exe
c:program filesATI TechnologiesATI.ACECore-StaticMOM.exe
c:program filesUPSMONUPSMON_Service.Exe
c:program filesCommon FilesLogishrdKHAL2KHALMNPR.EXE
c:program filesATI TechnologiesATI.ACECore-Staticccc.exe
c:program filesiPodbiniPodService.exe
c:program filesUPSMONUPSUSBInt3.exe
c:program filesPC Connectivity SolutionServiceLayer.exe
c:program filesPC Connectivity SolutionTransportsNclUSBSrv.exe
c:program filesPC Connectivity SolutionTransportsNclRSSrv.exe
c:program filesPC Connectivity SolutionTransportsNclMSBTSrv.exe
.
**************************************************************************
.
Completion time: 2010-02-28 15:19:48 — machine was rebooted
ComboFix-quarantined-files.txt 2010-02-28 12:19
ComboFix2.txt 2010-02-28 05:44
ComboFix3.txt 2010-02-25 23:39Pre-Run: 14 951 153 664 байт свободно
Post-Run: 14 916 173 824 байт свободно— — End Of File — — 1A0BE42A0D65E8CD204647B1090BFF80
ComboFix 10-02-25.02 — Андрей 28.02.2010 15:13:29.3.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3071.2529 [GMT 3:00]
Running from: c:documents and settingsАндрейРабочий столComboFix.exe
Command switches used :: c:documents and settingsАндрейРабочий столCFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is activeFILE ::
«c:windowssystem32Aee2Uan.exe»
«c:windowssystem32CkhD9Ga.exe»
«c:windowssystem32CUUip9Y.exe»
«c:windowssystem32gHqmFsZ.exe»
«c:windowssystem32Lpkbnt4.exe»
«c:windowssystem32no5bVlY.exe»
«c:windowssystem32O1nQLoW.exe»
«c:windowssystem32oh6jlmm.exe»
«c:windowssystem32QtwhHFn.exe»
«c:windowssystem32qypO8wq.exe»
«c:windowssystem32rjU0dZJ.exe»
«c:windowssystem32v0DWEPF.exe»
«c:windowssystem32X6mstvE.exe»
.((((((((((((((((((((((((( Files Created from 2010-01-28 to 2010-02-28 )))))))))))))))))))))))))))))))
.2010-02-16 09:10 . 2010-02-16 12:59
d
w- c:program filesICQ7.0
2010-02-15 15:08 . 2010-02-28 12:17
d
w- c:documents and settingsAll UsersUPSMON
2010-02-15 15:06 . 2010-02-28 12:18
d
w- c:program filesUPSMON
2010-02-15 15:05 . 2008-07-20 09:07 10240 -c—a-w- c:windowssystem32dllcachecompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 10240 —-a-w- c:windowssystem32driverscompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 -c—a-w- c:windowssystem32dllcachehidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 —-a-w- c:windowssystem32drivershidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 -c—a-w- c:windowssystem32dllcachebattc.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 —-a-w- c:windowssystem32driversbattc.sys
2010-02-14 10:28 . 2010-02-14 10:28 31744 —-a-w- c:windowssystem32bd4d22d1.exe
2010-02-13 22:47 . 2010-02-13 22:47
d
w- c:program filestrend micro
2010-02-13 22:47 . 2010-02-13 22:47
d
w- C:rsit
2010-02-13 06:38 . 2010-02-13 06:38
d
w- c:documents and settingsАдминистраторDoctorWeb
2010-02-13 06:34 . 2010-02-13 06:34
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataMozilla
2010-02-12 23:03 . 2010-02-12 23:03 83968 —-a-w- c:windowssystem32dubpDkV.exe
2010-02-11 20:34 . 2010-02-11 20:34
d
w- c:program filesCommon Fileswm
2010-02-09 09:09 . 2010-02-09 08:59 24536384 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_ru.exe
2010-02-09 09:08 . 2010-02-09 09:08 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-02-09 09:08 . 2010-02-09 09:08 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-02-09 09:08 . 2010-02-09 09:08 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesCommon FilesPCSuite
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesPC Connectivity Solution
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerfltj.sys
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerflt.sys
2010-02-09 09:01 . 2009-10-06 08:52 22016 —-a-w- c:windowssystem32driversccdcmbo.sys
2010-02-09 09:01 . 2009-10-06 08:55 1112288 —-a-w- c:windowssystem32wdfcoinstaller01007.dll
2010-02-09 09:01 . 2009-10-06 08:52 660480 —-a-w- c:windowssystem32nmwcdcocls.dll
2010-02-09 09:01 . 2009-10-06 08:52 17664 —-a-w- c:windowssystem32driversccdcmb.sys
2010-02-09 08:59 . 2010-02-09 08:58 34864192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-02-09 08:59 . 2010-02-09 08:59 95232 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-02-09 08:59 . 2010-02-09 08:59 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-02-09 08:13 . 2010-02-09 08:13
d
w- c:documents and settings??????
2010-02-03 20:04 . 2010-02-03 20:04
d
w- c:documents and settingsAll UsersApplication DataUbisoft.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 12:18 . 2009-05-21 18:40
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-02-28 05:24 . 2008-11-23 17:16 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-02-26 09:24 . 2008-11-23 19:36
d
w- c:documents and settingsAll UsersApplication DataMicrosoft Help
2010-02-16 09:11 . 2008-11-23 17:54
d—h—w- c:program filesInstallShield Installation Information
2010-02-13 07:44 . 2008-11-23 18:02
d
w- c:program filesESET
2010-02-09 09:10 . 2008-11-23 19:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-02-09 09:10 . 2009-01-08 22:41
d
w- c:program filesCommon FilesNokia
2010-02-09 09:10 . 2008-11-23 19:23
d
w- c:program filesNokia
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-01-17 08:50 . 2010-01-17 08:50
d
w- c:program filesStanza
2010-01-17 08:47 . 2010-01-17 08:47 41704 —ha-w- c:windowssystem32mlfcache.dat
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:program filesMalwarebytes’ Anti-Malware
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2010-01-07 13:07 . 2010-01-12 09:52 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2010-01-07 13:07 . 2010-01-12 09:52 19160 —-a-w- c:windowssystem32driversmbam.sys
2010-01-05 09:48 . 2008-07-20 07:07 841216
w- c:windowssystem32wininet.dll
2010-01-05 09:48 . 2008-07-20 07:07 78336 —-a-w- c:windowssystem32ieencode.dll
2010-01-05 09:48 . 2008-07-20 07:07 17408 —-a-w- c:windowssystem32corpol.dll
2010-01-03 11:06 . 2009-01-12 16:25
d
r- c:program filesSkype
2010-01-03 11:06 . 2010-01-03 11:06
d
w- c:program filesCommon FilesSkype
2010-01-03 11:06 . 2009-01-12 16:25
d
w- c:documents and settingsAll UsersApplication DataSkype
2009-12-31 16:50 . 2008-04-15 12:00 353792 —-a-w- c:windowssystem32driverssrv.sys
2009-12-30 05:11 . 2009-12-30 05:11 79144 —-a-w- c:documents and settingsAll UsersApplication DataApple ComputerInstaller CacheiTunes 9.0.2.25SetupAdmin.exe
2009-12-20 19:27 . 2009-12-20 19:27 1924200 —-a-w- c:documents and settingsAll UsersApplication DataNOSAdobe_Downloadsinstall_flash_player.exe
2009-12-17 07:42 . 2008-11-23 17:11 345088 —-a-w- c:windowssystem32mspaint.exe
2009-12-14 07:10 . 2008-04-15 12:00 33280 —-a-w- c:windowssystem32csrsrv.dll
2009-12-09 10:03 . 2008-06-18 12:53 2147328
w- c:windowssystem32ntoskrnl.exe
2009-12-09 10:03 . 2008-07-20 12:07 2025984
w- c:windowssystem32ntkrnlpa.exe
2009-12-04 17:25 . 2008-07-20 07:07 456832 —-a-w- c:windowssystem32driversmrxsmb.sys
2009-08-31 13:55 . 2009-10-06 06:48 118000 —-a-w- c:program filesmozilla firefoxcomponentsqippipe.dll
.
Sigcheck
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32SfcFiles.dll
[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcacheSfcFiles.dll[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-02-28_05.41.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-23 17:13 . 2010-02-28 12:17 207101 c:windowssystem32inetsrvMetaBase.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}»= «c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll» [2009-07-14 150768][HKEY_CLASSES_ROOTclsid{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO.1]
[HKEY_CLASSES_ROOTTypeLib{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO][HKEY_LOCAL_MACHINE~Browser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 09:08 150768 —-a-w- c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536]
«LDM»=»c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe» [2009-01-29 67128]
«Start WingMan Profiler»=»c:program filesLogitechProfilerlwemon.exe» [2006-07-05 60416]
«AlcoholAutomount»=»e:alcohol 120axcmd.exe» [2009-03-17 203928]
«Backup4all 3″=»c:program filesSoftlandBackup4all 3Backup4all.exe» [2007-11-05 3133080]
«Backup4all Scheduler»=»c:program filesSoftlandBackup4all 3b4aSched.Exe» [2007-11-05 478360]
«SJelite3Launch»=»c:documents and settingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe» [2009-09-18 176128]
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=»LBTWIZ.EXE -silent» [X]
«Kernel and Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«TaskSwitchXP»=»c:program filesTaskSwitchXPTaskSwitchXP.exe» [2007-03-09 62976]
«JMB36X IDE Setup»=»c:windowsRaidToolxInsIDE.exe» [2007-03-20 36864]
«36X Raid Configurer»=»c:windowssystem32xRaidSetup.exe» [2007-03-21 1953792]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«zBrowser Launcher»=»c:program filesLogitechiTouchiTouch.exe» [2002-11-22 631362]
«Logitech Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«MAgent»=»c:program filesMail.RuAgentmagent.exe» [2009-07-27 7975608]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-08-18 1447168]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«Ai Remote Help»=»c:program filesASUSAI RemoteAiRc.exe» [2007-09-03 3346432]
«ASUS UpdateChecker»=»c:program filesASUSUpdateCheckerUpdateChecker.exe» [2008-11-03 110592]
«Ai Nap»=»c:program filesASUSAI SuiteAiNapAiNap.exe» [2008-01-28 1413120]
«CPU Power Monitor»=»c:program filesASUSAI SuiteAiGear3CpuPowerMonitor.exe» [2008-01-09 627200]
«Cpu Level Up help»=»c:program filesASUSAI SuiteCpuLevelUpHelp.exe» [2007-11-30 881152]
«ASUS Energy Saving»=»c:program filesASUSAI SuiteEnergySavingPwSave.exe» [2008-01-28 1352704]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2008-04-15 110592]
«DiscWizardMonitor.exe»=»c:program filesSeagateDiscWizardDiscWizardMonitor.exe» [2007-09-04 1188864]
«AcronisTimounterMonitor»=»c:program filesSeagateDiscWizardTimounterMonitor.exe» [2007-09-04 1963768]
«Acronis Scheduler2 Service»=»c:program filesCommon FilesSeagateSchedule2schedhlp.exe» [2007-09-04 148760]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2009-07-14 98304]
«QuickTime Task»=»c:program filesQuickTimeQTTask.exe» [2009-11-10 417792]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2009-11-12 141600]
«UPSMON»=»c:program filesUPSMONUPSMON.exe» [2008-07-02 433664][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 37376]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» [2010-01-05 124928]
«IE7_013″=»rebuild.exe» [2007-11-01 114280]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-1-29 67128]
Logitech SetPoint.lnk — c:program filesLogitechSetPointSetPoint.exe [2009-3-24 809488][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLBTWlgn]
2009-02-18 21:30 72208 —-a-w- c:program filesCommon FilesLogitechBluetoothLBTWLgn.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
@=»»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«c:\Program Files\Starlink VideoLAN\vlc.exe»=
«e:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«e:\Ventrilo\Ventrilo.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«e:\Gears of War\Binaries\WarGame-G4WLive.exe»=
«e:\uTorrent\uTorrent.exe»=
«e:\Race Driver GRID\GRID.exe»=
«e:\SREETFIGHTERIV\StreetFighterIV.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\xrEngine.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\dedicated\xrEngine.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«e:\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\xrEngine.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\dedicated\xrEngine.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx9.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx10.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Launcher.exe»=
«c:\Program Files\ICQ7.0\ICQ.exe»=
«c:\Program Files\ICQ7.0\aolload.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«d:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26689:TCP»= 26689:TCPR0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc);c:windowssystem32driverspe3ajtsc.sys [15.08.2007 15:11 64640]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc);c:windowssystem32driversps7ajtsc.sys [15.08.2007 15:11 68744]
R0 sptd;sptd;c:windowssystem32driverssptd.sys [23.11.2008 20:22 721904]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [08.10.2009 2:40 3069040]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [18.08.2008 13:27 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [18.08.2008 13:25 468224]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc);c:windowssystem32pr2ajtsc.exe svc —> c:windowssystem32pr2ajtsc.exe svc [?]— Other Services/Drivers In Memory —
*NewlyCreated* — UPSMONSERVICE
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
DcomLaunch REG_MULTI_SZ DcomLaunch TermService Netprotocol
.
Contents of the ‘Scheduled Tasks’ folder2010-02-27 c:windowsTasksb4a_bp6.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-27 c:windowsTasksb4a_Мои документы.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-28 c:windowsTasksOGALogon.job
— c:windowssystem32OGAEXEC.exe [2009-08-03 11:07]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.lofisnet.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:download masterdmieall.htm
IE: Закачать при помощи Download Master — d:download masterdmie.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} — c:program filesICQ7.0ICQ.exe
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:download masterdmaster.exe
TCP: {A80D0705-8D40-4C7D-AFE9-E8D841452343} = 80.79.176.2,80.79.176.3
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
FF — ProfilePath — c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.default
FF — prefs.js: browser.search.selectedEngine — QIP Search
FF — prefs.js: browser.startup.homepage — hxxp://info.starlink.ru/
FF — prefs.js: keyword.URL — hxxp://search.qip.ru/search?from=FF&query=
FF — component: c:program filesMozilla Firefoxcomponentsqippipe.dll
FF — component: c:program filesMozilla Firefoxextensions{B13721C7-F507-4982-B2E5-502A71474FED}componentsNPComponent.dll
FF — component: c:program filesNokiaNokia PC Suite 7bkmrksynccomponentsBkMrkExt.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesStarlink VideoLANnpvlc.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension—- FIREFOX POLICIES —-
FF — user.js: general.useragent.extra.zencast — Creative ZENcast v2.01.01.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 15:17
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spro.sys >>UNKNOWN [0x8ADB6938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
DriverDisk -> CLASSPNP.SYS @ 0xba11cf28
DriverACPI -> ACPI.sys @ 0xb9e66cb8
Driveratapi -> atapi.sys @ 0xb9de5b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
DeviceHarddisk0DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9cdbbb0
PacketIndicateHandler -> NDIS.sys @ 0xb9ce8b21
SendHandler -> NDIS.sys @ 0xb9cc687b
user & kernel MBR OK**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(936)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:program filescommon fileslogitechbluetoothLBTWlgn.dll
c:program filescommon fileslogitechbluetoothLBTServ.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(1008)
c:windowssystem32setupapi.dll— — — — — — — > ‘explorer.exe'(2180)
c:windowssystem32WININET.dll
c:program filesLogitechSetPointIMHook.dll
c:program filesVisualTaskTipsVttHooks.dll
c:program filesLogitechSetPointlgscroll.dll
c:windowssystem32COMRes.dll
c:windowsSystem32cscui.dll
c:program filesLogitechiTouchiTchHk.dll
c:windowssystem32SETUPAPI.dll
c:windowssystem32msi.dll
c:windowssystem32WPDShServiceObj.dll
c:program filesNokiaNokia PC Suite 7PhoneBrowser.dll
c:program filesNokiaNokia PC Suite 7NGSCM.DLL
c:program filesNokiaNokia PC Suite 7LangPhoneBrowser_rus.nlr
c:program filesNokiaNokia PC Suite 7ResourcePhoneBrowser_Nokia.ngr
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
c:windowssystem32credui.dll
c:windowssystem32MSVCP60.dll
.
Other Running Processes
.
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesLogitechBluetoothLBTServ.exe
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesSeagateSchedule2schedul2.exe
c:program filesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
c:program filesBonjourmDNSResponder.exe
c:windowssystem32inetsrvinetinfo.exe
c:program filesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
c:windowssystem32PnkBstrA.exe
e:alcohol 120StarWindStarWindServiceAE.exe
c:windowssystem32dllhost.exe
c:windowsSystem32vssvc.exe
c:windowssystem32dllhost.exe
c:windowssystem32msdtc.exe
c:program filesLogitechSetPointLBTWiz.exe
c:windowssystem32rundll32.exe
c:program filesASUSAASP1.00.59aaCenter.exe
c:program filesASUSAI RemoteAiRemote.exe
c:program filesATI TechnologiesATI.ACECore-StaticMOM.exe
c:program filesUPSMONUPSMON_Service.Exe
c:program filesCommon FilesLogishrdKHAL2KHALMNPR.EXE
c:program filesATI TechnologiesATI.ACECore-Staticccc.exe
c:program filesiPodbiniPodService.exe
c:program filesUPSMONUPSUSBInt3.exe
c:program filesPC Connectivity SolutionServiceLayer.exe
c:program filesPC Connectivity SolutionTransportsNclUSBSrv.exe
c:program filesPC Connectivity SolutionTransportsNclRSSrv.exe
c:program filesPC Connectivity SolutionTransportsNclMSBTSrv.exe
.
**************************************************************************
.
Completion time: 2010-02-28 15:19:48 — machine was rebooted
ComboFix-quarantined-files.txt 2010-02-28 12:19
ComboFix2.txt 2010-02-28 05:44
ComboFix3.txt 2010-02-25 23:39Pre-Run: 14 951 153 664 байт свободно
Post-Run: 14 916 173 824 байт свободно— — End Of File — — 1A0BE42A0D65E8CD204647B1090BFF80
данные логи повторно сделаны… первый раз, файл Log не сохранился, по неизветсным мне причинам…
забыл сказать спасибо Вам) то что помогаете избавится от нечисти на компе)на даный момент, все так же остается проблема…
не захотит большинство сайтов антивирусов… сейчас вот только к касперскому проходит, до этого и к нему не заходил…
ну и не обновляется с офф-серверов нода…Продолжим 🙂
Да, если долго не отвечаю, напоминайте в личку.
Запустите редактор реестра, для этого кликните Пуск, затем Выполнить, введите regedit и нажмите Enter.
В левой панели открывайте по очереде следующие ключи реестра:HKEY_LOCAL_MACHINE
software
microsoft
windows nt
currentversion
svchostВ правой панели найдите параметр DcomLaunch, и кликните по нему дважды.
Откроется окно, отредактируйте текст, чтобы былоDcomLaunch
TermServiceКликните OK и закройте редактор реестра.
Перезагрузите компьютер.Жду свежий Combofix лог.
ComboFix 10-03-21.05 — Андрей 22.03.2010 21:18:51.4.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3071.2272 [GMT 3:00]
Running from: c:documents and settingsАндрейРабочий столComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:docume~186A9~1LOCALS~1TempSoftlandBackup4all 3LangTempBackup4all.RUS
c:documents and settingsАндрейLocal SettingstempSoftlandBackup4all 3LangTempBackup4all.RUS
c:windowssystem323795871a.exe
c:windowssystem325d6f8e5b.exe.
((((((((((((((((((((((((( Files Created from 2010-02-22 to 2010-03-22 )))))))))))))))))))))))))))))))
.2010-03-08 23:37 . 2010-03-08 23:37
d
w- c:program filesUbisoft
2010-03-08 23:36 . 2009-09-04 14:44 515416 —-a-w- c:windowssystem32XAudio2_5.dll
2010-03-08 23:36 . 2009-09-04 14:44 238936 —-a-w- c:windowssystem32xactengine3_5.dll
2010-03-08 23:36 . 2009-09-04 14:29 1974616 —-a-w- c:windowssystem32D3DCompiler_42.dll
2010-03-08 23:36 . 2009-09-04 14:29 5501792 —-a-w- c:windowssystem32d3dcsx_42.dll
2010-03-08 23:36 . 2009-09-04 14:29 235344 —-a-w- c:windowssystem32d3dx11_42.dll
2010-03-08 23:36 . 2009-09-04 14:29 453456 —-a-w- c:windowssystem32d3dx10_42.dll
2010-03-08 23:36 . 2009-09-04 14:29 1892184 —-a-w- c:windowssystem32D3DX9_42.dll
2010-03-02 10:47 . 2010-03-02 10:47
d
w- c:documents and settingsAll UsersApplication DataATI
2010-03-02 10:39 . 2010-02-03 03:19 143360 —-a-w- c:windowssystem32atiapfxx.exe
2010-03-02 10:39 . 2010-03-02 10:47
d
w- c:program filesATI
2010-03-02 08:56 . 2009-04-06 06:08 4682 —-a-w- c:windowssystem32npptNT2.sys.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-22 18:09 . 2009-05-21 18:40
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-03-22 18:07 . 2010-02-15 15:06
d
w- c:program filesUPSMON
2010-03-16 07:35 . 2008-12-09 15:26
d
w- c:program filesQIP Infium
2010-03-15 11:57 . 2008-11-23 20:09
d
w- c:program filesStarlink VideoLAN
2010-03-09 20:01 . 2008-11-23 19:36
d
w- c:documents and settingsAll UsersApplication DataMicrosoft Help
2010-03-08 23:54 . 2010-02-03 20:04
d
w- c:documents and settingsAll UsersApplication DataUbisoft
2010-03-08 23:37 . 2008-11-23 17:54
d—h—w- c:program filesInstallShield Installation Information
2010-03-07 10:54 . 2009-08-28 19:25
d
w- c:program filesBonjour
2010-03-07 10:49 . 2009-10-05 17:52
d
w- c:documents and settingsAll UsersApplication DataCreative
2010-03-02 10:41 . 2009-08-25 07:55
d
w- c:program filesATI Technologies
2010-02-28 05:24 . 2008-11-23 17:16 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-02-16 12:59 . 2010-02-16 09:10
d
w- c:program filesICQ7.0
2010-02-14 10:28 . 2010-02-14 10:28 31744 —-a-w- c:windowssystem32bd4d22d1.exe
2010-02-13 22:47 . 2010-02-13 22:47
d
w- c:program filestrend micro
2010-02-13 07:44 . 2008-11-23 18:02
d
w- c:program filesESET
2010-02-12 23:03 . 2010-02-12 23:03 83968 —-a-w- c:windowssystem32dubpDkV.exe
2010-02-11 20:34 . 2010-02-11 20:34
d
w- c:program filesCommon Fileswm
2010-02-09 09:10 . 2008-11-23 19:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-02-09 09:10 . 2009-01-08 22:41
d
w- c:program filesCommon FilesNokia
2010-02-09 09:10 . 2008-11-23 19:23
d
w- c:program filesNokia
2010-02-09 09:08 . 2010-02-09 09:08 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-02-09 09:08 . 2010-02-09 09:08 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-02-09 09:08 . 2010-02-09 09:08 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesCommon FilesPCSuite
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesPC Connectivity Solution
2010-02-09 08:59 . 2010-02-09 09:09 24536384 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_ru.exe
2010-02-09 08:59 . 2010-02-09 08:59 95232 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-02-09 08:59 . 2010-02-09 08:59 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-02-09 08:58 . 2010-02-09 08:59 34864192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-02-03 04:52 . 2009-07-15 04:20 4605952 —-a-w- c:windowssystem32driversati2mtag.sys
2010-02-03 04:12 . 2009-07-15 01:22 45056 —-a-w- c:windowssystem32aticalrt.dll
2010-02-03 04:12 . 2009-07-15 01:22 45056 —-a-w- c:windowssystem32aticalcl.dll
2010-02-03 04:10 . 2009-07-15 01:20 3633152 —-a-w- c:windowssystem32aticaldd.dll
2010-02-03 04:07 . 2009-07-15 02:00 311296 —-a-w- c:windowssystem32atiiiexx.dll
2010-02-03 04:02 . 2009-07-15 01:48 14188544 —-a-w- c:windowssystem32atioglxx.dll
2010-02-03 03:50 . 2009-07-15 01:58 3566048 —-a-w- c:windowssystem32ati3duag.dll
2010-02-03 03:40 . 2009-07-15 02:29 446464 —-a-w- c:windowssystem32ATIDEMGX.dll
2010-02-03 03:39 . 2009-07-15 02:27 301568 —-a-w- c:windowssystem32ati2dvag.dll
2010-02-03 03:35 . 2009-07-15 01:44 2176640 —-a-w- c:windowssystem32ativvaxx.dll
2010-02-03 03:34 . 2009-07-15 01:43 887724 —-a-w- c:windowssystem32ativva6x.dat
2010-02-03 03:34 . 2009-07-15 01:43 3 —-a-w- c:windowssystem32ativva5x.dat
2010-02-03 03:32 . 2009-07-15 01:18 397312 —-a-w- c:windowssystem32atiok3x2.dll
2010-02-03 03:23 . 2009-07-15 02:10 208896 —-a-w- c:windowssystem32atipdlxx.dll
2010-02-03 03:23 . 2009-07-15 02:10 155648 —-a-w- c:windowssystem32Oemdspif.dll
2010-02-03 03:23 . 2009-07-15 02:10 26112 —-a-w- c:windowssystem32Ati2mdxx.exe
2010-02-03 03:23 . 2009-07-15 02:10 43520 —-a-w- c:windowssystem32ati2edxx.dll
2010-02-03 03:22 . 2009-07-15 02:09 159744 —-a-w- c:windowssystem32ati2evxx.dll
2010-02-03 03:21 . 2009-07-15 02:08 602112 —-a-w- c:windowssystem32ati2evxx.exe
2010-02-03 03:19 . 2009-07-15 02:06 53248 —-a-w- c:windowssystem32ATIDDC.DLL
2010-02-03 03:18 . 2009-07-15 01:27 65024 —-a-w- c:windowssystem32atimpc32.dll
2010-02-03 03:18 . 2009-07-15 01:27 65024 —-a-w- c:windowssystem32amdpcom32.dll
2010-02-03 03:17 . 2009-07-15 01:19 53248 —-a-w- c:windowssystem32driversati2erec.dll
2010-02-03 03:15 . 2009-07-15 01:23 565248 —-a-w- c:windowssystem32atikvmag.dll
2010-02-03 03:12 . 2009-07-15 01:21 180224 —-a-w- c:windowssystem32atiadlxx.dll
2010-02-03 03:12 . 2009-07-15 01:20 17408 —-a-w- c:windowssystem32atitvo32.dll
2010-02-03 03:06 . 2009-07-15 01:14 638976 —-a-w- c:windowssystem32ati2cqag.dll
2010-01-17 08:47 . 2010-01-17 08:47 41704 —ha-w- c:windowssystem32mlfcache.dat
2010-01-05 09:48 . 2008-07-20 07:07 841216
w- c:windowssystem32wininet.dll
2010-01-05 09:48 . 2008-07-20 07:07 78336 —-a-w- c:windowssystem32ieencode.dll
2010-01-05 09:48 . 2008-07-20 07:07 17408 —-a-w- c:windowssystem32corpol.dll
2009-12-31 16:50 . 2008-04-15 12:00 353792 —-a-w- c:windowssystem32driverssrv.sys
2009-12-30 05:11 . 2009-12-30 05:11 79144 —-a-w- c:documents and settingsAll UsersApplication DataApple ComputerInstaller CacheiTunes 9.0.2.25SetupAdmin.exe
.
Sigcheck
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32SfcFiles.dll
[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcacheSfcFiles.dll[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-02-28_05.41.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 21:02 . 2009-07-11 21:02 51008 c:windowsWinSxSx86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aavcomp90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 59728 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90rus.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 42832 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90kor.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 43344 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90jpn.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 61264 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90ita.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 62800 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90fra.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 61760 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90esp.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 61776 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90esn.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 53568 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90enu.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 63296 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90deu.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 36688 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90cht.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 35648 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90chs.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05 59904 c:windowsWinSxSx86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53mfcm90u.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05 59904 c:windowsWinSxSx86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53mfcm90.dll
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsWinSxSMSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8MOM.EXE
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsWinSxSMSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8MOM.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 86016 c:windowsWinSxSMSIL_LOG_90ba9c70f846762e_2.0.3685.42369_x-ww_502e3afbLOG.EXE
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsWinSxSMSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733CLI.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsWinSxSMSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733CLI.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsWinSxSMSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0CCC.EXE
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsWinSxSMSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0CCC.EXE
+ 2009-08-08 10:51 . 2009-09-04 14:44 69464 c:windowssystem32XAPOFX1_3.dll
+ 2008-12-28 19:48 . 2008-07-31 07:41 68616 c:windowssystem32XAPOFX1_1.dll
— 2008-12-28 19:48 . 2008-07-30 03:20 68616 c:windowssystem32XAPOFX1_1.dll
+ 2009-10-07 17:18 . 2009-03-16 11:18 22360 c:windowssystem32X3DAudio1_6.dll
— 2009-10-07 17:18 . 2009-03-16 10:18 22360 c:windowssystem32X3DAudio1_6.dll
— 2008-12-29 14:35 . 2009-05-26 11:43 17784 c:windowssystem32spmsg.dll
+ 2008-12-29 14:35 . 2008-07-08 13:21 17784 c:windowssystem32spmsg.dll
+ 2010-03-02 10:39 . 2001-11-09 15:01 24064 c:windowssystem32ReinstallBackups021DriverFilesB_85444ativcoxx.dll
+ 2010-03-02 10:39 . 2009-07-15 01:20 17408 c:windowssystem32ReinstallBackups021DriverFilesB_85444atitvo32.dll
+ 2010-03-02 10:39 . 2009-02-03 20:52 45056 c:windowssystem32ReinstallBackups021DriverFilesB_85444ATIODCLI.exe
+ 2010-03-02 10:39 . 2009-07-15 01:27 49664 c:windowssystem32ReinstallBackups021DriverFilesB_85444atimpc32.dll
+ 2010-03-02 10:39 . 2009-07-15 02:06 53248 c:windowssystem32ReinstallBackups021DriverFilesB_85444ATIDDC.DLL
+ 2010-03-02 10:39 . 2009-07-15 01:22 45056 c:windowssystem32ReinstallBackups021DriverFilesB_85444aticalrt.dll
+ 2010-03-02 10:39 . 2009-07-15 01:22 45056 c:windowssystem32ReinstallBackups021DriverFilesB_85444aticalcl.dll
+ 2010-03-02 10:39 . 2009-07-15 02:10 26112 c:windowssystem32ReinstallBackups021DriverFilesB_85444Ati2mdxx.exe
+ 2010-03-02 10:39 . 2009-07-15 01:19 53248 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2erec.dll
+ 2010-03-02 10:39 . 2009-07-15 02:10 43520 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2edxx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:23 81024 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228oemdspif.dll
+ 2010-03-02 10:39 . 2001-11-09 16:01 12614 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ativcoxx.dll
+ 2010-03-02 10:39 . 2009-02-18 18:55 81447 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiode.exe
+ 2010-03-02 10:39 . 2009-02-03 21:52 25093 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiodcli.exe
+ 2010-03-02 10:39 . 2010-02-03 03:18 41501 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atimpc32.dll
+ 2010-03-02 10:39 . 2010-02-03 03:19 28700 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiddc.dll
+ 2010-03-02 10:39 . 2010-02-03 04:12 23096 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228aticalrt.dll
+ 2010-03-02 10:39 . 2010-02-03 04:12 22691 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228aticalcl.dll
+ 2010-03-02 10:39 . 2009-05-11 22:35 71662 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atibtmon.exe
+ 2010-03-02 10:39 . 2010-02-03 03:19 54490 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiapfxx.exe
+ 2010-03-02 10:39 . 2010-02-03 03:12 98311 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiadlxx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:23 16309 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2mdxx.exe
+ 2010-03-02 10:39 . 2010-02-03 03:22 80879 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2evxx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:17 13650 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2erec.dll
+ 2010-03-02 10:39 . 2010-02-03 03:23 28841 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2edxx.dll
+ 2008-11-23 17:26 . 2010-03-03 19:17 32768 c:windowssystem32configsystemprofileLocal SettingsTemporary Internet FilesContent.IE5index.dat
— 2008-11-23 17:26 . 2010-02-14 10:28 32768 c:windowssystem32configsystemprofileLocal SettingsTemporary Internet FilesContent.IE5index.dat
— 2008-11-23 17:26 . 2010-02-14 10:28 32768 c:windowssystem32configsystemprofileLocal SettingsHistoryHistory.IE5index.dat
+ 2008-11-23 17:26 . 2010-03-03 19:17 32768 c:windowssystem32configsystemprofileLocal SettingsHistoryHistory.IE5index.dat
+ 2010-03-03 19:17 . 2010-03-03 19:17 16384 c:windowssystem32configsystemprofileCookiesindex.dat
+ 2001-11-09 15:01 . 2001-11-09 16:01 24064 c:windowssystem32ativcoxx.dll
— 2001-11-09 15:01 . 2001-11-09 15:01 24064 c:windowssystem32ativcoxx.dll
+ 2009-02-03 20:52 . 2009-02-03 21:52 45056 c:windowssystem32ATIODCLI.exe
— 2009-02-03 20:52 . 2009-02-03 20:52 45056 c:windowssystem32ATIODCLI.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{E7231089-60AD-CD67-8CC0-B0F415E2A32A}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{E4C82E4B-CD9E-27ED-BC6A-E099DE3EC3ED}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{D0E6B5D9-6737-AF3E-7BE5-7327DD6B6002}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{A9867BC9-0EAD-BAC6-C320-4FBC2E127643}ARPPRODUCTICON.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}ARPPRODUCTICON.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 35088 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}oisicon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 35088 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}oisicon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 18704 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}mspicons.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 18704 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}mspicons.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 20240 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}cagicon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 20240 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}cagicon.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{8D7133DE-27D2-47E5-B248-4180278D32AA}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{855AA20A-CA81-7EF1-1936-AE4AA3DC4BEA}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{5B9EFDF8-AC4F-CA21-9A8C-7534D49E7EE9}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 44758 c:windowsInstaller{302126A2-BB96-5931-6249-CAACA2C89AA1}NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{302126A2-BB96-5931-6249-CAACA2C89AA1}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{2CF6349E-8A3F-B726-F59A-8703FC8885E8}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{257DEF70-A302-CF80-79FE-D8C72EB5E4D0}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{1A48AB8A-DA88-545F-9D3D-C481DC6C31A3}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 19968 c:windowsassemblyGAC_MSILPCKGHLP.Foundation.Implementation2.0.3685.42388__90ba9c70f846762ePCKGHLP.Foundation.Implementation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 15360 c:windowsassemblyGAC_MSILNEWAEM.Foundation2.0.3685.42236__90ba9c70f846762eNEWAEM.Foundation.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsassemblyGAC_MSILMOM2.0.0.0__90ba9c70f846762eMOM.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILMOM2.0.0.0__90ba9c70f846762eMOM.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 86016 c:windowsassemblyGAC_MSILLOG2.0.3685.42369__90ba9c70f846762eLOG.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 32768 c:windowsassemblyGAC_MSILLOG.Foundation2.0.3685.42235__90ba9c70f846762eLOG.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 36864 c:windowsassemblyGAC_MSILLOG.Foundation.Private2.0.3685.42239__90ba9c70f846762eLOG.Foundation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILLOG.Foundation.Implementation2.0.3685.42369__90ba9c70f846762eLOG.Foundation.Implementation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILLOG.Foundation.Implementation.Private2.0.3685.42240__90ba9c70f846762eLOG.Foundation.Implementation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILDEM.OS2.0.3337.29364__90ba9c70f846762eDEM.OS.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 16384 c:windowsassemblyGAC_MSILDEM.OS2.0.3337.29364__90ba9c70f846762eDEM.OS.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 20480 c:windowsassemblyGAC_MSILDEM.OS.I06022.0.3337.29328__90ba9c70f846762eDEM.OS.I0602.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILDEM.OS.I06022.0.3337.29328__90ba9c70f846762eDEM.OS.I0602.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILDEM.Graphics.I07062.0.2743.23304__90ba9c70f846762eDEM.Graphics.I0706.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 16384 c:windowsassemblyGAC_MSILDEM.Graphics.I07062.0.2743.23304__90ba9c70f846762eDEM.Graphics.I0706.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILDEM.Graphics.I07032.0.2651.18802__90ba9c70f846762eDEM.Graphics.I0703.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 20480 c:windowsassemblyGAC_MSILDEM.Graphics.I07032.0.2651.18802__90ba9c70f846762eDEM.Graphics.I0703.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILDEM.Graphics.I07022.0.2594.25693__90ba9c70f846762eDEM.Graphics.I0702.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 16384 c:windowsassemblyGAC_MSILDEM.Graphics.I07022.0.2594.25693__90ba9c70f846762eDEM.Graphics.I0702.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILDEM.Graphics.I06012.0.2573.17685__90ba9c70f846762eDEM.Graphics.I0601.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 45056 c:windowsassemblyGAC_MSILDEM.Graphics.I06012.0.2573.17685__90ba9c70f846762eDEM.Graphics.I0601.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 16384 c:windowsassemblyGAC_MSILDEM.Foundation2.0.2573.17684__90ba9c70f846762eDEM.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILDEM.Foundation2.0.2573.17684__90ba9c70f846762eDEM.Foundation.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsassemblyGAC_MSILCLI2.0.0.0__90ba9c70f846762eCLI.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI2.0.0.0__90ba9c70f846762eCLI.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Implementation2.0.3685.42240__90ba9c70f846762eCLI.Implementation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 98304 c:windowsassemblyGAC_MSILCLI.Foundation2.0.3685.42237__90ba9c70f846762eCLI.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Foundation.XManifest2.0.3685.42371__90ba9c70f846762eCLI.Foundation.XManifest.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Foundation.Private2.0.3685.42241__90ba9c70f846762eCLI.Foundation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Component.Wizard.Shared2.0.3685.42238__90ba9c70f846762eCLI.Component.Wizard.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 11776 c:windowsassemblyGAC_MSILCLI.Component.Wizard.Shared.Private2.0.3685.42269__90ba9c70f846762eCLI.Component.Wizard.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 57344 c:windowsassemblyGAC_MSILCLI.Component.SkinFactory2.0.3685.42247__90ba9c70f846762eCLI.Component.SkinFactory.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Component.Runtime2.0.3685.42246__90ba9c70f846762eCLI.Component.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 49152 c:windowsassemblyGAC_MSILCLI.Component.Runtime.Shared.Private2.0.3685.42245__90ba9c70f846762eCLI.Component.Runtime.Shared.Private.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 81920 c:windowsassemblyGAC_MSILCLI.Component.PowerXpressHybrid2.0.3685.42406__90ba9c70f846762eCLI.Component.PowerXpressHybrid.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Component.Load2.0.3685.42369__90ba9c70f846762eCLI.Component.Load.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Component.Icomponent2.0.3685.42278__90ba9c70f846762eCLI.Component.Icomponent.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Component.Help2.0.3685.42368__90ba9c70f846762eCLI.Component.Help.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Component.Erecord2.0.3685.42291__90ba9c70f846762eCLI.Component.Erecord.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.Shared2.0.3685.42238__90ba9c70f846762eCLI.Component.Dashboard.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 10240 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.Shared.Private2.0.3685.42255__90ba9c70f846762eCLI.Component.Dashboard.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.ProfileManager.Resources2.0.3685.42299__90ba9c70f846762eCLI.Component.Dashboard.ProfileManager.Resources.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.HotKeyManager.Resources2.0.3685.42298__90ba9c70f846762eCLI.Component.Dashboard.HotKeyManager.Resources.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Component.Client.Shared.Private2.0.3685.42254__90ba9c70f846762eCLI.Component.Client.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Component.AutoRemoval2.0.3685.42352__90ba9c70f846762eCLI.Component.Autoremoval.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 11776 c:windowsassemblyGAC_MSILCLI.Caste.HydraVision.Runtime2.0.3685.42396__90ba9c70f846762eCLI.Caste.HydraVision.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 40960 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Wizard2.0.3685.42271__90ba9c70f846762eCLI.Caste.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Wizard.Shared2.0.3685.42270__90ba9c70f846762eCLI.Caste.Graphics.Wizard.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 73728 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Dashboard2.0.3685.42261__90ba9c70f846762eCLI.Caste.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Dashboard.Shared2.0.3685.42261__90ba9c70f846762eCLI.Caste.Graphics.Dashboard.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.WorkstationConfig2.Graphics.Shared2.0.3685.42401__90ba9c70f846762eCLI.Aspect.WorkstationConfig2.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 36864 c:windowsassemblyGAC_MSILCLI.Aspect.WorkstationConfig2.Graphics.Runtime2.0.3685.42402__90ba9c70f846762eCLI.Aspect.WorkstationConfig2.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 90112 c:windowsassemblyGAC_MSILCLI.Aspect.WorkstationConfig2.Graphics.Dashboard2.0.3685.42401__90ba9c70f846762eCLI.Aspect.WorkstationConfig2.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 13312 c:windowsassemblyGAC_MSILCLI.Aspect.Welcome.Graphics.Runtime2.0.3685.42422__90ba9c70f846762eCLI.Aspect.Welcome.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 65536 c:windowsassemblyGAC_MSILCLI.Aspect.Welcome.Graphics.Dashboard2.0.3685.42380__90ba9c70f846762eCLI.Aspect.Welcome.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Aspect.VPURecover.Graphics.Shared2.0.3685.42277__90ba9c70f846762eCLI.Aspect.VPURecover.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 28672 c:windowsassemblyGAC_MSILCLI.Aspect.VPURecover.Graphics.Runtime2.0.3685.42277__90ba9c70f846762eCLI.Aspect.VPURecover.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 61440 c:windowsassemblyGAC_MSILCLI.Aspect.VPURecover.Graphics.Dashboard2.0.3685.42278__90ba9c70f846762eCLI.Aspect.VPURecover.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.VeryLargeDesktop.Graphics.Shared2.0.3685.42320__90ba9c70f846762eCLI.Aspect.VeryLargeDesktop.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.VeryLargeDesktop.Graphics.Runtime2.0.3685.42320__90ba9c70f846762eCLI.Aspect.VeryLargeDesktop.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Aspect.TransCode.Graphics.Shared2.0.3685.42378__90ba9c70f846762eCLI.Aspect.TransCode.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.SmartGart.Graphics.Shared2.0.3685.42290__90ba9c70f846762eCLI.Aspect.SmartGart.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.SmartGart.Graphics.Runtime2.0.3685.42291__90ba9c70f846762eCLI.Aspect.SmartGart.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 94208 c:windowsassemblyGAC_MSILCLI.Aspect.Radeon3D.Graphics.Wizard2.0.3685.42332__90ba9c70f846762eCLI.Aspect.Radeon3D.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 57344 c:windowsassemblyGAC_MSILCLI.Aspect.Radeon3D.Graphics.Shared2.0.3685.42330__90ba9c70f846762eCLI.Aspect.Radeon3D.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 65536 c:windowsassemblyGAC_MSILCLI.Aspect.Radeon3D.Graphics.Runtime2.0.3685.42330__90ba9c70f846762eCLI.Aspect.Radeon3D.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 12800 c:windowsassemblyGAC_MSILCLI.Aspect.PowerXpress.Graphics.Shared2.0.3685.42345__90ba9c70f846762eCLI.Aspect.PowerXpress.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.PowerXpress.Graphics.Runtime2.0.3685.42392__90ba9c70f846762eCLI.Aspect.PowerXpress.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlayDPPE.Graphics.Shared2.0.3685.42344__90ba9c70f846762eCLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 45056 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlayDPPE.Graphics.Runtime2.0.3685.42377__90ba9c70f846762eCLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay4.Graphics.Shared2.0.3685.42345__90ba9c70f846762eCLI.Aspect.PowerPlay4.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 49152 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay4.Graphics.Runtime2.0.3685.42380__90ba9c70f846762eCLI.Aspect.PowerPlay4.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay3.Graphics.Shared2.0.3685.42322__90ba9c70f846762eCLI.Aspect.PowerPlay3.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 49152 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay3.Graphics.Runtime2.0.3685.42323__90ba9c70f846762eCLI.Aspect.PowerPlay3.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive5.Graphics.Shared2.0.3685.42393__90ba9c70f846762eCLI.Aspect.OverDrive5.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 77824 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive5.Graphics.Runtime2.0.3685.42394__90ba9c70f846762eCLI.Aspect.OverDrive5.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive3.Graphics.Shared2.0.3685.42291__90ba9c70f846762eCLI.Aspect.OverDrive3.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 69632 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive3.Graphics.Runtime2.0.3685.42292__90ba9c70f846762eCLI.Aspect.OverDrive3.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU4.Graphics.Shared2.0.3685.42363__90ba9c70f846762eCLI.Aspect.MultiVPU4.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU4.Graphics.Runtime2.0.3685.42399__90ba9c70f846762eCLI.Aspect.MultiVPU4.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 12800 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU3.Graphics.Shared2.0.3685.42344__90ba9c70f846762eCLI.Aspect.MultiVPU3.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU3.Graphics.Runtime2.0.3685.42372__90ba9c70f846762eCLI.Aspect.MultiVPU3.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU2.Graphics.Shared2.0.3685.42313__90ba9c70f846762eCLI.Aspect.MultiVPU2.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU2.Graphics.Runtime2.0.3685.42314__90ba9c70f846762eCLI.Aspect.MultiVPU2.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.MultiDesk.HydraVision.Runtime2.0.3685.42405__90ba9c70f846762eCLI.Aspect.MultiDesk.HydraVision.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Aspect.MMVideo.Graphics.Shared2.0.3685.42300__90ba9c70f846762eCLI.Aspect.MMVideo.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 98304 c:windowsassemblyGAC_MSILCLI.Aspect.MMVideo.Graphics.Runtime2.0.3685.42312__90ba9c70f846762eCLI.Aspect.MMVideo.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 10240 c:windowsassemblyGAC_MSILCLI.Aspect.MDProp.HydraVision.Shared2.0.3685.42403__90ba9c70f846762eCLI.Aspect.MDProp.HydraVision.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.MDProp.HydraVision.Runtime2.0.3685.42404__90ba9c70f846762eCLI.Aspect.MDProp.HydraVision.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Aspect.HotkeysHandling.Graphics.Shared2.0.3685.42248__90ba9c70f846762eCLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 20480 c:windowsassemblyGAC_MSILCLI.Aspect.HotkeysHandling.Graphics.Runtime2.0.3685.42263__90ba9c70f846762eCLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 10240 c:windowsassemblyGAC_MSILCLI.Aspect.Grid.HydraVision.Shared2.0.3685.42396__90ba9c70f846762eCLI.Aspect.Grid.HydraVision.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 36864 c:windowsassemblyGAC_MSILCLI.Aspect.Grid.HydraVision.Runtime2.0.3685.42397__90ba9c70f846762eCLI.Aspect.Grid.HydraVision.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 69632 c:windowsassemblyGAC_MSILCLI.Aspect.FramelockGenlock.Graphics.Shared2.0.3685.42411__90ba9c70f846762eCLI.Aspect.FramelockGenlock.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 73728 c:windowsassemblyGAC_MSILCLI.Aspect.FramelockGenlock.Graphics.Runtime2.0.3685.42412__90ba9c70f846762eCLI.Aspect.FramelockGenlock.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysOptions.Graphics.Shared2.0.3685.42319__90ba9c70f846762eCLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysOptions.Graphics.Runtime2.0.3685.42319__90ba9c70f846762eCLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 94208 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysOptions.Graphics.Dashboard2.0.3685.42320__90ba9c70f846762eCLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysColour2.Graphics.Shared2.0.3685.42262__90ba9c70f846762eCLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysColour2.Graphics.Runtime2.0.3685.42284__90ba9c70f846762eCLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceTV.Graphics.Shared2.0.3685.42352__90ba9c70f846762eCLI.Aspect.DeviceTV.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 77824 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceTV.Graphics.Runtime2.0.3685.42353__90ba9c70f846762eCLI.Aspect.DeviceTV.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 49152 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceProperty.Graphics.Shared2.0.3685.42261__90ba9c70f846762eCLI.Aspect.DeviceProperty.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 53248 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceProperty.Graphics.Runtime2.0.3685.42310__90ba9c70f846762eCLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceLCD.Graphics.Shared2.0.3685.42262__90ba9c70f846762eCLI.Aspect.DeviceLCD.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 36864 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceLCD.Graphics.Runtime2.0.3685.42321__90ba9c70f846762eCLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 53248 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceDFP.Graphics.Shared2.0.3685.42276__90ba9c70f846762eCLI.Aspect.DeviceDFP.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceDFP.Graphics.Runtime2.0.3685.42310__90ba9c70f846762eCLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCV.Graphics.Shared2.0.3685.42323__90ba9c70f846762eCLI.Aspect.DeviceCV.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 65536 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCV.Graphics.Runtime2.0.3685.42324__90ba9c70f846762eCLI.Aspect.DeviceCV.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 53248 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCRT.Graphics.Shared2.0.3685.42310__90ba9c70f846762eCLI.Aspect.DeviceCRT.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCRT.Graphics.Runtime2.0.3685.42312__90ba9c70f846762eCLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 12800 c:windowsassemblyGAC_MSILCLI.Aspect.DeskMan.HydraVision.Shared2.0.3685.42402__90ba9c70f846762eCLI.Aspect.DeskMan.HydraVision.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 36864 c:windowsassemblyGAC_MSILCLI.Aspect.DeskMan.HydraVision.Runtime2.0.3685.42403__90ba9c70f846762eCLI.Aspect.DeskMan.HydraVision.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 98304 c:windowsassemblyGAC_MSILCLI.Aspect.CustomFormatSelection.Graphics.Dashboard2.0.3685.42299__90ba9c70f846762eCLI.Aspect.CustomFormatSelection.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private2.0.3685.42299__90ba9c70f846762eCLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.CustomFormats.Graphics.Shared2.0.3685.42275__90ba9c70f846762eCLI.Aspect.CustomFormats.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 57344 c:windowsassemblyGAC_MSILCLI.Aspect.CrossFireX.Graphics.Dashboard2.0.3685.42416__90ba9c70f846762eCLI.Aspect.CrossFireX.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 15360 c:windowsassemblyGAC_MSILCLI.Aspect.ALICrossfire.Graphics.Shared2.0.3685.42363__90ba9c70f846762eCLI.Aspect.ALICrossfire.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 36864 c:windowsassemblyGAC_MSILCLI.Aspect.ALICrossfire.Graphics.Runtime2.0.3685.42410__90ba9c70f846762eCLI.Aspect.ALICrossfire.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 57344 c:windowsassemblyGAC_MSILCLI.Aspect.ALICrossfire.Graphics.Dashboard2.0.3685.42410__90ba9c70f846762eCLI.Aspect.ALICrossfire.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 12288 c:windowsassemblyGAC_MSILCLI.Aspect.AForce.Graphics.Runtime2.0.3685.42386__90ba9c70f846762eCLI.Aspect.AForce.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Aspect.AForce.Graphics.Dashboard2.0.3685.42386__90ba9c70f846762eCLI.Aspect.AForce.Graphics.Dashboard.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsassemblyGAC_MSILCCC2.0.0.0__90ba9c70f846762eCCC.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCCC2.0.0.0__90ba9c70f846762eCCC.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 19456 c:windowsassemblyGAC_MSILCCC.Implementation2.0.3685.42371__90ba9c70f846762eCCC.Implementation.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 14848 c:windowsassemblyGAC_MSILAxInterop.WBOCXLib1.0.0.0__90ba9c70f846762eAxInterop.WBOCXLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 14848 c:windowsassemblyGAC_MSILAxInterop.WBOCXLib1.0.0.0__90ba9c70f846762eAxInterop.WBOCXLib.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 45056 c:windowsassemblyGAC_MSILAxInterop.SHDocVw1.1.0.0__90ba9c70f846762eAxInterop.SHDocVw.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILAxInterop.SHDocVw1.1.0.0__90ba9c70f846762eAxInterop.SHDocVw.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 32768 c:windowsassemblyGAC_MSILATICCCom2.0.0.0__90ba9c70f846762eATICCCom.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 32768 c:windowsassemblyGAC_MSILATICCCom2.0.0.0__90ba9c70f846762eATICCCom.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILAPM.Server2.0.3685.42242__90ba9c70f846762eAPM.Server.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILAPM.Foundation2.0.3685.42237__90ba9c70f846762eAPM.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILAEM.UI2.0.3685.42370__90ba9c70f846762eAEM.UI.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILAEM.Server2.0.3685.42244__90ba9c70f846762eAEM.Server.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILAEM.Plugin.Source.Kit.Server2.0.3685.42387__90ba9c70f846762eAEM.Plugin.Source.Kit.Server.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILACE.Graphics.DisplaysManager.Shared2.0.2573.17685__90ba9c70f846762eACE.Graphics.DisplaysManager.Shared.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 24576 c:windowsassemblyGAC_MSILACE.Graphics.DisplaysManager.Shared2.0.2573.17685__90ba9c70f846762eACE.Graphics.DisplaysManager.Shared.DLL
+ 2010-03-08 23:34 . 2010-03-08 23:34 12800 c:windowsassemblyGACMicrosoft.DirectX.Diagnostics1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Diagnostics.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 12800 c:windowsassemblyGACMicrosoft.DirectX.Diagnostics1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Diagnostics.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 53248 c:windowsassemblyGACMicrosoft.DirectX.AudioVideoPlayback1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 53248 c:windowsassemblyGACMicrosoft.DirectX.AudioVideoPlayback1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-03-02 10:41 . 2010-03-02 10:41 13312 c:windowsassemblyGACInterop.WBOCXLib1.0.0.0__90ba9c70f846762eInterop.WBOCXLib.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 13312 c:windowsassemblyGACInterop.WBOCXLib1.0.0.0__90ba9c70f846762eInterop.WBOCXLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 49152 c:windowsassemblyGACInterop.NewIWshRuntimeLibrary1.0.0.0__90ba9c70f846762eInterop.NewIWshRuntimeLibrary.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 49152 c:windowsassemblyGACInterop.NewIWshRuntimeLibrary1.0.0.0__90ba9c70f846762eInterop.NewIWshRuntimeLibrary.DLL
+ 2010-03-08 09:25 . 2008-07-08 13:21 26488 c:windows$hf_mig$KB957097updatespcustom.dll
+ 2010-03-08 09:25 . 2008-07-08 13:21 17784 c:windows$hf_mig$KB957097spmsg.dll
+ 2010-03-02 10:39 . 2010-02-03 03:12 8347 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atitvo32.dll
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILResourceManagement.Foundation.Private2.0.3685.42246__90ba9c70f846762eResourceManagement.Foundation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6656 c:windowsassemblyGAC_MSILPCKGHLP.Foundation.Private2.0.3685.42254__90ba9c70f846762ePCKGHLP.Foundation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILMOM.Foundation2.0.3685.42240__90ba9c70f846762eMOM.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6656 c:windowsassemblyGAC_MSILDEM.Graphics2.0.3685.42247__90ba9c70f846762eDEM.Graphics.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILCLI.Component.Runtime.Shared2.0.3685.42243__90ba9c70f846762eCLI.Component.Runtime.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILCLI.Component.Runtime.Extension.EEU2.0.3685.42245__90ba9c70f846762eCLI.Component.Runtime.Extension.EEU.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7680 c:windowsassemblyGAC_MSILCLI.Component.Client.Shared2.0.3685.42238__90ba9c70f846762eCLI.Component.Client.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 7680 c:windowsassemblyGAC_MSILCLI.Caste.HydraVision.Wizard2.0.3685.42400__90ba9c70f846762eCLI.Caste.HydraVision.Wizard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 8704 c:windowsassemblyGAC_MSILCLI.Caste.HydraVision.Shared2.0.3685.42395__90ba9c70f846762eCLI.Caste.HydraVision.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 7680 c:windowsassemblyGAC_MSILCLI.Caste.HydraVision.Dashboard2.0.3685.42396__90ba9c70f846762eCLI.Caste.HydraVision.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 8704 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Runtime.Shared.Private2.0.3685.42277__90ba9c70f846762eCLI.Caste.Graphics.Runtime.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 9728 c:windowsassemblyGAC_MSILCLI.Aspect.Welcome.Graphics.Shared2.0.3685.42379__90ba9c70f846762eCLI.Aspect.Welcome.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 9728 c:windowsassemblyGAC_MSILCLI.Aspect.MultiDesk.HydraVision.Shared2.0.3685.42405__90ba9c70f846762eCLI.Aspect.MultiDesk.HydraVision.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7680 c:windowsassemblyGAC_MSILCLI.Aspect.AForce.Graphics.Shared2.0.3685.42345__90ba9c70f846762eCLI.Aspect.AForce.Graphics.Shared.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 7168 c:windowsassemblyGAC_MSILatixclib1.0.0.0__90ba9c70f846762eatixclib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILatixclib1.0.0.0__90ba9c70f846762eatixclib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILAEM.UI.Shared2.0.3685.42370__90ba9c70f846762eAEM.UI.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6144 c:windowsassemblyGAC_MSILAEM.Server.Shared2.0.3685.42243__90ba9c70f846762eAEM.Server.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6144 c:windowsassemblyGAC_MSILAEM.Plugin.WinMessages.Shared2.0.3685.42244__90ba9c70f846762eAEM.Plugin.WinMessages.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.Source.GD.Shared2.0.3685.42385__90ba9c70f846762eAEM.Plugin.Source.GD.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.Source.EEU.Shared2.0.3685.42385__90ba9c70f846762eAEM.Plugin.Source.EEU.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.REG.Shared2.0.3685.42387__90ba9c70f846762eAEM.Plugin.REG.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILAEM.Plugin.Hotkeys.Shared2.0.3685.42236__90ba9c70f846762eAEM.Plugin.Hotkeys.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.GD.Shared2.0.3685.42248__90ba9c70f846762eAEM.Plugin.GD.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.EEU.Shared2.0.3685.42244__90ba9c70f846762eAEM.Plugin.EEU.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6656 c:windowsassemblyGAC_MSILAEM.Plugin.DPPE.Shared2.0.3685.42377__90ba9c70f846762eAEM.Plugin.DPPE.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 8192 c:windowsassemblyGAC_MSILAEM.Actions.CCAA.Shared2.0.3685.42241__90ba9c70f846762eAEM.Actions.CCAA.Shared.DLL
+ 2009-07-11 21:02 . 2009-07-11 21:02 653120 c:windowsWinSxSx86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4emsvcr90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 569664 c:windowsWinSxSx86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4emsvcp90.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05 225280 c:windowsWinSxSx86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4emsvcm90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 159032 c:windowsWinSxSx86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2atl90.dll
+ 2009-08-08 10:51 . 2009-03-16 11:18 517448 c:windowssystem32XAudio2_4.dll
— 2009-08-08 10:51 . 2009-03-16 10:18 517448 c:windowssystem32XAudio2_4.dll
— 2008-12-28 19:48 . 2008-07-30 03:20 509448 c:windowssystem32XAudio2_2.dll
+ 2008-12-28 19:48 . 2008-07-31 07:40 509448 c:windowssystem32XAudio2_2.dll
+ 2009-08-08 10:51 . 2009-03-16 11:18 235352 c:windowssystem32xactengine3_4.dll
— 2009-08-08 10:51 . 2009-03-16 10:18 235352 c:windowssystem32xactengine3_4.dll
— 2008-12-28 19:48 . 2008-07-30 03:20 238088 c:windowssystem32xactengine3_2.dll
+ 2008-12-28 19:48 . 2008-07-31 07:41 238088 c:windowssystem32xactengine3_2.dll
+ 2010-03-02 10:39 . 2009-07-15 02:10 155648 c:windowssystem32ReinstallBackups021DriverFilesB_85444Oemdspif.dll
+ 2010-03-02 10:39 . 2009-07-15 01:43 887724 c:windowssystem32ReinstallBackups021DriverFilesB_85444ativva6x.dat
+ 2010-03-02 10:39 . 2009-07-15 02:10 204800 c:windowssystem32ReinstallBackups021DriverFilesB_85444atipdlxx.dll
+ 2010-03-02 10:39 . 2009-07-15 01:18 376832 c:windowssystem32ReinstallBackups021DriverFilesB_85444atiok3x2.dll
+ 2010-03-02 10:39 . 2009-02-18 17:55 294912 c:windowssystem32ReinstallBackups021DriverFilesB_85444ATIODE.exe
+ 2010-03-02 10:39 . 2009-07-15 01:23 561152 c:windowssystem32ReinstallBackups021DriverFilesB_85444atikvmag.dll
+ 2010-03-02 10:39 . 2009-07-15 02:00 311296 c:windowssystem32ReinstallBackups021DriverFilesB_85444atiiiexx.dll
+ 2010-03-02 10:39 . 2009-06-10 16:54 197655 c:windowssystem32ReinstallBackups021DriverFilesB_85444atiicdxx.dat
+ 2010-03-02 10:39 . 2009-07-15 02:29 446464 c:windowssystem32ReinstallBackups021DriverFilesB_85444ATIDEMGX.dll
+ 2010-03-02 10:39 . 2009-05-11 21:35 118784 c:windowssystem32ReinstallBackups021DriverFilesB_85444atibtmon.exe
+ 2010-03-02 10:39 . 2009-07-15 01:21 159744 c:windowssystem32ReinstallBackups021DriverFilesB_85444atiadlxx.dll
+ 2010-03-02 10:39 . 2009-07-15 02:08 602112 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2evxx.exe
+ 2010-03-02 10:39 . 2009-07-15 02:09 155648 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2evxx.dll
+ 2010-03-02 10:39 . 2009-07-15 02:27 336896 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2dvag.dll
+ 2010-03-02 10:39 . 2009-07-15 01:14 614400 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2cqag.dll
+ 2008-11-23 17:13 . 2010-03-22 18:07 207094 c:windowssystem32inetsrvMetaBase.bin+ 2010-03-02 10:39 . 2010-02-03 03:34 887724 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ativva6x.dat
+ 2010-03-02 10:39 . 2010-02-03 03:23 109058 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atipdlxx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:32 186995 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiok3x2.dll
+ 2010-03-02 10:39 . 2010-02-03 03:15 296448 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atikvmag.dll
+ 2010-03-02 10:39 . 2010-02-03 04:07 311296 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiiiexx.dll
+ 2010-03-02 10:39 . 2009-12-04 21:17 198341 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiicdxx.dat
+ 2010-03-02 10:39 . 2010-02-03 03:40 446464 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atidemgx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:21 317697 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2evxx.exe
+ 2010-03-02 10:39 . 2010-02-03 03:39 188602 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2dvag.dll
+ 2010-03-02 10:39 . 2010-02-03 03:06 329403 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2cqag.dll
+ 2009-08-08 10:51 . 2009-03-09 12:27 453456 c:windowssystem32d3dx10_41.dll
— 2009-08-08 10:51 . 2009-03-09 11:27 453456 c:windowssystem32d3dx10_41.dll
— 2008-12-28 19:48 . 2008-10-15 02:22 452440 c:windowssystem32d3dx10_40.dll
+ 2008-12-28 19:48 . 2008-10-15 03:22 452440 c:windowssystem32d3dx10_40.dll
— 2009-02-18 17:55 . 2009-02-18 17:55 294912 c:windowssystem32ATIODE.exe
+ 2009-02-18 17:55 . 2009-02-18 18:55 294912 c:windowssystem32ATIODE.exe
+ 2009-06-10 16:54 . 2009-12-04 21:17 198341 c:windowssystem32atiicdxx.dat
+ 2009-05-11 21:35 . 2009-05-11 22:35 118784 c:windowssystem32atibtmon.exe
— 2009-05-11 21:35 . 2009-05-11 21:35 118784 c:windowssystem32atibtmon.exe
+ 2010-03-02 10:42 . 2010-03-02 10:42 718336 c:windowsInstaller8ed3b.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 194560 c:windowsInstaller8ed1c.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 261632 c:windowsInstaller8ed12.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 252416 c:windowsInstaller8ed08.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 258560 c:windowsInstaller8ecfe.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 182784 c:windowsInstaller8ecf4.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 179712 c:windowsInstaller8ecea.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 287232 c:windowsInstaller8ece0.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 258048 c:windowsInstaller8ecd6.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 268288 c:windowsInstaller8eccc.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 322048 c:windowsInstaller8ecc2.msi
+ 2010-03-02 10:39 . 2010-03-02 10:39 434688 c:windowsInstaller8ebd4.msi
+ 2010-03-02 10:39 . 2010-03-02 10:39 219648 c:windowsInstaller8ebca.msi
+ 2010-03-08 23:36 . 2010-03-08 23:36 331264 c:windowsInstaller164748.msi
— 2008-11-23 19:40 . 2010-02-26 09:24 888080 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}wordicon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 888080 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}wordicon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 272648 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}pubs.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 272648 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}pubs.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 922384 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}pptico.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 922384 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}pptico.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 845584 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}outicon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 845584 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}outicon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 217864 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}misc.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 217864 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}misc.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 184080 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}joticon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 184080 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}joticon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 159504 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}inficon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 159504 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}inficon.exe
+ 2010-03-02 10:42 . 2010-03-02 10:42 238223 c:windowsInstaller{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 741376 c:windowsassemblyGAC_MSILResourceManagement.Foundation.Implementation2.0.3685.42415__90ba9c70f846762eResourceManagement.Foundation.Implementation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 106496 c:windowsassemblyGAC_MSILMOM.Implementation2.0.3685.42372__90ba9c70f846762eMOM.Implementation.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 131072 c:windowsassemblyGAC_MSILInterop.SHDocVw1.1.0.0__90ba9c70f846762eInterop.SHDocVw.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 131072 c:windowsassemblyGAC_MSILInterop.SHDocVw1.1.0.0__90ba9c70f846762eInterop.SHDocVw.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 405504 c:windowsassemblyGAC_MSILCLI.Component.Wizard2.0.3685.42270__90ba9c70f846762eCLI.Component.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 577536 c:windowsassemblyGAC_MSILCLI.Component.Systemtray2.0.3685.42364__90ba9c70f846762eCLI.Component.Systemtray.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 278528 c:windowsassemblyGAC_MSILCLI.Component.Launchpad2.0.3685.42393__90ba9c70f846762eCLI.Component.Launchpad.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 147456 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.ProfileManager2.0.3685.42298__90ba9c70f846762eCLI.Component.Dashboard.ProfileManager.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 155648 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.HotKeyManager2.0.3685.42297__90ba9c70f846762eCLI.Component.Dashboard.HotKeyManager.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 151552 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Shared2.0.3685.42239__90ba9c70f846762eCLI.Caste.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 380928 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Runtime2.0.3685.42249__90ba9c70f846762eCLI.Caste.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 139264 c:windowsassemblyGAC_MSILCLI.Aspect.VeryLargeDesktop.Graphics.Dashboard2.0.3685.42321__90ba9c70f846762eCLI.Aspect.VeryLargeDesktop.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 151552 c:windowsassemblyGAC_MSILCLI.Aspect.TutorialInfoCentre.Graphics.Dashboard2.0.3685.42424__90ba9c70f846762eCLI.Aspect.TutorialInfoCentre.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 491520 c:windowsassemblyGAC_MSILCLI.Aspect.TransCode.Graphics.Wizard2.0.3685.42379__90ba9c70f846762eCLI.Aspect.TransCode.Graphics.Wizard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 241664 c:windowsassemblyGAC_MSILCLI.Aspect.SmartGart.Graphics.Dashboard2.0.3685.42290__90ba9c70f846762eCLI.Aspect.SmartGart.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 356352 c:windowsassemblyGAC_MSILCLI.Aspect.Radeon3D.Graphics.Dashboard2.0.3685.42331__90ba9c70f846762eCLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 102400 c:windowsassemblyGAC_MSILCLI.Aspect.PowerXpress.Graphics.Dashboard2.0.3685.42392__90ba9c70f846762eCLI.Aspect.PowerXpress.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 118784 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlayDPPE.Graphics.Dashboard2.0.3685.42378__90ba9c70f846762eCLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 114688 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay4.Graphics.Dashboard2.0.3685.42381__90ba9c70f846762eCLI.Aspect.PowerPlay4.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 139264 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay3.Graphics.Dashboard2.0.3685.42322__90ba9c70f846762eCLI.Aspect.PowerPlay3.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 651264 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive5.Graphics.Dashboard2.0.3685.42394__90ba9c70f846762eCLI.Aspect.OverDrive5.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 118784 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU4.Graphics.Dashboard2.0.3685.42400__90ba9c70f846762eCLI.Aspect.MultiVPU4.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 167936 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU3.Graphics.Dashboard2.0.3685.42373__90ba9c70f846762eCLI.Aspect.MultiVPU3.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 163840 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU2.Graphics.Dashboard2.0.3685.42314__90ba9c70f846762eCLI.Aspect.MultiVPU2.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 241664 c:windowsassemblyGAC_MSILCLI.Aspect.MultiDesk.HydraVision.Dashboard2.0.3685.42406__90ba9c70f846762eCLI.Aspect.MultiDesk.HydraVision.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 409600 c:windowsassemblyGAC_MSILCLI.Aspect.MMVideo.Graphics.Wizard2.0.3685.42344__90ba9c70f846762eCLI.Aspect.MMVideo.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 827392 c:windowsassemblyGAC_MSILCLI.Aspect.MMVideo.Graphics.Dashboard2.0.3685.42313__90ba9c70f846762eCLI.Aspect.MMVideo.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 212992 c:windowsassemblyGAC_MSILCLI.Aspect.MDProp.HydraVision.Dashboard2.0.3685.42404__90ba9c70f846762eCLI.Aspect.MDProp.HydraVision.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 204800 c:windowsassemblyGAC_MSILCLI.Aspect.InfoCentre.Graphics.Wizard2.0.3685.42279__90ba9c70f846762eCLI.Aspect.InfoCentre.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 196608 c:windowsassemblyGAC_MSILCLI.Aspect.InfoCentre.Graphics.Dashboard2.0.3685.42279__90ba9c70f846762eCLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 311296 c:windowsassemblyGAC_MSILCLI.Aspect.HydraVision.Wizard2.0.3685.42407__90ba9c70f846762eCLI.Aspect.HydraVision.Wizard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 147456 c:windowsassemblyGAC_MSILCLI.Aspect.Grid.HydraVision.Dashboard2.0.3685.42397__90ba9c70f846762eCLI.Aspect.Grid.HydraVision.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 315392 c:windowsassemblyGAC_MSILCLI.Aspect.FramelockGenlock.Graphics.Dashboard2.0.3685.42412__90ba9c70f846762eCLI.Aspect.FramelockGenlock.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 409600 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysManager.Graphics.Dashboard2.0.3685.42265__90ba9c70f846762eCLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 573440 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysColour2.Graphics.Dashboard2.0.3685.42280__90ba9c70f846762eCLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 364544 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceTV.Graphics.Wizard2.0.3685.42359__90ba9c70f846762eCLI.Aspect.DeviceTV.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 749568 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceTV.Graphics.Dashboard2.0.3685.42354__90ba9c70f846762eCLI.Aspect.DeviceTV.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 475136 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared2.0.3685.42301__90ba9c70f846762eCLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 307200 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceLCD.Graphics.Wizard2.0.3685.42286__90ba9c70f846762eCLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 323584 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceLCD.Graphics.Dashboard2.0.3685.42322__90ba9c70f846762eCLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 372736 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceDFP.Graphics.Dashboard2.0.3685.42305__90ba9c70f846762eCLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 692224 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCV.Graphics.Wizard2.0.3685.42339__90ba9c70f846762eCLI.Aspect.DeviceCV.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 630784 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCV.Graphics.Dashboard2.0.3685.42326__90ba9c70f846762eCLI.Aspect.DeviceCV.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 397312 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCRT.Graphics.Dashboard2.0.3685.42311__90ba9c70f846762eCLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 163840 c:windowsassemblyGAC_MSILCLI.Aspect.DeskMan.HydraVision.Dashboard2.0.3685.42403__90ba9c70f846762eCLI.Aspect.DeskMan.HydraVision.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 270336 c:windowsassemblyGAC_MSILCLI.Aspect.CrossDisplay.Graphics.Dashboard1.0.0.0__90ba9c70f846762eCLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 270336 c:windowsassemblyGAC_MSILCLI.Aspect.CrossDisplay.Graphics.Dashboard1.0.0.0__90ba9c70f846762eCLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 262144 c:windowsassemblyGAC_MSILCLI.AIB.TutorialInfoCentre.Tutorial.Dashboard1.2.2600.29179__90ba9c70f846762eCLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 262144 c:windowsassemblyGAC_MSILCLI.AIB.TutorialInfoCentre.Tutorial.Dashboard1.2.2600.29179__90ba9c70f846762eCLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
— 2010-02-03 19:58 . 2010-02-03 19:58 223232 c:windowsassemblyGACMicrosoft.DirectX1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 223232 c:windowsassemblyGACMicrosoft.DirectX1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 178176 c:windowsassemblyGACMicrosoft.DirectX.DirectSound1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectSound.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 178176 c:windowsassemblyGACMicrosoft.DirectX.DirectSound1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectSound.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 364544 c:windowsassemblyGACMicrosoft.DirectX.DirectPlay1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectPlay.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 364544 c:windowsassemblyGACMicrosoft.DirectX.DirectPlay1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectPlay.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 159232 c:windowsassemblyGACMicrosoft.DirectX.DirectInput1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectInput.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 159232 c:windowsassemblyGACMicrosoft.DirectX.DirectInput1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectInput.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 145920 c:windowsassemblyGACMicrosoft.DirectX.DirectDraw1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectDraw.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 145920 c:windowsassemblyGACMicrosoft.DirectX.DirectDraw1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectDraw.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 578560 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2911.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 578560 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2911.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 578560 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2910.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 578560 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2910.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 577536 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2909.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 577536 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2909.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 577536 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2908.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 577536 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2908.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 577024 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2907.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 577024 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2907.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 576000 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2906.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 576000 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2906.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 567296 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2905.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 567296 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2905.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 563712 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2904.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 563712 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2904.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 473600 c:windowsassemblyGACMicrosoft.DirectX.Direct3D1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Direct3D.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 473600 c:windowsassemblyGACMicrosoft.DirectX.Direct3D1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Direct3D.dll
— 2009-08-25 07:56 . 2009-08-25 07:56 360448 c:windowsassemblyGACInterop.MSForms2.0.0.0__90ba9c70f846762eInterop.MSForms.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 360448 c:windowsassemblyGACInterop.MSForms2.0.0.0__90ba9c70f846762eInterop.MSForms.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 225280 c:windowsassemblyGACInterop.MSComctlLib2.0.0.0__90ba9c70f846762eInterop.MSComctlLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 225280 c:windowsassemblyGACInterop.MSComctlLib2.0.0.0__90ba9c70f846762eInterop.MSComctlLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 143360 c:windowsassemblyGACICSharpCode.SharpZipLib.84.0.0__1b03e6acf1164f73ICSharpCode.SharpZipLib.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 143360 c:windowsassemblyGACICSharpCode.SharpZipLib.84.0.0__1b03e6acf1164f73ICSharpCode.SharpZipLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 212992 c:windowsassemblyGACAxInterop.MSForms2.0.0.0__90ba9c70f846762eAxInterop.MSForms.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 212992 c:windowsassemblyGACAxInterop.MSForms2.0.0.0__90ba9c70f846762eAxInterop.MSForms.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 135168 c:windowsassemblyGACAxInterop.MSComctlLib2.0.0.0__90ba9c70f846762eAxInterop.MSComctlLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 135168 c:windowsassemblyGACAxInterop.MSComctlLib2.0.0.0__90ba9c70f846762eAxInterop.MSComctlLib.DLL
+ 2010-03-08 09:25 . 2008-07-08 13:21 391032 c:windows$hf_mig$KB957097updateupdspapi.dll
+ 2010-03-08 09:25 . 2008-07-08 13:21 760184 c:windows$hf_mig$KB957097updateupdate.exe
+ 2010-03-08 09:25 . 2008-07-08 13:21 232824 c:windows$hf_mig$KB957097spuninst.exe
+ 2010-03-08 09:25 . 2008-10-24 11:41 455936 c:windows$hf_mig$KB957097SP3QFEmrxsmb.sys
+ 2009-07-11 21:02 . 2009-07-11 21:02 3780424 c:windowsWinSxSx86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53mfc90u.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 3765048 c:windowsWinSxSx86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53mfc90.dll
+ 2010-03-02 10:39 . 2009-07-15 01:44 2053888 c:windowssystem32ReinstallBackups021DriverFilesB_85444ativvaxx.dll
+ 2010-03-02 10:39 . 2009-07-15 01:20 3289088 c:windowssystem32ReinstallBackups021DriverFilesB_85444aticaldd.dll
+ 2010-03-02 10:39 . 2009-07-15 01:58 3281408 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati3duag.dll
+ 2010-03-02 10:39 . 2009-07-15 04:20 4407808 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2mtag.sys
+ 2010-03-02 10:39 . 2010-02-03 03:35 1054067 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ativvaxx.dll
+ 2010-03-02 10:39 . 2010-02-03 04:02 6283522 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atioglxx.dll
+ 2010-03-02 10:39 . 2010-02-03 04:10 1819969 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228aticaldd.dll
+ 2010-03-02 10:39 . 2010-02-03 03:50 1918555 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati3duag.dll
+ 2010-03-02 10:39 . 2010-02-03 04:52 3069099 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2mtag.sys
— 2008-11-23 17:14 . 2008-04-15 12:00 3558912 c:windowssystem32dllcachemoviemk.exe
+ 2008-11-23 17:14 . 2009-10-23 15:28 3558912 c:windowssystem32dllcachemoviemk.exe
— 2009-08-08 10:51 . 2009-03-09 11:27 4178264 c:windowssystem32D3DX9_41.dll
+ 2009-08-08 10:51 . 2009-03-09 12:27 4178264 c:windowssystem32D3DX9_41.dll
+ 2008-12-28 19:48 . 2008-10-15 03:22 4379984 c:windowssystem32D3DX9_40.dll
— 2008-12-28 19:48 . 2008-10-15 02:22 4379984 c:windowssystem32D3DX9_40.dll
+ 2009-08-08 10:51 . 2009-03-09 12:27 1846632 c:windowssystem32D3DCompiler_41.dll
— 2009-08-08 10:51 . 2009-03-09 11:27 1846632 c:windowssystem32D3DCompiler_41.dll
+ 2008-12-28 19:48 . 2008-10-15 03:22 2036576 c:windowssystem32D3DCompiler_40.dll
— 2008-12-28 19:48 . 2008-10-15 02:22 2036576 c:windowssystem32D3DCompiler_40.dll
+ 2010-03-02 10:41 . 2010-03-02 10:41 1088000 c:windowsInstaller8ed27.msi
+ 2010-03-02 10:39 . 2010-03-02 10:39 1597440 c:windowsInstaller8ebdf.msi
+ 2010-02-04 14:24 . 2010-02-04 14:24 9122304 c:windowsInstaller52003.msp
+ 2010-02-20 22:00 . 2010-02-20 22:00 8480768 c:windowsInstaller51fe8.msp
+ 2010-02-03 21:59 . 2010-02-03 21:59 5031936 c:windowsInstaller51fcd.msp
— 2008-11-23 19:40 . 2010-02-26 09:24 1172240 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}xlicons.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 1172240 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}xlicons.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 1165584 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}accicons.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 1165584 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}accicons.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 1048576 c:windowsassemblyGAC_MSILCLI.Component.Eeu2.0.3685.42347__90ba9c70f846762eCLI.Component.Eeu.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 1220608 c:windowsassemblyGAC_MSILCLI.Component.Dashboard2.0.3685.42256__90ba9c70f846762eCLI.Component.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 1007616 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive3.Graphics.Dashboard2.0.3685.42293__90ba9c70f846762eCLI.Aspect.OverDrive3.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 1708032 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysManager2.Graphics.Wizard2.0.3685.42422__90ba9c70f846762eCLI.Aspect.DisplaysManager2.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 1302528 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysManager2.Graphics.Dashboard2.0.3685.42418__90ba9c70f846762eCLI.Aspect.DisplaysManager2.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 1736704 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysManager.Graphics.Wizard2.0.3685.42276__90ba9c70f846762eCLI.Aspect.DisplaysManager.Graphics.Wizard.DLL
— 2010-02-03 19:58 . 2010-02-03 19:58 2846720 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2903.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 2846720 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2903.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 2676224 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 2676224 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 10:39 . 2009-07-15 01:48 12693504 c:windowssystem32ReinstallBackups021DriverFilesB_85444atioglxx.dll
+ 2008-11-25 18:14 . 2010-03-02 05:30 31648712 c:windowssystem32MRT.exe
+ 2009-11-20 20:46 . 2009-11-20 20:46 11524608 c:windowsInstaller5201e.msp
+ 2009-04-03 14:46 . 2009-04-03 14:46 17314688 c:windowsInstaller$PatchCache$Managed0002109030000000000000000F01FEC12.0.6425MSO.DLL
.
— Snapshot reset to current date —
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536]
«LDM»=»c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe» [2009-01-29 67128]
«Start WingMan Profiler»=»c:program filesLogitechProfilerlwemon.exe» [2006-07-05 60416]
«AlcoholAutomount»=»e:alcohol 120axcmd.exe» [2009-03-17 203928]
«Backup4all 3″=»c:program filesSoftlandBackup4all 3Backup4all.exe» [2007-11-05 3133080]
«Backup4all Scheduler»=»c:program filesSoftlandBackup4all 3b4aSched.Exe» [2007-11-05 478360]
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=»LBTWIZ.EXE -silent» [X]
«Kernel and Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«TaskSwitchXP»=»c:program filesTaskSwitchXPTaskSwitchXP.exe» [2007-03-09 62976]
«JMB36X IDE Setup»=»c:windowsRaidToolxInsIDE.exe» [2007-03-20 36864]
«36X Raid Configurer»=»c:windowssystem32xRaidSetup.exe» [2007-03-21 1953792]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«zBrowser Launcher»=»c:program filesLogitechiTouchiTouch.exe» [2002-11-22 631362]
«Logitech Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«MAgent»=»c:program filesMail.RuAgentmagent.exe» [2009-07-27 7975608]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-08-18 1447168]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«Ai Remote Help»=»c:program filesASUSAI RemoteAiRc.exe» [2007-09-03 3346432]
«ASUS UpdateChecker»=»c:program filesASUSUpdateCheckerUpdateChecker.exe» [2008-11-03 110592]
«Ai Nap»=»c:program filesASUSAI SuiteAiNapAiNap.exe» [2008-01-28 1413120]
«CPU Power Monitor»=»c:program filesASUSAI SuiteAiGear3CpuPowerMonitor.exe» [2008-01-09 627200]
«Cpu Level Up help»=»c:program filesASUSAI SuiteCpuLevelUpHelp.exe» [2007-11-30 881152]
«ASUS Energy Saving»=»c:program filesASUSAI SuiteEnergySavingPwSave.exe» [2008-01-28 1352704]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2008-04-15 110592]
«DiscWizardMonitor.exe»=»c:program filesSeagateDiscWizardDiscWizardMonitor.exe» [2007-09-04 1188864]
«AcronisTimounterMonitor»=»c:program filesSeagateDiscWizardTimounterMonitor.exe» [2007-09-04 1963768]
«Acronis Scheduler2 Service»=»c:program filesCommon FilesSeagateSchedule2schedhlp.exe» [2007-09-04 148760]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«QuickTime Task»=»c:program filesQuickTimeQTTask.exe» [2009-11-10 417792]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2009-11-12 141600]
«UPSMON»=»c:program filesUPSMONUPSMON.exe» [2008-07-02 433664]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2010-02-02 98304][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 37376]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» [2010-01-05 124928]
«IE7_013″=»rebuild.exe» [2007-11-01 114280]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-1-29 67128]
Logitech SetPoint.lnk — c:program filesLogitechSetPointSetPoint.exe [2009-3-24 809488][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLBTWlgn]
2009-02-18 21:30 72208 —-a-w- c:program filesCommon FilesLogitechBluetoothLBTWLgn.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
@=»»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«e:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«e:\Gears of War\Binaries\WarGame-G4WLive.exe»=
«e:\uTorrent\uTorrent.exe»=
«e:\Race Driver GRID\GRID.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\xrEngine.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\dedicated\xrEngine.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«e:\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\xrEngine.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\dedicated\xrEngine.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx9.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx10.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Launcher.exe»=
«c:\Program Files\ICQ7.0\ICQ.exe»=
«c:\Program Files\ICQ7.0\aolload.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«d:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe»=
«c:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe»=
«e:\Assassin’s Creed II\AssassinsCreedIIGame.exe»=
«e:\Assassin’s Creed II\AssassinsCreedII.exe»=
«e:\Assassin’s Creed II\UPlayBrowser.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26689:TCP»= 26689:TCPR0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc);c:windowssystem32driverspe3ajtsc.sys [15.08.2007 15:11 64640]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc);c:windowssystem32driversps7ajtsc.sys [15.08.2007 15:11 68744]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [08.10.2009 2:40 3069040]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [18.08.2008 13:27 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [18.08.2008 13:25 468224]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc);c:windowssystem32pr2ajtsc.exe svc —> c:windowssystem32pr2ajtsc.exe svc [?]
S4 sptd;sptd;c:windowssystem32driverssptd.sys [23.11.2008 20:22 721904]
.
Contents of the ‘Scheduled Tasks’ folder2010-03-22 c:windowsTasksb4a_bp6.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-03-22 c:windowsTasksb4a_Мои документы.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-03-22 c:windowsTasksOGALogon.job
— c:windowssystem32OGAEXEC.exe [2009-08-03 11:07]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.lofisnet.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master
IE: Закачать при помощи Download Master
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} — c:program filesICQ7.0ICQ.exe
TCP: {A80D0705-8D40-4C7D-AFE9-E8D841452343} = 80.79.176.2,80.79.176.3
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
FF — ProfilePath — c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.default
FF — prefs.js: browser.startup.homepage — hxxp://lofisnet.ru/
FF — prefs.js: keyword.URL — hxxp://search.qip.ru/search?from=FF&query=
FF — component: c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.defaultextensions{32a1fd71-835e-4b11-8e54-886fda0b4c89}componentsqippipe.dll
FF — component: c:program filesMozilla Firefoxextensions{B13721C7-F507-4982-B2E5-502A71474FED}componentsNPComponent.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension—- FIREFOX POLICIES —-
FF — user.js: general.useragent.extra.zencast — Creative ZENcast v2.01.01);user_pref(general.useragent.extra.zencast, c:program filesMozilla Firefoxgreprefsall.js — pref(«ui.use_native_colors», true);
c:program filesMozilla Firefoxgreprefsall.js — pref(«ui.use_native_popup_windows», false);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.enable_click_image_resizing», true);
c:program filesMozilla Firefoxgreprefsall.js — pref(«accessibility.browsewithcaret_shortcut.enabled», true);
c:program filesMozilla Firefoxgreprefsall.js — pref(«javascript.options.mem.high_water_mark», 32);
c:program filesMozilla Firefoxgreprefsall.js — pref(«javascript.options.mem.gc_frequency», 1600);
c:program filesMozilla Firefoxgreprefsall.js — pref(«network.auth.force-generic-ntlm», false);
c:program filesMozilla Firefoxgreprefsall.js — pref(«svg.smil.enabled», false);
c:program filesMozilla Firefoxgreprefsall.js — pref(«ui.trackpoint_hack.enabled», -1);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.debug», false);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.agedWeight», 2);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.bucketSize», 1);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.maxTimeGroupings», 25);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.timeGroupingSize», 604800);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.boundaryWeight», 25);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.prefixWeight», 5);
c:program filesMozilla Firefoxgreprefsall.js — pref(«html5.enable», false);
c:program filesMozilla Firefoxdefaultspreffirefox-branding.js — pref(«app.update.download.backgroundInterval», 600);
c:program filesMozilla Firefoxdefaultspreffirefox-branding.js — pref(«app.update.url.manual», «http://www.firefox.com»);
c:program filesMozilla Firefoxdefaultspreffirefox-branding.js — pref(«browser.search.param.yahoo-fr-ja», «mozff»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name», «chrome://browser/locale/browser.properties»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description», «chrome://browser/locale/browser.properties»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«xpinstall.whitelist.add», «addons.mozilla.org»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«xpinstall.whitelist.add.36», «getpersonas.com»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«lightweightThemes.update.enabled», true);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«browser.allTabs.previews», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«plugins.hide_infobar_for_outdated_plugin», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«plugins.update.notifyUser», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«toolbar.customization.usesheet», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«browser.taskbar.previews.enable», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«browser.taskbar.previews.max», 20);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«browser.taskbar.previews.cachetime», 20);
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-22 21:27
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(720)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:windowssystem32atiadlxx.dll
c:program filescommon fileslogitechbluetoothLBTWlgn.dll
c:program filescommon fileslogitechbluetoothLBTServ.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(792)
c:windowssystem32setupapi.dll
.
Completion time: 2010-03-22 21:28:37
ComboFix-quarantined-files.txt 2010-03-22 18:28
ComboFix2.txt 2010-02-28 12:19
ComboFix3.txt 2010-02-28 05:44
ComboFix4.txt 2010-02-25 23:39Pre-Run: 13 212 454 912 байт свободно
Post-Run: 13 239 296 000 байт свободно— — End Of File — — 88A281FC7E1F9E06CB6869DC4058A856
я, как культурный гражданин, жду вашего ответа, поэтому не пишу долго в ЛС… просто правила почитал…
жду дальнейших инструкций
Спасибо!комп в принципе работает нормально, только не заходит на некоторые сайты….не пойму только по какой системе… с удивлением обнаружил, что антавирус стал обновлятся при «выбирать автоматически»
еще последнее время, нод32 очень часто удаляет какие то файлы, с непонятными названиями, различный набор букв и цифр…
з.ы. у подруги тоже комп так же «заболел», создам еще одну тему:)
- Для ответа в этой теме необходимо авторизоваться.
