- This topic has 9 ответов, 3 участника, and was last updated 15 years, 10 months назад by
.
-
Сообщения
-
Здраствуйте!На рабочем столе появился ярлык Rapid antivirus!Скачала как было написано на сайте Malwarebytes’ Anti-Malware, он удалил и его и все зараженные файлы. Вроде все стало нормально на какое то время.А при перезагрузке он появлялся вновь.И так раз пять его он находил и удалял,а потом все сначала.Появляется и всё. Еще обнаружила ярлык запуска rapida в подпапке Автозагрузка в папке Программы.Мне кажется где то затаился keylogger,nod его находил и типа удалял и так несколько раз.Как с ними боротся теперь не знаю.
Здраствуйте Выполните эти правила
Вот результаты сканирования сканирования RSIT:
info.txt logfile of random’s system information tool 1.06 2009-03-27 23:04:50
======Uninstall list======
—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {744C859F-C225-48A9-A524-4DED432F36C7}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
«Мир Фэнтези»—>»C:Program FilesEleFun DesktopsАнимированные ОбоиМир Фэнтезиunins000.exe»
50 FREE MP3s +1 Free Audiobook!—>»C:Program FilesWinampeMusicUninst-eMusic-promotion.exe»
ABBYY FineReader 8.0 Professional Edition—>MsiExec.exe /I{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}
ACDSee 10 Photo Manager—>MsiExec.exe /I{F8B98EB6-FC06-45BF-87D4-9784E0408611}
Adobe Anchor Service CS3—>MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3—>MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Camera Raw 4.0—>MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps—>MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color — Photoshop Specific—>MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings—>MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings—>MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings—>MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings—>MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3—>MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Fonts All—>MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Linguistics CS3—>MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files—>MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3—>C:Program FilesCommon FilesAdobeInstallers719d6f144d0c086a0dfa7ff76bb9ac1Setup.exe
Adobe Photoshop CS3—>MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Setup—>MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Type Support—>MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3—>MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client—>MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin—>MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3—>MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Alive Video Converter (version 3.1.9.2)—>»C:Program FilesAliveMediaVideo Converterunins000.exe»
Beauty Guide Lite 1.0—>»C:Program FilesBeauty Guideunins000.exe»
Canon MF Toolbox 4.9.1.1.mf05—>MsiExec.exe /X{943D534F-B17D-4D52-9AC4-AE8DE38D3BF4}
Dealio Toolbar 3.4—>MsiExec.exe /X{6105648C-0C3C-481D-8C11-1F4952D6FB53}
Download Master version 5.5.10.1163—>»C:Program FilesDownload Masterunins000.exe»
Foxit Reader—>MsiExec.exe /I{376DA9DC-71B3-4AB7-A80C-8ED02A736172}
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
ICQ6.5—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Codec Pack 3.8.5 Full—>»C:Program FilesK-Lite Codec Packunins000.exe»
KMPlayer 2.9.3.1430—>»C:Program FilesThe KMPlayerunins000.exe»
Mail.Ru Агент 5.0—>C:Program FilesMail.RuAgentUninstall.exe
Malwarebytes’ Anti-Malware—>»C:Program FilesMalwarebytes’ Anti-Malwareunins000.exe»
Marvell Miniport Driver—>MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 2.0 Service Pack 1—>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Standard 2007—>MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Office Стандартный 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall STANDARD /dll OSETUP.DLL
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.7)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 6—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
NVIDIA Drivers—>C:WINDOWSsystem32nvuninst.exe UninstallGUI
Opera 9.64—>MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
PDF Settings—>MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Plato Video To 3GP Converter 3.61—>»C:Program FilesPlato Video To 3GP Converterunins000.exe»
PROMT Expert 8 Giant Try-Buy—>MsiExec.exe /I{A4F761F7-FBC8-49BF-BC37-15550C3EAA85}
Punto Switcher 2.96—>»C:Program FilesPunto Switcherunins000.exe»
Punto Switcher 3.0—>C:Program FilesPunto Switcheruninstall.exe
Rambler-Ассистент—>»C:Program FilesRambler Assistantuninstall.exe»
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» REMOVE
Search Settings 1.2—>MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Shockwave Player—>MsiExec.exe /X{103906AD-C60E-4E65-BC84-CE980D19CE41}
Unlocker 1.8.7—>C:Program FilesUnlockeruninst.exe
VIA Диспетчер устройств платформы—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Vit Registry Fix 5.3—>C:Program FilesVitSoftVit Registry FixUninstall.exe
VKLife 1.8—>»C:VKLifeunins000.exe»
Winamp Toolbar—>»C:Program FilesWinamp Toolbaruninstall.exe»
Winamp—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Yahoo! Messenger—>C:PROGRA~1Yahoo!MESSEN~1UNWISE.EXE /U C:PROGRA~1Yahoo!MESSEN~1INSTALL.LOG
Yahoo! Toolbar—>C:PROGRA~1Yahoo!Commonunyt.exe
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Обновление безопасности для Windows XP — (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464-v2)—>»C:WINDOWS$NtUninstallKB938464-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958215)—>»C:WINDOWS$NtUninstallKB958215$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960714)—>»C:WINDOWS$NtUninstallKB960714$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление для Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»
Серия Canon MF4010—>»C:WINDOWSsystem32CanonMF Uninstaller Information{900A29A0-52BA-4a78-8E6C-5F4F821397CE}miscDelDrv.exe» /U:{900A29A0-52BA-4a78-8E6C-5F4F821397CE} /L0x0000======Security center information======
AV: Kaspersky Anti-Virus (disabled)
AV: ESET NOD32 Antivirus 4.0======System event log======
Computer Name: USER-8E5BA56719
Event Code: 7036
Message: Служба «Обозреватель компьютеров» перешла в состояние Остановлена.Record Number: 880
Source Name: Service Control Manager
Time Written: 20090315041147.000000+240
Event Type: информация
User:Computer Name: USER-8E5BA56719
Event Code: 7036
Message: Служба «Диспетчер подключений удаленного доступа» перешла в состояние Работает.Record Number: 879
Source Name: Service Control Manager
Time Written: 20090315041145.000000+240
Event Type: информация
User:Computer Name: USER-8E5BA56719
Event Code: 7036
Message: Служба «Служба шлюза уровня приложения» перешла в состояние Работает.Record Number: 878
Source Name: Service Control Manager
Time Written: 20090315041145.000000+240
Event Type: информация
User:Computer Name: USER-8E5BA56719
Event Code: 7035
Message: Служба «Служба шлюза уровня приложения» успешно отправила управляющий элемент «запустить».Record Number: 877
Source Name: Service Control Manager
Time Written: 20090315041145.000000+240
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: USER-8E5BA56719
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Работает.Record Number: 876
Source Name: Service Control Manager
Time Written: 20090315041145.000000+240
Event Type: информация
User:=====Application event log=====
Computer Name: USER-8E5BA56719
Event Code: 102
Message: wuaueng.dll (2364) SUS20ClientDataStore: Ядро базы данных запустило новый экземпляр (0).Record Number: 327
Source Name: ESENT
Time Written: 20090319173828.000000+240
Event Type: информация
User:Computer Name: USER-8E5BA56719
Event Code: 100
Message: wuauclt (2364) Ядро базы данных 5.01.2600.2180 запущено.Record Number: 326
Source Name: ESENT
Time Written: 20090319173828.000000+240
Event Type: информация
User:Computer Name: USER-8E5BA56719
Event Code: 1800
Message: Служба центра обеспечения безопасности Windows запущена.Record Number: 325
Source Name: SecurityCenter
Time Written: 20090319173742.000000+240
Event Type: информация
User:Computer Name: USER-8E5BA56719
Event Code: 1517
Message: Реестр пользователя USER-8E5BA56719Оля был сохранен в то время, как приложение или служба продолжали использовать его во время выхода из системы. Используемая реестром пользователя память не была освобождена. Реестр будет выгружен, когда он не будет использоваться.Возможная причина — службы, выполняемые от имени пользователя. Попробуйте изменить настройку служб и задать их выполнение с учетными записями LocalService или NetworkService.
Record Number: 324
Source Name: Userenv
Time Written: 20090319043040.000000+240
Event Type: предупреждение
User: NT AUTHORITYSYSTEMComputer Name: USER-8E5BA56719
Event Code: 1000
Message: Ошибка приложения opera.exe, версия 9.64.10487.0, модуль npswf32.dll, версия 9.0.45.0, адрес 0x000ad850.Record Number: 323
Source Name: Application Error
Time Written: 20090319025622.000000+240
Event Type: ошибка
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 4 Stepping 3, GenuineIntel
«PROCESSOR_REVISION»=0403
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
log.txt
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Оля at 2009-03-27 23:04:32
Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (47%) free of 20 GB
Total RAM: 1023 MB (47% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:04:47, on 27.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C:Program FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesWinampwinampa.exe
C:Program FilesCommon FilesACD SystemsENDevDetect.exe
C:Program FilesSearch SettingsSearchSettings.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesICQ6.5ICQ.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:Program FilesYahoo!MessengerYahooMessenger.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:VKLifeVKLife.exe
C:WINDOWSsystem32NOTEPAD.EXE
C:Program FilesWinampwinamp.exe
C:DownloadsПрограммыRSIT.exe
C:Program Filestrend microОля.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {95289393-33EA-4F8D-B952-483415B9C955} — C:Documents and SettingsОляApplication DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: Winamp Search Class — {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} — C:Program FilesWinamp Toolbarwinamptb.dll
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
R3 — URLSearchHook: SearchSettings Class — {E312764E-7706-43F1-8DAB-FCDD2B1E416D} — C:Program FilesSearch Settingskb127SearchSettings.dll
O2 — BHO: &Yahoo! Toolbar Helper — {02478D38-C3F9-4efb-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: Winamp Toolbar Loader — {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} — C:Program FilesWinamp Toolbarwinamptb.dll
O2 — BHO: DealioBHO Class — {6A87B991-A31F-4130-AE72-6D0C294BF082} — C:Program FilesDealiokb127Dealio.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: fidlibP — {899F95AF-4232-4CE0-80CD-93CA263FA7E5} — (no file)
O2 — BHO: QIPBHO — {95289393-33EA-4F8D-B952-483415B9C955} — C:Documents and SettingsОляApplication DataMicrosoftInternet Explorerqipsearchbar.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: SearchSettings Class — {E312764E-7706-43F1-8DAB-FCDD2B1E416D} — C:Program FilesSearch Settingskb127SearchSettings.dll
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [UnlockerAssistant] «C:Program FilesUnlockerUnlockerAssistant.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [Device Detector] DevDetect.exe -autorun
O4 — HKLM..Run: [au] C:Program FilesDealioDealioAU.exe
O4 — HKLM..Run: [SearchSettings] C:Program FilesSearch SettingsSearchSettings.exe
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKCU..Run: [Messenger (Yahoo!)] «C:Program FilesYahoo!MessengerYahooMessenger.exe» -quiet
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Rapid Antivirus.lnk = ?
O8 — Extra context menu item: &Winamp Search — C:Documents and SettingsAll UsersApplication DataWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Compare Prices with &Dealio — C:Documents and SettingsОляApplication DataDealiokb127resDealioSearch.html
O8 — Extra context menu item: Добавить в Rambler-Закладки — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/zakladki.htm
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Опубликовать в Дневнике — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/planet.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Dealio — {E908B145-C847-4e85-B315-07E2E70DECF8} — C:Program FilesDealiokb127Dealio.dll
O9 — Extra ‘Tools’ menuitem: Dealio — {E908B145-C847-4e85-B315-07E2E70DECF8} — C:Program FilesDealiokb127Dealio.dll
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{3F67D6A8-C7D5-487C-B29A-899DFA5FDCC7}: NameServer = 62.213.0.12,62.213.2.1
O17 — HKLMSystemCCSServicesTcpip..{D42DE46C-7AD1-42AE-836C-5C5B40D90A2C}: NameServer = 62.213.0.12 62.213.2.1
O17 — HKLMSystemCS1ServicesTcpip..{3F67D6A8-C7D5-487C-B29A-899DFA5FDCC7}: NameServer = 62.213.0.12,62.213.2.1
O17 — HKLMSystemCS2ServicesTcpip..{3F67D6A8-C7D5-487C-B29A-899DFA5FDCC7}: NameServer = 62.213.0.12,62.213.2.1
O20 — AppInit_DLLs: C:WINDOWSsystem32mmmlubkn.dll
O23 — Service: ESET HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: ESET Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 9195 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2007-05-31 808472][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader — C:Program FilesWinamp Toolbarwinamptb.dll [2009-02-20 1262888][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6A87B991-A31F-4130-AE72-6D0C294BF082}]
DealioBHO Class — C:Program FilesDealiokb127Dealio.dll [2008-05-26 3170144][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{899F95AF-4232-4CE0-80CD-93CA263FA7E5}]
ALAC Media Provider[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class — C:Documents and SettingsОляApplication DataMicrosoftInternet Explorerqipsearchbar.dll [2009-02-12 119808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2009-03-06 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class — C:Program FilesSearch Settingskb127SearchSettings.dll [2008-06-12 1111904][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-04-15 77824]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2006-01-12 155648]
«UnlockerAssistant»=C:Program FilesUnlockerUnlockerAssistant.exe [2008-05-02 15872]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-05-03 13529088]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2008-05-03 86016]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2009-02-26 37888]
«Device Detector»=DevDetect.exe -autorun []
«au»=C:Program FilesDealioDealioAU.exe [2008-05-26 595296]
«SearchSettings»=C:Program FilesSearch SettingsSearchSettings.exe [2008-06-12 991584]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2009-02-06 2021400][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2009-03-19 3776512]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-03-01 172792]
«Messenger (Yahoo!)»=C:Program FilesYahoo!MessengerYahooMessenger.exe [2009-02-18 4363504]C:Documents and SettingsОляГлавное менюПрограммыАвтозагрузка
Rapid Antivirus.lnk — C:Program FilesRapid AntivirusRapid Antivirus.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:WINDOWSsystem32mmmlubkn.dll»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Documents and SettingsОляLocal SettingsTempwJQs.exe»=»C:Documents and SettingsОляLocal SettingsTempwJQs.exe:*:Enabled:ENABLE»
«C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe»=»C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32MsiExec.exe»=»C:WINDOWSsystem32MsiExec.exe:*:Enabled:ENABLE»
«C:WINDOWSexplorer.exe»=»C:WINDOWSexplorer.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32dumprep.exe»=»C:WINDOWSsystem32dumprep.exe:*:Enabled:ENABLE»
«C:WINDOWSpchealthhelpctrbinariesHelpCtr.exe»=»C:WINDOWSpchealthhelpctrbinariesHelpCtr.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32userinit.exe»=»C:WINDOWSsystem32userinit.exe:*:Enabled:ENABLE»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBNB0.tmp»=»C:Documents and SettingsОляLocal SettingsTempBNB0.tmp:*:Enabled:ENABLE»
«C:Documents and SettingsОляindgbbxgnqqdsdlldvggv.exe»=»C:Documents and SettingsОляindgbbxgnqqdsdlldvggv.exe:*:Enabled:ENABLE»
«C:Program FilesMalwarebytes’ Anti-Malwarembam.exe»=»C:Program FilesMalwarebytes’ Anti-Malwarembam.exe:*:Enabled:ENABLE»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ENABLE»
«C:Program FilesYahoo!MessengerYahooMessenger.exe»=»C:Program FilesYahoo!MessengerYahooMessenger.exe:*:Enabled:ENABLE»
«C:Program FilesInternet ExplorerIEXPLORE.EXE»=»C:Program FilesInternet ExplorerIEXPLORE.EXE:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBN38.tmp»=»C:Documents and SettingsОляLocal SettingsTempBN38.tmp:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBN1566.tmp»=»C:Documents and SettingsОляLocal SettingsTempBN1566.tmp:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBN21FE.tmp»=»C:Documents and SettingsОляLocal SettingsTempBN21FE.tmp:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBN29EE.tmp»=»C:Documents and SettingsОляLocal SettingsTempBN29EE.tmp:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBN2C17.tmp»=»C:Documents and SettingsОляLocal SettingsTempBN2C17.tmp:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBN3ADC.tmp»=»C:Documents and SettingsОляLocal SettingsTempBN3ADC.tmp:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBN43C4.tmp»=»C:Documents and SettingsОляLocal SettingsTempBN43C4.tmp:*:Enabled:ENABLE»
«C:Program FilesMozilla Firefoxfirefox.exe»=»C:Program FilesMozilla Firefoxfirefox.exe:*:Enabled:ENABLE»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-03-27 23:04:32 —-D—- C:rsit
2009-03-27 23:04:32 —-D—- C:Program Filestrend micro
2009-03-26 22:19:57 —-D—- C:Documents and SettingsОляApplication Dataelefundesktops
2009-03-26 22:14:43 —-D—- C:Program FilesEleFun Desktops
2009-03-26 22:05:25 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-03-26 22:04:11 —-D—- C:Program FilesAlawar.ru
2009-03-26 17:02:13 —-A—- C:WINDOWSsystem32tmp.txt
2009-03-26 17:02:02 —-A—- C:rapport.txt
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32WS2Fix.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32VCCLSID.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32VACFix.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32swxcacls.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32swsc.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32swreg.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32SrchSTS.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32Process.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32o4Patch.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32IEDFix.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32IEDFix.C.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32dumphive.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32Agent.OMZ.Fix.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32404Fix.exe
2009-03-26 17:00:14 —-A—- C:WINDOWSntbtlog.txt
2009-03-26 16:39:25 —-D—- C:Documents and SettingsОляApplication Dataanv51
2009-03-26 03:00:28 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-03-26 03:00:21 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-03-26 03:00:13 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-03-26 03:00:07 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-03-26 02:59:57 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-26 02:15:08 —-D—- C:Documents and SettingsОляApplication DataanvA4
2009-03-26 00:44:29 —-D—- C:Documents and SettingsОляApplication DataMalwarebytes
2009-03-26 00:44:23 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-03-26 00:44:23 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-03-26 00:16:43 —-D—- C:VKLife
2009-03-26 00:06:33 —-D—- C:Documents and SettingsОляApplication Dataanv27
2009-03-26 00:04:30 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-03-25 23:59:12 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-03-25 23:59:07 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-03-25 23:59:01 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-03-25 23:58:48 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-03-25 23:58:37 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-03-25 23:58:29 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-03-25 23:58:24 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-03-25 23:58:18 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-03-25 23:58:14 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2009-03-25 23:57:43 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-03-25 23:57:36 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-03-25 23:57:31 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-03-25 23:57:26 —-HDC—- C:WINDOWS$NtUninstallKB923689$
2009-03-25 23:56:49 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-03-25 23:56:44 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-03-25 23:56:36 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-03-25 23:56:31 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2009-03-25 23:56:25 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-03-25 23:56:20 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-25 23:56:11 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-03-25 23:56:05 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-03-25 23:56:00 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-03-25 23:55:54 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-03-25 23:55:49 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-03-25 23:55:45 —-D—- C:Program FilesMSXML 4.0
2009-03-25 23:55:37 —-HDC—- C:WINDOWS$NtUninstallKB944338-v2$
2009-03-25 23:32:27 —-D—- C:WINDOWSsystem32PreInstall
2009-03-25 23:32:27 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-03-25 23:32:25 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-03-25 23:32:25 —-HD—- C:WINDOWS$hf_mig$
2009-03-25 23:26:50 —-D—- C:Documents and SettingsОляApplication DataanvB3
2009-03-25 22:50:21 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-03-25 22:12:28 —-A—- C:WINDOWSEurekaLog.ini
2009-03-25 22:12:19 —-D—- C:Documents and SettingsОляApplication DataanvB
2009-03-25 21:50:46 —-D—- C:Documents and SettingsОляApplication DataanvEE
2009-03-25 20:42:46 —-D—- C:Documents and SettingsОляApplication Dataanv62
2009-03-25 02:37:07 —-D—- C:Documents and SettingsОляApplication DataSearch Settings
2009-03-25 01:26:56 —-D—- C:Documents and SettingsОляApplication DataanvCE
2009-03-25 01:25:22 —-A—- C:WINDOWSsystem32search_fid.txt
2009-03-25 01:15:42 —-D—- C:WINDOWSsystem32appmgmt
2009-03-25 01:15:07 —-D—- C:Program FilesKaspersky Lab
2009-03-25 00:56:46 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-03-24 04:08:47 —-D—- C:Program FilesAliveMedia
2009-03-24 03:42:47 —-D—- C:Program FilesSearch Settings
2009-03-24 03:42:37 —-D—- C:Program FilesDealio
2009-03-24 03:42:34 —-D—- C:Documents and SettingsОляApplication DataDealio
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32WMAFile.dll
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32AudPlayer.dll
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32AudioVisu.dll
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32AudioRecord.dll
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32AudioInfos.dll
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32VB6FR.DLL
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32TABCTFR.DLL
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32inetfr.DLL
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32AudFile.dll
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32AudDisplay.dll
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32AudDesign.dll
2009-03-24 03:41:47 —-A—- C:WINDOWSsystem32MSCMCFR.DLL
2009-03-24 03:41:47 —-A—- C:WINDOWSsystem32Mscc2fr.dll
2009-03-24 03:41:47 —-A—- C:WINDOWSsystem32CMDLGFR.DLL
2009-03-24 03:41:46 —-D—- C:Program FilesFree Audio Pack
2009-03-24 03:24:13 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-03-24 03:16:53 —-A—- C:WINDOWSsystem32viscomwave.dll
2009-03-24 03:16:53 —-A—- C:WINDOWSsystem32viscomqtde.dll
2009-03-24 03:16:53 —-A—- C:WINDOWSsystem32SkinCrafter.dll
2009-03-24 03:16:49 —-D—- C:Program FilesPlato Video To 3GP Converter
2009-03-19 18:28:17 —-D—- C:Documents and SettingsОляApplication DataYahoo!
2009-03-19 18:28:17 —-D—- C:Documents and SettingsAll UsersApplication DataYahoo! Companion
2009-03-13 20:17:44 —-D—- C:Documents and SettingsAll UsersApplication DataApple Computer
2009-03-13 14:22:47 —-D—- C:Program FilesHaali
2009-03-13 14:21:37 —-D—- C:Documents and SettingsAll UsersApplication DataVideoConverter
2009-03-13 03:52:53 —-A—- C:WINDOWSsystem32wmv8dmod.dll
2009-03-13 03:52:43 —-A—- C:WINDOWSsystem32NCTAudioRecord2.dll
2009-03-13 03:52:43 —-A—- C:WINDOWSsystem32NCTAudioPlayer2.dll
2009-03-13 03:52:43 —-A—- C:WINDOWSsystem32NCTAudioLibrary.dll
2009-03-13 03:52:43 —-A—- C:WINDOWSsystem32NCTAudioInformation.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTWMAFile2.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTAudioVisualization2.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTAudioGrabber.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTAudioFile2.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTAudioFile.dll
2009-03-13 03:52:36 —-A—- C:WINDOWSsystem32VB6STKIT.DLL
2009-03-13 03:52:32 —-A—- C:WINDOWSsystem32mpg4c32.dll
2009-03-13 03:52:31 —-D—- C:Program FilesSetup
2009-03-13 03:37:08 —-D—- C:Documents and SettingsОляApplication DataMedia Player Classic
2009-03-11 22:54:17 —-A—- C:WINDOWSsystem32wmpns.dll
2009-03-10 21:40:27 —-D—- C:Documents and SettingsОляApplication DataACD Systems
2009-03-10 21:40:02 —-D—- C:Documents and SettingsAll UsersApplication DataACD Systems
2009-03-10 21:39:58 —-D—- C:Program FilesCommon FilesACD Systems
2009-03-10 21:39:58 —-D—- C:Program FilesACD Systems
2009-03-10 20:02:15 —-D—- C:Documents and SettingsОляApplication DataBeautyGuide
2009-03-10 19:56:49 —-D—- C:Program FilesTwo Pilots
2009-03-10 19:56:48 —-D—- C:Program FilesBeauty Guide
2009-03-10 18:22:23 —-D—- C:Documents and SettingsAll UsersApplication DataYahoo!
2009-03-10 18:22:22 —-D—- C:Program FilesYahoo!
2009-03-10 18:19:38 —-D—- C:Downloads
2009-03-09 01:19:21 —-A—- C:WINDOWSsystem32df;yj.txt
2009-03-09 00:43:01 —-D—- C:Program FilesQIP Infium
2009-03-09 00:13:13 —-D—- C:Documents and SettingsОляApplication Datarambler.ru
2009-03-09 00:13:09 —-D—- C:Program FilesRambler Assistant
2009-03-09 00:13:08 —-D—- C:Documents and SettingsОляApplication DataMozilla
2009-03-09 00:12:10 —-D—- C:Documents and SettingsОляApplication DataICQ
2009-03-09 00:11:45 —-D—- C:Program FilesICQ6.5
2009-03-08 23:46:16 —-D—- C:Documents and SettingsОляApplication DataQIP
2009-03-08 23:23:09 —-D—- C:Documents and SettingsОляApplication DataWinRAR
2009-03-08 17:39:02 —-A—- C:WINDOWSsystem32h323log.txt
2009-03-08 17:37:06 —-A—- C:WINDOWSsystem32usbui.dll
2009-03-08 17:36:12 —-A—- C:WINDOWSimsins.BAK
2009-03-08 17:36:09 —-SHD—- C:WINDOWSInstaller
2009-03-08 17:36:09 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-08 17:36:08 —-D—- C:Program FilesCommon FilesODBC
2009-03-08 17:36:08 —-A—- C:WINDOWSODBCINST.INI
2009-03-08 17:36:05 —-RD—- C:Program Files
2009-03-08 17:36:05 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-03-08 17:36:05 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-03-08 17:36:05 —-D—- C:Program FilesCommon Files
2009-03-08 17:36:02 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-03-08 17:36:02 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-03-08 17:36:02 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdur.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-03-08 17:35:51 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-03-08 17:35:51 —-A—- C:WINDOWSsystem32irclass.dll
2009-03-08 17:35:51 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-03-08 17:35:51 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-03-08 17:35:50 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-03-08 17:35:48 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-03-08 17:35:48 —-A—- C:WINDOWSTASKMAN.EXE
2009-03-08 17:35:48 —-A—- C:WINDOWSsystem32batt.dll
2009-03-08 17:35:47 —-A—- C:WINDOWSnotepad.exe
2009-03-08 17:35:46 —-A—- C:WINDOWSsystem32storprop.dll
2009-03-08 17:35:39 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-03-08 17:35:34 —-RA—- C:WINDOWSSET8.tmp
2009-03-08 17:35:32 —-RA—- C:WINDOWSSET4.tmp
2009-03-08 17:35:31 —-RA—- C:WINDOWSSET3.tmp
2009-03-08 17:35:26 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-08 17:35:26 —-D—- C:WINDOWSsystem32CatRoot
2009-03-08 17:35:21 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-03-08 17:35:04 —-A—- C:WINDOWSsetuplog.txt
2009-03-08 17:35:01 —-SHD—- C:System Volume Information
2009-03-08 17:35:01 —-D—- C:Documents and Settings
2009-03-08 17:33:49 —-RASH—- C:boot.ini
2009-03-08 17:29:54 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-08 17:29:54 —-RSD—- C:WINDOWSFonts
2009-03-08 17:29:54 —-RD—- C:WINDOWSWeb
2009-03-08 17:29:54 —-HD—- C:WINDOWSinf
2009-03-08 17:29:54 —-D—- C:WINDOWSWinSxS
2009-03-08 17:29:54 —-D—- C:WINDOWStwain_32
2009-03-08 17:29:54 —-D—- C:WINDOWSTemp
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32wins
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32wbem
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32usmt
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32spool
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32ShellExt
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32Setup
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32ras
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32oobe
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32npp
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32mui
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32inetsrv
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32IME
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32icsxml
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32ias
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32export
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32drivers
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32dhcp
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32config
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem323com_dmi
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem323076
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem322052
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321054
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321049
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321042
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321041
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321037
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321033
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321031
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321028
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321025
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem
2009-03-08 17:29:54 —-D—- C:WINDOWSsecurity
2009-03-08 17:29:54 —-D—- C:WINDOWSResources
2009-03-08 17:29:54 —-D—- C:WINDOWSrepair
2009-03-08 17:29:54 —-D—- C:WINDOWSProvisioning
2009-03-08 17:29:54 —-D—- C:WINDOWSPeerNet
2009-03-08 17:29:54 —-D—- C:WINDOWSpchealth
2009-03-08 17:29:54 —-D—- C:WINDOWSmui
2009-03-08 17:29:54 —-D—- C:WINDOWSmsapps
2009-03-08 17:29:54 —-D—- C:WINDOWSmsagent
2009-03-08 17:29:54 —-D—- C:WINDOWSMedia
2009-03-08 17:29:54 —-D—- C:WINDOWSjava
2009-03-08 17:29:54 —-D—- C:WINDOWSime
2009-03-08 17:29:54 —-D—- C:WINDOWSHelp
2009-03-08 17:29:54 —-D—- C:WINDOWSehome
2009-03-08 17:29:54 —-D—- C:WINDOWSDriver Cache
2009-03-08 17:29:54 —-D—- C:WINDOWSDebug
2009-03-08 17:29:54 —-D—- C:WINDOWSCursors
2009-03-08 17:29:54 —-D—- C:WINDOWSConnection Wizard
2009-03-08 17:29:54 —-D—- C:WINDOWSConfig
2009-03-08 17:29:54 —-D—- C:WINDOWSAppPatch
2009-03-08 17:29:54 —-D—- C:WINDOWSaddins
2009-03-08 17:29:54 —-D—- C:WINDOWS
2009-03-08 17:29:54 —-A—- C:WINDOWSDUMP4d6a.tmp
2009-03-08 16:25:04 —-D—- C:Program FilesWinamp Toolbar
2009-03-08 16:25:04 —-D—- C:Documents and SettingsAll UsersApplication DataWinamp Toolbar
2009-03-08 16:24:27 —-D—- C:WINDOWSRegisteredPackages
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32vxblock.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxwave.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxmas.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxafs.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32px.dll
2009-03-08 16:22:45 —-D—- C:Program FilesWinamp
2009-03-08 16:22:45 —-D—- C:Documents and SettingsОляApplication DataWinamp
2009-03-08 15:45:44 —-D—- C:Program FilesVKLife
2009-03-08 15:04:58 —-D—- C:Documents and SettingsОляApplication DataCanon
2009-03-08 15:02:12 —-D—- C:Documents and SettingsОляApplication DataPRMT
2009-03-08 15:01:55 —-D—- C:Documents and SettingsОляApplication DataABBYY
2009-03-08 15:01:43 —-A—- C:WINDOWSsystem32CNAS0MMK.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCMFP31.INI
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLSU31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLST31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLSI31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLSD31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLSC31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCL4010.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32cncilsc.dll
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCI4010.DLL
2009-03-08 15:01:32 —-A—- C:WINDOWSsystem32CNCC4010.DLL
2009-03-08 14:58:47 —-D—- C:Documents and SettingsAll UsersApplication DataFLEXnet
2009-03-08 14:56:26 —-D—- C:Program FilesCanon
2009-03-08 14:56:05 —-HD—- C:WINDOWSsystem32CanonMF Uninstaller Information
2009-03-08 14:55:46 —-HD—- C:CanonMF
2009-03-08 14:48:44 —-D—- C:Documents and SettingsОляApplication DataYandex
2009-03-08 14:45:49 —-D—- C:Program FilesABBYY FineReader 8.0 Professional Edition
2009-03-08 14:44:55 —-D—- C:Documents and SettingsОляApplication DataDownload Master
2009-03-08 14:43:23 —-D—- C:Documents and SettingsОляApplication DataOpera
2009-03-08 14:34:26 —-A—- C:WINDOWSsystem32engine.dll
2009-03-08 14:33:47 —-D—- C:Program FilesMicrosoft Works
2009-03-08 14:33:36 —-D—- C:Program FilesMicrosoft Visual Studio
2009-03-08 14:33:36 —-D—- C:Program FilesCommon FilesDESIGNER
2009-03-08 14:33:22 —-D—- C:Program FilesMicrosoft.NET
2009-03-08 14:32:09 —-D—- C:WINDOWSSHELLNEW
2009-03-08 14:31:59 —-D—- C:Program FilesMicrosoft Office
2009-03-08 14:31:59 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2009-03-08 14:31:33 —-RHD—- C:MSOCache
2009-03-08 14:29:36 —-D—- C:Program FilesFoxit Software
2009-03-08 14:27:54 —-D—- C:WINDOWSLhsp
2009-03-08 14:27:54 —-D—- C:Program FilesPRMT8
2009-03-08 14:27:54 —-D—- C:Documents and SettingsAll UsersApplication DataPRMT
2009-03-08 14:26:43 —-D—- C:WINDOWSsystem32AkelFiles
2009-03-08 14:26:43 —-A—- C:WINDOWSsystem32sfcfiles.dll.BAK
2009-03-08 14:26:33 —-D—- C:Program FilesDownload Master
2009-03-08 14:26:24 —-A—- C:WINDOWSsystem32rmoc3260.dll
2009-03-08 14:26:24 —-A—- C:WINDOWSsystem32pndx5032.dll
2009-03-08 14:26:24 —-A—- C:WINDOWSsystem32pndx5016.dll
2009-03-08 14:26:24 —-A—- C:WINDOWSsystem32pncrt.dll
2009-03-08 14:26:22 —-A—- C:WINDOWSsystem32unrar.dll
2009-03-08 14:26:10 —-A—- C:WINDOWSsystem32yv12vfw.dll
2009-03-08 14:26:10 —-A—- C:WINDOWSsystem32xvidvfw.dll
2009-03-08 14:26:10 —-A—- C:WINDOWSsystem32xvidcore.dll
2009-03-08 14:26:09 —-A—- C:WINDOWSsystem32qt-dx331.dll
2009-03-08 14:26:09 —-A—- C:WINDOWSsystem32dpl100.dll
2009-03-08 14:25:58 —-A—- C:WINDOWSsystem32divx.dll
2009-03-08 14:25:56 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2009-03-08 14:25:56 —-A—- C:WINDOWSsystem32ff_vfw.dll
2009-03-08 14:25:55 —-A—- C:WINDOWSsystem32msvcr71.dll
2009-03-08 14:25:55 —-A—- C:WINDOWSsystem32msvcp71.dll
2009-03-08 14:25:54 —-D—- C:Documents and SettingsОляApplication DataReal
2009-03-08 14:25:54 —-D—- C:Documents and SettingsAll UsersApplication DataReal
2009-03-08 14:25:53 —-D—- C:Program FilesK-Lite Codec Pack
2009-03-08 14:25:47 —-D—- C:Program FilesWinRAR
2009-03-08 14:25:41 —-D—- C:Program FilesPunto Switcher
2009-03-08 14:24:37 —-D—- C:Program FilesAdobe
2009-03-08 14:24:21 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-03-08 14:23:36 —-D—- C:Documents and SettingsОляApplication DataAdobe
2009-03-08 14:20:22 —-D—- C:Program FilesCommon FilesMacrovision Shared
2009-03-08 14:19:55 —-D—- C:Program FilesCommon FilesAdobe
2009-03-08 14:17:21 —-D—- C:WINDOWSMinidump
2009-03-08 14:16:14 —-D—- C:Program FilesSkype
2009-03-08 14:16:14 —-D—- C:Program FilesCommon FilesSkype
2009-03-08 14:16:05 —-D—- C:Documents and SettingsAll UsersApplication DataSkype
2009-03-08 14:15:51 —-D—- C:Program FilesMail.Ru
2009-03-08 14:15:45 —-D—- C:Program FilesMy Company Name
2009-03-08 14:15:42 —-D—- C:Documents and SettingsОляApplication DataMacromedia
2009-03-08 14:15:36 —-D—- C:Program FilesOpera
2009-03-08 14:15:32 —-D—- C:Program FilesMozilla Firefox
2009-03-08 14:15:21 —-SHD—- C:RECYCLER
2009-03-08 14:10:46 —-A—- C:WINDOWSNeroDigital.ini
2009-03-08 14:08:48 —-RA—- C:WINDOWSsystem32nvuninst.exe
2009-03-08 14:08:48 —-D—- C:WINDOWSnview
2009-03-08 14:08:47 —-A—- C:WINDOWSsystem32nvudisp.exe
2009-03-08 14:05:25 —-RSD—- C:WINDOWSassembly
2009-03-08 14:05:06 —-D—- C:WINDOWSMicrosoft.NET
2009-03-08 14:00:19 —-N—- C:WINDOWSsystem32spmsg.dll
2009-03-08 14:00:08 —-HDC—- C:WINDOWS$MSI31Uninstall_KB893803v2$
2009-03-08 13:58:36 —-D—- C:Program FilesUnlocker
2009-03-08 13:58:36 —-D—- C:Documents and SettingsОляApplication DataDesktopicon
2009-03-08 13:57:41 —-D—- C:Documents and SettingsAll UsersApplication DataESET
2009-03-08 13:57:03 —-D—- C:Program FilesEset
2009-03-08 13:56:32 —-N—- C:WINDOWSsystem32TwnLib4.dll
2009-03-08 13:56:32 —-A—- C:WINDOWSsystem32TwnLib20.dll
2009-03-08 13:56:31 —-N—- C:WINDOWSsystem32ImagXRA7.dll
2009-03-08 13:56:31 —-N—- C:WINDOWSsystem32ImagXR7.dll
2009-03-08 13:56:31 —-N—- C:WINDOWSsystem32ImagXpr7.dll
2009-03-08 13:56:31 —-N—- C:WINDOWSsystem32ImagX7.dll
2009-03-08 13:56:31 —-D—- C:Program FilesCommon FilesAhead
2009-03-08 13:56:31 —-D—- C:Program FilesAhead
2009-03-08 13:56:31 —-A—- C:WINDOWSsystem32NeroCheck.exe
2009-03-08 13:56:07 —-D—- C:Program FilesThe KMPlayer
2009-03-08 13:56:05 —-D—- C:Program FilesVitSoft
2009-03-08 13:56:01 —-A—- C:WINDOWSsystem32javaws.exe
2009-03-08 13:56:01 —-A—- C:WINDOWSsystem32javaw.exe
2009-03-08 13:56:01 —-A—- C:WINDOWSsystem32java.exe
2009-03-08 13:55:38 —-D—- C:Program FilesJava
2009-03-08 13:55:37 —-D—- C:Program FilesCommon FilesJava
2009-03-08 13:54:44 —-A—- C:WINDOWSWPI_Log.txt
2009-03-08 13:51:12 —-D—- C:Program FilesVIA
2009-03-08 13:50:42 —-D—- C:Program FilesMarvell
2009-03-08 13:49:56 —-A—- C:WINDOWSsystem32ksuser.dll
2009-03-08 13:49:54 —-D—- C:Program FilesRealtek Sound Manager
2009-03-08 13:49:52 —-N—- C:WINDOWSavrack.ini
2009-03-08 13:49:52 —-D—- C:Program FilesAvRack
2009-03-08 13:49:48 —-N—- C:WINDOWSsystem32ChCfg.exe
2009-03-08 13:49:48 —-A—- C:WINDOWSsystem32RTLCPAPI.dll
2009-03-08 13:49:48 —-A—- C:WINDOWSSOUNDMAN.EXE
2009-03-08 13:49:46 —-A—- C:WINDOWSsystem32RTLCPL.EXE
2009-03-08 13:49:40 —-N—- C:WINDOWSalcupd.exe
2009-03-08 13:49:40 —-N—- C:WINDOWSalcrmv.exe
2009-03-08 13:49:35 —-N—- C:WINDOWSRtlExUpd.dll
2009-03-08 13:49:22 —-D—- C:Program FilesIntel
2009-03-08 13:49:02 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-03-08 13:49:00 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-08 13:48:51 —-D—- C:Program FilesCommon FilesInstallShield
2009-03-08 13:47:42 —-D—- C:Documents and SettingsОляApplication DataIdentities
2009-03-08 13:47:40 —-HD—- C:Program FilesUninstall Information
2009-03-08 13:47:34 —-ASH—- C:Documents and SettingsОляApplication Datadesktop.ini
2009-03-08 13:47:33 —-SD—- C:Documents and SettingsОляApplication DataMicrosoft
2009-03-08 13:47:04 —-D—- C:WINDOWSSoftwareDistribution
2009-03-08 13:47:03 —-SD—- C:WINDOWSsystem32Microsoft
2009-03-08 13:47:03 —-D—- C:WINDOWSPrefetch
2009-03-08 13:47:02 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-08 13:44:07 —-D—- C:WINDOWSsystem32xircom
2009-03-08 13:44:07 —-D—- C:Program Filesxerox
2009-03-08 13:44:07 —-D—- C:Program Filesmicrosoft frontpage
2009-03-08 13:43:53 —-A—- C:WINDOWScontrol.ini
2009-03-08 13:43:53 —-A—- C:AUTOEXEC.BAT
2009-03-08 13:43:45 —-A—- C:WINDOWSOEWABLog.txt
2009-03-08 13:43:42 —-A—- C:WINDOWSsystem32mapi32.dll
2009-03-08 13:43:03 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-08 13:43:03 —-RD—- C:WINDOWSOffline Web Pages
2009-03-08 13:43:03 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-03-08 13:42:57 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-03-08 13:42:53 —-HD—- C:Program FilesWindowsUpdate
2009-03-08 13:42:51 —-D—- C:Program FilesOnline Services
2009-03-08 13:42:38 —-D—- C:WINDOWSsystem32DirectX
2009-03-08 13:42:20 —-A—- C:WINDOWSsystem32atrace.dll
2009-03-08 13:42:17 —-A—- C:WINDOWSsystem32desktop.ini
2009-03-08 13:42:17 —-A—- C:WINDOWSdesktop.ini
2009-03-08 13:42:11 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-03-08 13:42:10 —-A—- C:WINDOWSsystem32acctres.dll
2009-03-08 13:42:09 —-D—- C:Program FilesCommon FilesServices
2009-03-08 13:42:07 —-SD—- C:WINDOWSTasks
2009-03-08 13:42:07 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-03-08 13:42:06 —-D—- C:Program FilesCommon FilesMSSoap
2009-03-08 13:42:03 —-D—- C:WINDOWSsrchasst
2009-03-08 13:42:02 —-D—- C:WINDOWSsystem32Macromed
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuweb.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wups.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wucltui.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32wuapi.dll
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32qmgr.dll
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-03-08 13:41:55 —-D—- C:Program FilesMovie Maker
2009-03-08 13:41:51 —-A—- C:WINDOWSsystem32safrslv.dll
2009-03-08 13:41:51 —-A—- C:WINDOWSsystem32safrdm.dll
2009-03-08 13:41:51 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-03-08 13:41:51 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-03-08 13:41:48 —-A—- C:WINDOWSsystem32fltMc.exe
2009-03-08 13:41:48 —-A—- C:WINDOWSsystem32fltlib.dll
2009-03-08 13:41:47 —-D—- C:WINDOWSsystem32Restore
2009-03-08 13:41:47 —-A—- C:WINDOWSsystem32srsvc.dll
2009-03-08 13:41:47 —-A—- C:WINDOWSsystem32srrstr.dll
2009-03-08 13:41:47 —-A—- C:WINDOWSsystem32srclient.dll
2009-03-08 13:41:47 —-A—- C:WINDOWSsystem32ils.dll
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32msconf.dll
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-03-08 13:41:44 —-D—- C:Program FilesNetMeeting
2009-03-08 13:41:44 —-A—- C:WINDOWSsystem32msoert2.dll
2009-03-08 13:41:43 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-03-08 13:41:43 —-A—- C:WINDOWSsystem32inetres.dll
2009-03-08 13:41:42 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-03-08 13:41:41 —-D—- C:Program FilesOutlook Express
2009-03-08 13:41:41 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-03-08 13:41:41 —-A—- C:WINDOWSsystem32mstinit.exe
2009-03-08 13:41:41 —-A—- C:WINDOWSsystem32mstask.dll
2009-03-08 13:41:40 —-A—- C:WINDOWSsystem32isign32.dll
2009-03-08 13:41:40 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-03-08 13:41:40 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-03-08 13:41:40 —-A—- C:WINDOWSsystem32icwdial.dll
2009-03-08 13:41:34 —-D—- C:Program FilesCommon FilesSystem
2009-03-08 13:41:29 —-D—- C:Program FilesInternet Explorer
2009-03-08 13:41:03 —-D—- C:Program FilesComPlus Applications
2009-03-08 13:41:02 —-A—- C:WINDOWSvbaddin.ini
2009-03-08 13:41:02 —-A—- C:WINDOWSvb.ini
2009-03-08 13:40:59 —-D—- C:WINDOWSRegistration
2009-03-08 13:40:54 —-D—- C:Program FilesWindows Media Player
2009-03-08 13:40:49 —-D—- C:Program FilesMessenger
2009-03-08 13:40:46 —-D—- C:Program FilesMSN Gaming Zone
2009-03-08 13:40:46 —-A—- C:WINDOWSsystem32write.exe
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32hticons.dll
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32avwav.dll
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32avtapi.dll
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32avmeter.dll
2009-03-08 13:40:36 —-A—- C:WINDOWSsystem32winchat.exe
2009-03-08 13:40:30 —-A—- C:WINDOWSsystem32getuname.dll
2009-03-08 13:40:30 —-A—- C:WINDOWSsystem32charmap.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32winmine.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32sol.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32mshearts.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32freecell.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32calc.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tslabels.ini
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tskill.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tscon.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32shadow.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32reset.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32regini.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-03-08 13:40:27 —-A—- C:WINDOWSsystem32msg.exe
2009-03-08 13:40:27 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-03-08 13:40:27 —-A—- C:WINDOWSsystem32logoff.exe
2009-03-08 13:40:27 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32stclient.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32mtxex.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32comrepl.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32comaddin.dll
2009-03-08 13:40:25 —-A—- C:WINDOWSsystem32comsnap.dll
2009-03-08 13:40:20 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-03-08 13:40:20 —-A—- C:WINDOWSsystem32accwiz.exe
2009-03-08 13:40:19 —-D—- C:Program FilesWindows NT
2009-03-08 13:40:19 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-03-08 13:40:19 —-A—- C:WINDOWSsystem32mplay32.exe
2009-03-08 13:40:19 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-03-08 13:40:18 —-A—- C:WINDOWSsystem32spider.exe
2009-03-08 13:40:18 —-A—- C:WINDOWSsystem32mspaint.exe
2009-03-08 13:40:18 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32remotepg.dll
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32rdshost.exe
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32rdchost.dll
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32mstscax.dll
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32mstsc.exe
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32termsrv.dll
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32qprocess.exe
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32icaapi.dll
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-03-08 13:40:15 —-D—- C:WINDOWSsystem32MsDtc
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtc.exe
2009-03-08 13:40:14 —-D—- C:WINDOWSsystem32Com
2009-03-08 13:40:14 —-A—- C:WINDOWSsystem32colbact.dll
2009-03-08 13:40:14 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-03-08 13:40:14 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-03-08 13:40:14 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-03-08 13:40:13 —-A—- C:WINDOWSsystem32comuid.dll
2009-03-08 13:40:13 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-03-08 13:40:13 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-03-08 13:40:13 —-A—- C:WINDOWSsystem32catsrv.dll
2009-03-08 13:40:07 —-A—- C:WINDOWSsystem32servdeps.dll
2009-03-08 13:40:07 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-03-08 13:40:07 —-A—- C:WINDOWSsystem32licwmi.dll
2009-03-08 13:40:07 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-03-08 17:36:04 —-A—- C:WINDOWSsystem.ini
2009-03-08 14:32:17 —-A—- C:WINDOWSwin.ini
2009-03-08 14:26:43 —-A—- C:WINDOWSsystem32sfcfiles.dll======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:WINDOWSsystem32DRIVERSehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2009-02-06 93336]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R2 eamon;eamon; C:WINDOWSsystem32DRIVERSeamon.sys [2009-02-06 113448]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-04-19 2317504]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-05-03 6554496]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSsystem32DRIVERSyk51x86.sys [2004-10-27 223104]
S2 amd64si;amd64si; ??C:WINDOWSsystem32driversamd64si.sys []
S2 ati64si;ati64si; ??C:WINDOWSsystem32driversati64si.sys []
S2 fips32cup;fips32cup; ??C:WINDOWSsystem32driversfips32cup.sys []
S2 netsik;netsik; ??C:WINDOWSsystem32driversnetsik.sys []
S2 nicsk32;nicsk32; ??C:WINDOWSsystem32driversnicsk32.sys []
S2 port135sik;port135sik; ??C:WINDOWSsystem32driversport135sik.sys []
S2 securentm;securentm; ??C:WINDOWSsystem32driverssecurentm.sys []
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-02-06 727720]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-05-03 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;ESET HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-03-08 654848]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
EOF
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:services
amd64si
ati64si
fips32cup
netsik
nicsk32
port135sik
securentm
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{899F95AF-4232-4CE0-80CD-93CA263FA7E5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
"au"=-
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
"AppInit_DLLS"=""
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
"C:Documents and SettingsОляLocal SettingsTempBN38.tmp"=-
"C:Documents and SettingsОляLocal SettingsTempBN1566.tmp"=-
"C:Documents and SettingsОляLocal SettingsTempBN21FE.tmp"=-
"C:Documents and SettingsОляLocal SettingsTempBN29EE.tmp"=-
"C:Documents and SettingsОляLocal SettingsTempBN2C17.tmp"=-
"C:Documents and SettingsОляLocal SettingsTempBN3ADC.tmp"=-
"C:Documents and SettingsОляLocal SettingsTempBN43C4.tmp"=-
:files
C:Documents and SettingsОляГлавное менюПрограммыАвтозагрузкаRapid Antivirus.lnk
C:Program FilesRapid AntivirusRapid Antivirus.exe
C:WINDOWSsystem32mmmlubkn.dll
C:WINDOWSsystem32digeste.dll
:Commands
[emptytemp]
[start explorer]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога. И ещё приложите к вашему ответу свежий RSIT лог.
вот лог OTMoveIt3:
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========ServiceDriver amd64si deleted successfully.
ServiceDriver ati64si deleted successfully.
ServiceDriver fips32cup deleted successfully.
ServiceDriver netsik deleted successfully.
ServiceDriver nicsk32 deleted successfully.
ServiceDriver port135sik deleted successfully.
ServiceDriver securentm deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{899F95AF-4232-4CE0-80CD-93CA263FA7E5}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\au deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows\»AppInit_DLLS»|»» /E : value set successfully!
HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders\»SecurityProviders»|»msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll» /E : value set successfully!
Registry value HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist\C:Documents and SettingsОляLocal SettingsTempBN38.tmp deleted successfully.
Registry value HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist\C:Documents and SettingsОляLocal SettingsTempBN1566.tmp deleted successfully.
Registry value HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist\C:Documents and SettingsОляLocal SettingsTempBN21FE.tmp deleted successfully.
Registry value HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist\C:Documents and SettingsОляLocal SettingsTempBN29EE.tmp deleted successfully.
Registry value HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist\C:Documents and SettingsОляLocal SettingsTempBN2C17.tmp deleted successfully.
Registry value HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist\C:Documents and SettingsОляLocal SettingsTempBN3ADC.tmp deleted successfully.
Registry value HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist\C:Documents and SettingsОляLocal SettingsTempBN43C4.tmp deleted successfully.
========== FILES ==========
C:Documents and SettingsОляГлавное менюПрограммыАвтозагрузкаRapid Antivirus.lnk moved successfully.
File/Folder C:Program FilesRapid AntivirusRapid Antivirus.exe not found.
File/Folder C:WINDOWSsystem32mmmlubkn.dll not found.
File/Folder C:WINDOWSsystem32digeste.dll not found.
========== COMMANDS ==========
File delete failed. C:DOCUME~1D10E~1LOCALS~1Tempetilqs_kWxPc00xMmfzR1OIXQ3z scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1D10E~1LOCALS~1TempJET9441.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1D10E~1LOCALS~1TempPerflib_Perfdata_424.dat scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStempPerflib_Perfdata_fb8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultCache_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultCache_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultCache_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultCache_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaulturlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultXUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.9.0 log created on 03292009_195409
Files moved on Reboot…
File C:DOCUME~1D10E~1LOCALS~1Tempetilqs_kWxPc00xMmfzR1OIXQ3z not found!
File C:DOCUME~1D10E~1LOCALS~1TempJET9441.tmp not found!
File C:DOCUME~1D10E~1LOCALS~1TempPerflib_Perfdata_424.dat not found!
C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat moved successfully.
C:WINDOWStempPerflib_Perfdata_fb8.dat moved successfully.
C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultCache_CACHE_001_ moved successfully.
C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultCache_CACHE_002_ moved successfully.
C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultCache_CACHE_003_ moved successfully.
C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultCache_CACHE_MAP_ moved successfully.
C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaulturlclassifier3.sqlite moved successfully.
C:Documents and SettingsОляLocal SettingsApplication DataMozillaFirefoxProfileswednppzy.defaultXUL.mfl moved successfully.Вот RSIT лог:
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Оля at 2009-03-29 20:04:46
Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (47%) free of 20 GB
Total RAM: 1023 MB (54% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:04:49, on 29.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSnotepad.exe
C:WINDOWSsystem32notepad.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesWinampwinampa.exe
C:Program FilesCommon FilesACD SystemsENDevDetect.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:Program FilesSearch SettingsSearchSettings.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesICQ6.5ICQ.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesYahoo!MessengerYahooMessenger.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32NOTEPAD.EXE
C:DownloadsПрограммыRSIT.exe
C:Program Filestrend microОля.exeR1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {95289393-33EA-4F8D-B952-483415B9C955} — C:Documents and SettingsОляApplication DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: Winamp Search Class — {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} — C:Program FilesWinamp Toolbarwinamptb.dll
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
R3 — URLSearchHook: SearchSettings Class — {E312764E-7706-43F1-8DAB-FCDD2B1E416D} — C:Program FilesSearch Settingskb127SearchSettings.dll
O2 — BHO: &Yahoo! Toolbar Helper — {02478D38-C3F9-4efb-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: Winamp Toolbar Loader — {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} — C:Program FilesWinamp Toolbarwinamptb.dll
O2 — BHO: DealioBHO Class — {6A87B991-A31F-4130-AE72-6D0C294BF082} — C:Program FilesDealiokb127Dealio.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: QIPBHO — {95289393-33EA-4F8D-B952-483415B9C955} — C:Documents and SettingsОляApplication DataMicrosoftInternet Explorerqipsearchbar.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: SearchSettings Class — {E312764E-7706-43F1-8DAB-FCDD2B1E416D} — C:Program FilesSearch Settingskb127SearchSettings.dll
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [UnlockerAssistant] «C:Program FilesUnlockerUnlockerAssistant.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [Device Detector] DevDetect.exe -autorun
O4 — HKLM..Run: [SearchSettings] C:Program FilesSearch SettingsSearchSettings.exe
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKCU..Run: [Messenger (Yahoo!)] «C:Program FilesYahoo!MessengerYahooMessenger.exe» -quiet
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Winamp Search — C:Documents and SettingsAll UsersApplication DataWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Compare Prices with &Dealio — C:Documents and SettingsОляApplication DataDealiokb127resDealioSearch.html
O8 — Extra context menu item: Добавить в Rambler-Закладки — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/zakladki.htm
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Опубликовать в Дневнике — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/planet.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Dealio — {E908B145-C847-4e85-B315-07E2E70DECF8} — C:Program FilesDealiokb127Dealio.dll
O9 — Extra ‘Tools’ menuitem: Dealio — {E908B145-C847-4e85-B315-07E2E70DECF8} — C:Program FilesDealiokb127Dealio.dll
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{3F67D6A8-C7D5-487C-B29A-899DFA5FDCC7}: NameServer = 62.213.0.12,62.213.2.1
O17 — HKLMSystemCCSServicesTcpip..{D42DE46C-7AD1-42AE-836C-5C5B40D90A2C}: NameServer = 62.213.0.12 62.213.2.1
O17 — HKLMSystemCS1ServicesTcpip..{3F67D6A8-C7D5-487C-B29A-899DFA5FDCC7}: NameServer = 62.213.0.12,62.213.2.1
O17 — HKLMSystemCS2ServicesTcpip..{3F67D6A8-C7D5-487C-B29A-899DFA5FDCC7}: NameServer = 62.213.0.12,62.213.2.1
O23 — Service: ESET HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: ESET Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 9712 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2007-05-31 808472][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader — C:Program FilesWinamp Toolbarwinamptb.dll [2009-02-20 1262888][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6A87B991-A31F-4130-AE72-6D0C294BF082}]
DealioBHO Class — C:Program FilesDealiokb127Dealio.dll [2008-05-26 3170144][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class — C:Documents and SettingsОляApplication DataMicrosoftInternet Explorerqipsearchbar.dll [2009-02-12 119808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2009-03-06 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class — C:Program FilesSearch Settingskb127SearchSettings.dll [2008-06-12 1111904][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-04-15 77824]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2006-01-12 155648]
«UnlockerAssistant»=C:Program FilesUnlockerUnlockerAssistant.exe [2008-05-02 15872]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-05-03 13529088]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2008-05-03 86016]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2009-02-26 37888]
«Device Detector»=DevDetect.exe -autorun []
«SearchSettings»=C:Program FilesSearch SettingsSearchSettings.exe [2008-06-12 991584]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2009-02-06 2021400][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2009-03-19 3776512]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-03-01 172792]
«Messenger (Yahoo!)»=C:Program FilesYahoo!MessengerYahooMessenger.exe [2009-02-18 4363504][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Documents and SettingsОляLocal SettingsTempwJQs.exe»=»C:Documents and SettingsОляLocal SettingsTempwJQs.exe:*:Enabled:ENABLE»
«C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe»=»C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32MsiExec.exe»=»C:WINDOWSsystem32MsiExec.exe:*:Enabled:ENABLE»
«C:WINDOWSexplorer.exe»=»C:WINDOWSexplorer.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32dumprep.exe»=»C:WINDOWSsystem32dumprep.exe:*:Enabled:ENABLE»
«C:WINDOWSpchealthhelpctrbinariesHelpCtr.exe»=»C:WINDOWSpchealthhelpctrbinariesHelpCtr.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32userinit.exe»=»C:WINDOWSsystem32userinit.exe:*:Enabled:ENABLE»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:ENABLE»
«C:Documents and SettingsОляLocal SettingsTempBNB0.tmp»=»C:Documents and SettingsОляLocal SettingsTempBNB0.tmp:*:Enabled:ENABLE»
«C:Documents and SettingsОляindgbbxgnqqdsdlldvggv.exe»=»C:Documents and SettingsОляindgbbxgnqqdsdlldvggv.exe:*:Enabled:ENABLE»
«C:Program FilesMalwarebytes’ Anti-Malwarembam.exe»=»C:Program FilesMalwarebytes’ Anti-Malwarembam.exe:*:Enabled:ENABLE»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ENABLE»
«C:Program FilesYahoo!MessengerYahooMessenger.exe»=»C:Program FilesYahoo!MessengerYahooMessenger.exe:*:Enabled:ENABLE»
«C:Program FilesInternet ExplorerIEXPLORE.EXE»=»C:Program FilesInternet ExplorerIEXPLORE.EXE:*:Enabled:ENABLE»
«C:Program FilesMozilla Firefoxfirefox.exe»=»C:Program FilesMozilla Firefoxfirefox.exe:*:Enabled:ENABLE»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»======List of files/folders created in the last 1 months======
2009-03-29 19:54:09 —-D—- C:_OTMoveIt
2009-03-29 16:10:01 —-D—- C:WINDOWSie7updates
2009-03-29 16:09:37 —-D—- C:WINDOWSWBEM
2009-03-29 16:09:36 —-D—- C:WINDOWSsystem32ru-ru
2009-03-29 16:08:48 —-HDC—- C:WINDOWSie7
2009-03-29 16:08:35 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-03-29 16:07:56 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-03-29 16:07:11 —-HDC—- C:WINDOWS$NtUninstallKB915865$
2009-03-29 16:07:09 —-N—- C:WINDOWSsystem32xmllite.dll
2009-03-29 16:06:18 —-D—- C:WINDOWSnetwork diagnostic
2009-03-29 16:06:17 —-HDC—- C:WINDOWS$NtUninstallKB914440$
2009-03-29 16:06:06 —-HDC—- C:WINDOWS$NtUninstallKB904942$
2009-03-29 15:59:24 —-A—- C:WINDOWSsystem32MRT.exe
2009-03-27 23:04:32 —-D—- C:rsit
2009-03-27 23:04:32 —-D—- C:Program Filestrend micro
2009-03-26 22:19:57 —-D—- C:Documents and SettingsОляApplication Dataelefundesktops
2009-03-26 22:14:43 —-D—- C:Program FilesEleFun Desktops
2009-03-26 22:05:25 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-03-26 22:04:11 —-D—- C:Program FilesAlawar.ru
2009-03-26 17:02:13 —-A—- C:WINDOWSsystem32tmp.txt
2009-03-26 17:02:02 —-A—- C:rapport.txt
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32WS2Fix.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32VCCLSID.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32VACFix.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32swxcacls.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32swsc.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32swreg.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32SrchSTS.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32Process.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32o4Patch.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32IEDFix.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32IEDFix.C.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32dumphive.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32Agent.OMZ.Fix.exe
2009-03-26 17:01:45 —-A—- C:WINDOWSsystem32404Fix.exe
2009-03-26 17:00:14 —-A—- C:WINDOWSntbtlog.txt
2009-03-26 16:39:25 —-D—- C:Documents and SettingsОляApplication Dataanv51
2009-03-26 03:00:28 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-03-26 03:00:21 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-03-26 03:00:13 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-03-26 03:00:07 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-03-26 02:59:57 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-26 02:15:08 —-D—- C:Documents and SettingsОляApplication DataanvA4
2009-03-26 00:44:29 —-D—- C:Documents and SettingsОляApplication DataMalwarebytes
2009-03-26 00:44:23 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-03-26 00:44:23 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-03-26 00:16:43 —-D—- C:VKLife
2009-03-26 00:06:33 —-D—- C:Documents and SettingsОляApplication Dataanv27
2009-03-26 00:04:30 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-03-25 23:59:12 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-03-25 23:59:07 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-03-25 23:59:01 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-03-25 23:58:48 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-03-25 23:58:37 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-03-25 23:58:29 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-03-25 23:58:24 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-03-25 23:58:18 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-03-25 23:58:14 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2009-03-25 23:57:43 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-03-25 23:57:36 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-03-25 23:57:31 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-03-25 23:57:26 —-HDC—- C:WINDOWS$NtUninstallKB923689$
2009-03-25 23:56:49 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-03-25 23:56:44 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-03-25 23:56:36 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-03-25 23:56:31 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2009-03-25 23:56:25 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-03-25 23:56:20 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-25 23:56:11 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-03-25 23:56:05 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-03-25 23:56:00 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-03-25 23:55:54 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-03-25 23:55:49 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-03-25 23:55:45 —-D—- C:Program FilesMSXML 4.0
2009-03-25 23:55:37 —-HDC—- C:WINDOWS$NtUninstallKB944338-v2$
2009-03-25 23:32:27 —-D—- C:WINDOWSsystem32PreInstall
2009-03-25 23:32:27 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-03-25 23:32:25 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-03-25 23:32:25 —-HD—- C:WINDOWS$hf_mig$
2009-03-25 23:26:50 —-D—- C:Documents and SettingsОляApplication DataanvB3
2009-03-25 22:50:21 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-03-25 22:12:28 —-A—- C:WINDOWSEurekaLog.ini
2009-03-25 22:12:19 —-D—- C:Documents and SettingsОляApplication DataanvB
2009-03-25 21:50:46 —-D—- C:Documents and SettingsОляApplication DataanvEE
2009-03-25 20:42:46 —-D—- C:Documents and SettingsОляApplication Dataanv62
2009-03-25 02:37:07 —-D—- C:Documents and SettingsОляApplication DataSearch Settings
2009-03-25 01:26:56 —-D—- C:Documents and SettingsОляApplication DataanvCE
2009-03-25 01:25:22 —-A—- C:WINDOWSsystem32search_fid.txt
2009-03-25 01:15:42 —-D—- C:WINDOWSsystem32appmgmt
2009-03-25 01:15:07 —-D—- C:Program FilesKaspersky Lab
2009-03-25 00:56:46 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-03-24 04:08:47 —-D—- C:Program FilesAliveMedia
2009-03-24 03:42:47 —-D—- C:Program FilesSearch Settings
2009-03-24 03:42:37 —-D—- C:Program FilesDealio
2009-03-24 03:42:34 —-D—- C:Documents and SettingsОляApplication DataDealio
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32WMAFile.dll
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32AudPlayer.dll
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32AudioVisu.dll
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32AudioRecord.dll
2009-03-24 03:41:49 —-A—- C:WINDOWSsystem32AudioInfos.dll
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32VB6FR.DLL
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32TABCTFR.DLL
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32inetfr.DLL
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32AudFile.dll
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32AudDisplay.dll
2009-03-24 03:41:48 —-A—- C:WINDOWSsystem32AudDesign.dll
2009-03-24 03:41:47 —-A—- C:WINDOWSsystem32MSCMCFR.DLL
2009-03-24 03:41:47 —-A—- C:WINDOWSsystem32Mscc2fr.dll
2009-03-24 03:41:47 —-A—- C:WINDOWSsystem32CMDLGFR.DLL
2009-03-24 03:41:46 —-D—- C:Program FilesFree Audio Pack
2009-03-24 03:24:13 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-03-24 03:16:53 —-A—- C:WINDOWSsystem32viscomwave.dll
2009-03-24 03:16:53 —-A—- C:WINDOWSsystem32viscomqtde.dll
2009-03-24 03:16:53 —-A—- C:WINDOWSsystem32SkinCrafter.dll
2009-03-24 03:16:49 —-D—- C:Program FilesPlato Video To 3GP Converter
2009-03-19 18:28:17 —-D—- C:Documents and SettingsОляApplication DataYahoo!
2009-03-19 18:28:17 —-D—- C:Documents and SettingsAll UsersApplication DataYahoo! Companion
2009-03-13 20:17:44 —-D—- C:Documents and SettingsAll UsersApplication DataApple Computer
2009-03-13 14:22:47 —-D—- C:Program FilesHaali
2009-03-13 14:21:37 —-D—- C:Documents and SettingsAll UsersApplication DataVideoConverter
2009-03-13 03:52:53 —-A—- C:WINDOWSsystem32wmv8dmod.dll
2009-03-13 03:52:43 —-A—- C:WINDOWSsystem32NCTAudioRecord2.dll
2009-03-13 03:52:43 —-A—- C:WINDOWSsystem32NCTAudioPlayer2.dll
2009-03-13 03:52:43 —-A—- C:WINDOWSsystem32NCTAudioLibrary.dll
2009-03-13 03:52:43 —-A—- C:WINDOWSsystem32NCTAudioInformation.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTWMAFile2.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTAudioVisualization2.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTAudioGrabber.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTAudioFile2.dll
2009-03-13 03:52:42 —-A—- C:WINDOWSsystem32NCTAudioFile.dll
2009-03-13 03:52:36 —-A—- C:WINDOWSsystem32VB6STKIT.DLL
2009-03-13 03:52:32 —-A—- C:WINDOWSsystem32mpg4c32.dll
2009-03-13 03:52:31 —-D—- C:Program FilesSetup
2009-03-13 03:37:08 —-D—- C:Documents and SettingsОляApplication DataMedia Player Classic
2009-03-11 22:54:17 —-A—- C:WINDOWSsystem32wmpns.dll
2009-03-10 21:40:27 —-D—- C:Documents and SettingsОляApplication DataACD Systems
2009-03-10 21:40:02 —-D—- C:Documents and SettingsAll UsersApplication DataACD Systems
2009-03-10 21:39:58 —-D—- C:Program FilesCommon FilesACD Systems
2009-03-10 21:39:58 —-D—- C:Program FilesACD Systems
2009-03-10 20:02:15 —-D—- C:Documents and SettingsОляApplication DataBeautyGuide
2009-03-10 19:56:49 —-D—- C:Program FilesTwo Pilots
2009-03-10 19:56:48 —-D—- C:Program FilesBeauty Guide
2009-03-10 18:22:23 —-D—- C:Documents and SettingsAll UsersApplication DataYahoo!
2009-03-10 18:22:22 —-D—- C:Program FilesYahoo!
2009-03-10 18:19:38 —-D—- C:Downloads
2009-03-09 01:19:21 —-A—- C:WINDOWSsystem32df;yj.txt
2009-03-09 00:43:01 —-D—- C:Program FilesQIP Infium
2009-03-09 00:13:13 —-D—- C:Documents and SettingsОляApplication Datarambler.ru
2009-03-09 00:13:09 —-D—- C:Program FilesRambler Assistant
2009-03-09 00:13:08 —-D—- C:Documents and SettingsОляApplication DataMozilla
2009-03-09 00:12:10 —-D—- C:Documents and SettingsОляApplication DataICQ
2009-03-09 00:11:45 —-D—- C:Program FilesICQ6.5
2009-03-08 23:46:16 —-D—- C:Documents and SettingsОляApplication DataQIP
2009-03-08 23:23:09 —-D—- C:Documents and SettingsОляApplication DataWinRAR
2009-03-08 17:39:02 —-A—- C:WINDOWSsystem32h323log.txt
2009-03-08 17:37:06 —-A—- C:WINDOWSsystem32usbui.dll
2009-03-08 17:36:12 —-A—- C:WINDOWSimsins.BAK
2009-03-08 17:36:09 —-SHD—- C:WINDOWSInstaller
2009-03-08 17:36:09 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-08 17:36:08 —-D—- C:Program FilesCommon FilesODBC
2009-03-08 17:36:08 —-A—- C:WINDOWSODBCINST.INI
2009-03-08 17:36:05 —-RD—- C:Program Files
2009-03-08 17:36:05 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-03-08 17:36:05 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-03-08 17:36:05 —-D—- C:Program FilesCommon Files
2009-03-08 17:36:02 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-03-08 17:36:02 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-03-08 17:36:02 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-03-08 17:36:00 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-03-08 17:35:58 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-03-08 17:35:56 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdur.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-03-08 17:35:52 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-03-08 17:35:51 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-03-08 17:35:51 —-A—- C:WINDOWSsystem32irclass.dll
2009-03-08 17:35:51 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-03-08 17:35:51 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-03-08 17:35:50 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-03-08 17:35:48 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-03-08 17:35:48 —-A—- C:WINDOWSTASKMAN.EXE
2009-03-08 17:35:48 —-A—- C:WINDOWSsystem32batt.dll
2009-03-08 17:35:47 —-A—- C:WINDOWSnotepad.exe
2009-03-08 17:35:46 —-A—- C:WINDOWSsystem32storprop.dll
2009-03-08 17:35:39 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-03-08 17:35:34 —-RA—- C:WINDOWSSET8.tmp
2009-03-08 17:35:32 —-RA—- C:WINDOWSSET4.tmp
2009-03-08 17:35:31 —-RA—- C:WINDOWSSET3.tmp
2009-03-08 17:35:26 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-08 17:35:26 —-D—- C:WINDOWSsystem32CatRoot
2009-03-08 17:35:21 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-03-08 17:35:04 —-A—- C:WINDOWSsetuplog.txt
2009-03-08 17:35:01 —-SHD—- C:System Volume Information
2009-03-08 17:35:01 —-D—- C:Documents and Settings
2009-03-08 17:33:49 —-RASH—- C:boot.ini
2009-03-08 17:29:54 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-08 17:29:54 —-RSD—- C:WINDOWSFonts
2009-03-08 17:29:54 —-RD—- C:WINDOWSWeb
2009-03-08 17:29:54 —-HD—- C:WINDOWSinf
2009-03-08 17:29:54 —-D—- C:WINDOWSWinSxS
2009-03-08 17:29:54 —-D—- C:WINDOWStwain_32
2009-03-08 17:29:54 —-D—- C:WINDOWSTemp
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32wins
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32wbem
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32usmt
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32spool
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32ShellExt
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32Setup
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32ras
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32oobe
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32npp
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32mui
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32inetsrv
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32IME
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32icsxml
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32ias
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32export
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32drivers
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32dhcp
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32config
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem323com_dmi
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem323076
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem322052
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321054
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321049
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321042
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321041
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321037
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321033
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321031
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321028
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem321025
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem32
2009-03-08 17:29:54 —-D—- C:WINDOWSsystem
2009-03-08 17:29:54 —-D—- C:WINDOWSsecurity
2009-03-08 17:29:54 —-D—- C:WINDOWSResources
2009-03-08 17:29:54 —-D—- C:WINDOWSrepair
2009-03-08 17:29:54 —-D—- C:WINDOWSProvisioning
2009-03-08 17:29:54 —-D—- C:WINDOWSPeerNet
2009-03-08 17:29:54 —-D—- C:WINDOWSpchealth
2009-03-08 17:29:54 —-D—- C:WINDOWSmui
2009-03-08 17:29:54 —-D—- C:WINDOWSmsapps
2009-03-08 17:29:54 —-D—- C:WINDOWSmsagent
2009-03-08 17:29:54 —-D—- C:WINDOWSMedia
2009-03-08 17:29:54 —-D—- C:WINDOWSjava
2009-03-08 17:29:54 —-D—- C:WINDOWSime
2009-03-08 17:29:54 —-D—- C:WINDOWSHelp
2009-03-08 17:29:54 —-D—- C:WINDOWSehome
2009-03-08 17:29:54 —-D—- C:WINDOWSDriver Cache
2009-03-08 17:29:54 —-D—- C:WINDOWSDebug
2009-03-08 17:29:54 —-D—- C:WINDOWSCursors
2009-03-08 17:29:54 —-D—- C:WINDOWSConnection Wizard
2009-03-08 17:29:54 —-D—- C:WINDOWSConfig
2009-03-08 17:29:54 —-D—- C:WINDOWSAppPatch
2009-03-08 17:29:54 —-D—- C:WINDOWSaddins
2009-03-08 17:29:54 —-D—- C:WINDOWS
2009-03-08 17:29:54 —-A—- C:WINDOWSDUMP4d6a.tmp
2009-03-08 16:25:04 —-D—- C:Program FilesWinamp Toolbar
2009-03-08 16:25:04 —-D—- C:Documents and SettingsAll UsersApplication DataWinamp Toolbar
2009-03-08 16:24:27 —-D—- C:WINDOWSRegisteredPackages
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32vxblock.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxwave.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxmas.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32pxafs.dll
2009-03-08 16:22:48 —-N—- C:WINDOWSsystem32px.dll
2009-03-08 16:22:45 —-D—- C:Program FilesWinamp
2009-03-08 16:22:45 —-D—- C:Documents and SettingsОляApplication DataWinamp
2009-03-08 15:45:44 —-D—- C:Program FilesVKLife
2009-03-08 15:04:58 —-D—- C:Documents and SettingsОляApplication DataCanon
2009-03-08 15:02:12 —-D—- C:Documents and SettingsОляApplication DataPRMT
2009-03-08 15:01:55 —-D—- C:Documents and SettingsОляApplication DataABBYY
2009-03-08 15:01:43 —-A—- C:WINDOWSsystem32CNAS0MMK.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCMFP31.INI
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLSU31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLST31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLSI31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLSD31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCLSC31.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCL4010.DLL
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32cncilsc.dll
2009-03-08 15:01:33 —-A—- C:WINDOWSsystem32CNCI4010.DLL
2009-03-08 15:01:32 —-A—- C:WINDOWSsystem32CNCC4010.DLL
2009-03-08 14:58:47 —-D—- C:Documents and SettingsAll UsersApplication DataFLEXnet
2009-03-08 14:56:26 —-D—- C:Program FilesCanon
2009-03-08 14:56:05 —-HD—- C:WINDOWSsystem32CanonMF Uninstaller Information
2009-03-08 14:55:46 —-HD—- C:CanonMF
2009-03-08 14:48:44 —-D—- C:Documents and SettingsОляApplication DataYandex
2009-03-08 14:45:49 —-D—- C:Program FilesABBYY FineReader 8.0 Professional Edition
2009-03-08 14:44:55 —-D—- C:Documents and SettingsОляApplication DataDownload Master
2009-03-08 14:43:23 —-D—- C:Documents and SettingsОляApplication DataOpera
2009-03-08 14:34:26 —-A—- C:WINDOWSsystem32engine.dll
2009-03-08 14:33:47 —-D—- C:Program FilesMicrosoft Works
2009-03-08 14:33:36 —-D—- C:Program FilesMicrosoft Visual Studio
2009-03-08 14:33:36 —-D—- C:Program FilesCommon FilesDESIGNER
2009-03-08 14:33:22 —-D—- C:Program FilesMicrosoft.NET
2009-03-08 14:32:09 —-D—- C:WINDOWSSHELLNEW
2009-03-08 14:31:59 —-D—- C:Program FilesMicrosoft Office
2009-03-08 14:31:59 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2009-03-08 14:31:33 —-RHD—- C:MSOCache
2009-03-08 14:29:36 —-D—- C:Program FilesFoxit Software
2009-03-08 14:27:54 —-D—- C:WINDOWSLhsp
2009-03-08 14:27:54 —-D—- C:Program FilesPRMT8
2009-03-08 14:27:54 —-D—- C:Documents and SettingsAll UsersApplication DataPRMT
2009-03-08 14:26:43 —-D—- C:WINDOWSsystem32AkelFiles
2009-03-08 14:26:43 —-A—- C:WINDOWSsystem32sfcfiles.dll.BAK
2009-03-08 14:26:33 —-D—- C:Program FilesDownload Master
2009-03-08 14:26:24 —-A—- C:WINDOWSsystem32rmoc3260.dll
2009-03-08 14:26:24 —-A—- C:WINDOWSsystem32pndx5032.dll
2009-03-08 14:26:24 —-A—- C:WINDOWSsystem32pndx5016.dll
2009-03-08 14:26:24 —-A—- C:WINDOWSsystem32pncrt.dll
2009-03-08 14:26:22 —-A—- C:WINDOWSsystem32unrar.dll
2009-03-08 14:26:10 —-A—- C:WINDOWSsystem32yv12vfw.dll
2009-03-08 14:26:10 —-A—- C:WINDOWSsystem32xvidvfw.dll
2009-03-08 14:26:10 —-A—- C:WINDOWSsystem32xvidcore.dll
2009-03-08 14:26:09 —-A—- C:WINDOWSsystem32qt-dx331.dll
2009-03-08 14:26:09 —-A—- C:WINDOWSsystem32dpl100.dll
2009-03-08 14:25:58 —-A—- C:WINDOWSsystem32divx.dll
2009-03-08 14:25:56 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2009-03-08 14:25:56 —-A—- C:WINDOWSsystem32ff_vfw.dll
2009-03-08 14:25:55 —-A—- C:WINDOWSsystem32msvcr71.dll
2009-03-08 14:25:55 —-A—- C:WINDOWSsystem32msvcp71.dll
2009-03-08 14:25:54 —-D—- C:Documents and SettingsОляApplication DataReal
2009-03-08 14:25:54 —-D—- C:Documents and SettingsAll UsersApplication DataReal
2009-03-08 14:25:53 —-D—- C:Program FilesK-Lite Codec Pack
2009-03-08 14:25:47 —-D—- C:Program FilesWinRAR
2009-03-08 14:25:41 —-D—- C:Program FilesPunto Switcher
2009-03-08 14:24:37 —-D—- C:Program FilesAdobe
2009-03-08 14:24:21 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-03-08 14:23:36 —-D—- C:Documents and SettingsОляApplication DataAdobe
2009-03-08 14:20:22 —-D—- C:Program FilesCommon FilesMacrovision Shared
2009-03-08 14:19:55 —-D—- C:Program FilesCommon FilesAdobe
2009-03-08 14:17:21 —-D—- C:WINDOWSMinidump
2009-03-08 14:16:14 —-D—- C:Program FilesSkype
2009-03-08 14:16:14 —-D—- C:Program FilesCommon FilesSkype
2009-03-08 14:16:05 —-D—- C:Documents and SettingsAll UsersApplication DataSkype
2009-03-08 14:15:51 —-D—- C:Program FilesMail.Ru
2009-03-08 14:15:45 —-D—- C:Program FilesMy Company Name
2009-03-08 14:15:42 —-D—- C:Documents and SettingsОляApplication DataMacromedia
2009-03-08 14:15:36 —-D—- C:Program FilesOpera
2009-03-08 14:15:32 —-D—- C:Program FilesMozilla Firefox
2009-03-08 14:15:21 —-SHD—- C:RECYCLER
2009-03-08 14:10:46 —-A—- C:WINDOWSNeroDigital.ini
2009-03-08 14:08:48 —-RA—- C:WINDOWSsystem32nvuninst.exe
2009-03-08 14:08:48 —-D—- C:WINDOWSnview
2009-03-08 14:08:47 —-A—- C:WINDOWSsystem32nvudisp.exe
2009-03-08 14:05:25 —-RSD—- C:WINDOWSassembly
2009-03-08 14:05:06 —-D—- C:WINDOWSMicrosoft.NET
2009-03-08 14:00:19 —-N—- C:WINDOWSsystem32spmsg.dll
2009-03-08 14:00:08 —-HDC—- C:WINDOWS$MSI31Uninstall_KB893803v2$
2009-03-08 13:58:36 —-D—- C:Program FilesUnlocker
2009-03-08 13:58:36 —-D—- C:Documents and SettingsОляApplication DataDesktopicon
2009-03-08 13:57:41 —-D—- C:Documents and SettingsAll UsersApplication DataESET
2009-03-08 13:57:03 —-D—- C:Program FilesEset
2009-03-08 13:56:32 —-N—- C:WINDOWSsystem32TwnLib4.dll
2009-03-08 13:56:32 —-A—- C:WINDOWSsystem32TwnLib20.dll
2009-03-08 13:56:31 —-N—- C:WINDOWSsystem32ImagXRA7.dll
2009-03-08 13:56:31 —-N—- C:WINDOWSsystem32ImagXR7.dll
2009-03-08 13:56:31 —-N—- C:WINDOWSsystem32ImagXpr7.dll
2009-03-08 13:56:31 —-N—- C:WINDOWSsystem32ImagX7.dll
2009-03-08 13:56:31 —-D—- C:Program FilesCommon FilesAhead
2009-03-08 13:56:31 —-D—- C:Program FilesAhead
2009-03-08 13:56:31 —-A—- C:WINDOWSsystem32NeroCheck.exe
2009-03-08 13:56:07 —-D—- C:Program FilesThe KMPlayer
2009-03-08 13:56:05 —-D—- C:Program FilesVitSoft
2009-03-08 13:56:01 —-A—- C:WINDOWSsystem32javaws.exe
2009-03-08 13:56:01 —-A—- C:WINDOWSsystem32javaw.exe
2009-03-08 13:56:01 —-A—- C:WINDOWSsystem32java.exe
2009-03-08 13:55:38 —-D—- C:Program FilesJava
2009-03-08 13:55:37 —-D—- C:Program FilesCommon FilesJava
2009-03-08 13:54:44 —-A—- C:WINDOWSWPI_Log.txt
2009-03-08 13:51:12 —-D—- C:Program FilesVIA
2009-03-08 13:50:42 —-D—- C:Program FilesMarvell
2009-03-08 13:49:56 —-A—- C:WINDOWSsystem32ksuser.dll
2009-03-08 13:49:54 —-D—- C:Program FilesRealtek Sound Manager
2009-03-08 13:49:52 —-N—- C:WINDOWSavrack.ini
2009-03-08 13:49:52 —-D—- C:Program FilesAvRack
2009-03-08 13:49:48 —-N—- C:WINDOWSsystem32ChCfg.exe
2009-03-08 13:49:48 —-A—- C:WINDOWSsystem32RTLCPAPI.dll
2009-03-08 13:49:48 —-A—- C:WINDOWSSOUNDMAN.EXE
2009-03-08 13:49:46 —-A—- C:WINDOWSsystem32RTLCPL.EXE
2009-03-08 13:49:40 —-N—- C:WINDOWSalcupd.exe
2009-03-08 13:49:40 —-N—- C:WINDOWSalcrmv.exe
2009-03-08 13:49:35 —-N—- C:WINDOWSRtlExUpd.dll
2009-03-08 13:49:22 —-D—- C:Program FilesIntel
2009-03-08 13:49:02 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-03-08 13:49:00 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-08 13:48:51 —-D—- C:Program FilesCommon FilesInstallShield
2009-03-08 13:47:42 —-D—- C:Documents and SettingsОляApplication DataIdentities
2009-03-08 13:47:40 —-HD—- C:Program FilesUninstall Information
2009-03-08 13:47:34 —-ASH—- C:Documents and SettingsОляApplication Datadesktop.ini
2009-03-08 13:47:33 —-SD—- C:Documents and SettingsОляApplication DataMicrosoft
2009-03-08 13:47:04 —-D—- C:WINDOWSSoftwareDistribution
2009-03-08 13:47:03 —-SD—- C:WINDOWSsystem32Microsoft
2009-03-08 13:47:03 —-D—- C:WINDOWSPrefetch
2009-03-08 13:47:02 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-08 13:44:07 —-D—- C:WINDOWSsystem32xircom
2009-03-08 13:44:07 —-D—- C:Program Filesxerox
2009-03-08 13:44:07 —-D—- C:Program Filesmicrosoft frontpage
2009-03-08 13:43:53 —-A—- C:WINDOWScontrol.ini
2009-03-08 13:43:53 —-A—- C:AUTOEXEC.BAT
2009-03-08 13:43:45 —-A—- C:WINDOWSOEWABLog.txt
2009-03-08 13:43:42 —-A—- C:WINDOWSsystem32mapi32.dll
2009-03-08 13:43:03 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-08 13:43:03 —-RD—- C:WINDOWSOffline Web Pages
2009-03-08 13:43:03 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-03-08 13:42:57 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-03-08 13:42:53 —-HD—- C:Program FilesWindowsUpdate
2009-03-08 13:42:51 —-D—- C:Program FilesOnline Services
2009-03-08 13:42:38 —-D—- C:WINDOWSsystem32DirectX
2009-03-08 13:42:20 —-A—- C:WINDOWSsystem32atrace.dll
2009-03-08 13:42:17 —-A—- C:WINDOWSsystem32desktop.ini
2009-03-08 13:42:17 —-A—- C:WINDOWSdesktop.ini
2009-03-08 13:42:11 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-03-08 13:42:10 —-A—- C:WINDOWSsystem32acctres.dll
2009-03-08 13:42:09 —-D—- C:Program FilesCommon FilesServices
2009-03-08 13:42:07 —-SD—- C:WINDOWSTasks
2009-03-08 13:42:07 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-03-08 13:42:06 —-D—- C:Program FilesCommon FilesMSSoap
2009-03-08 13:42:03 —-D—- C:WINDOWSsrchasst
2009-03-08 13:42:02 —-D—- C:WINDOWSsystem32Macromed
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuweb.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wups.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wucltui.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-03-08 13:41:59 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32wuapi.dll
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32qmgr.dll
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-03-08 13:41:58 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-03-08 13:41:55 —-D—- C:Program FilesMovie Maker
2009-03-08 13:41:51 —-A—- C:WINDOWSsystem32safrslv.dll
2009-03-08 13:41:51 —-A—- C:WINDOWSsystem32safrdm.dll
2009-03-08 13:41:51 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-03-08 13:41:51 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-03-08 13:41:48 —-A—- C:WINDOWSsystem32fltMc.exe
2009-03-08 13:41:48 —-A—- C:WINDOWSsystem32fltlib.dll
2009-03-08 13:41:47 —-D—- C:WINDOWSsystem32Restore
2009-03-08 13:41:47 —-A—- C:WINDOWSsystem32srsvc.dll
2009-03-08 13:41:47 —-A—- C:WINDOWSsystem32srrstr.dll
2009-03-08 13:41:47 —-A—- C:WINDOWSsystem32srclient.dll
2009-03-08 13:41:47 —-A—- C:WINDOWSsystem32ils.dll
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32msconf.dll
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-03-08 13:41:46 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-03-08 13:41:44 —-D—- C:Program FilesNetMeeting
2009-03-08 13:41:44 —-A—- C:WINDOWSsystem32msoert2.dll
2009-03-08 13:41:43 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-03-08 13:41:43 —-A—- C:WINDOWSsystem32inetres.dll
2009-03-08 13:41:42 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-03-08 13:41:41 —-D—- C:Program FilesOutlook Express
2009-03-08 13:41:41 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-03-08 13:41:41 —-A—- C:WINDOWSsystem32mstinit.exe
2009-03-08 13:41:41 —-A—- C:WINDOWSsystem32mstask.dll
2009-03-08 13:41:40 —-A—- C:WINDOWSsystem32isign32.dll
2009-03-08 13:41:40 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-03-08 13:41:40 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-03-08 13:41:40 —-A—- C:WINDOWSsystem32icwdial.dll
2009-03-08 13:41:34 —-D—- C:Program FilesCommon FilesSystem
2009-03-08 13:41:29 —-D—- C:Program FilesInternet Explorer
2009-03-08 13:41:03 —-D—- C:Program FilesComPlus Applications
2009-03-08 13:41:02 —-A—- C:WINDOWSvbaddin.ini
2009-03-08 13:41:02 —-A—- C:WINDOWSvb.ini
2009-03-08 13:40:59 —-D—- C:WINDOWSRegistration
2009-03-08 13:40:54 —-D—- C:Program FilesWindows Media Player
2009-03-08 13:40:49 —-D—- C:Program FilesMessenger
2009-03-08 13:40:46 —-D—- C:Program FilesMSN Gaming Zone
2009-03-08 13:40:46 —-A—- C:WINDOWSsystem32write.exe
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32hticons.dll
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32avwav.dll
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32avtapi.dll
2009-03-08 13:40:37 —-A—- C:WINDOWSsystem32avmeter.dll
2009-03-08 13:40:36 —-A—- C:WINDOWSsystem32winchat.exe
2009-03-08 13:40:30 —-A—- C:WINDOWSsystem32getuname.dll
2009-03-08 13:40:30 —-A—- C:WINDOWSsystem32charmap.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32winmine.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32sol.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32mshearts.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32freecell.exe
2009-03-08 13:40:29 —-A—- C:WINDOWSsystem32calc.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tslabels.ini
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tskill.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32tscon.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32shadow.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32reset.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32regini.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-03-08 13:40:28 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-03-08 13:40:27 —-A—- C:WINDOWSsystem32msg.exe
2009-03-08 13:40:27 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-03-08 13:40:27 —-A—- C:WINDOWSsystem32logoff.exe
2009-03-08 13:40:27 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32stclient.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32mtxex.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32comrepl.dll
2009-03-08 13:40:26 —-A—- C:WINDOWSsystem32comaddin.dll
2009-03-08 13:40:25 —-A—- C:WINDOWSsystem32comsnap.dll
2009-03-08 13:40:20 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-03-08 13:40:20 —-A—- C:WINDOWSsystem32accwiz.exe
2009-03-08 13:40:19 —-D—- C:Program FilesWindows NT
2009-03-08 13:40:19 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-03-08 13:40:19 —-A—- C:WINDOWSsystem32mplay32.exe
2009-03-08 13:40:19 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-03-08 13:40:18 —-A—- C:WINDOWSsystem32spider.exe
2009-03-08 13:40:18 —-A—- C:WINDOWSsystem32mspaint.exe
2009-03-08 13:40:18 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32remotepg.dll
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32rdshost.exe
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32rdchost.dll
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32mstscax.dll
2009-03-08 13:40:17 —-A—- C:WINDOWSsystem32mstsc.exe
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32termsrv.dll
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32qprocess.exe
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32icaapi.dll
2009-03-08 13:40:16 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-03-08 13:40:15 —-D—- C:WINDOWSsystem32MsDtc
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-03-08 13:40:15 —-A—- C:WINDOWSsystem32msdtc.exe
2009-03-08 13:40:14 —-D—- C:WINDOWSsystem32Com
2009-03-08 13:40:14 —-A—- C:WINDOWSsystem32colbact.dll
2009-03-08 13:40:14 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-03-08 13:40:14 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-03-08 13:40:14 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-03-08 13:40:13 —-A—- C:WINDOWSsystem32comuid.dll
2009-03-08 13:40:13 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-03-08 13:40:13 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-03-08 13:40:13 —-A—- C:WINDOWSsystem32catsrv.dll
2009-03-08 13:40:07 —-A—- C:WINDOWSsystem32servdeps.dll
2009-03-08 13:40:07 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-03-08 13:40:07 —-A—- C:WINDOWSsystem32licwmi.dll
2009-03-08 13:40:07 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-03-08 17:36:04 —-A—- C:WINDOWSsystem.ini
2009-03-08 14:32:17 —-A—- C:WINDOWSwin.ini
2009-03-08 14:26:43 —-A—- C:WINDOWSsystem32sfcfiles.dll======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:WINDOWSsystem32DRIVERSehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2009-02-06 93336]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R2 eamon;eamon; C:WINDOWSsystem32DRIVERSeamon.sys [2009-02-06 113448]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-04-19 2317504]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-05-03 6554496]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSsystem32DRIVERSyk51x86.sys [2004-10-27 223104]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-02-06 727720]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-05-03 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;ESET HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-03-08 654848]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
EOF
Сейчас вроде все чистенько,ярлык rapida пропал из папки автозагрузки,браузер тоже без сбоев работает,да и сам компьютер работает быстро!Спасибо вам огромное!!!
У вас два антивируса (Kaspersky Anti-Virus и ESET NOD32 Antivirus 4.0), удалите один ОБЯЗАТЕЛЬНО.
Несколько завершающих действий.
1. Обновите ваши программы.
Обновите Java, у вас устаревшая версия. Прочитайте эту инструкцию: Как обновить Java.Зайдите на сайт update.microsoft.com и обновите Windows.
2. Удалите все программы, которые вы использовали в процессе лечения, в случае необходимости, вы всегда сможете скачать их заново. Удаление их необходимо по-причине того, что они содержат компоненты, которые вирусы и трояны могут использовать в плохих целях.
Запустите программу OTMoveIT3. Кликните по кнопке CleanUp. Если появится запрос на перезагрузку компьютера, то кликните Да/Yes.
Удалите RSIT и другие скачанные вами сканеры и небольшие утилиты, а так же все файлы и каталоги который были созданы в процессе лечения компьютера.3. Подойдите к защите вашего компьютера более серьёзно.
Установите программу Spybot Search and Destroy, это довольно неплохая дополнительная защита от шпионских и других вредоносных программ.
Большинство троянов и вирусов разработаны для поражения Internet Explorer`а, поэтому рекомендую использовать только Оперу или Firefox.
4. Создайте новую точку восстановления и удалите все старые.
Удалите старые точки восстановления, так как в них возможно нахождения инфицированных файлов, троянов и других вредоносных программ. Для этого кликните по иконке Мой компьютер, выберите пункт Свойства. В открывшемся окне выберите вкладку Восстановление системы. Поставьте галочку напротив пункта Отключить восстановление системы на всех дисках. Кликните по кнопке Применить. Подтвердите свои действия кликнув по кнопке OK в открывшемся диалоге. Закройте окно Свойства системы, кликнув по кнопке OK.
После загрузки компьютера выполните действия описанные выше, только в этот раз снимите галочку.
Создайте новую точку восстановления. Это поможет вам в случае необходимости загрузить текущую конфигурацию Windows и быстро излечиться от спайваре/вируса. Для этого кликните по кнопке Пуск, далее выберите пункт Стандартные, в нём Служебные и запустите программу Восстановление системы. В открывшемся окне выберите задачу Создать точку восстановления и нажмите кнопку Далее и следуйте указаниям.
5. И несколько дополнительных советов.
Запустите ваш антивирус и проверьте состояние автоматической защиты. Включите, если она выключена.
Не забывайте обновлять Windows, ваши программы и особенно ваш антивирус.
Не посещайте незнакомые сайты, очень внимательно относитесь к файлам скаченным с Интернета.
Всего доброго!
- Для ответа в этой теме необходимо авторизоваться.
