- This topic has 3 ответа, 2 участника, and was last updated 16 years, 2 months назад by
.
-
Сообщения
-
Помогите удалить FREE PORNO INFORMER
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-01-07 18:46:35
Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (22%) free of 15 GB
Total RAM: 510 MB (36% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:46:36, on 07.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesQuickTimeqttask.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSsystem32ctfmon.exe
D:DAEMON Toolsdaemon.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesICQ6ICQ.exe
C:Program FilesИгры от NevoSoftNevoDRMrun.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcLog.exe
C:WINDOWSsystem32PnkBstrA.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe
C:WINDOWSsystem32PnkBstrB.exe
C:WINDOWSsystem32r_server.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcIp.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program Filestrend microАдминистратор.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: MyPlayCityRU Toolbar — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — C:Program FilesMyPlayCityRUtbMyPl.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:PROGRA~1SkypePhoneIEPluginSKYPEI~1.DLL
O2 — BHO: WebaltaBHO Object — {6C3BDD12-4B6F-44F1-87CB-4D94E1ED38A5} — C:PROGRA~1WebaltaWEBALT~2.DLL
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_01binssv.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier2.0.301.7164swg.dll
O2 — BHO: lvelibP — {DA12E469-0694-4A98-859A-723964A5BECD} — C:WINDOWSsystem32lvelib.dll
O2 — BHO: MyPlayCityRU Toolbar — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — C:Program FilesMyPlayCityRUtbMyPl.dll
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: MyPlayCityRU Toolbar — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — C:Program FilesMyPlayCityRUtbMyPl.dll
O4 — HKLM..Run: [Vistadrv] C:Program FilesVIPHDvsdrv.exe
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [NevoDRM] «C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [DAEMON Tools] «D:DAEMON Toolsdaemon.exe» -lang 1033
O4 — HKCU..Run: [LogitechSetup] I:SetupSetup.exe /start /restart /l:enu
O4 — HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [NBJ] «C:Program FilesAheadNero BackItUpNBJ.exe»
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: The Matrix_ Path of Neo Registration.lnk = ?
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O8 — Extra context menu item: Webalta — Добавить в Анти-Баннер — C:Program FilesWebaltaextentionsWebalta_antiban.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/SEARCH.HTM
O8 — Extra context menu item: Словари@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/TRANSLATE.HTM
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_01binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_01binssv.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:PROGRA~1SkypePhoneIEPluginSKYPEI~1.DLL
O9 — Extra button: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra ‘Tools’ menuitem: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O17 — HKLMSystemCCSServicesTcpip..{9FAD947A-0641-4810-944D-E10A974D37EA}: NameServer = 77.50.0.3 77.50.1.3
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Forceware Web Interface (ForcewareWebInterface) — Apache Software Foundation — C:Program FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: ForceWare IP service (nSvcIp) — NVIDIA Corporation — C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcIp.exe
O23 — Service: ForceWare user log service (nSvcLog) — NVIDIA Corporation — C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcLog.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: PnkBstrA — Unknown owner — C:WINDOWSsystem32PnkBstrA.exe
O23 — Service: PnkBstrB — Unknown owner — C:WINDOWSsystem32PnkBstrB.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Remote Administrator Service (r_server) — Unknown owner — C:WINDOWSsystem32r_server.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) — Protection Technology (StarForce) — C:WINDOWSsystem32sfrem01.exe
O23 — Service: FrontLine Drivers Auto Removal (v2) (sfrem02) — Protection Technology (StarForce) — C:WINDOWSsystem32sfrem02.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Webalta Controller (WebaltaController) — Unknown owner — C:Program FilesWebaltaWebaltaUpdaterService.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 11321 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2004-12-14 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:PROGRA~1SkypePhoneIEPluginSKYPEI~1.DLL [2007-02-09 751144][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6C3BDD12-4B6F-44F1-87CB-4D94E1ED38A5}]
WebaltaBHO Object — C:PROGRA~1WebaltaWEBALT~2.DLL [2008-10-27 736260][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_01binssv.dll [2007-08-13 495616][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-07-12 623304][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2007-10-01 2427968][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier2.0.301.7164swg.dll [2007-10-07 325048][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DA12E469-0694-4A98-859A-723964A5BECD}]
FLAC Data Feeder — C:WINDOWSsystem32lvelib.dll [2008-11-11 328704][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
MyPlayCityRU Toolbar — C:Program FilesMyPlayCityRUtbMyPl.dll [2007-12-19 1514520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2007-08-15 804336]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-07-12 623304]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2007-10-01 2427968]
{dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — MyPlayCityRU Toolbar — C:Program FilesMyPlayCityRUtbMyPl.dll [2007-12-19 1514520][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Vistadrv»=C:Program FilesVIPHDvsdrv.exe [2006-07-30 121089]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2008-05-16 79224]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2007-08-21 282624]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-11-14 16270848]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-07-12 3110392]
«NevoDRM»=C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe [2008-12-01 111616][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2007-06-20 30208]
«DAEMON Tools»=D:DAEMON Toolsdaemon.exe [2007-04-04 165784]
«LogitechSetup»=I:SetupSetup.exe /start /restart /l:enu []
«LDM»=C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2007-11-27 67128]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2007-02-09 25388584]
«NBJ»=C:Program FilesAheadNero BackItUpNBJ.exe [2006-09-15 2048000]
«ICQ»=C:Program FilesICQ6ICQ.exe [2008-09-01 173304][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregATICCC]
C:Program FilesATI TechnologiesATI.ACEcli.exe [2005-08-06 61440][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:WINDOWSsystem32NeroCheck.exe [2006-01-12 155648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSoundMan]
C:WINDOWSSOUNDMAN.EXE [2006-07-21 86016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Панель задач ATI CATALYST.lnk]
C:PROGRA~1ATITEC~1ATI.ACECLI.exe [2005-08-06 61440]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
Logitech Desktop Messenger.lnk — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exeC:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузка
The Matrix_ Path of Neo Registration.lnk — C:Documents and SettingsАдминистраторLocal SettingsTemp{19BB9B8D-B599-4C0E-A3C6-7AF02EE107E3}{E571E8B1-9771-465D-9DE0-3BA2D1BDAE99}ATR1.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2005-08-04 46080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor — {e57ce738-33e8-4c51-8354-bb4de9d215d1} — C:WINDOWSsystem32upnpui.dll [2004-08-18 239616][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«NoInternetOpenWith «=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=177
«NoSMConfigurePrograms»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesICQLiteICQLite.exe»=»C:Program FilesICQLiteICQLite.exe:*:Enabled:ICQ Lite»
«C:Program FilesFlashGetflashget.exe»=»C:Program FilesFlashGetflashget.exe:*:Enabled:Flashget»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«C:Program FilesICQ6ICQ.exe»=»C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6»
«C:WINDOWSsystem32PnkBstrA.exe»=»C:WINDOWSsystem32PnkBstrA.exe:*:Enabled:PnkBstrA»
«C:WINDOWSsystem32PnkBstrB.exe»=»C:WINDOWSsystem32PnkBstrB.exe:*:Enabled:PnkBstrB»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2I]
shellAutoRuncommand — I:setup.exe======List of files/folders created in the last 1 months======
2009-01-07 18:27:00 —-D—- C:rsit
2009-01-07 18:27:00 —-D—- C:Program Filestrend micro
2009-01-02 19:11:18 —-D—- C:Documents and SettingsAll UsersApplication DataFreshGames
2008-12-31 18:38:13 —-D—- C:Documents and SettingsАдминистраторApplication DataWebalta
2008-12-31 14:55:27 —-A—- C:WINDOWSsystem32CNMLM9M.DLL
2008-12-24 15:11:44 —-D—- C:Documents and SettingsAll UsersApplication DataUbisoft
2008-12-14 11:01:45 —-D—- C:Documents and SettingsАдминистраторApplication DataSulusGames======List of files/folders modified in the last 1 months======
2009-01-07 18:27:40 —-D—- C:WINDOWSPrefetch
2009-01-07 18:27:00 —-RD—- C:Program Files
2009-01-07 16:03:02 —-D—- C:WINDOWSTemp
2009-01-07 12:00:55 —-D—- C:Program FilesWebalta
2009-01-07 01:20:56 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-04 17:05:25 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-04 14:01:54 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-01-03 13:37:59 —-D—- C:Program FilesGames.Mail.Ru
2009-01-03 13:29:25 —-D—- C:Program FilesZeon
2009-01-03 13:29:24 —-D—- C:WINDOWSsystem32
2009-01-03 13:29:24 —-D—- C:Documents and SettingsAll UsersApplication DataZeon
2009-01-02 15:25:11 —-D—- C:WINDOWS
2008-12-31 15:54:49 —-D—- C:Program FilesНовый Диск
2008-12-31 15:54:46 —-HD—- C:Program FilesInstallShield Installation Information
2008-12-31 15:54:00 —-D—- C:Program FilesИгры от NevoSoft
2008-12-31 15:51:31 —-D—- C:Program FilesBarbie(TM)
2008-12-31 14:55:17 —-HD—- C:WINDOWSinf
2008-12-31 14:53:45 —-D—- C:WINDOWSsystem32drivers
2008-12-24 16:57:15 —-A—- C:WINDOWSNeroDigital.ini
2008-12-24 15:23:24 —-D—- C:WINDOWSsystem32DirectX
2008-12-24 15:22:29 —-D—- C:Program FilesWMV9_VCM
2008-12-24 15:11:44 —-D—- C:Program FilesUbisoft
2008-12-21 19:03:54 —-D—- C:Documents and SettingsАдминистраторApplication DataSkype
2008-12-21 12:42:41 —-D—- C:Documents and SettingsAll UsersApplication DataHipSoft======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2008-05-16 26944]
R1 AmdK8;Драйвер AMD процессора; C:WINDOWSsystem32DRIVERSAmdK8.sys [2005-03-09 43008]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2008-05-16 78416]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2008-05-16 42912]
R1 BIOS;BIOS; ??C:WINDOWSsystem32driversBIOS.sys []
R1 prodrv03;Star Force copy protection driver v3; ??C:WINDOWSsystem32driversprodrv03.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:WINDOWSSystem32driversprodrv06.sys [2004-10-07 80576]
R1 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2006-07-24 5632]
R2 ACEDRV07;ACEDRV07; ??C:WINDOWSsystem32driversACEDRV07.sys []
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2008-05-16 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2008-05-16 94416]
R2 athsgt;athsgt; C:WINDOWSsystem32DRIVERSathsgt.sys [2007-10-28 164992]
R2 atksgt;atksgt; C:WINDOWSsystem32DRIVERSatksgt.sys [2007-09-25 165376]
R2 limsgt;limsgt; C:WINDOWSsystem32DRIVERSlimsgt.sys [2007-10-28 12544]
R2 lirsgt;lirsgt; C:WINDOWSsystem32DRIVERSlirsgt.sys [2007-09-25 18048]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2006-12-04 62336]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2008-05-16 23152]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2005-08-04 1273344]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-12-26 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-11-15 4225920]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-07-11 20480]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2007-06-20 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2007-06-20 59392]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2007-06-20 17152]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-18 26496]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-10-04 3797632]
S3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2007-06-20 60800]
S3 atkld7ca;atkld7ca; C:WINDOWSsystem32driversatkld7ca.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys []
S3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
S3 LVUSBSta;Logitech USB Monitor Filter; C:WINDOWSsystem32driversLVUSBSta.sys [2007-02-03 41504]
S3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2007-06-20 61824]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:WINDOWSsystem32DRIVERSLV561AV.SYS [2007-02-03 490784]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Драйвер Sony USB фильтра (SONYPVU1); C:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2001-08-17 7552]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:WINDOWSsystem32DRIVERSssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:WINDOWSsystem32DRIVERSssm_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2008-05-16 17272]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2005-08-04 380928]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2008-05-16 144760]
R2 ForcewareWebInterface;Forceware Web Interface; C:Program FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe [2006-04-03 20543]
R2 nSvcIp;ForceWare IP service; C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcIp.exe [2006-07-13 131131]
R2 nSvcLog;ForceWare user log service; C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcLog.exe [2006-07-13 65599]
R2 PnkBstrA;PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [2008-02-03 66872]
R2 PnkBstrB;PnkBstrB; C:WINDOWSsystem32PnkBstrB.exe [2008-02-03 103736]
R2 r_server;Remote Administrator Service; C:WINDOWSsystem32r_server.exe [2005-03-30 724992]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-18 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2008-05-16 247160]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2008-05-16 349560]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2005-08-05 516096]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:WINDOWSsystem32sfrem01.exe [2006-07-05 358008]
S2 sfrem02;FrontLine Drivers Auto Removal (v2); C:WINDOWSsystem32sfrem02.exe [2006-05-11 358008]
S2 WebaltaController;Webalta Controller; C:Program FilesWebaltaWebaltaUpdaterService.exe [2008-12-16 97794]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2003-02-20 32768]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2007-10-01 138168]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-03 69632]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
EOF
Спасибо что помогаете!!!
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DA12E469-0694-4A98-859A-723964A5BECD}\ deleted successfully.
========== FILES ==========
C:WINDOWSsystem32lvelib.dll unregistered successfully.
C:WINDOWSsystem32lvelib.dll moved successfully.
========== COMMANDS ==========
File delete failed. C:DOCUME~19335~1LOCALS~1TempJETD36D.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DF9C53.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStemp_avast4_Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempPerflib_Perfdata_68c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 01072009_202735
Здравствуйте, добро пожаловать на Spyware-ru форум.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Закройте InternetExplorer.
Запустите программу и в большое поле ввода (заголовок этого поля выделено желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DA12E469-0694-4A98-859A-723964A5BECD}]
:files
C:WINDOWSsystem32lvelib.dll
:Commands
[emptytemp]
[start explorer]
[Reboot]Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Так же к ответу приложите свежий RSIT лог.@Valeri wrote:
Здравствуйте, добро пожаловать на Spyware-ru форум.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Закройте InternetExplorer.
Запустите программу и в большое поле ввода (заголовок этого поля выделено желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DA12E469-0694-4A98-859A-723964A5BECD}]
:files
C:WINDOWSsystem32lvelib.dll
:Commands
[emptytemp]
[start explorer]
[Reboot]Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Так же к ответу приложите свежий RSIT лог.Спасибо что помогаете!!!
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DA12E469-0694-4A98-859A-723964A5BECD}\ deleted successfully.
========== FILES ==========
C:WINDOWSsystem32lvelib.dll unregistered successfully.
C:WINDOWSsystem32lvelib.dll moved successfully.
========== COMMANDS ==========
File delete failed. C:DOCUME~19335~1LOCALS~1TempJETD36D.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DF9C53.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStemp_avast4_Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempPerflib_Perfdata_68c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 01072009_202735
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-01-07 20:45:32
Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (36%) free of 15 GB
Total RAM: 510 MB (33% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:45:34, on 07.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32Ati2evxx.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesQuickTimeqttask.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSsystem32ctfmon.exe
D:DAEMON Toolsdaemon.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesICQ6ICQ.exe
C:Program FilesИгры от NevoSoftNevoDRMrun.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcLog.exe
C:WINDOWSsystem32PnkBstrA.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe
C:WINDOWSsystem32PnkBstrB.exe
C:WINDOWSsystem32r_server.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcIp.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Documents and SettingsАдминистраторРабочий столOTMoveIt3.exe
C:WINDOWSexplorer.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program Filestrend microАдминистратор.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: MyPlayCityRU Toolbar — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — C:Program FilesMyPlayCityRUtbMyPl.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:PROGRA~1SkypePhoneIEPluginSKYPEI~1.DLL
O2 — BHO: WebaltaBHO Object — {6C3BDD12-4B6F-44F1-87CB-4D94E1ED38A5} — C:PROGRA~1WebaltaWEBALT~2.DLL
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_01binssv.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier2.0.301.7164swg.dll
O2 — BHO: MyPlayCityRU Toolbar — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — C:Program FilesMyPlayCityRUtbMyPl.dll
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: MyPlayCityRU Toolbar — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — C:Program FilesMyPlayCityRUtbMyPl.dll
O4 — HKLM..Run: [Vistadrv] C:Program FilesVIPHDvsdrv.exe
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [NevoDRM] «C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKLM..RunOnce: [OTMoveIt] C:Documents and SettingsАдминистраторРабочий столOTMoveIt3.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [DAEMON Tools] «D:DAEMON Toolsdaemon.exe» -lang 1033
O4 — HKCU..Run: [LogitechSetup] I:SetupSetup.exe /start /restart /l:enu
O4 — HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [NBJ] «C:Program FilesAheadNero BackItUpNBJ.exe»
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: The Matrix_ Path of Neo Registration.lnk = ?
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O8 — Extra context menu item: Webalta — Добавить в Анти-Баннер — C:Program FilesWebaltaextentionsWebalta_antiban.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/SEARCH.HTM
O8 — Extra context menu item: Словари@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/TRANSLATE.HTM
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_01binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_01binssv.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:PROGRA~1SkypePhoneIEPluginSKYPEI~1.DLL
O9 — Extra button: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra ‘Tools’ menuitem: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O17 — HKLMSystemCCSServicesTcpip..{9FAD947A-0641-4810-944D-E10A974D37EA}: NameServer = 77.50.0.3 77.50.1.3
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Forceware Web Interface (ForcewareWebInterface) — Apache Software Foundation — C:Program FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: ForceWare IP service (nSvcIp) — NVIDIA Corporation — C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcIp.exe
O23 — Service: ForceWare user log service (nSvcLog) — NVIDIA Corporation — C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcLog.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: PnkBstrA — Unknown owner — C:WINDOWSsystem32PnkBstrA.exe
O23 — Service: PnkBstrB — Unknown owner — C:WINDOWSsystem32PnkBstrB.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Remote Administrator Service (r_server) — Unknown owner — C:WINDOWSsystem32r_server.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) — Protection Technology (StarForce) — C:WINDOWSsystem32sfrem01.exe
O23 — Service: FrontLine Drivers Auto Removal (v2) (sfrem02) — Protection Technology (StarForce) — C:WINDOWSsystem32sfrem02.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Webalta Controller (WebaltaController) — Unknown owner — C:Program FilesWebaltaWebaltaUpdaterService.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 11397 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2004-12-14 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:PROGRA~1SkypePhoneIEPluginSKYPEI~1.DLL [2007-02-09 751144][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6C3BDD12-4B6F-44F1-87CB-4D94E1ED38A5}]
WebaltaBHO Object — C:PROGRA~1WebaltaWEBALT~2.DLL [2008-10-27 736260][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_01binssv.dll [2007-08-13 495616][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-07-12 623304][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2007-10-01 2427968][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier2.0.301.7164swg.dll [2007-10-07 325048][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
MyPlayCityRU Toolbar — C:Program FilesMyPlayCityRUtbMyPl.dll [2007-12-19 1514520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2007-08-15 804336]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-07-12 623304]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2007-10-01 2427968]
{dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — MyPlayCityRU Toolbar — C:Program FilesMyPlayCityRUtbMyPl.dll [2007-12-19 1514520][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Vistadrv»=C:Program FilesVIPHDvsdrv.exe [2006-07-30 121089]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2008-05-16 79224]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2007-08-21 282624]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-11-14 16270848]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-07-12 3110392]
«NevoDRM»=C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe [2008-12-01 111616][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
«OTMoveIt»=C:Documents and SettingsАдминистраторРабочий столOTMoveIt3.exe [2009-01-07 348160][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2007-06-20 30208]
«DAEMON Tools»=D:DAEMON Toolsdaemon.exe [2007-04-04 165784]
«LogitechSetup»=I:SetupSetup.exe /start /restart /l:enu []
«LDM»=C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2007-11-27 67128]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2007-02-09 25388584]
«NBJ»=C:Program FilesAheadNero BackItUpNBJ.exe [2006-09-15 2048000]
«ICQ»=C:Program FilesICQ6ICQ.exe [2008-09-01 173304][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregATICCC]
C:Program FilesATI TechnologiesATI.ACEcli.exe [2005-08-06 61440][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:WINDOWSsystem32NeroCheck.exe [2006-01-12 155648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSoundMan]
C:WINDOWSSOUNDMAN.EXE [2006-07-21 86016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Панель задач ATI CATALYST.lnk]
C:PROGRA~1ATITEC~1ATI.ACECLI.exe [2005-08-06 61440]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
Logitech Desktop Messenger.lnk — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exeC:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузка
The Matrix_ Path of Neo Registration.lnk — C:Documents and SettingsАдминистраторLocal SettingsTemp{19BB9B8D-B599-4C0E-A3C6-7AF02EE107E3}{E571E8B1-9771-465D-9DE0-3BA2D1BDAE99}ATR1.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2005-08-04 46080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor — {e57ce738-33e8-4c51-8354-bb4de9d215d1} — C:WINDOWSsystem32upnpui.dll [2004-08-18 239616][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«NoInternetOpenWith «=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=177
«NoSMConfigurePrograms»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesICQLiteICQLite.exe»=»C:Program FilesICQLiteICQLite.exe:*:Enabled:ICQ Lite»
«C:Program FilesFlashGetflashget.exe»=»C:Program FilesFlashGetflashget.exe:*:Enabled:Flashget»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«C:Program FilesICQ6ICQ.exe»=»C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6»
«C:WINDOWSsystem32PnkBstrA.exe»=»C:WINDOWSsystem32PnkBstrA.exe:*:Enabled:PnkBstrA»
«C:WINDOWSsystem32PnkBstrB.exe»=»C:WINDOWSsystem32PnkBstrB.exe:*:Enabled:PnkBstrB»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2I]
shellAutoRuncommand — I:setup.exe======List of files/folders created in the last 1 months======
2009-01-07 20:27:13 —-D—- C:_OTMoveIt
2009-01-07 18:27:00 —-D—- C:rsit
2009-01-07 18:27:00 —-D—- C:Program Filestrend micro
2009-01-02 19:11:18 —-D—- C:Documents and SettingsAll UsersApplication DataFreshGames
2008-12-31 18:38:13 —-D—- C:Documents and SettingsАдминистраторApplication DataWebalta
2008-12-31 14:55:27 —-A—- C:WINDOWSsystem32CNMLM9M.DLL
2008-12-24 15:11:44 —-D—- C:Documents and SettingsAll UsersApplication DataUbisoft
2008-12-14 11:01:45 —-D—- C:Documents and SettingsАдминистраторApplication DataSulusGames======List of files/folders modified in the last 1 months======
2009-01-07 20:29:00 —-D—- C:WINDOWSTemp
2009-01-07 20:27:57 —-D—- C:WINDOWSsystem32
2009-01-07 20:27:21 —-D—- C:WINDOWSPrefetch
2009-01-07 18:27:00 —-RD—- C:Program Files
2009-01-07 12:00:55 —-D—- C:Program FilesWebalta
2009-01-07 01:20:56 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-04 17:05:25 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-04 14:01:54 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-01-03 13:37:59 —-D—- C:Program FilesGames.Mail.Ru
2009-01-03 13:29:25 —-D—- C:Program FilesZeon
2009-01-03 13:29:24 —-D—- C:Documents and SettingsAll UsersApplication DataZeon
2009-01-02 15:25:11 —-D—- C:WINDOWS
2008-12-31 15:54:49 —-D—- C:Program FilesНовый Диск
2008-12-31 15:54:46 —-HD—- C:Program FilesInstallShield Installation Information
2008-12-31 15:54:00 —-D—- C:Program FilesИгры от NevoSoft
2008-12-31 15:51:31 —-D—- C:Program FilesBarbie(TM)
2008-12-31 14:55:17 —-HD—- C:WINDOWSinf
2008-12-31 14:53:45 —-D—- C:WINDOWSsystem32drivers
2008-12-24 16:57:15 —-A—- C:WINDOWSNeroDigital.ini
2008-12-24 15:23:24 —-D—- C:WINDOWSsystem32DirectX
2008-12-24 15:22:29 —-D—- C:Program FilesWMV9_VCM
2008-12-24 15:11:44 —-D—- C:Program FilesUbisoft
2008-12-21 19:03:54 —-D—- C:Documents and SettingsАдминистраторApplication DataSkype
2008-12-21 12:42:41 —-D—- C:Documents and SettingsAll UsersApplication DataHipSoft======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2008-05-16 26944]
R1 AmdK8;Драйвер AMD процессора; C:WINDOWSsystem32DRIVERSAmdK8.sys [2005-03-09 43008]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2008-05-16 78416]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2008-05-16 42912]
R1 BIOS;BIOS; ??C:WINDOWSsystem32driversBIOS.sys []
R1 prodrv03;Star Force copy protection driver v3; ??C:WINDOWSsystem32driversprodrv03.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:WINDOWSSystem32driversprodrv06.sys [2004-10-07 80576]
R1 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2006-07-24 5632]
R2 ACEDRV07;ACEDRV07; ??C:WINDOWSsystem32driversACEDRV07.sys []
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2008-05-16 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2008-05-16 94416]
R2 athsgt;athsgt; C:WINDOWSsystem32DRIVERSathsgt.sys [2007-10-28 164992]
R2 atksgt;atksgt; C:WINDOWSsystem32DRIVERSatksgt.sys [2007-09-25 165376]
R2 limsgt;limsgt; C:WINDOWSsystem32DRIVERSlimsgt.sys [2007-10-28 12544]
R2 lirsgt;lirsgt; C:WINDOWSsystem32DRIVERSlirsgt.sys [2007-09-25 18048]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2006-12-04 62336]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2008-05-16 23152]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2005-08-04 1273344]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-12-26 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-11-15 4225920]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-07-11 20480]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2007-06-20 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2007-06-20 59392]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2007-06-20 17152]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-18 26496]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-10-04 3797632]
S3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2007-06-20 60800]
S3 atkld7ca;atkld7ca; C:WINDOWSsystem32driversatkld7ca.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys []
S3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
S3 LVUSBSta;Logitech USB Monitor Filter; C:WINDOWSsystem32driversLVUSBSta.sys [2007-02-03 41504]
S3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2007-06-20 61824]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:WINDOWSsystem32DRIVERSLV561AV.SYS [2007-02-03 490784]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Драйвер Sony USB фильтра (SONYPVU1); C:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2001-08-17 7552]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:WINDOWSsystem32DRIVERSssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:WINDOWSsystem32DRIVERSssm_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2008-05-16 17272]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2005-08-04 380928]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2008-05-16 144760]
R2 ForcewareWebInterface;Forceware Web Interface; C:Program FilesNVIDIA CorporationNetworkAccessManagerApache GroupApache2binapache.exe [2006-04-03 20543]
R2 nSvcIp;ForceWare IP service; C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcIp.exe [2006-07-13 131131]
R2 nSvcLog;ForceWare user log service; C:Program FilesNVIDIA CorporationNetworkAccessManagerbinnSvcLog.exe [2006-07-13 65599]
R2 PnkBstrA;PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [2008-02-03 66872]
R2 PnkBstrB;PnkBstrB; C:WINDOWSsystem32PnkBstrB.exe [2008-02-03 103736]
R2 r_server;Remote Administrator Service; C:WINDOWSsystem32r_server.exe [2005-03-30 724992]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-18 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2008-05-16 247160]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2008-05-16 349560]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2005-08-05 516096]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:WINDOWSsystem32sfrem01.exe [2006-07-05 358008]
S2 sfrem02;FrontLine Drivers Auto Removal (v2); C:WINDOWSsystem32sfrem02.exe [2006-05-11 358008]
S2 WebaltaController;Webalta Controller; C:Program FilesWebaltaWebaltaUpdaterService.exe [2008-12-16 97794]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2003-02-20 32768]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2007-10-01 138168]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-03 69632]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
EOF
- Для ответа в этой теме необходимо авторизоваться.
