после использования combofix глюки в компе

This topic has 1 ответ, 2 участника, and was last updated 14 years, 10 months назад by Admin.

Просмотр 2 сообщений - с 1 по 2 (из 2 всего)

Автор

Сообщения
24 января, 2010 в 2:20 пп #17861
Аноним
Гость
- Темы:532
- Сообщений:1553
после использования combofix комп стал диго глючить,не загружаться,т.е при включении загружается рабочий стол и всё остальное,но внезапно всё зависает и не мышкой ни клавой ничего не сделать,даже диспечер задач не открывается,единственный выход reset, безопасный режим, востановление системы.после выключения или перезагрузки всё заново.думаю уже сносить винду(хотя не хотелось бы),так же перед этим сканировал систему Malwarebytes’ Anti-Malware. Лог прилагается(помогите пожалста!!!) 😕 есть предположение что удалился какой то важный файл,возникла проблема с демон тулз(описаная в одном из постов) и почему — то появился флуппер в моём компьютере(хотя он отключен и удалён давно)

Logfile of random’s system information tool 1.06 (written by random/random)
Run by 1 at 2010-01-24 19:16:22
Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (21%) free of 20 GB
Total RAM: 511 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:17:39, on 24.01.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32HDDSvc.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
C:WINDOWSsystem32srvany.exe
C:WINDOWSsystem32resetservice.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSsystem32ctfmon.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesMail.RuAgentMAgent.exe
C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe
C:Program FilesRay AdamsATI Tray Toolsatitray.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesYandexOnlineonline.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesXFilesDialogXFilesDialog.EXE
C:Program FilesYandexOnlineyachatyachat.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesOperaopera.exe
C:Documents and Settings1Рабочий столRSIT.exe
C:Program Filestrend micro1.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WINDOWSPCHealthHelpCtrSystempanelsblank.htm
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WINDOWSPCHealthHelpCtrSystempanelsblank.htm
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 127.0.0.1

R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll (file missing)
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: btorbit.com — {000123B4-9B42-4900-B3F7-F4B073EFC214} — (no file)
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — (no file)
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — (no file)
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: Grab Pro — {C55BBCD6-41AD-48AD-9953-3609C48EACC7} — (no file)
O3 — Toolbar: PROMT — {892E81F6-EC63-4d13-8422-835A7A05D6EB} — C:Program FilesPRMT8PRMTIEprmtie.dll
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [Malwarebytes’ Anti-Malware] «C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe» /starttray
O4 — HKCU..Run: [AtiTrayTools] «C:Program FilesRay AdamsATI Tray Toolsatitray.exe»
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Punto Switcher.lnk = C:Program FilesPunto Switcherpunto.exe
O4 — Startup: XFilesDialog.LNK = C:Program FilesXFilesDialogXFilesDialog.EXE
O6 — HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: + Offline &Explorer: Download the link — file://C:Program FilesOffline Explorer EnterpriseAdd_UrlO.htm
O8 — Extra context menu item: + Offline E&xplorer: Download the current page — file://C:Program FilesOffline Explorer EnterpriseAdd_AllO.htm
O8 — Extra context menu item: Block frame with Ad Muncher — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=495J12A67777777ABC7&id=menu_ie_frame
O8 — Extra context menu item: Block image with Ad Muncher — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=495J12A67777777ABC7&id=menu_ie_image
O8 — Extra context menu item: Block link with Ad Muncher — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=495J12A67777777ABC7&id=menu_ie_link
O8 — Extra context menu item: Don’t filter page with Ad Muncher — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=495J12A67777777ABC7&id=menu_ie_exclude
O8 — Extra context menu item: Online-словари — C:Program FilesPRMT8PRMTIEoda.htm
O8 — Extra context menu item: Report page to the Ad Muncher developers — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=495J12A67777777ABC7&id=menu_ie_report
O8 — Extra context menu item: Автоматически определить шаблон тематики — C:Program FilesPRMT8PRMTIEaot.htm
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Настроить параметры перевода — C:Program FilesPRMT8PRMTIEoptions.htm
O8 — Extra context menu item: Незнакомые слова — C:Program FilesPRMT8PRMTIEinfopanel.htm
O8 — Extra context menu item: Открыть словарную статью — C:Program FilesPRMT8PRMTIEaddentry.htm
O8 — Extra context menu item: Перевести — C:Program FilesPRMT8PRMTIEtranslat.htm
O8 — Extra context menu item: Перевести страницу — C:Program FilesPRMT8PRMTIEpage.htm
O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program FilesDownload Masterremdown.htm
O8 — Extra context menu item: Поиск в Интернете — C:Program FilesPRMT8PRMTIEsearch.htm
O9 — Extra button: (no name) — {4034D172-4C52-49de-A6A1-E75F8F591FEC} — C:Program FilesPRMT8PRMTIEoptions.htm
O9 — Extra ‘Tools’ menuitem: Настроить параметры перевода — {4034D172-4C52-49de-A6A1-E75F8F591FEC} — C:Program FilesPRMT8PRMTIEoptions.htm
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {A2DA13D5-AC77-43b7-963B-40445EBCB8E0} — C:Program FilesPRMT8PRMTIEprmtie5.htm
O9 — Extra ‘Tools’ menuitem: Перевести — {A2DA13D5-AC77-43b7-963B-40445EBCB8E0} — C:Program FilesPRMT8PRMTIEprmtie5.htm
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 — DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) — http://go.microsoft.com/fwlink/?linkid=39204
O16 — DPF: {31150A86-0BBA-409F-BEB4-F3922D10BF34} (Gif89 Class) — file:///C:/Program%20Files/Windows%20Sidebar/Gadgets/Xplug%20Cam.gadget/en-US/xplug.ocx
O16 — DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) — http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264249530390
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 — HKLMSystemCCSServicesTcpip..{9532E2EB-2582-4667-8A06-D0D40D791D3E}: NameServer = 62.165.61.19
O20 — Winlogon Notify: reset5 — C:WINDOWSSYSTEM32reset5.dll
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: HDD Information Service (HDDSvc) — AltrixSoft (http://www.altrixsoft.com/) — C:WINDOWSsystem32HDDSvc.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: MBAMService — Malwarebytes Corporation — C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Reset 5 — Unknown owner — C:WINDOWSsystem32srvany.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: TuneUp Drive Defrag Service (TuneUp.Defrag) — TuneUp Software — C:WINDOWSSystem32TuneUpDefragService.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSSystem32wbemwmiapsrv.exe

—
End of file — 11472 bytes

======Scheduled tasks folder======

C:WINDOWStasksUser_Feed_Synchronization-{092139E4-5185-426B-90CA-37C2F67A0AE1}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2009-04-16 158208]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} — []
{892E81F6-EC63-4d13-8422-835A7A05D6EB} — PROMT — C:Program FilesPRMT8PRMTIEprmtie.dll [2008-01-29 782336]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-12-30 7975608]
«Malwarebytes’ Anti-Malware»=C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe [2010-01-07 429392]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«AtiTrayTools»=C:Program FilesRay AdamsATI Tray Toolsatitray.exe [2009-04-09 657920]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2008-12-23 289584]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe [2009-12-25 2553608]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]

C:Documents and Settings1Главное менюПрограммыАвтозагрузка
Punto Switcher.lnk — C:Program FilesPunto Switcherpunto.exe
XFilesDialog.LNK — C:Program FilesXFilesDialogXFilesDialog.EXE

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2009-07-21 155648]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyreset5]
C:WINDOWSsystem32reset5.dll [2002-09-10 17408]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«DisableStatusMessages»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoStartMenuPinnedList»=0
«NoStartMenuMFUprogramsList»=1
«NoUserNameInStartMenu»=1
«NoStartMenuSubFolders»=0
«NoCommonGroups»=0
«NoPrinters»=0
«NoRecentDocsNetHood»=0
«NoChangeAnimation»=0
«NoChangeKeyboardNavigationIndicators»=0
«NoDrives»=0
«NoSharedDocuments»=01000000
«NoDriveAutoRun»=67108863

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=
«NoDriveAutoRun»=
«NoDrives»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesFlashFXPFlashFXP.exe»=»C:Program FilesFlashFXPFlashFXP.exe:*:Enabled:FlashFXP v3»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{5faa15c2-cc91-11de-8905-8c0b5e09cd13}]
shellAutoRuncommand — F:autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e5f1134b-d747-11de-892e-8b043393ba13}]
shellAutoRuncommand — G:autorun.exe

======List of files/folders created in the last 1 months======

2010-01-24 18:11:55 —-D—- C:WINDOWSCSC
2010-01-24 17:39:22 —-D—- C:DVR110D
2010-01-24 13:39:23 —-D—- C:Documents and Settings1Application DataWinPatrol
2010-01-24 13:39:01 —-D—- C:Program FilesBillP Studios
2010-01-24 00:39:19 —-D—- C:Documents and SettingsAll UsersApplication DataSun
2010-01-24 00:39:13 —-D—- C:Program FilesCommon FilesJava
2010-01-23 20:55:23 —-A—- C:WINDOWSntbtlog.txt
2010-01-23 20:17:17 —-D—- C:Documents and Settings1Application DataInstallShield
2010-01-23 19:30:52 —-SHD—- C:RECYCLER
2010-01-23 17:56:05 —-A—- C:ComboFix.txt
2010-01-23 17:26:28 —-A—- C:WINDOWSsystem32wuapi.dll.mui
2010-01-23 17:12:17 —-A—- C:Boot.bak
2010-01-23 17:12:10 —-RASHD—- C:cmdcons
2010-01-23 17:10:24 —-D—- C:WINDOWSERDNT
2010-01-23 14:48:37 —-D—- C:WINDOWSsystem32Side 9 Screensaver dir
2010-01-23 14:07:28 —-D—- C:Program Filestrend micro
2010-01-23 14:07:05 —-D—- C:rsit
2010-01-23 13:48:04 —-D—- C:Documents and Settings1Application DataMalwarebytes
2010-01-23 13:47:53 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2010-01-23 13:47:52 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2010-01-23 13:16:37 —-D—- C:Program FilesTimeSink
2010-01-22 20:39:12 —-D—- C:Program Files3Planesoft Screensaver Manager
2010-01-22 20:39:12 —-D—- C:Documents and SettingsAll UsersApplication Data3Planesoft
2010-01-22 20:38:55 —-D—- C:Program FilesCaribbean Islands 3D Screensaver
2010-01-22 19:52:48 —-D—- C:Program FilesIsotope244 Graphics
2010-01-20 11:33:48 —-D—- C:Program FilesSpybot — Search & Destroy
2010-01-20 11:33:48 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2010-01-08 21:51:32 —-D—- C:Program FilesTranscend
2010-01-07 20:54:16 —-D—- C:Music
2010-01-07 16:05:31 —-DC—- C:Documents and SettingsAll UsersApplication Data{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2010-01-05 22:11:56 —-D—- C:Program FilesFastStone Capture
2010-01-05 19:05:09 —-D—- C:Documents and Settings1Application DataGames
2009-12-30 13:23:18 —-D—- C:Mail.ru 5.5
2009-12-30 13:22:00 —-D—- C:Program FilesНовый Диск
2009-12-30 09:57:26 —-D—- C:Program FilesCarambis
2009-12-29 19:49:50 —-D—- C:Documents and Settings1Application DataRigNRoll
2009-12-29 19:43:23 —-RA—- C:WINDOWSsystem32tmp1E5.tmp
2009-12-29 19:43:23 —-RA—- C:WINDOWSsystem32tmp1E4.tmp
2009-12-28 21:04:38 —-N—- C:WINDOWSsystem32spmsgXP_2k3.dll
2009-12-28 20:37:30 —-D—- C:Program FilesTVPlayerClassic
2009-12-28 20:15:02 —-D—- C:Documents and Settings1Application DataYaChatData
2009-12-28 00:38:32 —-A—- C:WINDOWSsystem32CmdLineExt.dll

======List of files/folders modified in the last 1 months======

2010-01-24 19:17:33 —-D—- C:Documents and Settings1Application DatauTorrent
2010-01-24 18:30:20 —-D—- C:WINDOWSTemp
2010-01-24 18:25:40 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2010-01-24 18:23:38 —-RD—- C:Program Files
2010-01-24 18:20:34 —-D—- C:WINDOWSsystem32CatRoot2
2010-01-24 18:19:01 —-D—- C:WINDOWSsystem32config
2010-01-24 18:18:47 —-D—- C:WINDOWSsystem32wbem
2010-01-24 18:18:47 —-D—- C:WINDOWSRegistration
2010-01-24 18:18:15 —-SHD—- C:WINDOWSInstaller
2010-01-24 18:18:15 —-D—- C:WINDOWSsystem32
2010-01-24 18:18:15 —-D—- C:Config.Msi
2010-01-24 18:11:55 —-D—- C:WINDOWS
2010-01-24 17:55:01 —-A—- C:WINDOWSSchedLgU.Txt
2010-01-24 17:08:48 —-D—- C:WINDOWSsecurity
2010-01-24 16:04:08 —-D—- C:Program FilesDriver Checker
2010-01-24 15:04:40 —-D—- C:Documents and Settings1Application DataBabylonia
2010-01-24 13:38:47 —-D—- C:WINDOWSPrefetch
2010-01-24 05:53:26 —-D—- C:Program FilesJava
2010-01-24 00:39:13 —-D—- C:Program FilesCommon Files
2010-01-23 21:09:15 —-D—- C:WINDOWSDebug
2010-01-23 19:52:44 —-D—- C:WINDOWSSoftwareDistribution
2010-01-23 19:35:05 —-HD—- C:Program FilesInstallShield Installation Information
2010-01-23 19:32:52 —-HDC—- C:WINDOWS$NtServicePackUninstall$
2010-01-23 19:32:33 —-HDC—- C:WINDOWS$NtUninstallWdf01007$
2010-01-23 19:32:33 —-HDC—- C:WINDOWS$NtUninstallMSCompPackV1$
2010-01-23 19:32:33 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2010-01-23 19:32:32 —-HDC—- C:WINDOWS$NtUninstallWudf01000$
2010-01-23 19:32:31 —-HDC—- C:WINDOWS$NtUninstallXPSEPSCLP$
2010-01-23 19:31:47 —-D—- C:WINDOWSMinidump
2010-01-23 19:30:33 —-SD—- C:WINDOWSTasks
2010-01-23 18:50:29 —-RSHDC—- C:WINDOWSsystem32dllcache
2010-01-23 18:50:26 —-D—- C:WINDOWSsystem32CatRoot
2010-01-23 17:54:17 —-N—- C:WINDOWSsystem.ini
2010-01-23 17:52:40 —-D—- C:WINDOWSsystem32drivers
2010-01-23 17:52:40 —-D—- C:WINDOWSAppPatch
2010-01-23 17:36:58 —-SD—- C:WINDOWSDownloaded Program Files
2010-01-23 17:33:44 —-HD—- C:WINDOWSinf
2010-01-23 17:26:46 —-D—- C:WINDOWSHelp
2010-01-23 17:23:41 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-01-23 17:12:17 —-RASH—- C:boot.ini
2010-01-23 15:33:33 —-D—- C:WINDOWSMedia
2010-01-22 16:11:42 —-SD—- C:Documents and Settings1Application DataMicrosoft
2010-01-16 23:43:16 —-A—- C:WINDOWSNeroDigital.ini
2010-01-12 21:03:43 —-D—- C:Program FilesSMSDV
2010-01-12 17:08:44 —-A—- C:WINDOWSwinamp.ini
2010-01-11 20:08:21 —-D—- C:Downloads
2010-01-07 23:58:42 —-D—- C:Program FilesuTorrent
2010-01-05 17:02:26 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-01-05 16:46:06 —-D—- C:Program FilesNokia
2010-01-05 16:46:06 —-D—- C:Program FilesCommon FilesNokia
2009-12-30 09:49:10 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-12-29 19:48:11 —-D—- C:Program FilesCommon FilesAdobe
2009-12-29 19:43:23 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-12-29 19:43:23 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-12-29 19:43:21 —-D—- C:WINDOWSsystem32DirectX
2009-12-29 19:42:12 —-RSD—- C:WINDOWSassembly
2009-12-29 18:41:03 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-12-28 21:05:51 —-D—- C:Documents and Settings1Application DataNokia
2009-12-28 21:05:50 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
2009-12-28 20:15:15 —-D—- C:Documents and Settings1Application DataYandex
2009-12-28 20:14:50 —-D—- C:Program FilesYandex
2009-12-28 12:57:57 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-12-28 12:57:24 —-D—- C:Program FilesAGEIA Technologies
2009-12-27 15:28:53 —-D—- C:VKontakteDJ
2009-12-26 09:28:50 —-D—- C:Program FilesSpeedFan
2009-12-26 08:58:16 —-D—- C:Program FilesWindows Sidebar
2009-12-26 08:58:15 —-RSD—- C:WINDOWSFonts
2009-12-26 08:40:20 —-HD—- C:WINDOWSIcons
2009-12-26 08:16:00 —-D—- C:Program FilesOrbitdownloader
2009-12-26 08:15:57 —-D—- C:Program FilesTVPlayerClassic(2)
2009-12-26 08:15:29 —-D—- C:Documents and Settings1Application DataOrbit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-11-25 48560]
R1 atitray;atitray; ??C:Program FilesRay AdamsATI Tray Toolsatitray.sys []
R1 cpuidlep;CpuIdle Pro System Driver; C:WINDOWSsystem32driverscpuidlep.sys [2009-05-07 4484]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSSystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 uzm3mtq4;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzm3mtq4.sys []
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-11-25 94160]
R2 atksgt;atksgt; C:WINDOWSsystem32DRIVERSatksgt.sys [2009-12-28 281760]
R2 lirsgt;lirsgt; C:WINDOWSsystem32DRIVERSlirsgt.sys [2009-12-28 25888]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-09-24 4122368]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2009-07-21 3565056]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:WINDOWSsystem32DRIVERSgflmouhid.sys [2005-07-12 7808]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSSystem32DRIVERShidusb.sys [2008-04-13 10368]
R3 MBAMProtector;MBAMProtector; ??C:WINDOWSsystem32driversmbam.sys []
R3 mouhid;Драйвер мыши HID; C:WINDOWSSystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:WINDOWSsystem32DRIVERSNTIDrvr.sys [2005-09-06 6144]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2008-10-31 117120]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSSystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSSystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSSystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSSystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S3 AmdLLD;AMD Low Level Device Driver; C:WINDOWSsystem32DRIVERSAmdLLD.sys []
S3 catchme;catchme; ??C:DOCUME~11LOCALS~1Tempcatchme.sys []
S3 cisaspi0;Cistone ASPI Driver; C:WINDOWSsystem32driverscisaspi0.sys []
S3 Maplom;Maplom; C:WINDOWSsystem32driversMaplom.sys [2007-11-13 34304]
S3 nm;Драйвер сетевого монитора; C:WINDOWSsystem32DRIVERSNMnt.sys [2008-04-13 40320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys []
S3 SONYPVU1;Драйвер Sony USB фильтра (SONYPVU1); C:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2001-08-17 7552]
S3 StMp3Rec;Player Recovery Device Control Driver; C:WINDOWSSystem32DriversStMp3Rec.sys [2006-06-15 71368]
S3 TVICHW32;TVICHW32; ??C:WINDOWSsystem32DRIVERSTVICHW32.SYS []
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys []
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-01-18 83328]
S4 sptd;sptd; C:WINDOWSSystem32Driverssptd.sys [2009-11-01 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2009-07-21 602112]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 HDDSvc;HDD Information Service; C:WINDOWSsystem32HDDSvc.exe [2008-02-27 189704]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-10-28 153376]
R2 MBAMService;MBAMService; C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe [2010-01-07 236368]
R2 Reset 5;Reset 5; C:WINDOWSsystem32srvany.exe [2002-05-03 7168]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2009-07-21 593920]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2006-10-30 741376]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:WINDOWSSystem32TuneUpDefragService.exe [2009-11-14 361288]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2006-10-30 122880]
S4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:WINDOWSSystem32TUProgSt.exe [2009-11-14 604488]
S4 UxTuneUp;TuneUp Theme Extension; C:WINDOWSSystem32svchost.exe [2008-04-14 14336]

EOF

info.txt logfile of random’s system information tool 1.06 2010-01-24 21:21:31

======Uninstall list======

—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
µTorrent—>»C:Program FilesuTorrentuTorrent.exe» /UNINSTALL
7-Zip 4.59 alpha 4—>»C:Program Files7-ZipUninstall.exe»
Ad Muncher v4.71 Build 28140—>»C:Program FilesAd Muncherunins000.exe»
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 9.2 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A92000000001}
Alky for Applications (Windows XP)—>MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
ATI — Утилита деинсталляции—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x70
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus—>C:Program FilesAlwil SoftwareAvast4aswRunDll.exe «C:Program FilesAlwil SoftwareAvast4Setupsetiface.dll»,RunSetup
Catalyst Control Center — Branding—>MsiExec.exe /I{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}
CCleaner (remove only)—>»C:Program FilesCCleaneruninst.exe»
Dark Messiah—>C:Program FilesInstallShield Installation Information{D8E48C14-B27B-4A9A-B099-685CADB63CBD}setup.exe -runfromtemp -l0x0009 -removeonly
Digalo 2000 Russian—>C:WINDOWSIsUninst.exe -f»C:Program FilesDigaloDigalo 2000 RussianUninst.isu»
Download Master version 5.5.14.1175—>»C:Program FilesDownload Masterunins000.exe»
Driver Checker v2.7.3—>»C:Program FilesDriver Checkerunins000.exe»
EVEREST Ultimate—>rundll32 advpack,LaunchINFSection C:WINDOWSINFEverest5.inf,Uninstall
Flash Player Pro 3.9—>C:Program FilesFlash Player ProUninstall.exe
Free PDF to Word Doc Converter v1.1—>»C:Program FilesFree PDF to Word Doc Converterunins000.exe»
Hard Drive Inspector Professional 2.90 build # 467—>C:Program FilesHard Drive InspectorUninst.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
K-Lite Codec Pack 4.7.5 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
Light Alloy 4.1—>C:Program FilesLight Alloyuninst.exe
Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Malwarebytes’ Anti-Malware—>»C:Program FilesMalwarebytes’ Anti-Malwareunins000.exe»
MediaInfo 0.7.22—>C:Program FilesMediaInfouninst.exe
MetaProducts Offline Explorer Enterprise—>C:Program FilesOffline Explorer EnterpriseOE.exe /UnInstall
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{736D8DEB-66C6-3655-9D59-DF6493A81F77}
Microsoft .NET Framework 2.0 Service Pack 2—>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{6CF6A814-CE65-39FC-BBBC-6CB340A4028B}
Microsoft .NET Framework 3.0 Service Pack 2—>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 — rus—>MsiExec.exe /I{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}
Microsoft .NET Framework 3.5 SP1—>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP—>C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWdf01007$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWudf01007$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable — x86 9.0.21022—>MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Windows Media Video 9 VCM—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFwmv9vcm.inf, Uninstall
MSVC80_x86—>MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 6.0 Parser (KB925673)—>MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 7 Ultra Edition—>MsiExec.exe /I{4908C75E-E5E2-43F7-B1DF-023CBA831049}
NevoSoft Babylonia (remove only)—>»C:ИгрыBabyloniauninstall.exe»
NVIDIA GAME System Software 2.8.1—>MsiExec.exe /I{4F0C7CCF-5666-474B-B02E-AC514A95EC93}
NVIDIA PhysX—>MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
Opera 10.10—>MsiExec.exe /X{39E3724F-6C33-4E8B-96DD-08B3FB284143}
PROMT Expert 8 Giant—>MsiExec.exe /I{A4F761F7-FBC8-49BF-BC37-15550C3EAA85}
Punto Switcher 3.1—>C:Program FilesPunto Switcheruninstall.exe
Ray Adams ATI Tray Tools—>»C:Program FilesRay AdamsATI Tray Toolsuninstall.exe»
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» -l0x19 -removeonly
Reg Organizer 4.21—>»C:Program FilesReg Organizerunins000.exe»
Side 9 Screensaver—>C:WINDOWSsystem32Side 9 Screensaver.scr /u
Smarty Uninstaller Pro—>»C:Program FilesSmarty Uninstaller Prounins000.exe»
SMSDV v.1.9.7 (30 ноября 2009г.)—>»C:Program FilesSMSDVunins000.exe»
SpeedFan (remove only)—>»C:Program FilesSpeedFanuninstall.exe»
Switch Off—>»C:Program FilesSwitch Offuninstall.exe»
Total Commander 6.03a—>»C:Program FilesTotal Commandertcuninst.exe»
Total Video Converter 3.20 090114—>»C:Program FilesTotal Video Converterunins000.exe»
Transcend T.sonic 530 MP3 Player—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1E451CD1-5F1B-4AA0-8881-3A7EC1BC9ECA}startone.exe» -l0x9
TuneUp Utilities 2009—>MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
TV Player Classic 6.5—>»C:Program FilesTVPlayerClassicunins000.exe»
Universal Document Converter—>»C:Program FilesUniversal Document Converterunins000.exe»
USB Disk Security 5.1.0.15—>»C:Program FilesUSB Disk Securityunins000.exe»
vanBasco’s Karaoke Player—>C:Program FilesvanBasco’s Karaoke Playeruninst.exe
VKLife 1.9—>»C:VKLifeunins000.exe»
VKontakteDJ 1.0.56—>»C:VKontakteDJunins000.exe»
WinDjView 1.0.3—>C:Program FilesWinDjViewuninstall.exe
Windows Internet Explorer 8—>»C:WINDOWSie8spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows Presentation Foundation—>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3—>»C:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe»
XFilesDialog—>C:Program FilesXFilesDialogXFilesDialog.EXE -u
XP Tweaker 1.50—>C:Program FilesXP TweakerUninstall.exe
Архиватор WinRAR (только удаление)—>C:Program FilesWinRARuninstall.exe
ВКонтакте IM 0.3.1—>»C:Program FilesVKontakteIMunins000.exe»
Говорилка—>»C:Program FilesГоворилкаunins000.exe»
Данные ДубльГИС г.Курган 01.11.2009—>MsiExec.exe /X{FFD578E8-A527-4A73-AC84-1DABDB70F4AB}
ДубльГИС 3.0.5.4—>MsiExec.exe /X{67A1DF48-1CEA-468C-ADAA-74BA915437D8}
Обновление безопасности для Windows Internet Explorer 8 (KB972260)—>»C:WINDOWSie8updatesKB972260-IE8spuninstspuninst.exe»
Обновление для Windows Internet Explorer 8 (KB973874)—>»C:WINDOWSie8updatesKB973874-IE8spuninstspuninst.exe»
Пакет драйверов Windows — Intel hdc (11/15/2006 8.2.0.1011)—>C:PROGRA~1DIFX6EA96BF9D205DCC2DPInst.exe /u C:WINDOWSsystem32DRVSTOREich5id2_3B2D9735E1093BA64AFBA0316592483B63C214B1ich5id2.inf
Пакет драйверов Windows — Intel hdc (11/15/2006 8.2.0.1011)—>C:PROGRA~1DIFX6EA96BF9D205DCC2DPInst.exe /u C:WINDOWSsystem32DRVSTOREich5ide_0F9522C970CE244F2B21DD30BEF551262B7B8BEBich5ide.inf
Пакет драйверов Windows — Intel System (01/10/2005 7.0.0.1011)—>C:PROGRA~1DIFX6EA96BF9D205DCC2DPInst.exe /u C:WINDOWSsystem32DRVSTOREich5core_A2E5B252662503FF01F92130E8DE1814B0B72635ich5core.inf
Пакет драйверов Windows — Intel System (03/25/2004 5.1.0.1009)—>C:PROGRA~1DIFX6EA96BF9D205DCC2DPInst.exe /u C:WINDOWSsystem32DRVSTORE865_B47A0A21EAB7CFC377E04DEC07D69DE6100976A8865.inf
Пакет драйверов Windows — Realtek Semiconductor Corp. (RTL8023xp) Net (10/30/2008 5.707.1030.2008)—>C:PROGRA~1DIFX6EA96BF9D205DCC2DPInst.exe /u C:WINDOWSsystem32DRVSTOREnetrtlx_54127BD98AFAC8C1B359A2D790F8A03F81BA94E6netrtlx.inf
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Сократ Персональный 4.1—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9CD789E2-B7CE-11D5-B7E9-00A0C9449F99}setup.exe»
Трудно Быть Богом—>»D:GAMESТрудно Быть Богомunins000.exe»
Шерлок Холмс и секрет Ктулху. Золотое издание—>C:Program FilesInstallShield Installation Information{DC40C0D5-4082-4DE6-8629-4EB3B1B73EB5}setup.exe -runfromtemp -l0x0019 -removeonly
Я.Онлайн 3.0.0—>»C:Program FilesYandexOnlineunins000.exe»

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100124-0]

======System event log======

Computer Name: 1-60TO01HFJ6RNG
Event Code: 26
Message: Всплывающее окно приложения: drwtsn32.exe — Сбой инициализации DLL : Сбой при инициализации приложения из-за остановки рабочей станции.

Record Number: 5
Source Name: Application Popup
Time Written: 20100122131615.000000+300
Event Type: информация
User:

Computer Name: 1-60TO01HFJ6RNG
Event Code: 4201
Message: Система обнаружила, что сетевой адаптер DEVICETCPIP_{9532E2EB-2582-4667-8A06-D0D40D791D3E} был подключен к сети,
и инициировала нормальную работу через этот сетевой адаптер.

Record Number: 4
Source Name: Tcpip
Time Written: 20100122113833.000000+300
Event Type: информация
User:

Computer Name: 1-60TO01HFJ6RNG
Event Code: 1001
Message: Компьютер был перезагружен после критической ошибки:
0x10000050 (0xd2f000fc, 0x00000000, 0xf87667d9, 0x00000000).
Копия памяти сохранена: C:WINDOWSMinidumpMini012210-01.dmp.

Record Number: 3
Source Name: Save Dump
Time Written: 20100122113810.000000+300
Event Type: информация
User:

Computer Name: 1-60TO01HFJ6RNG
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 2
Source Name: EventLog
Time Written: 20100122113804.000000+300
Event Type: информация
User:

Computer Name: 1-60TO01HFJ6RNG
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20100122113804.000000+300
Event Type: информация
User:

=====Application event log=====

Computer Name: 1-60TO01HFJ6RNG
Event Code: 11309
Message: Product: Vampire — The Masquerade Bloodlines — Error 1309.Error reading from file: C:WINDOWSInstallerSetupDataVampiresoundcharacterdlgchinatownbarabusline92_col_e.mp3. System error 3. Verify that the file exists and that you can access it.

Record Number: 1378
Source Name: MsiInstaller
Time Written: 20091122162120.000000+300
Event Type: ошибка
User: 1-60TO01HFJ6RNG1

Computer Name: 1-60TO01HFJ6RNG
Event Code: 11309
Message: Product: Vampire — The Masquerade Bloodlines — Error 1309.Error reading from file: C:WINDOWSInstallerSetupDataVampiresoundcharacterdlgchinatownbarabusline91_col_e.mp3. System error 3. Verify that the file exists and that you can access it.

Record Number: 1377
Source Name: MsiInstaller
Time Written: 20091122162120.000000+300
Event Type: ошибка
User: 1-60TO01HFJ6RNG1

Computer Name: 1-60TO01HFJ6RNG
Event Code: 11309
Message: Product: Vampire — The Masquerade Bloodlines — Error 1309.Error reading from file: C:WINDOWSInstallerSetupDataVampiresoundcharacterdlgchinatownbarabusline90_col_e.mp3. System error 3. Verify that the file exists and that you can access it.

Record Number: 1376
Source Name: MsiInstaller
Time Written: 20091122162120.000000+300
Event Type: ошибка
User: 1-60TO01HFJ6RNG1

Computer Name: 1-60TO01HFJ6RNG
Event Code: 11309
Message: Product: Vampire — The Masquerade Bloodlines — Error 1309.Error reading from file: C:WINDOWSInstallerSetupDataVampiresoundcharacterdlgchinatownbarabusline88_col_e.mp3. System error 3. Verify that the file exists and that you can access it.

Record Number: 1375
Source Name: MsiInstaller
Time Written: 20091122162120.000000+300
Event Type: ошибка
User: 1-60TO01HFJ6RNG1

Computer Name: 1-60TO01HFJ6RNG
Event Code: 11309
Message: Product: Vampire — The Masquerade Bloodlines — Error 1309.Error reading from file: C:WINDOWSInstallerSetupDataVampiresoundcharacterdlgchinatownbarabusline87_col_e.mp3. System error 3. Verify that the file exists and that you can access it.

Record Number: 1374
Source Name: MsiInstaller
Time Written: 20091122162120.000000+300
Event Type: ошибка
User: 1-60TO01HFJ6RNG1

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«windir»=%SystemRoot%
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 4 Stepping 1, GenuineIntel
«PROCESSOR_REVISION»=0401
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«FP_NO_HOST_CHECK»=NO
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%system32wbem;C:Program FilesATI TechnologiesATI.ACECore-Static;C:Program FilesAlky for ApplicationsLibraries

EOF
27 января, 2010 в 5:23 пп #28117
Admin
Keymaster
- Темы:40
- Сообщений:5676
Здравствуйте, добро пожаловать на Spyware-ru форум.

есть предположение что удалился какой то важный файл,возникла проблема с демон тулз

Вы пробовали временно удалить Daemon Tools ?
И ещё, в корне вашего системного диска (тот диск где находится папка Windows) должен находится лог программы Combofix. Вставьте его содержимое в ваше следующее сообщение.
Автор

Сообщения

Просмотр 2 сообщений - с 1 по 2 (из 2 всего)

Тема ‘после использования combofix глюки в компе’ закрыта для новых сообщений.

после использования combofix глюки в компе

Добро пожаловать

Поиск

Последние темы

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки