Помогите!!

[Аноним]

Logfile of random’s system information tool 1.08 (written by random/random)
Run by Маргорита at 2010-08-27 09:14:24
Microsoft Windows XP Professional Service Pack 2
System drive C: has 4 GB (32%) free of 12 GB
Total RAM: 1535 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:14:27, on 27.08.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesWindows LiveContactswlcomm.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSexplorer.exe
D:softMozillafirefox.exe
D:softSysRSIT.exe
C:Program Filestrend microМаргорита.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 — HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://google.flashget.com/
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — D:softJavabinjp2ssv.dll
O2 — BHO: Windows Live Toolbar Helper — {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} — C:Program FilesWindows LiveToolbarwltcore.dll
O3 — Toolbar: DAEMON Tools Toolbar — {32099AAC-C132-4136-9E9A-4E364A424E17} — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: &Windows Live Toolbar — {21FA44EF-376D-4D53-9B0F-8A89D3229068} — C:Program FilesWindows LiveToolbarwltcore.dll
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [avast!] «C:Program FilesAlwil SoftwareAvast4ashDisp.exe»
O4 — HKCU..Run: [msnmsgr] «C:Program FilesWindows LiveMessengermsnmsgr.exe» /background
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: ICQ7.2 — {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} — D:softICQICQ7.2ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ7.2 — {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} — D:softICQICQ7.2ICQ.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:WINDOWSsystem32shdocvw.dll
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:WINDOWSsystem32shdocvw.dll
O17 — HKLMSystemCCSServicesTcpip..{57C421BB-D856-4504-A9CF-14445F900C72}: NameServer = 10.10.0.1,10.10.1.4
O22 — SharedTaskScheduler: Предзагрузчик Browseui — {438755C2-A8BA-11D1-B96B-00A0C90312E1} — C:WINDOWSsystem32browseui.dll
O22 — SharedTaskScheduler: Демон кэша категорий компонентов — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:WINDOWSsystem32browseui.dll
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Telnet (TlntSvr) — Корпорация Майкрософт — C:WINDOWSsystem32tlntsvr.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 6453 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — D:softJavabinjp2ssv.dll [2010-08-20 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program FilesWindows LiveToolbarwltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} — DAEMON Tools Toolbar — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll [2010-03-25 968000]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2010-06-01 10336584]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program FilesWindows LiveToolbarwltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«avast!»=C:Program FilesAlwil SoftwareAvast4ashDisp.exe [2009-11-25 81000]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«msnmsgr»=C:Program FilesWindows LiveMessengermsnmsgr.exe [2010-04-16 3872080]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2010-08-14 327472]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2007-03-03 110592]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=67108863
«NoDriveTypeAutoRun»=323
«NoDrives»=0

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoDriveAutoRun»=67108863
«NoDrives»=0

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«D:softICQICQ7.2ICQ.exe»=»D:softICQICQ7.2ICQ.exe:*:Enabled:ICQ7.2»
«D:softICQICQ7.2aolload.exe»=»D:softICQICQ7.2aolload.exe:*:Enabled:aolload.exe»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:Program FilesWindows LiveMessengerwlcsdk.exe»=»C:Program FilesWindows LiveMessengerwlcsdk.exe:*:Enabled:Windows Live Call»
«C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
«C:Program FilesWindows LiveSyncWindowsLiveSync.exe»=»C:Program FilesWindows LiveSyncWindowsLiveSync.exe:*:Enabled:Windows Live Sync»
«C:Program FilesWinRARWinRAR.exe»=»C:Program FilesWinRARWinRAR.exe:*:Enabled:ipsec»
«C:WINDOWSSOUNDMAN.EXE»=»C:WINDOWSSOUNDMAN.EXE:*:Enabled:ipsec»
«D:softMozillafirefox.exe»=»D:softMozillafirefox.exe:*:Enabled:ipsec»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«D:softICQICQ7.2ICQ.exe»=»D:softICQICQ7.2ICQ.exe:*:Enabled:ICQ7.2»
«D:softICQICQ7.2aolload.exe»=»D:softICQICQ7.2aolload.exe:*:Enabled:aolload.exe»
«C:Program FilesWindows LiveMessengerwlcsdk.exe»=»C:Program FilesWindows LiveMessengerwlcsdk.exe:*:Enabled:Windows Live Call»
«C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
«C:Program FilesWindows LiveSyncWindowsLiveSync.exe»=»C:Program FilesWindows LiveSyncWindowsLiveSync.exe:*:Enabled:Windows Live Sync»

======List of files/folders created in the last 1 months======

2010-08-27 09:11:08 —-DC—- C:Program Filestrend micro
2010-08-27 09:11:07 —-DC—- C:rsit
2010-08-27 08:56:33 —-AC—- C:ComboFix.txt
2010-08-27 08:39:54 —-AC—- C:Boot.bak
2010-08-27 08:39:51 —-RASHDC—- C:cmdcons
2010-08-27 08:37:50 —-AC—- C:WINDOWSPEV.exe
2010-08-27 08:37:50 —-AC—- C:WINDOWSNIRCMD.exe
2010-08-27 08:37:50 —-AC—- C:WINDOWSMBR.exe
2010-08-27 08:37:49 —-AC—- C:WINDOWSzip.exe
2010-08-27 08:37:49 —-AC—- C:WINDOWSSWXCACLS.exe
2010-08-27 08:37:49 —-AC—- C:WINDOWSSWSC.exe
2010-08-27 08:37:49 —-AC—- C:WINDOWSSWREG.exe
2010-08-27 08:37:49 —-AC—- C:WINDOWSsed.exe
2010-08-27 08:37:49 —-AC—- C:WINDOWSgrep.exe
2010-08-27 08:37:33 —-DC—- C:WINDOWSERDNT
2010-08-27 08:36:26 —-DC—- C:Qoobox
2010-08-27 08:21:48 —-AC—- C:WINDOWSSchedLgU.Txt
2010-08-27 07:27:38 —-AC—- C:WINDOWSWININIT.INI
2010-08-26 21:40:55 —-DC—- C:FlylinkDC++
2010-08-25 21:15:42 —-DC—- C:Program FilesDAEMON Tools Lite
2010-08-25 01:14:11 —-A—- C:WINDOWSsystem32driversaswTdi.sys
2010-08-25 01:14:11 —-A—- C:WINDOWSsystem32driversaswRdr.sys
2010-08-25 01:14:10 —-A—- C:WINDOWSsystem32driversaavmker4.sys
2010-08-25 01:14:09 —-A—- C:WINDOWSsystem32driversaswSP.sys
2010-08-25 01:14:09 —-A—- C:WINDOWSsystem32driversaswmon2.sys
2010-08-25 01:14:09 —-A—- C:WINDOWSsystem32driversaswmon.sys
2010-08-25 01:14:09 —-A—- C:WINDOWSsystem32driversaswFsBlk.sys
2010-08-25 01:13:46 —-AC—- C:WINDOWSsystem32aswBoot.exe
2010-08-24 22:07:46 —-DC—- C:Program FilesAlwil Software
2010-08-24 20:33:50 —-DC—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2010-08-24 15:28:13 —-DC—- C:Program FilesDrWeb
2010-08-23 23:58:24 —-A—- C:WINDOWSsystem32driversvdm5mjgy.sys
2010-08-23 23:45:20 —-DC—- C:Program FilesMicrosoft Silverlight
2010-08-23 23:44:51 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-08-23 23:44:51 —-A—- C:WINDOWSsystem32driversfssfltr_tdi.sys
2010-08-23 23:44:02 —-DC—- C:Program FilesMicrosoft Sync Framework
2010-08-23 23:42:08 —-DC—- C:Program FilesMicrosoft SQL Server Compact Edition
2010-08-23 23:40:04 —-DC—- C:Program FilesWindows Live SkyDrive
2010-08-23 23:17:22 —-DC—- C:Documents and SettingsAll UsersApplication DataWLInstaller
2010-08-23 23:17:12 —-D—- C:WINDOWSsystem32SoftwareDistribution
2010-08-23 22:13:00 —-A—- C:WINDOWSsystem32ChCfg.exe
2010-08-23 22:12:48 —-RA—- C:WINDOWSsystem32driversalcxwdm.sys
2010-08-23 22:12:36 —-DC—- C:Program FilesRealtek AC97
2010-08-23 22:12:35 —-A—- C:WINDOWSsystem32RTLCPL.exe
2010-08-23 22:12:33 —-AC—- C:WINDOWSsoundman.exe
2010-08-23 22:12:33 —-A—- C:WINDOWSsystem32RtlCPAPI.dll
2010-08-23 22:12:31 —-AC—- C:WINDOWSalcupd.exe
2010-08-23 22:12:31 —-AC—- C:WINDOWSAlcrmv.exe
2010-08-23 01:19:50 —-DC—- C:Program FilesMicrosoft
2010-08-23 01:19:20 —-DC—- C:Program FilesWindows Live
2010-08-23 01:17:59 —-DC—- C:Program FilesCommon FilesWindows Live
2010-08-23 00:20:41 —-HDC—- C:WINDOWS$NtUninstallKB888111WXPSP2$
2010-08-22 22:56:16 —-HDC—- C:Documents and SettingsAll UsersApplication Data{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2010-08-22 13:30:38 —-A—- C:WINDOWSsystem32driversTetris.sys
2010-08-21 18:51:13 —-A—- C:WINDOWSsystem32driversuzm5mjgy.sys
2010-08-21 18:38:41 —-DC—- C:Documents and SettingsМаргоритаApplication DataHelp
2010-08-20 22:21:31 —-SHDC—- C:DrWeb Quarantine
2010-08-20 16:29:22 —-DC—- C:WINDOWSSun
2010-08-20 16:28:26 —-A—- C:WINDOWSsystem32deployJava1.dll
2010-08-20 10:14:09 —-DC—- C:WINDOWSMinidump
2010-08-18 19:00:48 —-DC—- C:Documents and SettingsМаргоритаApplication DataskypePM
2010-08-18 18:53:40 —-DC—- C:Documents and SettingsМаргоритаApplication DataSkype
2010-08-18 18:52:30 —-DC—- C:Documents and SettingsAll UsersApplication DataSkype
2010-08-16 12:32:01 —-A—- C:WINDOWSsystem32driverslilsgt.sys
2010-08-16 12:32:01 —-A—- C:WINDOWSsystem32driversithsgt.sys
2010-08-16 12:31:56 —-D—- C:WINDOWSsystem32appmgmt
2010-08-16 12:30:21 —-DC—- C:WINDOWSDownloaded Installations
2010-08-15 23:04:45 —-HDC—- C:Documents and SettingsAll UsersApplication Data{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}
2010-08-14 22:17:58 —-AC—- C:WINDOWSIsUninstR.Exe
2010-08-14 22:06:03 —-AC—- C:WINDOWSIsUninst.exe
2010-08-14 19:38:35 —-D—- C:WINDOWSsystem32ru-RU
2010-08-14 19:35:12 —-D—- C:WINDOWSsystem32en-US
2010-08-14 19:35:02 —-DC—- C:Program FilesReference Assemblies
2010-08-14 19:23:56 —-DC—- C:WINDOWSassembly
2010-08-14 19:23:34 —-DC—- C:WINDOWSMicrosoft.NET
2010-08-14 19:03:14 —-A—- C:WINDOWSsystem32spupdsvc.exe
2010-08-14 19:03:12 —-HDC—- C:WINDOWS$NtUninstallWIC$
2010-08-14 19:01:14 —-RDC—- C:AHCache
2010-08-14 18:07:54 —-DC—- C:Documents and SettingsМаргоритаApplication DataUniblue
2010-08-14 17:09:05 —-DC—- C:Documents and SettingsМаргоритаApplication DataHdO Adventure
2010-08-14 17:07:41 —-DC—- C:Documents and SettingsAll UsersApplication DataTEMP
2010-08-14 13:42:53 —-HD—- C:WINDOWSsystem32GroupPolicy
2010-08-14 00:20:01 —-ASH—- C:pagefile.sys
2010-08-13 23:59:29 —-D—- C:WINDOWSsystem32NtmsData
2010-08-13 17:18:35 —-AC—- C:WINDOWSTwister.INI
2010-08-13 03:30:05 —-AC—- C:WINDOWSlibem.INI
2010-08-13 03:30:02 —-DC—- C:Documents and SettingsМаргоритаApplication DataFlashGet
2010-08-12 21:59:24 —-DC—- C:Program FilesYandex
2010-08-12 21:59:24 —-DC—- C:Documents and SettingsМаргоритаApplication DataOpera
2010-08-12 21:59:20 —-DC—- C:Documents and SettingsAll UsersApplication DataICQ
2010-08-12 14:27:42 —-DC—- C:Documents and SettingsAll UsersApplication DataSun
2010-08-12 14:25:04 —-DC—- C:Documents and SettingsМаргоритаApplication DataSun
2010-08-12 12:36:58 —-A—- C:WINDOWSsystem32Msvcp60d.dll
2010-08-12 12:36:58 —-A—- C:WINDOWSsystem32msvci70d.dll
2010-08-12 12:36:57 —-A—- C:WINDOWSsystem32msvcp71d.dll
2010-08-12 12:36:57 —-A—- C:WINDOWSsystem32msvcp70d.dll
2010-08-09 20:23:27 —-AC—- C:WINDOWS#1 Video Converter.INI
2010-08-08 15:19:31 —-DC—- C:Documents and SettingsAll UsersApplication DataYandex
2010-08-07 21:51:49 —-DC—- C:Documents and SettingsМаргоритаApplication Datavlc
2010-08-07 21:49:00 —-DC—- C:Program FilesuTorrent
2010-08-07 21:48:31 —-DC—- C:Documents and SettingsМаргоритаApplication DatauTorrent
2010-08-07 21:48:07 —-DC—- C:Program FilesDAEMON Tools Toolbar
2010-08-07 21:47:45 —-A—- C:WINDOWSsystem32driverssptd.sys
2010-08-07 21:47:13 —-DC—- C:Documents and SettingsМаргоритаApplication DataDAEMON Tools Lite
2010-08-07 21:47:11 —-DC—- C:Documents and SettingsAll UsersApplication DataDAEMON Tools Lite
2010-08-07 21:42:29 —-DC—- C:Program FilesCommon FilesArsenal Shared
2010-08-07 20:03:40 —-A—- C:WINDOWSsystem32NVUNINST.EXE
2010-08-07 20:03:28 —-DC—- C:NVIDIA
2010-08-07 20:02:06 —-DC—- C:Documents and SettingsМаргоритаApplication DataMedia Player Classic
2010-08-07 19:51:54 —-AC—- C:WINDOWSNeroDigital.ini
2010-08-06 23:07:31 —-DC—- C:Documents and SettingsМаргоритаApplication DataChemTable Software
2010-08-06 14:44:40 —-A—- C:WINDOWSsystem32xactengine2_10.dll
2010-08-06 14:44:40 —-A—- C:WINDOWSsystem32d3dx10_36.dll
2010-08-06 14:44:39 —-A—- C:WINDOWSsystem32d3dx9_36.dll
2010-08-06 14:44:39 —-A—- C:WINDOWSsystem32D3DCompiler_36.dll
2010-08-06 14:44:23 —-A—- C:WINDOWSsystem32xactengine2_9.dll
2010-08-06 14:44:23 —-A—- C:WINDOWSsystem32d3dx10_35.dll
2010-08-06 14:44:23 —-A—- C:WINDOWSsystem32D3DCompiler_35.dll
2010-08-06 14:44:22 —-A—- C:WINDOWSsystem32xactengine2_8.dll
2010-08-06 14:44:22 —-A—- C:WINDOWSsystem32X3DAudio1_2.dll
2010-08-06 14:44:22 —-A—- C:WINDOWSsystem32d3dx9_35.dll
2010-08-06 14:44:22 —-A—- C:WINDOWSsystem32d3dx10_34.dll
2010-08-06 14:44:21 —-A—- C:WINDOWSsystem32xinput1_3.dll
2010-08-06 14:44:21 —-A—- C:WINDOWSsystem32d3dx9_34.dll
2010-08-06 14:44:21 —-A—- C:WINDOWSsystem32D3DCompiler_34.dll
2010-08-06 14:44:20 —-A—- C:WINDOWSsystem32xactengine2_7.dll
2010-08-06 14:44:19 —-A—- C:WINDOWSsystem32d3dx10_33.dll
2010-08-06 14:44:19 —-A—- C:WINDOWSsystem32D3DCompiler_33.dll
2010-08-06 14:44:18 —-A—- C:WINDOWSsystem32d3dx9_33.dll
2010-08-06 14:44:17 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2010-08-06 14:44:17 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2010-08-06 14:44:16 —-A—- C:WINDOWSsystem32xactengine2_4.dll
2010-08-06 14:44:16 —-A—- C:WINDOWSsystem32x3daudio1_1.dll
2010-08-06 14:44:16 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2010-08-06 14:44:16 —-A—- C:WINDOWSsystem32d3dx9_31.dll
2010-08-06 14:44:15 —-A—- C:WINDOWSsystem32xinput1_2.dll
2010-08-06 14:44:15 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2010-08-06 14:44:15 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2010-08-06 14:44:00 —-A—- C:WINDOWSsystem32xinput1_1.dll
2010-08-06 14:43:59 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2010-08-06 14:43:58 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2010-08-06 14:43:58 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2010-08-06 14:43:58 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2010-08-06 14:36:04 —-DC—- C:Program FilesOpenAL
2010-08-06 14:35:28 —-A—- C:WINDOWSsystem32eax.dll
2010-08-06 14:35:28 —-A—- C:WINDOWSsystem32Cc3250mt.dll
2010-08-06 14:35:28 —-A—- C:WINDOWSsystem32Borlndmm.dll
2010-08-06 14:35:28 —-A—- C:WINDOWSsystem32ATL80.dll
2010-08-06 14:35:28 —-A—- C:WINDOWSsystem32atl71.dll
2010-08-06 14:35:27 —-A—- C:WINDOWSsystem32mfc70u.dll
2010-08-06 14:35:27 —-A—- C:WINDOWSsystem32mfc70.dll
2010-08-06 14:35:26 —-A—- C:WINDOWSsystem32mfcm80u.dll
2010-08-06 14:35:26 —-A—- C:WINDOWSsystem32mfcm80.dll
2010-08-06 14:35:26 —-A—- C:WINDOWSsystem32mfc80u.dll
2010-08-06 14:35:26 —-A—- C:WINDOWSsystem32mfc80ENU.dll
2010-08-06 14:35:26 —-A—- C:WINDOWSsystem32mfc80.dll
2010-08-06 14:35:26 —-A—- C:WINDOWSsystem32MFC71u.dll
2010-08-06 14:35:25 —-A—- C:WINDOWSsystem32msvcm80.dll
2010-08-06 14:35:25 —-A—- C:WINDOWSsystem32msvci70.dll
2010-08-06 14:35:24 —-A—- C:WINDOWSsystem32msxml3a.dll
2010-08-06 14:35:24 —-A—- C:WINDOWSsystem32msvcr80.dll
2010-08-06 14:35:24 —-A—- C:WINDOWSsystem32msvcr71d.dll
2010-08-06 14:35:24 —-A—- C:WINDOWSsystem32msvcr70d.dll
2010-08-06 14:35:24 —-A—- C:WINDOWSsystem32Msvcr70.dll
2010-08-06 14:35:24 —-A—- C:WINDOWSsystem32msvcp80.dll
2010-08-06 14:35:24 —-A—- C:WINDOWSsystem32Msvcp70.dll
2010-08-06 14:35:23 —-A—- C:WINDOWSsystem32Vb5db.dll
2010-08-06 14:35:23 —-A—- C:WINDOWSsystem32OpenALwEAX.exe
2010-08-06 14:35:23 —-A—- C:WINDOWSsystem32OpenAL32.dll
2010-08-06 14:35:23 —-A—- C:WINDOWSsystem32msxml4a.dll
2010-08-06 14:35:22 —-A—- C:WINDOWSsystem32xmltok.dll
2010-08-06 14:35:22 —-A—- C:WINDOWSsystem32xmlparse.dll
2010-08-06 14:35:22 —-A—- C:WINDOWSsystem32xmlinst.exe
2010-08-06 14:35:22 —-A—- C:WINDOWSsystem32wrap_oal.dll
2010-08-06 14:35:22 —-A—- C:WINDOWSsystem32vp6vfw.dll
2010-08-06 14:35:22 —-A—- C:WINDOWSsystem32vp6install.exe
2010-08-06 14:35:22 —-A—- C:WINDOWSsystem32vcomp.dll
2010-08-06 13:43:31 —-DC—- C:Documents and SettingsМаргоритаApplication DataMacromedia
2010-08-06 13:43:31 —-DC—- C:Documents and SettingsМаргоритаApplication DataAdobe
2010-08-06 13:24:42 —-DC—- C:Documents and SettingsМаргоритаApplication Datadvdcss
2010-08-05 09:17:23 —-DC—- C:Documents and SettingsAll UsersApplication DataAlawar Stargaze
2010-08-05 09:13:31 —-A—- C:WINDOWSsystem32MSVCR71.dll
2010-08-05 09:13:31 —-A—- C:WINDOWSsystem32MSVCP71.dll
2010-08-05 09:13:31 —-A—- C:WINDOWSsystem32MFC71.dll
2010-08-04 23:03:54 —-A—- C:WINDOWSsystem32h323log.txt
2010-08-04 23:02:59 —-A—- C:WINDOWSsystem32driversaudstub.sys
2010-08-04 23:02:40 —-A—- C:WINDOWSsystem32hidserv.dll
2010-08-04 23:02:19 —-A—- C:WINDOWSsystem32driversredbook.sys
2010-08-04 23:02:13 —-A—- C:WINDOWSsystem32HSFCISP2.dll
2010-08-04 23:02:13 —-A—- C:WINDOWSsystem32driversmdmxsdk.sys
2010-08-04 23:02:13 —-A—- C:WINDOWSsystem32driversHSFCXTS2.sys
2010-08-04 23:02:12 —-A—- C:WINDOWSsystem32mdmxsdk.dll
2010-08-04 23:02:12 —-A—- C:WINDOWSsystem32driversHSFDPSP2.sys
2010-08-04 23:02:12 —-A—- C:WINDOWSsystem32driversHSFBS2S2.sys
2010-08-04 23:01:42 —-A—- C:WINDOWSsystem32driversintelide.sys
2010-08-04 23:01:32 —-A—- C:WINDOWSsystem32usbui.dll
2010-08-04 23:00:27 —-SHD—- C:WINDOWSInstaller
2010-08-04 23:00:27 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-08-04 23:00:26 —-DC—- C:Program FilesCommon FilesODBC
2010-08-04 23:00:26 —-AC—- C:WINDOWSODBCINST.INI
2010-08-04 23:00:23 —-RDC—- C:Program Files
2010-08-04 23:00:23 —-DC—- C:Program FilesCommon FilesSpeechEngines
2010-08-04 23:00:23 —-DC—- C:Program FilesCommon FilesMicrosoft Shared
2010-08-04 23:00:23 —-DC—- C:Program FilesCommon Files
2010-08-04 23:00:19 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2010-08-04 23:00:19 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2010-08-04 23:00:19 —-RA—- C:WINDOWSsystem32kbdazel.dll
2010-08-04 23:00:17 —-RA—- C:WINDOWSsystem32kbdhept.dll
2010-08-04 23:00:17 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2010-08-04 23:00:17 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2010-08-04 23:00:17 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2010-08-04 23:00:16 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2010-08-04 23:00:16 —-RA—- C:WINDOWSsystem32kbdhe.dll
2010-08-04 23:00:16 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2010-08-04 23:00:15 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2010-08-04 23:00:15 —-RA—- C:WINDOWSsystem32kbdlv.dll
2010-08-04 23:00:15 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2010-08-04 23:00:15 —-RA—- C:WINDOWSsystem32kbdlt.dll
2010-08-04 23:00:14 —-RA—- C:WINDOWSsystem32kbdest.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdycl.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdsl.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdro.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdpl.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdhu.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdcz.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32kbdcr.dll
2010-08-04 23:00:12 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2010-08-04 23:00:08 —-A—- C:WINDOWSsystem32kbdtat.dll
2010-08-04 23:00:08 —-A—- C:WINDOWSsystem32kbdmon.dll
2010-08-04 23:00:08 —-A—- C:WINDOWSsystem32kbdkyr.dll
2010-08-04 23:00:07 —-A—- C:WINDOWSsystem32kbdycc.dll
2010-08-04 23:00:07 —-A—- C:WINDOWSsystem32kbduzb.dll
2010-08-04 23:00:07 —-A—- C:WINDOWSsystem32kbdur.dll
2010-08-04 23:00:07 —-A—- C:WINDOWSsystem32kbdkaz.dll
2010-08-04 23:00:07 —-A—- C:WINDOWSsystem32kbdbu.dll
2010-08-04 23:00:07 —-A—- C:WINDOWSsystem32kbdblr.dll
2010-08-04 23:00:07 —-A—- C:WINDOWSsystem32kbdaze.dll
2010-08-04 23:00:06 —-A—- C:WINDOWSsystem32irclass.dll
2010-08-04 23:00:06 —-A—- C:WINDOWSsystem32dgsetup.dll
2010-08-04 23:00:06 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2010-08-04 23:00:05 —-A—- C:WINDOWSsystem32spxcoins.dll
2010-08-04 23:00:05 —-A—- C:WINDOWSsystem32EqnClass.Dll
2010-08-04 23:00:03 —-AC—- C:WINDOWSTASKMAN.EXE
2010-08-04 23:00:02 —-AC—- C:WINDOWSNOTEPAD.EXE
2010-08-04 23:00:02 —-A—- C:WINDOWSsystem32driversirenum.sys
2010-08-04 23:00:02 —-A—- C:WINDOWSsystem32batt.dll
2010-08-04 23:00:00 —-A—- C:WINDOWSsystem32storprop.dll
2010-08-04 22:59:53 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2010-08-04 22:58:10 —-RAC—- C:WINDOWSSET8.tmp
2010-08-04 22:58:08 —-RAC—- C:WINDOWSSET4.tmp
2010-08-04 22:58:07 —-RAC—- C:WINDOWSSET3.tmp
2010-08-04 22:58:02 —-D—- C:WINDOWSsystem32CatRoot2
2010-08-04 22:58:02 —-D—- C:WINDOWSsystem32CatRoot
2010-08-04 22:57:57 —-SDC—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-08-04 22:57:37 —-SHD—- C:System Volume Information
2010-08-04 22:57:37 —-DC—- C:Documents and Settings
2010-08-04 22:56:51 —-RASHC—- C:boot.ini
2010-08-04 22:53:03 —-RSHDC—- C:WINDOWSsystem32dllcache
2010-08-04 22:53:03 —-RSDC—- C:WINDOWSFonts
2010-08-04 22:53:03 —-RD—- C:WINDOWSWeb
2010-08-04 22:53:03 —-HD—- C:WINDOWSinf
2010-08-04 22:53:03 —-DC—- C:WINDOWSHelp
2010-08-04 22:53:03 —-DC—- C:WINDOWSehome
2010-08-04 22:53:03 —-DC—- C:WINDOWSDriver Cache
2010-08-04 22:53:03 —-DC—- C:WINDOWSDebug
2010-08-04 22:53:03 —-DC—- C:WINDOWSCursors
2010-08-04 22:53:03 —-DC—- C:WINDOWSConnection Wizard
2010-08-04 22:53:03 —-DC—- C:WINDOWSConfig
2010-08-04 22:53:03 —-DC—- C:WINDOWSAppPatch
2010-08-04 22:53:03 —-DC—- C:WINDOWSaddins
2010-08-04 22:53:03 —-DC—- C:WINDOWS
2010-08-04 22:53:03 —-D—- C:WINDOWSWinSxS
2010-08-04 22:53:03 —-D—- C:WINDOWStwain_32
2010-08-04 22:53:03 —-D—- C:WINDOWSTemp
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32wins
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32wbem
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32usmt
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32spool
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32ShellExt
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32Setup
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32ras
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32oobe
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32npp
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32mui
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32inetsrv
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32IME
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32icsxml
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32ias
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32export
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32driversetc
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32driversdisdn
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32drivers
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32dhcp
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32config
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem323com_dmi
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem323076
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem322052
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321054
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321049
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321042
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321041
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321037
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321033
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321031
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321028
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem321025
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem32
2010-08-04 22:53:03 —-D—- C:WINDOWSsystem
2010-08-04 22:53:03 —-D—- C:WINDOWSsecurity
2010-08-04 22:53:03 —-D—- C:WINDOWSResources
2010-08-04 22:53:03 —-D—- C:WINDOWSrepair
2010-08-04 22:53:03 —-D—- C:WINDOWSProvisioning
2010-08-04 22:53:03 —-D—- C:WINDOWSPeerNet
2010-08-04 22:53:03 —-D—- C:WINDOWSpchealth
2010-08-04 22:53:03 —-D—- C:WINDOWSmui
2010-08-04 22:53:03 —-D—- C:WINDOWSmsapps
2010-08-04 22:53:03 —-D—- C:WINDOWSmsagent
2010-08-04 22:53:03 —-D—- C:WINDOWSMedia
2010-08-04 22:53:03 —-D—- C:WINDOWSjava
2010-08-04 22:53:03 —-D—- C:WINDOWSime
2010-08-04 20:12:26 —-D—- C:WINDOWSsystem32Lang
2010-08-04 20:04:41 —-DC—- C:Documents and SettingsМаргоритаApplication DataYandex
2010-08-04 20:04:23 —-DC—- C:Documents and SettingsМаргоритаApplication DataMozilla
2010-08-04 19:52:44 —-A—- C:WINDOWSsystem32driverssplitter.sys
2010-08-04 19:52:40 —-A—- C:WINDOWSsystem32driverswdmaud.sys
2010-08-04 19:52:37 —-A—- C:WINDOWSsystem32driversDMusic.sys
2010-08-04 19:52:35 —-A—- C:WINDOWSsystem32driversswmidi.sys
2010-08-04 19:52:32 —-A—- C:WINDOWSsystem32driversaec.sys
2010-08-04 19:52:30 —-A—- C:WINDOWSsystem32driverskmixer.sys
2010-08-04 19:52:29 —-A—- C:WINDOWSsystem32driversdrmkaud.sys
2010-08-04 19:52:27 —-A—- C:WINDOWSsystem32driverssysaudio.sys
2010-08-04 19:52:25 —-A—- C:WINDOWSsystem32driversMSKSSRV.sys
2010-08-04 19:52:23 —-A—- C:WINDOWSsystem32driversMSPQM.sys
2010-08-04 19:52:20 —-A—- C:WINDOWSsystem32driversMSPCLOCK.sys
2010-08-04 19:52:13 —-A—- C:WINDOWSsystem32ksuser.dll
2010-08-04 19:52:13 —-A—- C:WINDOWSsystem32driversportcls.sys
2010-08-04 19:52:12 —-A—- C:WINDOWSsystem32driversdrmk.sys
2010-08-04 19:50:36 —-DC—- C:Program FilesMarvell
2010-08-04 19:50:06 —-DC—- C:Documents and SettingsМаргоритаApplication DataTMP
2010-08-04 19:47:04 —-A—- C:WINDOWSsystem32AdvrCntr2D6E0B790.dll
2010-08-04 19:45:46 —-DC—- C:Documents and SettingsМаргоритаApplication DataAhead
2010-08-04 19:45:25 —-DC—- C:Documents and SettingsAll UsersApplication DataAhead
2010-08-04 19:44:54 —-DC—- C:Documents and SettingsМаргоритаApplication DataAuslogics
2010-08-04 19:44:08 —-DC—- C:Program FilesNero
2010-08-04 19:44:08 —-DC—- C:Program FilesCommon FilesAhead
2010-08-04 19:44:08 —-DC—- C:Documents and SettingsAll UsersApplication DataNero
2010-08-04 19:43:57 —-DC—- C:Program FilesAuslogics
2010-08-04 19:43:34 —-D—- C:WINDOWSRegisteredPackages
2010-08-04 19:42:02 —-AC—- C:WINDOWSODBC.INI
2010-08-04 19:41:59 —-A—- C:WINDOWSsystem32mdimon.dll
2010-08-04 19:41:29 —-DC—- C:Program FilesMicrosoft.NET
2010-08-04 19:41:22 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2010-08-04 19:41:21 —-DC—- C:Program FilesCommon FilesDESIGNER
2010-08-04 19:41:09 —-D—- C:WINDOWSSHELLNEW
2010-08-04 19:41:04 —-DC—- C:Program FilesMicrosoft Office
2010-08-04 19:37:27 —-DC—- C:Documents and SettingsМаргоритаApplication DataWinRAR
2010-08-04 19:33:34 —-DC—- C:Program FilesMozilla Firefox
2010-08-04 19:33:15 —-DC—- C:Program FilesWinamp Detect
2010-08-04 19:33:06 —-DC—- C:Documents and SettingsAll UsersApplication DataAdobe
2010-08-04 19:33:04 —-A—- C:WINDOWSsystem32driversPxHelp20.sys
2010-08-04 19:33:04 —-A—- C:WINDOWSsystem32driverscdralw2k.sys
2010-08-04 19:33:04 —-A—- C:WINDOWSsystem32driverscdr4_xp.sys
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32vxblock.dll
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32pxwave.dll
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32pxsfs.dll
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32pxmas.dll
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32pxinsa64.exe
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32pxhpinst.exe
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32pxdrv.dll
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32pxcpya64.exe
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32pxafs.dll
2010-08-04 19:33:03 —-A—- C:WINDOWSsystem32px.dll
2010-08-04 19:33:00 —-DC—- C:Program FilesWinamp
2010-08-04 19:33:00 —-DC—- C:Documents and SettingsМаргоритаApplication DataWinamp
2010-08-04 19:32:55 —-DC—- C:Program FilesCommon FilesAdobe
2010-08-04 19:32:55 —-DC—- C:Program FilesAdobe
2010-08-04 19:32:11 —-AC—- C:WINDOWSavisplitter.ini
2010-08-04 19:32:11 —-A—- C:WINDOWSsystem32unrar.dll
2010-08-04 19:32:10 —-A—- C:WINDOWSsystem32yv12vfw.dll
2010-08-04 19:32:10 —-A—- C:WINDOWSsystem32xvidvfw.dll
2010-08-04 19:32:10 —-A—- C:WINDOWSsystem32xvidcore.dll
2010-08-04 19:32:09 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2010-08-04 19:32:08 —-A—- C:WINDOWSsystem32ff_vfw.dll
2010-08-04 19:32:07 —-DC—- C:Program FilesK-Lite Codec Pack
2010-08-04 19:31:32 —-DC—- C:Program FilesWinRAR
2010-08-04 19:27:35 —-D—- C:WINDOWSsystem32ReinstallBackups
2010-08-04 19:25:47 —-A—- C:WINDOWSsystem32ati2sgag.exe
2010-08-04 19:25:38 —-HDC—- C:Program FilesInstallShield Installation Information
2010-08-04 19:25:32 —-DC—- C:Program FilesCommon FilesInstallShield
2010-08-04 19:25:28 —-DC—- C:ATI
2010-08-04 19:21:50 —-HDC—- C:WINDOWS$NtUninstallKB923414$
2010-08-04 19:21:34 —-HDC—- C:WINDOWS$NtUninstallKB921883$
2010-08-04 19:21:15 —-HDC—- C:WINDOWS$NtUninstallKB920683$
2010-08-04 19:20:38 —-HDC—- C:WINDOWS$NtUninstallKB894391$
2010-08-04 19:20:35 —-HDC—- C:WINDOWS$hf_mig$
2010-08-04 19:19:43 —-HDC—- C:WINDOWS$MSI31Uninstall_KB893803v2$
2010-08-04 19:19:06 —-DC—- C:Documents and SettingsМаргоритаApplication DataICQ
2010-08-04 19:18:18 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2010-08-04 19:18:17 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2010-08-04 19:18:17 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2010-08-04 19:18:17 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2010-08-04 19:18:17 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2010-08-04 19:18:16 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2010-08-04 19:16:27 —-A—- C:WINDOWSsystem32driversUSBSTOR.SYS
2010-08-04 19:14:14 —-DC—- C:Documents and SettingsМаргоритаApplication DataIdentities
2010-08-04 19:14:12 —-HDC—- C:Program FilesUninstall Information
2010-08-04 19:13:57 —-SDC—- C:Documents and SettingsМаргоритаApplication DataMicrosoft
2010-08-04 19:13:57 —-ASH—- C:Documents and SettingsМаргоритаApplication Datadesktop.ini
2010-08-04 19:12:57 —-D—- C:WINDOWSSoftwareDistribution
2010-08-04 19:12:56 —-D—- C:WINDOWSPrefetch
2010-08-04 19:12:55 —-SD—- C:WINDOWSsystem32Microsoft
2010-08-04 19:09:41 —-DC—- C:Program Filesxerox
2010-08-04 19:09:41 —-DC—- C:Program Filesmicrosoft frontpage
2010-08-04 19:09:41 —-D—- C:WINDOWSsystem32xircom
2010-08-04 19:09:18 —-RASHC—- C:MSDOS.SYS
2010-08-04 19:09:18 —-RASHC—- C:IO.SYS
2010-08-04 19:09:18 —-AC—- C:WINDOWScontrol.ini
2010-08-04 19:09:18 —-AC—- C:CONFIG.SYS
2010-08-04 19:09:18 —-AC—- C:AUTOEXEC.BAT
2010-08-04 19:09:06 —-A—- C:WINDOWSsystem32mapi32.dll
2010-08-04 19:08:21 —-SDC—- C:WINDOWSDownloaded Program Files
2010-08-04 19:08:21 —-RD—- C:WINDOWSOffline Web Pages
2010-08-04 19:08:21 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2010-08-04 19:08:15 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2010-08-04 19:08:11 —-HDC—- C:Program FilesWindowsUpdate
2010-08-04 19:08:08 —-DC—- C:Program FilesOnline Services
2010-08-04 19:07:48 —-D—- C:WINDOWSsystem32DirectX
2010-08-04 19:07:24 —-A—- C:WINDOWSsystem32atrace.dll
2010-08-04 19:07:21 —-A—- C:WINDOWSsystem32desktop.ini
2010-08-04 19:07:21 —-A—- C:WINDOWSdesktop.ini
2010-08-04 19:07:14 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2010-08-04 19:07:13 —-A—- C:WINDOWSsystem32acctres.dll
2010-08-04 19:07:12 —-DC—- C:Program FilesCommon FilesServices
2010-08-04 19:07:09 —-SD—- C:WINDOWSTasks
2010-08-04 19:07:09 —-A—- C:WINDOWSsystem32icfgnt5.dll
2010-08-04 19:07:07 —-DC—- C:Program FilesCommon FilesMSSoap
2010-08-04 19:07:04 —-D—- C:WINDOWSsrchasst
2010-08-04 19:07:03 —-D—- C:WINDOWSsystem32Macromed
2010-08-04 19:07:00 —-A—- C:WINDOWSsystem32wuweb.dll
2010-08-04 19:07:00 —-A—- C:WINDOWSsystem32wups.dll
2010-08-04 19:07:00 —-A—- C:WINDOWSsystem32wucltui.dll
2010-08-04 19:07:00 —-A—- C:WINDOWSsystem32wuauserv.dll
2010-08-04 19:07:00 —-A—- C:WINDOWSsystem32wuaueng1.dll
2010-08-04 19:07:00 —-A—- C:WINDOWSsystem32wuaueng.dll
2010-08-04 19:06:59 —-A—- C:WINDOWSsystem32wuauclt1.exe
2010-08-04 19:06:59 —-A—- C:WINDOWSsystem32wuauclt.exe
2010-08-04 19:06:59 —-A—- C:WINDOWSsystem32wuapi.dll
2010-08-04 19:06:59 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2010-08-04 19:06:59 —-A—- C:WINDOWSsystem32qmgr.dll
2010-08-04 19:06:59 —-A—- C:WINDOWSsystem32bitsprx3.dll
2010-08-04 19:06:59 —-A—- C:WINDOWSsystem32bitsprx2.dll
2010-08-04 19:06:55 —-DC—- C:Program FilesMovie Maker
2010-08-04 19:06:51 —-A—- C:WINDOWSsystem32safrslv.dll
2010-08-04 19:06:51 —-A—- C:WINDOWSsystem32safrdm.dll
2010-08-04 19:06:51 —-A—- C:WINDOWSsystem32safrcdlg.dll
2010-08-04 19:06:51 —-A—- C:WINDOWSsystem32racpldlg.dll
2010-08-04 19:06:47 —-D—- C:WINDOWSsystem32Restore
2010-08-04 19:06:47 —-A—- C:WINDOWSsystem32srsvc.dll
2010-08-04 19:06:47 —-A—- C:WINDOWSsystem32srrstr.dll
2010-08-04 19:06:47 —-A—- C:WINDOWSsystem32fltMc.exe
2010-08-04 19:06:47 —-A—- C:WINDOWSsystem32fltlib.dll
2010-08-04 19:06:47 —-A—- C:WINDOWSsystem32driversfltMgr.sys
2010-08-04 19:06:46 —-A—- C:WINDOWSsystem32srclient.dll
2010-08-04 19:06:46 —-A—- C:WINDOWSsystem32mnmdd.dll
2010-08-04 19:06:46 —-A—- C:WINDOWSsystem32isrdbg32.dll
2010-08-04 19:06:46 —-A—- C:WINDOWSsystem32ils.dll
2010-08-04 19:06:46 —-A—- C:WINDOWSsystem32driverssr.sys
2010-08-04 19:06:45 —-A—- C:WINDOWSsystem32nmmkcert.dll
2010-08-04 19:06:45 —-A—- C:WINDOWSsystem32msconf.dll
2010-08-04 19:06:45 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2010-08-04 19:06:42 —-DC—- C:Program FilesNetMeeting
2010-08-04 19:06:42 —-A—- C:WINDOWSsystem32msoert2.dll
2010-08-04 19:06:42 —-A—- C:WINDOWSsystem32msoeacct.dll
2010-08-04 19:06:41 —-A—- C:WINDOWSsystem32inetres.dll
2010-08-04 19:06:41 —-A—- C:WINDOWSsystem32inetcomm.dll
2010-08-04 19:06:39 —-DC—- C:Program FilesOutlook Express
2010-08-04 19:06:39 —-A—- C:WINDOWSsystem32schedsvc.dll
2010-08-04 19:06:39 —-A—- C:WINDOWSsystem32mstinit.exe
2010-08-04 19:06:39 —-A—- C:WINDOWSsystem32mstask.dll
2010-08-04 19:06:38 —-A—- C:WINDOWSsystem32isign32.dll
2010-08-04 19:06:38 —-A—- C:WINDOWSsystem32inetcfg.dll
2010-08-04 19:06:38 —-A—- C:WINDOWSsystem32icwphbk.dll
2010-08-04 19:06:38 —-A—- C:WINDOWSsystem32icwdial.dll
2010-08-04 19:06:31 —-DC—- C:Program FilesCommon FilesSystem
2010-08-04 19:06:29 —-DC—- C:Program FilesInternet Explorer
2010-08-04 19:05:58 —-DC—- C:Program FilesComPlus Applications
2010-08-04 19:05:57 —-AC—- C:WINDOWSvbaddin.ini
2010-08-04 19:05:57 —-AC—- C:WINDOWSvb.ini
2010-08-04 19:05:53 —-D—- C:WINDOWSRegistration
2010-08-04 19:05:46 —-DC—- C:Program FilesWindows Media Player
2010-08-04 19:05:42 —-DC—- C:Program FilesMessenger
2010-08-04 19:05:38 —-DC—- C:Program FilesMSN Gaming Zone
2010-08-04 19:05:38 —-A—- C:WINDOWSsystem32write.exe
2010-08-04 19:05:25 —-A—- C:WINDOWSsystem32sndvol32.exe
2010-08-04 19:05:25 —-A—- C:WINDOWSsystem32hticons.dll
2010-08-04 19:05:25 —-A—- C:WINDOWSsystem32avwav.dll
2010-08-04 19:05:25 —-A—- C:WINDOWSsystem32avtapi.dll
2010-08-04 19:05:25 —-A—- C:WINDOWSsystem32avmeter.dll
2010-08-04 19:05:24 —-A—- C:WINDOWSsystem32winchat.exe
2010-08-04 19:05:15 —-A—- C:WINDOWSsystem32getuname.dll
2010-08-04 19:05:15 —-A—- C:WINDOWSsystem32charmap.exe
2010-08-04 19:05:15 —-A—- C:WINDOWSsystem32calc.exe
2010-08-04 19:05:14 —-A—- C:WINDOWSsystem32winmine.exe
2010-08-04 19:05:14 —-A—- C:WINDOWSsystem32sol.exe
2010-08-04 19:05:14 —-A—- C:WINDOWSsystem32mshearts.exe
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32usrlogon.cmd
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32tsshutdn.exe
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32tslabels.ini
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32tskill.exe
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32tsdiscon.exe
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32tscon.exe
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32shadow.exe
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32reset.exe
2010-08-04 19:05:13 —-A—- C:WINDOWSsystem32freecell.exe
2010-08-04 19:05:12 —-A—- C:WINDOWSsystem32rwinsta.exe
2010-08-04 19:05:12 —-A—- C:WINDOWSsystem32regini.exe
2010-08-04 19:05:12 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2010-08-04 19:05:12 —-A—- C:WINDOWSsystem32qwinsta.exe
2010-08-04 19:05:12 —-A—- C:WINDOWSsystem32qappsrv.exe
2010-08-04 19:05:12 —-A—- C:WINDOWSsystem32msg.exe
2010-08-04 19:05:12 —-A—- C:WINDOWSsystem32logoff.exe
2010-08-04 19:05:12 —-A—- C:WINDOWSsystem32cdmodem.dll
2010-08-04 19:05:11 —-A—- C:WINDOWSsystem32msdtcprf.ini
2010-08-04 19:05:11 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2010-08-04 19:05:10 —-A—- C:WINDOWSsystem32stclient.dll
2010-08-04 19:05:10 —-A—- C:WINDOWSsystem32mtxlegih.dll
2010-08-04 19:05:10 —-A—- C:WINDOWSsystem32mtxex.dll
2010-08-04 19:05:10 —-A—- C:WINDOWSsystem32mtxdm.dll
2010-08-04 19:05:10 —-A—- C:WINDOWSsystem32comsnap.dll
2010-08-04 19:05:10 —-A—- C:WINDOWSsystem32comrepl.dll
2010-08-04 19:05:10 —-A—- C:WINDOWSsystem32comaddin.dll
2010-08-04 19:05:03 —-A—- C:WINDOWSsystem32wmimgmt.msc
2010-08-04 19:05:02 —-A—- C:WINDOWSsystem32sndrec32.exe
2010-08-04 19:05:02 —-A—- C:WINDOWSsystem32mplay32.exe
2010-08-04 19:05:02 —-A—- C:WINDOWSsystem32hypertrm.dll
2010-08-04 19:05:02 —-A—- C:WINDOWSsystem32accwiz.exe
2010-08-04 19:05:01 —-DC—- C:Program FilesWindows NT
2010-08-04 19:05:01 —-A—- C:WINDOWSsystem32spider.exe
2010-08-04 19:05:01 —-A—- C:WINDOWSsystem32mspaint.exe
2010-08-04 19:05:01 —-A—- C:WINDOWSsystem32clipbrd.exe
2010-08-04 19:05:00 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2010-08-04 19:05:00 —-A—- C:WINDOWSsystem32mstscax.dll
2010-08-04 19:05:00 —-A—- C:WINDOWSsystem32driverstdtcp.sys
2010-08-04 19:05:00 —-A—- C:WINDOWSsystem32driverstdpipe.sys
2010-08-04 19:05:00 —-A—- C:WINDOWSsystem32driversrdpwd.sys
2010-08-04 19:04:59 —-A—- C:WINDOWSsystem32tscupgrd.exe
2010-08-04 19:04:59 —-A—- C:WINDOWSsystem32termsrv.dll
2010-08-04 19:04:59 —-A—- C:WINDOWSsystem32sessmgr.exe
2010-08-04 19:04:59 —-A—- C:WINDOWSsystem32remotepg.dll
2010-08-04 19:04:59 —-A—- C:WINDOWSsystem32rdshost.exe
2010-08-04 19:04:59 —-A—- C:WINDOWSsystem32rdsaddin.exe
2010-08-04 19:04:59 —-A—- C:WINDOWSsystem32rdchost.dll
2010-08-04 19:04:59 —-A—- C:WINDOWSsystem32mstsc.exe
2010-08-04 19:04:58 —-D—- C:WINDOWSsystem32MsDtc
2010-08-04 19:04:58 —-A—- C:WINDOWSsystem32rdpwsx.dll
2010-08-04 19:04:58 —-A—- C:WINDOWSsystem32rdpsnd.dll
2010-08-04 19:04:58 —-A—- C:WINDOWSsystem32rdpclip.exe
2010-08-04 19:04:58 —-A—- C:WINDOWSsystem32qprocess.exe
2010-08-04 19:04:58 —-A—- C:WINDOWSsystem32mtxoci.dll
2010-08-04 19:04:58 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2010-08-04 19:04:58 —-A—- C:WINDOWSsystem32icaapi.dll
2010-08-04 19:04:58 —-A—- C:WINDOWSsystem32cfgbkend.dll
2010-08-04 19:04:57 —-A—- C:WINDOWSsystem32xolehlp.dll
2010-08-04 19:04:57 —-A—- C:WINDOWSsystem32msdtctm.dll
2010-08-04 19:04:57 —-A—- C:WINDOWSsystem32msdtcprx.dll
2010-08-04 19:04:57 —-A—- C:WINDOWSsystem32msdtclog.dll
2010-08-04 19:04:57 —-A—- C:WINDOWSsystem32msdtc.exe
2010-08-04 19:04:56 —-D—- C:WINDOWSsystem32Com
2010-08-04 19:04:56 —-A—- C:WINDOWSsystem32colbact.dll
2010-08-04 19:04:56 —-A—- C:WINDOWSsystem32clbcatex.dll
2010-08-04 19:04:56 —-A—- C:WINDOWSsystem32catsrvut.dll
2010-08-04 19:04:56 —-A—- C:WINDOWSsystem32catsrvps.dll
2010-08-04 19:04:55 —-A—- C:WINDOWSsystem32comuid.dll
2010-08-04 19:04:55 —-A—- C:WINDOWSsystem32comsvcs.dll
2010-08-04 19:04:55 —-A—- C:WINDOWSsystem32clbcatq.dll
2010-08-04 19:04:55 —-A—- C:WINDOWSsystem32catsrv.dll
2010-08-04 19:04:48 —-A—- C:WINDOWSsystem32servdeps.dll
2010-08-04 19:04:48 —-A—- C:WINDOWSsystem32mmfutil.dll
2010-08-04 19:04:48 —-A—- C:WINDOWSsystem32licwmi.dll
2010-08-04 19:04:48 —-A—- C:WINDOWSsystem32cmprops.dll
2010-08-04 19:04:47 —-A—- C:WINDOWSsystem32driversrdpdr.sys
2010-08-04 19:04:46 —-A—- C:WINDOWSsystem32driverstermdd.sys

======List of files/folders modified in the last 1 months======

2010-08-27 08:51:41 —-C—- C:WINDOWSsystem.ini
2010-08-12 13:46:44 —-A—- C:WINDOWSsystem32VBAME.DLL
2010-08-12 13:46:43 —-A—- C:WINDOWSsystem32TwnLib4.dll
2010-08-12 13:46:43 —-A—- C:WINDOWSsystem32sqlsrv32.dll
2010-08-12 13:46:29 —-A—- C:WINDOWSsystem32RDOCURS.DLL
2010-08-12 13:46:19 —-A—- C:WINDOWSsystem32Oemdspif.dll
2010-08-12 13:46:19 —-A—- C:WINDOWSsystem32odbcbcp.dll
2010-08-12 13:46:15 —-A—- C:WINDOWSsystem32msvbvm50.dll
2010-08-12 13:46:15 —-A—- C:WINDOWSsystem32MSSTKPRP.DLL
2010-08-12 13:46:15 —-A—- C:WINDOWSsystem32MSSTDFMT.DLL
2010-08-12 13:46:14 —-A—- C:WINDOWSsystem32MSRDO20.DLL
2010-08-12 13:46:09 —-A—- C:WINDOWSsystem32MFC42RUS.DLL
2010-08-12 13:46:07 —-A—- C:WINDOWSsystem32jgsh400.dll
2010-08-12 13:46:05 —-A—- C:WINDOWSsystem32imagXRA7.dll
2010-08-12 13:46:04 —-A—- C:WINDOWSsystem32imagXR7.dll
2010-08-12 13:46:03 —-A—- C:WINDOWSsystem32imagX7.dll
2010-08-12 13:46:00 —-A—- C:WINDOWSsystem32driversati2erec.dll
2010-08-12 13:45:56 —-A—- C:WINDOWSsystem32dbnmpntw.dll
2010-08-12 13:45:56 —-A—- C:WINDOWSsystem32dbmsrpcn.dll
2010-08-12 13:45:49 —-A—- C:WINDOWSsystem32cliconfg.exe
2010-08-12 13:45:49 —-A—- C:WINDOWSsystem32cliconfg.dll
2010-08-12 13:45:45 —-A—- C:WINDOWSsystem32atioglxx.dll
2010-08-12 13:45:44 —-A—- C:WINDOWSsystem32atioglx1.dll
2010-08-12 13:45:44 —-A—- C:WINDOWSsystem32atiiiexx.dll
2010-08-12 13:45:44 —-A—- C:WINDOWSsystem32ATIDEMGX.dll
2010-08-12 13:45:44 —-A—- C:WINDOWSsystem32ATIDEMGR.dll
2010-08-12 13:45:44 —-A—- C:WINDOWSsystem32ATIDDC.DLL
2010-08-04 19:09:18 —-C—- C:WINDOWSwin.ini
2010-08-04 19:08:56 —-ASH—- C:WINDOWSfontsdesktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:WINDOWSSystem32driversprohlp02.sys [2004-04-08 70400]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:WINDOWSSystem32driversprosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; C:WINDOWSSystem32DriversPxHelp20.sys [2009-04-29 44944]
R0 sfhlp01;StarForce Protection Helper Driver; C:WINDOWSSystem32driverssfhlp01.sys [2003-12-01 4832]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-11-25 48560]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 prodrv06;StarForce Protection Environment Driver v6; C:WINDOWSSystem32driversprodrv06.sys [2004-04-08 54272]
R1 uzm5mjgy;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzm5mjgy.sys []
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-11-25 94160]
R2 fssfltr;FssFltr; C:WINDOWSsystem32DRIVERSfssfltr_tdi.sys [2010-04-28 54760]
R2 ithsgt;ithsgt; C:WINDOWSsystem32DRIVERSithsgt.sys [2010-08-16 162432]
R2 lilsgt;lilsgt; C:WINDOWSsystem32DRIVERSlilsgt.sys [2010-08-16 12032]
R2 mdmxsdk;mdmxsdk; C:WINDOWSsystem32DRIVERSmdmxsdk.sys [2004-08-04 11868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-09-24 4122368]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2007-03-03 1972224]
R3 catchme;catchme; ??C:ComboFixcatchme.sys []
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-20 9600]
R3 HSF_DP;HSF_DP; C:WINDOWSsystem32DRIVERSHSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:WINDOWSsystem32DRIVERSHSFBS2S2.sys [2004-08-04 220032]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-20 12160]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:WINDOWSsystem32DRIVERSHSFCXTS2.sys [2004-08-04 685056]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSsystem32DRIVERSyk51x86.sys [2007-12-28 285952]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; ??F:Новая папкасофтEVEREST Ultimate Edition 4.60.1601 BetaEVEREST Ultimate Edition 4.60.1601 Betakerneld.wnt []
S3 mbr;mbr; ??C:DOCUME~1A394~1LOCALS~1Tempmbr.sys []
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S4 dwshd;dwshd; C:WINDOWSSystem32driversdwshd.sys []
S4 sptd;sptd; C:WINDOWSSystem32Driverssptd.sys [2010-08-07 691696]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2007-03-03 446464]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 SeaPort;SeaPort; C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-01-14 226656]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2010-08-12 520192]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Family Safety Service; C:Program FilesWindows LiveFamily Safetyfsssvc.exe [2010-04-28 704872]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]

---

EOF

---

[Аноним]

info.txt logfile of random’s system information tool 1.08 2010-08-27 09:11:40

======Uninstall list======

—>C:Program FilesNeroNero 7\nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
µTorrent—>»C:Program FilesuTorrentuTorrent.exe» /UNINSTALL
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 9.3 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A93000000001}
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Auslogics BoostSpeed—>»C:Program FilesAuslogicsAuslogics BoostSpeedunins000.exe»
avast! Antivirus—>C:Program FilesAlwil SoftwareAvast4aswRunDll.exe «C:Program FilesAlwil SoftwareAvast4Setupsetiface.dll»,RunSetup
DAEMON Tools Toolbar—>C:Program FilesDAEMON Tools Toolbaruninst.exe
FlylinkDC++ r399 build 4168—>»C:FlylinkDC++unins000.exe»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 1.99.1—>D:softSyshijackHijackThis.exe /uninstall
ICQ7.2—>»C:Program FilesInstallShield Installation Information{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}ICQ7.exe» -runfromtemp -l0x0009 -removeonly
Junk Mail filter update—>MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
K-Lite Codec Pack 5.9.0 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
Marvell Miniport Driver—>MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 2.0 Client Service Pack 2 — Language Pack (RUS)—>MsiExec.exe /I{BC1FCEB6-E8AF-3169-A44E-0E5C70724DBC}
Microsoft .NET Framework 2.0 Client Service Pack 2—>MsiExec.exe /I{CAAFB8F9-F8D1-3D27-9AAA-6301A4429440}
Microsoft .NET Framework 3.0 Client Profile — Language Pack (RUS)—>MsiExec.exe /I{9FB54D8D-48EC-3839-97C4-2EBCEFBE6022}
Microsoft .NET Framework 3.0 Client Service Pack 2—>MsiExec.exe /I{1185566F-12ED-3EF0-89CC-38866DCE1EEE}
Microsoft .NET Framework 3.5 Client Profile — Language Pack (RUS)—>MsiExec.exe /I{045026E4-8B91-3AA4-9265-792F95049F3E}
Microsoft .NET Framework 3.5 Client Service Pack 1—>MsiExec.exe /I{D617A4DC-C915-3F25-BE43-57E5FD99B441}
Microsoft Choice Guard—>MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Office Live Add-in 1.3—>MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Search Enhancement Pack—>MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]—>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)—>MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)—>MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.5.11)—>D:softMozillauninstallhelper.exe
MSVCRT—>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nero 7 Premium—>MsiExec.exe /X{91C0B95B-B83A-4828-A775-BBE2DD421049}
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NewProduct 1.00—>D:GAMESMontesumaTreasures_Of_Montezuma2Uninstall.exe
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» -l0x19 -removeonly
Reg Organizer 5.0—>»D:softregReg Organizerunins000.exe»
Segoe UI—>MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Uniblue RegistryBooster 2009—>»C:Documents and SettingsAll UsersApplication Data{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}Uniblue RegistryBooster.exe» REMOVE=TRUE MODIFY=FALSE
Uniblue RegistryBooster 2009—>C:Documents and SettingsAll UsersApplication Data{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}Uniblue RegistryBooster.exe
Uniblue SpeedUpMyPC 2009—>»C:Documents and SettingsAll UsersApplication Data{C4C0E335-EDDF-46A0-A57D-F3802AE44275}speedupmypc2009.exe» REMOVE=TRUE MODIFY=FALSE
Uniblue SpeedUpMyPC 2009—>C:Documents and SettingsAll UsersApplication Data{C4C0E335-EDDF-46A0-A57D-F3802AE44275}speedupmypc2009.exe
VCRedistSetup—>MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VLC media player 1.0.5—>D:softМДС PLAYERVLCuninstall.exe
Winamp—>»C:Program FilesWinampUninstWA.exe»
Windows Imaging Component—>»C:WINDOWS$NtUninstallWIC$spuninstspuninst.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Live Call—>MsiExec.exe /I{E6158D07-2637-4ECF-B576-37C489669174}
Windows Live Communications Platform—>MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials—>C:Program FilesWindows LiveInstallerwlarp.exe
Windows Live Essentials—>MsiExec.exe /I{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}
Windows Live Family Safety—>MsiExec.exe /X{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}
Windows Live Mail—>MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}
Windows Live Messenger—>MsiExec.exe /X{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}
Windows Live Photo Gallery—>MsiExec.exe /X{EE39FFBD-544E-49E4-A999-6819828EAE91}
Windows Live Sign-in Assistant—>MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Sync—>MsiExec.exe /X{B10914FD-8812-47A4-85A1-50FCDE7F1F33}
Windows Live Toolbar—>MsiExec.exe /X{1BD07DF4-FB06-41BA-B896-B2DA59000C96}
Windows Live Upload Tool—>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer—>MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Player 10—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Бесконечное путешествие—>C:WINDOWSIsUninstR.Exe -fd:games9B02~1DeIsL1.isu -cd:games9B02~1TLJ_RE~1.DLL
Обновление безопасности для Windows XP (KB920683)—>»C:WINDOWS$NtUninstallKB920683$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB921883)—>»C:WINDOWS$NtUninstallKB921883$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923414)—>»C:WINDOWS$NtUninstallKB923414$spuninstspuninst.exe»
Обновление для Windows XP (KB894391)—>»C:WINDOWS$NtUninstallKB894391$spuninstspuninst.exe»
Сократ Персональный 4.1—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9CD789E2-B7CE-11D5-B7E9-00A0C9449F99}setup.exe»
Яндекс.Бар 5.0 для Internet Explorer—>MsiExec.exe /X{B1D8E65E-B8A2-48E4-90CF-34151C37EB45}

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100826-1]

======System event log======

Computer Name: MARGO7
Event Code: 7036
Message: Служба «Совместимость быстрого переключения пользователей» перешла в состояние Работает.

Record Number: 1944
Source Name: Service Control Manager
Time Written: 20100820093719.000000+240
Event Type: информация
User:

Computer Name: MARGO7
Event Code: 7035
Message: Служба «Совместимость быстрого переключения пользователей» успешно отправила управляющий элемент «запустить».

Record Number: 1943
Source Name: Service Control Manager
Time Written: 20100820093719.000000+240
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: MARGO7
Event Code: 7036
Message: Служба «Службы терминалов» перешла в состояние Работает.

Record Number: 1942
Source Name: Service Control Manager
Time Written: 20100820093719.000000+240
Event Type: информация
User:

Computer Name: MARGO7
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 1941
Source Name: EventLog
Time Written: 20100820093658.000000+240
Event Type: информация
User:

Computer Name: MARGO7
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 1940
Source Name: EventLog
Time Written: 20100820093658.000000+240
Event Type: информация
User:

=====Application event log=====

Computer Name: MARGO7
Event Code: 100
Message: wuauclt (3840) Ядро базы данных 5.01.2600.2180 запущено.

Record Number: 5
Source Name: ESENT
Time Written: 20100812133920.000000+240
Event Type: информация
User:

Computer Name: MARGO7
Event Code: 1800
Message: Служба центра обеспечения безопасности Windows запущена.

Record Number: 4
Source Name: SecurityCenter
Time Written: 20100812133836.000000+240
Event Type: информация
User:

Computer Name: MARGO7
Event Code: 0
Message:
Record Number: 3
Source Name: NMIndexingService
Time Written: 20100812133836.000000+240
Event Type: информация
User:

Computer Name: MARGO7
Event Code: 105
Message: The service was started.

Record Number: 2
Source Name: ATI Smart
Time Written: 20100812133825.000000+240
Event Type: информация
User:

Computer Name: MARGO7
Event Code: 1517
Message: Реестр пользователя MARGO7Маргорита был сохранен в то время, как приложение или служба продолжали использовать его во время выхода из системы. Используемая реестром пользователя память не была освобождена. Реестр будет выгружен, когда он не будет использоваться.

Возможная причина — службы, выполняемые от имени пользователя. Попробуйте изменить настройку служб и задать их выполнение с учетными записями LocalService или NetworkService.

Record Number: 1
Source Name: Userenv
Time Written: 20100812133701.000000+240
Event Type: предупреждение
User: NT AUTHORITYSYSTEM

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 4 Stepping 3, GenuineIntel
«PROCESSOR_REVISION»=0403
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Опишите пожалуйста подробнее ваши проблемы с компьютером.
Вижу вы запускали Combofix, запустите программу ещё раз и приложите лог к вашему сообщению.

[Автор]

Сообщения