Удаление вирусов и троянов. Защита компьютера. › Помощь в удалении вирусов, троянов, рекламы и других зловредов › Про лечение компа от троянов
- This topic has 21 ответ, 2 участника, and was last updated 15 years, 10 months назад by Admin.
-
АвторСообщения
-
5 января, 2009 в 10:55 дп #16079
Спасибо за ответ по неработающей программе 😀 Скачала Outviewit. и вот резельтат скана:
OTViewIt Extras logfile created on: 05.01.2009 13:48:01 — Run
OTViewIt by OldTimer — Version 1.0.21.0 Folder = C:Documents and SettingsОлесяРабочий стол
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy957,48 Mb Total Physical Memory | 415,49 Mb Available Physical Memory | 43,39% Memory free
2,26 Gb Paging File | 1,77 Gb Available in Paging File | 78,41% Paging File free
Paging file location(s): C:pagefile.sys 1440 2880;%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 72,97 Gb Total Space | 21,14 Gb Free Space | 28,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: BD283CD7CD86497
Current User Name: Олеся
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days========== File Associations ==========
[HKEY_LOCAL_MACHINESOFTWAREClasses
]
.js [@ = Reg Error: Value does not exist or could not be read.] — Reg Error: Key does not exist or could not be opened. File not found========== Security Center Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«FirstRunDisabled»=1
«AntiVirusDisableNotify»=0
«FirewallDisableNotify»=0
«UpdatesDisableNotify»=0
«AntiVirusOverride»=0
«FirewallOverride»=0
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall]HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile
«EnableFirewall»=1
«DoNotAllowExceptions»=0
«DisableNotifications»=0
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplications]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPorts]========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2007.11.27 13:31:38 | 00,067,128 | —- | M] (Logitech Inc.) — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007.10.18 11:35:06 | 05,724,184 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger
[2007.10.02 17:18:24 | 00,304,488 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengerlivecall.exe:*:Enabled:Windows Live Messenger (Phone)[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2006.02.28 12:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour
[2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.) — C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6
[2008.10.25 11:27:15 | 00,270,128 | —- | M] (BitTorrent, Inc.) — C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent
[2007.11.27 13:31:38 | 00,067,128 | —- | M] (Logitech Inc.) — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found — C:Program FilesSightSpeedSightSpeed.exe:*:Enabled:SightSpeed
File not found — C:Program FilesFlashGetFlashGet.exe:*:Enabled:Flashget
[2007.03.07 13:27:12 | 00,567,384 | —- | M] (http://www.sopcast.com) — C:Program FilesSopCastadvSopAdver.exe:*:Enabled:SopCast Adver
[2008.04.30 11:32:48 | 01,892,352 | —- | M] (http://www.sopcast.com) — C:Program FilesSopCastSopCast.exe:*:Enabled:SopCast Main Application
File not found — C:Program FilesUtkonosUtkonos.exe:*:Enabled:Резервирование товаров
[2008.08.23 08:56:15 | 00,635,848 | —- | M] (Microsoft Corporation) — C:Program FilesInternet Exploreriexplore.exe:*:Enabled:Internet Explorer
File not found — C:Program FilesCounter-Strike — Fusion Pack SourceCounter-Strike-Fusion Pack Sourcesetuphl2.exe:*:Enabled:hl2
[2007.05.17 16:08:14 | 00,661,776 | —- | M] (IVT Corporation.) — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe:*:Enabled:BlueSoleil
File not found — C:Program FilesBearShare ApplicationsBearShareBearShare.exe:*:Enabled:BearShare
[2007.07.27 11:59:42 | 01,275,136 | —- | M] (Sony Creative Software Inc.) — C:Program FilesSony EricssonSony Ericsson Media Manager 1.0MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0
[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe:*:Disabled:Проводник
File not found — C:Program Files1CТерминатор 3 — Война машинt3.exe:*:Disabled:T3
File not found — C:Program FilesTVUPlayerTVUPlayer.exe:*:Disabled:TVUPlayer Component
[2007.10.18 11:35:06 | 05,724,184 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger
[2007.10.02 17:18:24 | 00,304,488 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengerlivecall.exe:*:Enabled:Windows Live Messenger (Phone)========== (O10) Winsock2 Catalogs ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWinSock2Parameters]
NameSpace_Catalog5Catalog_Entries 00000000001 [TCP/IP] — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
NameSpace_Catalog5Catalog_Entries 00000000003 [Пространство имен службы сетевого расположения (NLA)] — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
NameSpace_Catalog5Catalog_Entries 00000000004 [mdnsNSP] — C:Program FilesBonjourmdnsNSP.dll (Apple Computer, Inc.)
Protocol_Catalog9Catalog_Entries 00000000001 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000002 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000003 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000004 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000005 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000006 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000007 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000008 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000009 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000010 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000011 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000012 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000013 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000014 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000015 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000016 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000017 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000018 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000019 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000020 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000021 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)========== (O18) Protocol Handlers ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.11.27 13:31:38 | 00,028,711 | —- | M] (Logitech Inc.) C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll (bwfile-8876480:{9462A756-7B47-47BC-8C80-C34B9B80B32B} (HKLM) [BackWeb GA Pluggable Protocol])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2008.04.14 19:10:41 | 01,431,552 | —- | M] (Корпорация Майкрософт) C:WINDOWSsystem32msvidctl.dll (dvd:{12D51199-0DB5-46FE-A120-47A3D7D937CC} (HKLM) [DVD: подключаемый протокол])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
ipp: [HKLM — No CLSID value][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.09.20 11:33:58 | 00,843,984 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesSystemOle DBMSDAIPP.DLL ipp x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAMON.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.10.18 10:31:54 | 00,066,072 | —- | M] (Microsoft Corporation) C:Program FilesWindows LiveMessengermsgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
msdaipp: [HKLM — No CLSID value][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.09.20 11:33:58 | 00,843,984 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesSystemOle DBMSDAIPP.DLL msdaipp x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAMON.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.09.20 11:33:58 | 00,843,984 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesSystemOle DBMSDAIPP.DLL msdaippoledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAIPP.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2000.04.19 18:47:36 | 00,520,117 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedInformation RetrievalMSITSS.DLL (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.10.18 10:31:54 | 00,066,072 | —- | M] (Microsoft Corporation) C:Program FilesWindows LiveMessengermsgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.03.14 12:10:22 | 07,255,384 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedWeb Components10OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.05.10 12:45:34 | 08,069,464 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedWeb Components11OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2008.04.14 19:10:41 | 01,431,552 | —- | M] (Корпорация Майкрософт) C:WINDOWSsystem32msvidctl.dll (tv:{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} (HKLM) [ТВ: подключаемый протокол])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.10.23 12:14:52 | 00,858,136 | —- | M] (Microsoft Corporation) C:Program FilesWindows LiveMailmailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])========== (O18) Protocol Filters ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSFilter] — Protocol Filters
[2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт) C:WINDOWSsystem32shell32.dll text/webviewhtml:{733AC4CB-F1A4-11d0-B951-00A0C90312E1} (HKLM) [WebView MIME Filter][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSFilter] — Protocol Filters
[2007.04.19 12:57:40 | 00,046,432 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{01AE68B4-C785-4865-BC7E-78456372BB75}»=RU
«{04AF207D-9A77-465A-8B76-991F6AB66245}»=Adobe Help Viewer CS3
«{08B32819-6EEF-4057-AEDA-5AB681A36A23}»=Adobe Bridge Start Meeting
«{0935DF3B-EA44-4C5E-9011-BD1958E88DFE}»=Akıllı Menüler (Windows Live Toolbar)
«{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}»=OpenOffice.org Installer 1.0
«{105CFC7C-6992-11D5-BD9D-000102C10FD8}»=Lizardtech DjVu Control
«{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}»=Adobe WinSoft Linguistics Plugin
«{18D10072035C4515918F7E37EAFAACFC}»=AutoUpdate
«{1B6BAD26-1406-43BA-ABD1-CEE99ADEF1ED}»=Windows Live installer
«{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}»=Google Планета Земля
«{2006113D-C99B-488D-B707-CA0710804F8F}»=Windows Live Fotoğraf Galerisi
«{2318C2B1-4965-11d4-9B18-009027A5CD4F}»=Google Toolbar for Internet Explorer
«{236BB7C4-4419-42FD-0409-1E257A25E34D}»=Adobe Photoshop CS2
«{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}»=PDF Settings
«{29E5EA97-5F74-4A57-B8B2-D4F169117183}»=Adobe Stock Photos CS3
«{2FFE93F0-BB72-4E52-8761-354D1AAA9387}»=Sony Ericsson PC Suite 3.209.00
«{301CC261-0ECA-448D-8F21-A9D474AB40B4}»=Windows Live Messenger
«{30981FCD-4150-4AB4-BAC5-75C9E914347D}»=Adobe Setup
«{350C9419-3D7C-4EE8-BAA9-00BCB3D54227}»=WebFldrs XP
«{3F4EC965-28EF-45C3-B063-04B25D4E9679}»=WIDCOMM Bluetooth Software
«{438BB9B4-65FE-4626-91D9-A8F57B18001D}»=Bluesoleil2.6.0.8 Release 070517
«{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}»=FontNav
«{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}»=Adobe Setup
«{50AE04E7-DCE6-4304-B65A-9F6C09935CE6}»=Windows Live Toolbar
«{510E9D24-C50A-4401-827E-0B2B0458C625}»=Windows Live Writer
«{51846830-E7B2-4218-8968-B77F0FF475B8}»=Adobe Color EU Extra Settings
«{52B99BCA-6251-498F-88CA-420D31CBC8C7}»=Wacom JustWrite Office
«{54793AA1-5001-42F4-ABB6-C364617C6078}»=Adobe Linguistics CS3
«{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}»=Macromedia Extension Manager
«{583EF20C-4DD0-43B0-8178-F0E8F76BBB09}»=Windows Live Mail
«{5B09BD67-4C99-46A1-8161-B7208CE18121}»=QuickTime
«{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}»=Sony USB Driver
«{60DE4033-9503-48D1-A483-7846BD217CA9}»=ICQ6
«{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}»=Adobe Color NA Extra Settings
«{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}»=Adobe Setup
«{67EDD823-135A-4D59-87BD-950616D6E857}»=EPSON Copy Utility 3
«{6ABE0BEE-D572-4FE8-B434-9E72A289431B}»=Adobe Fonts All
«{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}»=Adobe Color Common Settings
«{6D7B211A-88EA-490c-BAB9-3600D8D7C503}»=ConnectionServices
«{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}»=Adobe Asset Services CS3
«{7299052b-02a4-4627-81f2-1818da5d550d}»=Microsoft Visual C++ 2005 Redistributable
«{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}»=Avanquest update
«{77D2A9D3-5800-43E3-B274-87841BC87DB2}»=Adobe ExtendScript Toolkit 2
«{786C5747-1033-0000-B58E-000000000001}»=Adobe Stock Photos 1.0
«{7B63B2922B174135AFC0E1377DD81EC2}»=DivX Codec
«{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}»=CorelDRAW Graphics Suite X3
«{7F0F5F58-0EE4-4DAB-B5C2-C047A250C696}»=Adobe Setup
«{802771A9-A856-4A41-ACF7-1450E523C923}»=Adobe XMP Panels CS3
«{870F1750-BA89-11DA-A94D-0800200C9A66}_is1″=VSO CopyToDVD 4
«{885A63EA-382B-4DD4-A755-14809B8557D6}»=Macromedia Flash Player 8
«{8ADFC4160D694100B5B8A22DE9DCABD9}»=DivX Player
«{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}»=Adobe Setup
«{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}»=Macromedia Flash 8 Video Encoder
«{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}»=Adobe Device Central CS3
«{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}»=Adobe Type Support
«{8EDBA74D-0686-4C99-BFDD-F894678E5B39}»=Adobe Common File Installer
«{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}»=Logitech Desktop Messenger
«{90110419-6000-11D3-8CFE-0150048383C9}»=Microsoft Office — профессиональный выпуск версии 2003
«{90176341-0A8B-4CCC-A78D-F862228A6B95}»=Adobe Anchor Service CS3
«{90546A9B-9B86-4D8A-B381-EF8D8AAE73E1}»=Extensis Suitcase 9.2
«{91057632-CA70-413C-B628-2D3CDBBB906B}»=Macromedia Flash Player 8 Plugin
«{9233A730-542C-43B5-9A16-6C9EF69281B2}»=Windows Live Toolbar Uzantısı (Windows Live Toolbar)
«{95655ED4-7CA5-46DF-907F-7144877A32E5}»=Adobe Color NA Recommended Settings
«{9C9824D9-9000-4373-A6A5-D0E5D4831394}»=Adobe Bridge CS3
«{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}»=Adobe CMaps
«{A2D81E70-2A98-4A08-A628-94388B063C5E}»=Adobe Color — Photoshop Specific
«{AC76BA86-7AD7-1033-7B44-A81200000003}»=Adobe Reader 8.1.2
«{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}»=Windows Live Oturum Açma Yardımcısı
«{B13A7C41581B411290FBC0395694E2A9}»=DivX Converter
«{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}»=Adobe Camera Raw 4.0
«{B508B3F1-A24A-32C0-B310-85786919EF28}»=Microsoft .NET Framework 2.0 Service Pack 1
«{B7050CBDB2504B34BC2A9CA0A692CC29}»=DivX Web Player
«{B74D4E10-1033-0000-0000-000000000001}»=Adobe Bridge 1.0
«{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}»=Apple Software Update
«{B87B54F6-7CD5-45b2-B873-3F95C558768A}»=BitAccelerator
«{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}»=Adobe Default Language CS3
«{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}»=Adobe Color EU Recommended Settings
«{C1E54885-ABED-4B4D-8D9F-ECC7E379FB9F}»=Sony Ericsson Media Manager 1.0
«{C43048A9-742C-4DAD-90D2-E3B53C9DB825}»=Logitech QuickCam Software
«{C59CEB1E-097E-4603-8B43-EE0D8482897D}»=Vurgu Görüntüleyicisi (Windows Live Toolbar)
«{C94E45B0-6AA6-4FB9-9AAE-22085F631880}»=VBA
«{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}»=Microsoft .NET Framework 1.1
«{D0DFF92A-492E-4C40-B862-A74A173C25C5}»=Adobe Version Cue CS3 Client
«{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}»=Adobe PDF Library Files
«{D92B72E2-C854-4738-8ED6-4C3661CC17AE}»=Adobe Color JA Extra Settings
«{DBEA1034-5882-4A88-8033-81C4EF0CFA29}»=Google Toolbar for Internet Explorer
«{DC226AC9-0314-496C-BE6A-B6A132628466}»=SiSAGP driver
«{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}»=jetAudio Basic
«{E69AE897-9E0B-485C-8552-7841F48D42D8}»=Adobe Update Manager CS3
«{E9787678-1033-0000-8E67-000000000001}»=Adobe Help Center 1.0
«{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}»=LogMeIn
«{F08E8D2E-F132-4742-9C87-D5FF223A016A}»=Adobe Illustrator CS3
«{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}»=Microsoft SQL Server 2005 Compact Edition [ENU]
«{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}»=Update Manager
«{F4D0F248-2BF7-4912-814E-4FD751923838}»=Microsoft .NET Framework 2.0 Language Pack — RUS
«{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}»=ImageMixer VCD2
«{FB08F381-6533-4108-B7DD-039E11FBC27E}»=Realtek AC’97 Audio
«{FD0399AC-A38B-4D4B-8164-D7B73AC24030}»=Adobe Photoshop CS3
«9c9cd3577f7427dd7e3e465ca0f48ed0187731047″=Занимательная наука. Всемирная история
«Adobe Acrobat 5.0″=Adobe Acrobat 5.0
«Adobe Flash Player ActiveX»=Adobe Flash Player ActiveX
«Adobe Photoshop CS2″=Adobe Photoshop CS2
«Adobe Photoshop CS2 — {236BB7C4-4419-42FD-0409-1E257A25E34D}»=Adobe Photoshop CS2
«Adobe Shockwave Player»=Adobe Shockwave Player
«Adobe_0d5fe1f44895aadff2baacf24fe1402″=Adobe Photoshop CS3
«Adobe_3e054d2218e7aa282c2369d939e58ff»=Adobe ExtendScript Toolkit 2
«Adobe_6c8e2cb4fd241c55406016127a6ab2e»=Adobe Color Common Settings
«Adobe_a04a925a57548091300ada368235fc6″=Adobe Illustrator CS3
«Adobe_c6130331409d42b2f62a7cc73ec2c87″=Adobe InDesign CS3
«Advanced Video FX Engine»=Advanced Video FX Engine
«avast!»=avast! Antivirus
«CCleaner»=CCleaner (remove only)
«EPSON Printer and Utilities»=EPSON Printer Software
«EPSON Scanner»=EPSON Scan
«ESCX3700 Руководство пользователя»=ESCX3700 Руководство пользователя
«Fargus_is1″=My Program 1.5
«ffdshow_is1″=ffdshow [rev 1723] [2007-12-24]
«Get Yahoo! Messenger»=Get Yahoo! Messenger
«IDNMitigationAPIs»=Microsoft Internationalized Domain Names Mitigation APIs
«ie7″=Windows Internet Explorer 7
«KLiteCodecPack_is1″=K-Lite Codec Pack 2.25 Basic
«koi_solitaire»=NevoSoft Koi Solitaire (remove only)
«LHTTSENG»=L&H TTS3000 British English
«LingvoSoft Dictionary 2006 (Turkish<->Russian) for Windows»=LingvoSoft Dictionary 2006 (Turkish<->Russian) for Windows
«Logitech Print Service»=Logitech Print Service
«Microsoft .NET Framework 1.1 (1033)»=Microsoft .NET Framework 1.1
«Microsoft .NET Framework 2.0 Language Pack — RUS»=Microsoft .NET Framework 2.0 Language Pack — RUS
«MSCompPackV1″=Microsoft Compression Client Pack 1.0 for Windows XP
«NLSDownlevelMapping»=Microsoft National Language Support Downlevel APIs
«Oyna65″=Oyna65
«PCConfidential_is1″=PC Confidential 2008
«QcDrv»=##CAMERADRIVERNAME##
«Rambler.ru Toolbar»=Rambler-Ассистент
«RegPowerClean_is1″=Winferno Registry Power Cleaner
«Seekeen»=Seekeen 1.0 build 132
«ShockwaveFlash»=Adobe Flash Player 9 ActiveX
«SiS VGA Driver»=SiS VGA Utilities
«SiSLan»=SiS 900 PCI Fast Ethernet Adapter Driver
«SLAMRNTV»=Smart Link 56K Modem
«SopCast»=SopCast 3.0.3
«Tablet Driver»=Планшет
«WIC»=Windows Imaging Component
«Windows Live Toolbar»=Windows Live Toolbar
«Windows Media Format Runtime»=Windows Media Format 11 runtime
«Windows Media Player»=Проигрыватель Windows Media 11
«Windows XP Service Pack»=Windows XP Service Pack 3
«WinRAR archiver»=Архиватор WinRAR
«WinZip»=WinZip
«WMFDist11″=Windows Media Format 11 runtime
«wmp11″=Windows Media Player 11
«Wudf01000″=Microsoft User-Mode Driver Framework Feature Pack 1.0
«YInstHelper»=Yahoo! Install Manager
«Англо-русский тренажер 2.3″=Англо-русский тренажер 2.3
«Библиотека звуков»=Библиотека звуков========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent»=µTorrent========== HKEY_USERS Uninstall List ==========
[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent»=µTorrent========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error — 21.11.2007 5:20:22 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://ftp.freenet.de/pub/filepilot/windows/multimedia/video/k-lite_codec_pack/klcodec353s.exe
failed, 0000001E.Error — 22.11.2007 9:01:57 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://nguest43.depositfiles.com/auth-971195743633_87.240.15.25-f45e4f77-606837/2241394/FS43-1/K-Lite_Mega_Codec_Pack___K-Lite_Codec_Pack_3.5.3.rar
failed, 0000001E.Error — 30.11.2007 3:32:08 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:фото2006гиюнь-июль2006готовыеDSC00157.JPG failed, 0000A420.Error — 30.11.2007 3:50:57 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:фото2006гиюнь-июль2006готовыеDSC00157.JPG failed, 0000A420.Error — 02.12.2007 7:30:34 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://download2.vso-software.fr/vsoConvertXtoDVD2_setup.exe failed, 00000026.Error — 06.04.2008 23:59:43 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.Error — 07.04.2008 3:36:46 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.Error — 26.07.2008 16:32:06 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
E:DCIM100OLYMPP7260557.JPG failed, 0000001E.Error — 28.09.2008 11:35:33 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:pyrates.exe failed, 0000001E.Error — 11.10.2008 12:15:14 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
E:пакетчерные.jpg failed, 0000A420.[ Application Events ]
Error — 09.12.2008 12:38:15 | Computer Name = BD283CD7CD86497 | Source = Adobe Version Cue CS3 | ID = 3
Description =Error — 09.12.2008 12:38:15 | Computer Name = BD283CD7CD86497 | Source = Adobe Version Cue CS3 | ID = 3
Description =Error — 09.12.2008 12:43:07 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 7.0.6000.16735, модуль unknown,
версия 0.0.0.0, адрес 0x00000005.Error — 11.12.2008 13:39:28 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 7.0.6000.16735, модуль unknown,
версия 0.0.0.0, адрес 0x00000005.Error — 11.12.2008 13:46:38 | Computer Name = BD283CD7CD86497 | Source = Adobe Version Cue CS3 | ID = 3
Description =Error — 11.12.2008 13:46:38 | Computer Name = BD283CD7CD86497 | Source = Adobe Version Cue CS3 | ID = 3
Description =Error — 11.12.2008 14:37:00 | Computer Name = BD283CD7CD86497 | Source = Application Hang | ID = 1002
Description = Зависшее приложение WeFi.exe, версия 3.3.6.3, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.Error — 01.01.2009 5:11:34 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 7.0.6000.16735, модуль ieui.dll,
версия 7.0.5730.13, адрес 0x000061b1.Error — 02.01.2009 12:51:32 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 7.0.6000.16735, модуль unknown,
версия 0.0.0.0, адрес 0x02f13c75.Error — 03.01.2009 17:15:23 | Computer Name = BD283CD7CD86497 | Source = Application Hang | ID = 1002
Description = Зависшее приложение explorer.exe, версия 6.0.2900.5512, зависший модуль
hungapp, версия 0.0.0.0, адрес 0x00000000.[ System Events ]
Error — 01.01.2009 16:42:41 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262155
Description = Драйвер обнаружил ошибку контроллера DeviceHarddisk1D.Error — 01.01.2009 17:09:22 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262155
Description = Драйвер обнаружил ошибку контроллера DeviceHarddisk1D.Error — 02.01.2009 4:09:19 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262155
Description = Драйвер обнаружил ошибку контроллера DeviceHarddisk1D.Error — 02.01.2009 4:09:21 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262155
Description = Драйвер обнаружил ошибку контроллера DeviceHarddisk1D.Error — 02.01.2009 4:09:22 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262155
Description = Драйвер обнаружил ошибку контроллера DeviceHarddisk1D.Error — 02.01.2009 15:20:05 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262151
Description = Неверный блок на устройстве DeviceHarddisk0D.Error — 03.01.2009 3:34:19 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.Error — 04.01.2009 4:58:37 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.Error — 04.01.2009 16:43:13 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.Error — 05.01.2009 3:38:48 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.< End of report >
Правильно ли я сделала и, если Да, то на Ваш взгляд-все совсем страшно? Заранее спасибо огромное 🙂 за ответ и за Ваш труд
5 января, 2009 в 1:30 пп #20800Сделали всё правильно, но вы вставили только второй лог файл (Extra.txt).
Запустите программу ещё раз, но в своё следующее сообщение вставьте лог OTViewIt.txt.5 января, 2009 в 3:56 пп #20801Исправляюсь 😀
OTViewIt logfile created on: 05.01.2009 15:14:34 — Run 2
OTViewIt by OldTimer — Version 1.0.21.0 Folder = C:Documents and SettingsОлесяРабочий стол
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy957,48 Mb Total Physical Memory | 396,58 Mb Available Physical Memory | 41,42% Memory free
2,26 Gb Paging File | 1,76 Gb Available in Paging File | 77,71% Paging File free
Paging file location(s): C:pagefile.sys 1440 2880;%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 72,97 Gb Total Space | 21,14 Gb Free Space | 28,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: BD283CD7CD86497
Current User Name: Олеся
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: Off
File Age = 30 Days========== Processes ==========
[2008.04.14 19:11:09 | 00,050,688 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32smss.exe
[2008.04.14 19:11:13 | 00,509,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32winlogon.exe
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe
[2008.11.26 20:12:08 | 00,018,752 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
[2008.11.26 20:18:46 | 00,155,160 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashServ.exe
[2006.02.28 12:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe
[2005.08.29 15:12:14 | 00,266,295 | —- | M] (Broadcom Corporation.) — C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
[2008.04.14 19:10:58 | 00,015,872 | —- | M] (Корпорация Майкрософт (Microsoft Corp.)) — C:WINDOWSsystem32inetsrvinetinfo.exe
[2008.12.09 23:23:50 | 00,004,608 | —- | M] () — C:Program FilesSeekeenseekeen.exe
[2007.03.31 04:06:26 | 01,189,424 | —- | M] (Wacom Technology, Corp.) — C:WINDOWSsystem32Tablet.exe
[2007.03.31 04:07:12 | 00,132,656 | —- | M] (Wacom Technology, Corp.) — C:WINDOWSsystem32WTabletTabUserW.exe
[2007.03.31 04:06:26 | 01,189,424 | —- | M] (Wacom Technology, Corp.) — C:WINDOWSsystem32Tablet.exe
[2008.11.26 20:18:32 | 00,254,040 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
[2008.11.26 20:16:23 | 00,352,920 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
[2008.12.09 23:23:50 | 00,004,608 | —- | M] () — C:Program FilesSeekeenseekeen.exe
[2005.08.11 16:30:30 | 00,081,920 | —- | M] (Macrovision Corporation) — C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
[2006.03.22 14:35:04 | 00,069,632 | —- | M] (Realtek Semiconductor Corp.) — C:WINDOWSSOUNDMAN.EXE
[2005.01.04 16:52:06 | 00,028,672 | —- | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32Keyhook.exe
[2004.11.01 16:55:58 | 00,077,824 | —- | M] () — C:WINDOWSSmCfg.exe
[2005.02.08 03:00:00 | 00,098,304 | —- | M] (SEIKO EPSON CORPORATION) — C:WINDOWSsystem32spooldriversw32x863E_FATIACP.EXE
[2005.07.19 17:32:18 | 00,221,184 | —- | M] (Logitech Inc.) — C:WINDOWSsystem32LVCOMSX.EXE
[2005.06.08 15:14:44 | 00,217,088 | —- | M] (Logitech Inc.) — C:Program FilesLogitechVideoLogiTray.exe
[2007.01.07 23:31:18 | 00,118,784 | —- | M] (Wacom Co., Ltd) — C:Program FilesJustWrite OfficeScreenMark.exe
[2006.06.09 01:11:00 | 00,024,576 | —- | M] (Creative Technology Ltd.) — C:Program FilesCreativeCreative Live! CamVideoFXStartFX.exe
[2008.02.28 14:31:50 | 00,063,048 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86LogMeInSystray.exe
[2008.11.26 20:18:51 | 00,081,000 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashDisp.exe
[2008.02.20 16:19:52 | 00,360,448 | —- | M] (Sony Ericsson Mobile Communications AB) — C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe
[2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.) — C:Program FilesICQ6ICQ.exe
[2008.05.28 11:32:30 | 00,087,360 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86LMIGuardian.exe
[2007.05.17 16:08:14 | 00,661,776 | —- | M] (IVT Corporation.) — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
[2005.10.09 00:16:54 | 00,610,365 | —- | M] (Broadcom Corporation.) — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
[2007.11.27 13:31:38 | 00,067,128 | —- | M] (Logitech Inc.) — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
[2005.01.04 16:52:52 | 00,331,776 | —- | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32sistray.exe
[2004.12.17 09:00:00 | 00,118,784 | —- | M] (WinZip Computing, Inc.) — C:Program FilesWinZipWZQKPICK.EXE
[2005.10.09 00:11:20 | 01,396,820 | —- | M] (Broadcom Corporation.) — C:Program FilesWIDCOMMBluetooth SoftwareBTStackServer.exe
[2005.06.08 14:44:56 | 00,192,512 | —- | M] (Logitech Inc.) — C:Program FilesLogitechVideoFxSvr2.exe
[2008.10.16 14:09:44 | 00,051,224 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32wuauclt.exe
[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe
[2008.10.25 11:27:15 | 00,270,128 | —- | M] (BitTorrent, Inc.) — C:Program FilesuTorrentuTorrent.exe
[2007.09.20 10:35:36 | 00,118,336 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe
[2008.08.23 08:56:15 | 00,635,848 | —- | M] (Microsoft Corporation) — C:Program FilesInternet Exploreriexplore.exe
[2008.08.23 08:56:15 | 00,635,848 | —- | M] (Microsoft Corporation) — C:Program FilesInternet Exploreriexplore.exe
[2009.01.05 13:47:35 | 00,422,912 | —- | M] (OldTimer Tools) — C:Documents and SettingsОлесяРабочий столOTViewIt.exe========== (O23) Win32 Services ==========
[2007.11.20 12:25:33 | 00,072,704 | —- | M] (Adobe Systems) — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe — (Adobe LM Service [On_Demand | Stopped])
[2007.10.24 00:47:22 | 00,033,800 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe — (aspnet_state [On_Demand | Stopped])
[2008.11.26 20:12:08 | 00,018,752 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe — (aswUpdSv [Auto | Running])
[2008.11.26 20:18:46 | 00,155,160 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashServ.exe — (avast! Antivirus [Auto | Running])
[2008.11.26 20:18:32 | 00,254,040 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe — (avast! Mail Scanner [On_Demand | Running])
[2008.11.26 20:16:23 | 00,352,920 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe — (avast! Web Scanner [On_Demand | Running])
[2006.02.28 12:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe — (Bonjour Service [Auto | Running])
[2005.08.29 15:12:14 | 00,266,295 | —- | M] (Broadcom Corporation.) — C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe — (btwdins [Auto | Running])
[2007.10.24 00:47:40 | 00,070,144 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe — (Eventlog [Auto | Running])
[2007.11.20 12:53:18 | 00,654,848 | —- | M] (Macrovision Europe Ltd.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe — (FLEXnet Licensing Service [On_Demand | Stopped])
[2008.01.30 23:26:38 | 00,138,168 | —- | M] (Google) — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe — (gusvc [On_Demand | Stopped])
[2008.04.14 19:10:58 | 00,015,872 | —- | M] (Корпорация Майкрософт (Microsoft Corp.)) — C:WINDOWSsystem32inetsrvinetinfo.exe — (IISADMIN [Auto | Running])
[2008.04.14 19:10:58 | 00,150,528 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32imapi.exe — (ImapiService [On_Demand | Stopped])
[2008.05.28 11:32:34 | 00,116,032 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86ramaint.exe — (LMIMaint [Disabled | Stopped])
[2008.02.28 14:31:50 | 00,063,040 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86LogMeIn.exe — (LogMeIn [Disabled | Stopped])
[2008.04.14 19:11:00 | 00,032,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32mnmsrvc.exe — (mnmsrvc [On_Demand | Stopped])
[2008.04.14 19:11:04 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32netdde.exe — (NetDDE [Disabled | Stopped])
[2008.04.14 19:11:04 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32netdde.exe — (NetDDEdsdm [Disabled | Stopped])
[2003.07.28 20:28:22 | 00,089,136 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe — (PlugPlay [Auto | Running])
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32sessmgr.exe — (RDSessMgr [On_Demand | Stopped])
[2008.04.14 19:11:07 | 00,096,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32scardsvr.exe — (SCardSvr [On_Demand | Stopped])
[2008.12.09 23:23:50 | 00,004,608 | —- | M] () — C:Program FilesSeekeenseekeen.exe — (Seekeen Service [Auto | Running])
[2008.04.14 19:10:58 | 00,015,872 | —- | M] (Корпорация Майкрософт (Microsoft Corp.)) — C:WINDOWSsystem32inetsrvinetinfo.exe — (SMTPSVC [Auto | Running])
[2008.04.14 19:11:09 | 00,091,648 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32smlogsvc.exe — (SysmonLog [On_Demand | Stopped])
[2007.03.31 04:06:26 | 01,189,424 | —- | M] (Wacom Technology, Corp.) — C:WINDOWSsystem32Tablet.exe — (TabletService [Auto | Running])
[2008.04.14 19:11:11 | 00,073,216 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32tlntsvr.exe — (TlntSvr [Disabled | Stopped])
[2007.10.18 11:31:54 | 00,098,328 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengerusnsvc.exe — (usnjsvc [On_Demand | Stopped])
[2008.04.14 19:11:12 | 00,290,304 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32vssvc.exe — (VSS [On_Demand | Stopped])
[2008.04.14 19:10:58 | 00,015,872 | —- | M] (Корпорация Майкрософт (Microsoft Corp.)) — C:WINDOWSsystem32inetsrvinetinfo.exe — (W3SVC [Auto | Running])
[2007.10.25 15:27:54 | 00,266,240 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveinstallerWLSetupSvc.exe — (WLSetupSvc [On_Demand | Stopped])
[2008.04.14 19:11:13 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32wbemwmiapsrv.exe — (WmiApSrv [On_Demand | Stopped])
[2006.11.02 22:06:32 | 00,914,944 | —- | M] (Microsoft Corporation) — C:Program FilesWindows Media Playerwmpnetwk.exe — (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services ==========
[2008.11.26 20:15:35 | 00,026,944 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaavmker4.sys — (Aavmker4 [System | Running])
[2008.04.14 18:37:37 | 00,188,288 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversacpi.sys — (ACPI [Boot | Running])
[2001.10.20 15:00:00 | 00,011,776 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversacpiec.sys — (ACPIEC [Boot | Running])
[2006.03.22 14:35:09 | 02,278,784 | —- | M] (Realtek Semiconductor Corp.) — C:WINDOWSsystem32driversALCXWDM.SYS — (ALCXWDM [On_Demand | Running])
[2008.11.26 20:17:25 | 00,020,560 | —- | M] (ALWIL Software) — C:WINDOWSsystem32driversaswFsBlk.sys — (aswFsBlk [Auto | Running])
[2008.11.26 20:18:18 | 00,094,032 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswmon2.sys — (aswMon2 [Auto | Running])
[2008.11.26 20:16:29 | 00,023,152 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswRdr.sys — (aswRdr [On_Demand | Running])
[2008.11.26 20:17:36 | 00,111,184 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswSP.sys — (aswSP [System | Running])
[2008.11.26 20:16:38 | 00,050,864 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswTdi.sys — (aswTdi [System | Running])
[2007.05.11 02:10:50 | 00,034,704 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversblueletaudio.sys — (BlueletAudio [On_Demand | Running])
[2007.03.05 05:00:04 | 00,027,792 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversBlueletSCOAudio.sys — (BlueletSCOAudio [On_Demand | Running])
[2007.03.05 04:59:04 | 00,018,320 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversbtnetdrv.sys — (BT [On_Demand | Running])
[2005.08.29 14:55:18 | 00,030,363 | —- | M] (Broadcom Corporation.) — C:WINDOWSsystem32driversbtport.sys — (BTDriver [On_Demand | Stopped])
[2007.03.05 04:55:12 | 00,020,880 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversvbtenum.sys — (BTHidEnum [Boot | Running])
[2007.03.05 04:56:18 | 00,035,600 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversBTHidMgr.sys — (BTHidMgr [Boot | Running])
[2005.08.29 16:45:34 | 00,853,258 | —- | M] (Broadcom Corporation.) — C:WINDOWSsystem32driversbtkrnl.sys — (BTKRNL [On_Demand | Running])
[2005.08.29 14:54:36 | 00,064,344 | —- | M] (Broadcom Corporation.) — C:WINDOWSsystem32driversbtwusb.sys — (BTWUSB [On_Demand | Stopped])
[2004.03.08 12:55:50 | 00,013,567 | —- | M] (B.H.A Corporation) — C:WINDOWSSystem32driversCDRBSDRV.SYS — (cdrbsdrv [System | Running])
[2008.04.14 18:41:12 | 00,044,544 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversfips.sys — (Fips [System | Running])
[2001.10.20 15:00:00 | 00,125,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversftdisk.sys — (Ftdisk [Boot | Running])
[2008.04.14 18:44:08 | 00,053,120 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversi8042prt.sys — (i8042prt [System | Running])
[2008.04.14 18:47:15 | 00,037,504 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversisapnp.sys — (isapnp [Boot | Running])
[2008.04.14 18:47:55 | 00,024,832 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverskbdclass.sys — (Kbdclass [System | Running])
[2008.04.14 18:47:56 | 00,014,720 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverskbdhid.sys — (kbdhid [System | Stopped])
[2008.02.28 14:31:52 | 00,012,856 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86rainfo.sys — (LMIInfo [Auto | Running])
[2008.02.28 14:31:08 | 00,010,144 | —- | M] (LogMeIn, Inc.) — C:WINDOWSsystem32driverslmimirr.sys — (lmimirr [On_Demand | Running])
[2008.05.28 11:33:14 | 00,083,288 | —- | M] (LogMeIn, Inc.) — C:WINDOWSSystem32LMIRfsClientNP.dll — (LMIRfsClientNP [Disabled | Stopped])
[2008.03.07 12:39:50 | 00,045,848 | —- | M] (LogMeIn, Inc.) — C:WINDOWSsystem32driversLMIRfsDriver.sys — (LMIRfsDriver [Auto | Running])
[2005.01.31 13:12:48 | 00,022,016 | R— | M] (Logitech Inc.) — C:WINDOWSsystem32driversLVUSBSta.sys — (LVUSBSta [On_Demand | Stopped])
[2008.04.14 18:37:37 | 00,030,208 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversmodem.sys — (Modem [On_Demand | Running])
[2001.08.17 21:57:38 | 00,016,128 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversMODEMCSA.sys — (MODEMCSA [On_Demand | Running])
[2008.04.14 18:37:43 | 00,023,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversmouclass.sys — (Mouclass [System | Running])
[2001.10.19 20:33:10 | 00,012,160 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversmouhid.sys — (mouhid [On_Demand | Running])
[2004.11.01 16:24:00 | 00,229,720 | —- | M] ( ) — C:WINDOWSsystem32driversmtlmnt5.sys — (Mtlmnt5 [On_Demand | Running])
[2004.11.01 16:17:26 | 01,396,048 | —- | M] ( ) — C:WINDOWSsystem32driversmtlstrm.sys — (Mtlstrm [On_Demand | Stopped])
[2008.04.14 18:52:21 | 00,080,128 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversparport.sys — (Parport [On_Demand | Stopped])
[2001.10.20 15:00:00 | 00,006,912 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversparvdm.sys — (ParVdm [Auto | Stopped])
[2008.04.14 18:52:28 | 00,068,480 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverspci.sys — (PCI [Boot | Running])
[2001.10.20 15:00:00 | 00,003,328 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverspciide.sys — (PCIIde [Boot | Running])
[2008.04.14 18:52:30 | 00,120,192 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverspcmcia.sys — (Pcmcia [Boot | Running])
[2007.12.02 14:27:28 | 00,047,360 | —- | M] (VSO Software) — C:WINDOWSsystem32driverspcouffin.sys — (Pcouffin [On_Demand | Running])
[2005.01.31 13:20:04 | 00,211,712 | R— | M] (Logitech Inc.) — C:WINDOWSsystem32driversLV561AV.SYS — (PID_0928 [On_Demand | Stopped])
[2001.10.20 15:00:00 | 00,017,792 | —- | M] (Parallel Technologies, Inc.) — C:WINDOWSsystem32driversptilink.sys — (Ptilink [On_Demand | Running])
[2007.11.30 01:30:24 | 00,043,528 | —- | M] (Sonic Solutions) — C:WINDOWSsystem32driversPxHelp20.sys — (PxHelp20 [Boot | Running])
[2004.11.01 16:26:36 | 00,014,520 | —- | M] ( ) — C:WINDOWSsystem32driversRecAgent.sys — (RecAgent [Boot | Running])
[2008.04.14 18:41:47 | 00,058,368 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversredbook.sys — (redbook [System | Stopped])
[2001.10.20 15:00:00 | 00,005,888 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversrootmdm.sys — (ROOTMODEM [On_Demand | Running])
[2007.11.02 13:47:00 | 00,083,496 | R— | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916bus.sys — (s916bus [On_Demand | Stopped])
[2007.11.02 13:47:00 | 00,015,016 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916mdfl.sys — (s916mdfl [On_Demand | Stopped])
[2007.11.02 13:47:00 | 00,109,992 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916mdm.sys — (s916mdm [On_Demand | Stopped])
[2007.11.02 13:47:00 | 00,103,976 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916mgmt.sys — (s916mgmt [On_Demand | Stopped])
[2007.11.02 13:47:00 | 00,100,008 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916obex.sys — (s916obex [On_Demand | Stopped])
[2007.11.13 13:25:56 | 00,020,480 | —- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) — C:WINDOWSsystem32driverssecdrv.sys — (Secdrv [On_Demand | Stopped])
[2008.04.14 18:44:00 | 00,065,024 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversserial.sys — (Serial [Auto | Stopped])
[2005.08.10 15:44:04 | 00,050,688 | —- | M] (Protection Technology) — C:WINDOWSsystem32driverssfdrv01.sys — (sfdrv01 [Boot | Running])
[2005.05.16 16:20:39 | 00,006,656 | —- | M] (Protection Technology) — C:WINDOWSsystem32driverssfhlp02.sys — (sfhlp02 [Boot | Running])
[2005.10.13 16:46:08 | 00,035,328 | —- | M] (Protection Technology) — C:WINDOWSsystem32driverssfsync03.sys — (sfsync03 [Boot | Running])
[2006.03.22 14:36:06 | 00,240,128 | R— | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32driverssisgrp.sys — (SiS315 [On_Demand | Running])
[2006.03.22 14:36:02 | 00,036,992 | R— | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32driversSISAGPX.SYS — (SISAGP [Boot | Running])
[2006.03.22 14:36:07 | 00,013,184 | R— | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32driverssrvkp.sys — (SiSkp [System | Running])
[2004.08.04 01:31:36 | 00,032,768 | —- | M] (SiS Corporation) — C:WINDOWSsystem32driverssisnic.sys — (SISNIC [On_Demand | Stopped])
[2006.03.22 14:35:50 | 00,032,768 | R— | M] (SiS Corporation) — C:WINDOWSsystem32driverssisnicxp.sys — (SISNICXP [On_Demand | Running])
[2004.11.01 16:30:00 | 00,653,960 | —- | M] ( ) — C:WINDOWSsystem32driversslntamr.sys — (Slntamr [On_Demand | Running])
[2004.11.01 16:19:00 | 00,100,176 | —- | M] ( ) — C:WINDOWSsystem32driversslnthal.sys — (SlNtHal [On_Demand | Stopped])
[2004.11.01 16:07:50 | 00,013,216 | —- | M] ( ) — C:WINDOWSsystem32driversslwdmsup.sys — (SlWdmSup [On_Demand | Running])
[2001.08.17 21:56:16 | 00,007,552 | —- | M] (Sony Corporation) — C:WINDOWSsystem32driversSONYPVU1.SYS — (SONYPVU1 [On_Demand | Stopped])
[2008.02.22 19:15:11 | 00,642,560 | —- | M] () — C:WINDOWSsystem32driverssptd.sys — (sptd [Boot | Running])
[2008.04.14 18:52:45 | 00,073,472 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverssr.sys — (sr [Boot | Running])
[2008.04.13 21:36:40 | 00,044,672 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversuagp35.sys — (uagp35 [Boot | Running])
[2008.04.13 21:46:20 | 00,121,984 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversusbvideo.sys — (usbvideo [On_Demand | Stopped])
[2007.03.05 04:52:18 | 00,034,448 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversVComm.sys — (VComm [On_Demand | Running])
[2007.03.05 04:53:18 | 00,044,304 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversVcommMgr.sys — (VcommMgr [On_Demand | Running])
[2008.04.14 18:40:08 | 00,051,968 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversvolsnap.sys — (VolSnap [Boot | Running])
[2005.04.30 11:01:56 | 03,281,408 | R— | M] (Intel® Corporation) — C:WINDOWSsystem32driversw29n51.sys — (w29n51 [On_Demand | Running])
[2007.02.16 22:12:36 | 00,011,312 | —- | M] (Wacom Technology) — C:WINDOWSsystem32driverswacommousefilter.sys — (wacommousefilter [On_Demand | Running])
[2007.02.16 21:30:12 | 00,012,848 | —- | M] (Wacom Technology) — C:WINDOWSsystem32driverswacomvhid.sys — (wacomvhid [On_Demand | Running])========== (R ) Internet Explorer ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain]
«Default_Page_URL»=http://go.microsoft.com/fwlink/?LinkId=69157
«Default_Search_URL»=http://go.microsoft.com/fwlink/?LinkId=54896
«Default_Secondary_Page_URL»=
«Extensions Off Page»=about:NoAdd-ons
«Local Page»=%SystemRoot%system32blank.htm
«Search Page»=http://go.microsoft.com/fwlink/?LinkId=54896
«Security Risk Page»=about:SecurityRisk
«Start Page»=http://go.microsoft.com/fwlink/?LinkId=69157[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearch]
«CustomizeSearch»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
«SearchAssistant»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMain]
«Local Page»=C:WINDOWSsystem32blank.htm
«Search Page»=http://www.google.com
«Start Page»=http://www.yandex.ru/?clid=40316[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — C:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0
«ProxyOverride» = *.local;localhost[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftInternet ExplorerMain]
«Local Page»=C:WINDOWSsystem32blank.htm
«Search Page»=http://www.google.com
«Start Page»=http://www.yandex.ru/?clid=40316[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — C:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0
«ProxyOverride» = *.local;localhost========== (O1) Hosts File ==========
HOSTS File = (0 bytes) — C:WINDOWSSystem32driversetcHosts
First 25 entries…========== (O2) BHO’s ==========
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll (Adobe Systems Incorporated)
{089C252F-A01C-41E7-877B-29C166C27147} (HKLM) — C:WINDOWSDownloaded Program Fileskl_bho.dll ()
{22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} (HKLM) — C:Program FilesWinfernoPC ConfidentialPCCBHO.dll (Capital Intellect Inc)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4D91-8333-CF10577473F7} (HKLM) — C:Documents and SettingsОлесяGooglegoogletoolbar1.dll ()
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (HKLM) — C:Program FilesWindows Live Toolbarmsntb.dll (Microsoft Corporation)========== (O3) Toolbars ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{2318C2B1-4965-11d4-9B18-009027A5CD4F}» (HKLM) — c:Program FilesGoogleGoogleToolbar1.dll (Google Inc.)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{468CD8A9-7C25-45FA-969E-3D925C689DC4}» (HKLM) — C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}» (HKLM) — C:Program FilesWindows Live Toolbarmsntb.dll (Microsoft Corporation)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{07AA283A-43D7-4CBE-A064-32A21112D94D}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — c:Program FilesGoogleGoogleToolbar1.dll (Google Inc.)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{468CD8A9-7C25-45FA-969E-3D925C689DC4}» (HKLM) — C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}» (HKLM) — C:Program FilesWindows Live Toolbarmsntb.dll (Microsoft Corporation)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{07AA283A-43D7-4CBE-A064-32A21112D94D}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — c:Program FilesGoogleGoogleToolbar1.dll (Google Inc.)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{468CD8A9-7C25-45FA-969E-3D925C689DC4}» (HKLM) — C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}» (HKLM) — C:Program FilesWindows Live Toolbarmsntb.dll (Microsoft Corporation)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Adobe Reader Speed Launcher»=»C:Program FilesAdobeReader 8.0ReaderReader_sl.exe» (Adobe Systems Incorporated)
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe (ALWIL Software)
«AVFX Engine»=C:Program FilesCreativeCreative Live! CamVideoFXStartFX.exe (Creative Technology Ltd.)
«BVRPLiveUpdate»=C:Program FilesAvanquest updateEngineSetup.exe -s /PATCH,/SRCUPDATEC:DOCUME~1ALLUSE~1APPLIC~1SONYER~1SONYER~1LIVEUP~1LISTOF~1.DAT File not found
«EPSON Stylus CX3700 Series»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIACP.EXE /P26 «EPSON Stylus CX3700 Series» /O6 «USB001» /M «Stylus CX3700» (SEIKO EPSON CORPORATION)
«ISUSPM Startup»=»c:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup (Macrovision Corporation)
«ISUSScheduler»=»C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start (Macrovision Corporation)
«JWOSetup»=JWOSetup.exe -en (Wacom Co., Ltd)
«LogitechVideoRepair»=C:Program FilesLogitechVideoISStart.exe (Logitech Inc.)
«LogitechVideoTray»=C:Program FilesLogitechVideoLogiTray.exe (Logitech Inc.)
«LogMeIn GUI»=»C:Program FilesLogMeInx86LogMeInSystray.exe» (LogMeIn, Inc.)
«LVCOMSX»=C:WINDOWSsystem32LVCOMSX.EXE (Logitech Inc.)
«NevoDRM»=»C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe» File not found
«QuickTime Task»=»C:Program FilesQuickTimeqttask.exe» -atboottime (Apple Inc.)
«SiS Windows KeyHook»=C:WINDOWSsystem32keyhook.exe (Silicon Integrated Systems Corporation)
«SiSPower»=Rundll32.exe SiSPower.dll,ModeAgent (Silicon Integrated Systems Corporation)
«SMcfg»=smcfg.exe -s ()
«SMKRun»=C:Program FilesJustWrite OfficeScreenMark.exe -i (Wacom Co., Ltd)
«SoundMan»=SOUNDMAN.EXE (Realtek Semiconductor Corp.)[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«AdobeUpdater»=C:Program FilesCommon FilesAdobeUpdater5AdobeUpdater.exe (Adobe Systems Incorporated)
«ICQ»=»C:Program FilesICQ6ICQ.exe» silent (ICQ, Inc.)
«LDM»=C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe File not found
«LogitechSoftwareUpdate»=»C:Program FilesLogitechVideoManifestEngine.exe» boot (Logitech Inc.)
«RavAV»=»C:Documents and SettingsОлесяГлавное менюПрограммыАвтозагрузкаRavMonE.exe» File not found
«Sony Ericsson PC Suite»=»C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe» /systray /nologon (Sony Ericsson Mobile Communications AB)
«swg»=C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe (Google Inc.)
«Uniblue RegistryBooster 2009″=C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionRun]
«AdobeUpdater»=C:Program FilesCommon FilesAdobeUpdater5AdobeUpdater.exe (Adobe Systems Incorporated)
«ICQ»=»C:Program FilesICQ6ICQ.exe» silent (ICQ, Inc.)
«LDM»=C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe File not found
«LogitechSoftwareUpdate»=»C:Program FilesLogitechVideoManifestEngine.exe» boot (Logitech Inc.)
«RavAV»=»C:Documents and SettingsОлесяГлавное менюПрограммыАвтозагрузкаRavMonE.exe» File not found
«Sony Ericsson PC Suite»=»C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe» /systray /nologon (Sony Ericsson Mobile Communications AB)
«swg»=C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe (Google Inc.)
«Uniblue RegistryBooster 2009″=C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S File not found========== (O4) Startup Folders ==========
[2007.05.17 16:08:14 | 00,661,776 | —- | M] (IVT Corporation.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаBlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
[2005.10.09 00:16:54 | 00,610,365 | —- | M] (Broadcom Corporation.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаBTTray.lnk = C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
[2007.11.27 13:31:38 | 00,067,128 | —- | M] (Logitech Inc.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаLogitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
[2006.02.07 10:17:00 | 03,153,920 | R— | M] (Extensis Inc.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаSuitcase Startup.lnk = C:Program FilesExtensisSuitcase 9.2Suitcase.exe
[2005.01.04 16:52:52 | 00,331,776 | —- | M] (Silicon Integrated Systems Corporation) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаUtility Tray.lnk = C:WINDOWSsystem32sistray.exe
[2004.12.17 09:00:00 | 00,118,784 | —- | M] (WinZip Computing, Inc.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаWinZip Quick Pick.lnk = C:Program FilesWinZipWZQKPICK.EXE========== (O6 & O7) Current Version Policies ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
«NoBandCustomize»=0
«NoMovingBands»=0
«NoCloseDragDropBands»=0
«NoSetTaskbar»=0
«NoToolbarsOnTaskbar»=0
«NoSaveSettings»=0
«NoActiveDesktop»=0
«ClassicShell»=0[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
«NoBandCustomize»=0
«NoMovingBands»=0
«NoCloseDragDropBands»=0
«NoSetTaskbar»=0
«NoToolbarsOnTaskbar»=0
«NoSaveSettings»=0
«NoActiveDesktop»=0
«ClassicShell»=0========== (O8) IE Context Menu Extensions ==========
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt]
&Translate: File not found
&Ubersetzen: File not found
&Windows Live Search: C:Program FilesWindows Live Toolbarmsntb.dll [2007.10.19 11:20:48 | 00,546,320 | —- | M] (Microsoft Corporation)
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE [2008.08.04 15:12:50 | 10,354,176 | —- | M] (Microsoft Corporation)
T&raduire: File not found
Traduc&ir: File not found
Tradurr&e: File not found
Yandex &Search: File not found
Найти с помощью Рамблера: C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found
Перевести с помощью словарей Рамблера: C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found[HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE [2008.08.04 15:12:50 | 10,354,176 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE [2008.08.04 15:12:50 | 10,354,176 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-19SoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-20SoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerMenuExt]
&Translate: File not found
&Ubersetzen: File not found
&Windows Live Search: C:Program FilesWindows Live Toolbarmsntb.dll [2007.10.19 11:20:48 | 00,546,320 | —- | M] (Microsoft Corporation)
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE [2008.08.04 15:12:50 | 10,354,176 | —- | M] (Microsoft Corporation)
T&raduire: File not found
Traduc&ir: File not found
Tradurr&e: File not found
Yandex &Search: File not found
Найти с помощью Рамблера: C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found
Перевести с помощью словарей Рамблера: C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Bunu Web Günlüğüne Al — %ProgramFiles%Windows LiveWriterWriterBrowserExtension.dll [2007.10.26 18:09:54 | 00,154,640 | —- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: Windows Live Writer içinde &Bunu Web Günlüğüne Al — %ProgramFiles%Windows LiveWriterWriterBrowserExtension.dll [2007.10.26 18:09:54 | 00,154,640 | —- | M] (Microsoft Corporation)
{53F6FCCD-9E22-4d71-86EA-6E43136192AB}: Menu: PC Confidential — %ProgramFiles%WinfernoPC ConfidentialPCConfidential.exe [2008.04.01 14:10:40 | 34,682,224 | —- | M] (Capital Intellect, Inc)
{925DAB62-F9AC-4221-806A-057BFB1014AA}: Button: PC Confidential — %ProgramFiles%WinfernoPC ConfidentialPCConfidential.exe [2008.04.01 14:10:40 | 34,682,224 | —- | M] (Capital Intellect, Inc)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Справочные материалы — %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [2007.04.19 13:10:18 | 00,063,840 | —- | M] (Microsoft Corporation)
{CCA281CA-C863-46ef-9331-5C8D4460577F}: Button: @btrez.dll,-4015 — %ProgramFiles%WIDCOMMBluetooth Softwarebtsendto_ie.htm [2003.05.29 12:53:08 | 00,002,681 | —- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}: Menu: @btrez.dll,-12650 — %ProgramFiles%WIDCOMMBluetooth Softwarebtsendto_ie.htm [2003.05.29 12:53:08 | 00,002,681 | —- | M] ()
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 — %SystemRoot%network diagnosticxpnetdiag.exe [2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation)
{E59EB121-F339-4851-A3BA-FE49C35617C2}: Button: ICQ6 — %ProgramFiles%ICQ6ICQ.exe [2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
{E59EB121-F339-4851-A3BA-FE49C35617C2}: Menu: ICQ6 — %ProgramFiles%ICQ6ICQ.exe [2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger — %ProgramFiles%Messengermsmsgs.exe [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger — %ProgramFiles%Messengermsmsgs.exe [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [Справочные материалы] -> [2007.04.19 13:10:18 | 00,063,840 | —- | M] (Microsoft Corporation)
CmdMapping\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> %ProgramFiles%ICQ6ICQ.exe [ICQ6] -> [2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [Справочные материалы] -> [2007.04.19 13:10:18 | 00,063,840 | —- | M] (Microsoft Corporation)
CmdMapping\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> %ProgramFiles%ICQ6ICQ.exe [ICQ6] -> [2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerPlugins]
PluginsPage: «» = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: «» = Microsoft ActiveX Gallery
Extension.spop: — C:Program FilesInternet ExplorerPLUGINSNPDocBox.dll [2001.01.30 13:56:24 | 00,225,280 | —- | M] (InterTrust Technologies Corporation, Inc.)========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLDefaultPrefix]
«»=http://========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
1 domain(s) and sub-domain(s) not assigned to a zone.========== (O16) DPF ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab — Reg Error: Key does not exist or could not be opened.
{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab — Windows Genuine Advantage Validation Tool
{2D4C57AA-54C0-4942-BB2A-51DF0727950B}: http://www.openkremlin.ru/cab/ImResCtl.cab — ImResize Class
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:Program FilesYahoo!Commonyinsthelper.dll — YInstStarter Class
{31435657-9980-0010-8000-00AA00389B71}: http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab — Reg Error: Key does not exist or could not be opened.
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}: http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab — MSN Photo Upload Tool
{4FC12A7E-AD73-4CCB-89AD-D9832A542C40}: http://kochka.ru/kochka.cab — KLLoader Object
{5C6698D9-7BE4-4122-8EC5-291D84DBD4A0}: http://upload.facebook.com/controls/FacebookPhotoUploader3.cab — Facebook Photo Uploader 4 Control
{7FC1B346-83E6-4774-8D20-1A6B09B0E737}: http://tuncum.spaces.live.com/PhotoUpload/MsnPUpld.cab — Windows Live Photo Upload Control
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab — Shockwave Flash Object========== (O17) DNS Name Servers ==========
{2972D4AE-8DF8-4EC3-A596-A13DC10A0D88} (Servers: | Description: SiS 900-Based PCI Fast Ethernet Adapter)
{2E68A854-DD01-4C06-8D9A-F55271893365} (Servers: | Description: Intel(R) PRO/Wireless 2200BG Network Connection)
{35962BD5-C9A8-46DE-B9D8-EDCD846691BA} (Servers: | Description: )
{B047D8F1-5DA4-4814-B8C0-61D6E0EF0CEC} (Servers: | Description: )========== (O20) HKLM Winlogon Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
«Shell»=explorer.exe
>[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe«UserInit»=C:WINDOWSsystem32userinit.exe,
>[2008.04.14 19:11:12 | 00,026,624 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32userinit.exe«UIHost»=logonui.exe
>[2008.04.14 19:10:59 | 00,515,072 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32logonui.exe«VMApplet»=rundll32 shell32,Control_RunDLL «sysdm.cpl»
>[2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32shell32.dll
>[2008.04.14 19:11:14 | 00,302,080 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32sysdm.cpl========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify]
crypt32chain: «DllName» = crypt32.dll — C:WINDOWSsystem32crypt32.dll (Корпорация Майкрософт)
cscdll: «DllName» = cscdll.dll — C:WINDOWSsystem32cscdll.dll (Корпорация Майкрософт)
LMIinit: «DllName» = LMIinit.dll — C:WINDOWSsystem32LMIinit.dll (LogMeIn, Inc.)
ScCertProp: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
Schedule: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
sclgntfy: «DllName» = sclgntfy.dll — C:WINDOWSsystem32sclgntfy.dll (Корпорация Майкрософт)
SensLogn: «DllName» = WlNotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
termsrv: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
wlballoon: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)========== (O21) SSODL Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«CDBurn»={fbeb8a05-beee-4442-804e-409d6c4515e9} (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«PostBootReminder»={7849596a-48ea-486e-8937-a2a3009f31a9} (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«SysTray»={35CEC8A3-2BE6-11D2-8773-92E220524153} (HKLM) — C:WINDOWSsystem32stobject.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«UPnPMonitor»={e57ce738-33e8-4c51-8354-bb4de9d215d1} (HKLM) — C:WINDOWSsystem32upnpui.dll (Корпорация Майкрософт)========== (O22) Shared Task Scheduler ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{438755C2-A8BA-11D1-B96B-00A0C90312E1}» (HKLM) = Предзагрузчик Browseui — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{8C7461EF-2B13-11d2-BE35-3078302C2030}» (HKLM) = Демон кэша категорий компонентов — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)========== HKLM *SecurityProviders* ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
>[2008.04.14 19:10:35 | 00,068,608 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32digest.dll
>[2008.04.14 19:10:40 | 00,290,816 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32msnsspc.dll========== Safeboot Options ==========
«AlternateShell»=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCdrom]
«AutoRun» = 1========== Autorun Files on Drives ==========
AUTOEXEC.BAT [PATH=%PATH%;C:PROGRA~1COMMON~1MUVEET~1 30625 | ]
[2007.12.19 13:29:13 | 00,000,050 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]========== MountPoints2 ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{4d7aeeed-ac03-11dc-93f8-0090f549fe1c}ShellAutoRuncommand]
«»=C:WINDOWSsystem32shell32.dll — [2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт)[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{4d7aeeed-ac03-11dc-93f8-0090f549fe1c}ShellOpen(0)command]
«»=Recycledctfmon.exe[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}ShellAutoRuncommand]
«»=jun.exe[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}Shellexplorecommand]
«»=jun.exe[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}Shellopencommand]
«»=jun.exe[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{ddf7d3f5-54c4-11dd-9493-0090f549fe1c}ShellAutoRuncommand]
«»=C:WINDOWSsystem32shell32.dll — [2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт)[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{ddf7d3f5-54c4-11dd-9493-0090f549fe1c}ShellOpen(0)command]
«»=F:Recycledctfmon.exe — File not found========== Files/Folders — Created Within 30 Days ==========
[2009.01.05 13:47:26 | 00,422,912 | —- | C] (OldTimer Tools) — C:Documents and SettingsОлесяРабочий столOTViewIt.exe
========== Files — Modified Within 30 Days ==========
[4 C:WINDOWSSystem32*.tmp files]
[4 C:WINDOWS*.tmp files]
[3 C:Documents and SettingsОлесяМои документы*.tmp files]
[2009.01.05 15:02:01 | 00,000,254 | —- | M] () — C:WINDOWStasksWindows Live Toolbar Güncelleştirmelerini Denetle.job
[2009.01.05 14:41:58 | 00,005,758 | —- | M] () — C:WINDOWSSystem32CONFIG.NT
[2009.01.05 13:47:35 | 00,422,912 | —- | M] (OldTimer Tools) — C:Documents and SettingsОлесяРабочий столOTViewIt.exe
[2009.01.05 01:00:14 | 00,233,472 | —- | M] () — C:Documents and SettingsОлесяLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.04 00:55:53 | 00,000,434 | —- | M] () — C:WINDOWStasksRegPowerClean.job
[2009.01.04 00:08:56 | 00,000,420 | —- | M] () — C:WINDOWStasksRPCReminder.job
[2009.01.04 00:08:56 | 00,000,416 | —- | M] () — C:WINDOWStasksPCConfidential.job
[2009.01.04 00:08:25 | 00,000,006 | -H— | M] () — C:WINDOWStasksSA.DAT
[2009.01.04 00:08:20 | 00,002,206 | —- | M] () — C:WINDOWSSystem32wpa.dbl
[2009.01.04 00:08:18 | 00,002,048 | —S- | M] () — C:WINDOWSbootstat.dat
[2009.01.02 18:34:04 | 00,000,284 | —- | M] () — C:WINDOWStasksAppleSoftwareUpdate.job
[2008.12.27 22:38:18 | 01,153,686 | —- | M] () — C:WINDOWSSystem32PerfStringBackup.INI
[2008.12.27 22:38:18 | 00,500,866 | —- | M] () — C:WINDOWSSystem32perfh019.dat
[2008.12.27 22:38:18 | 00,458,912 | —- | M] () — C:WINDOWSSystem32perfh009.dat
[2008.12.27 22:38:18 | 00,097,460 | —- | M] () — C:WINDOWSSystem32perfc019.dat
[2008.12.27 22:38:18 | 00,082,676 | —- | M] () — C:WINDOWSSystem32perfc009.dat
[2008.12.23 12:48:42 | 00,000,581 | —- | M] () — C:Documents and SettingsОлесяМои документыPaylaşım Klasörlerim.lnk
** — C:Documents and SettingsОлесяМои документыPaylas?m Klasorlerim.lnk
< End of report >6 января, 2009 в 4:37 пп #20802Судя по логу ваш компьютер заражён autorun.inf трояном.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов. Скачайте и запустите Flash_Disinfector, не забудьте при этом по требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделено желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:services
Seekeen Service
:reg
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"RavAV"=-
[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionRun]
"RavAV"=-
[-HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{4d7aeeed-ac03-11dc-93f8-0090f549fe1c}ShellAutoRuncommand]
[-HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{4d7aeeed-ac03-11dc-93f8-0090f549fe1c}ShellOpen(0)command]
[-HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}ShellAutoRuncommand]
[-HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}Shellexplorecommand]
[-HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}Shellopencommand]
[-HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{ddf7d3f5-54c4-11dd-9493-0090f549fe1c}ShellAutoRuncommand]
[-HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{ddf7d3f5-54c4-11dd-9493-0090f549fe1c}ShellOpen(0)command]
:files
C:Program FilesSeekeenseekeen.exe
c:Recycledctfmon.exe
C:Documents and SettingsОлесяГлавное менюПрограммыАвтозагрузкаRavMonE.exe
:Commands
[emptytemp]
[start explorer]
[Reboot]Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Так же в ваш ответ вставьте свежий OTViewIt лог.7 января, 2009 в 7:44 дп #20803Спасибо, все сделала, и вот итоги:
========== SERVICES/DRIVERS ==========
Unable to stop service Seekeen Service .
========== REGISTRY ==========
Registry value HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun\RavAV not found.
Registry value HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionRun\RavAV not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{4d7aeeed-ac03-11dc-93f8-0090f549fe1c}ShellAutoRuncommand\ not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{4d7aeeed-ac03-11dc-93f8-0090f549fe1c}ShellOpen(0)command\ not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}ShellAutoRuncommand\ not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}Shellexplorecommand\ not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}Shellopencommand\ not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{ddf7d3f5-54c4-11dd-9493-0090f549fe1c}ShellAutoRuncommand\ not found.
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{ddf7d3f5-54c4-11dd-9493-0090f549fe1c}ShellOpen(0)command\ not found.
========== FILES ==========
File/Folder C:Program FilesSeekeenseekeen.exe not found.
File/Folder c:Recycledctfmon.exe not found.
File/Folder C:Documents and SettingsОлесяГлавное менюПрограммыАвтозагрузкаRavMonE.exe not found.
========== COMMANDS ==========
File delete failed. C:DOCUME~1F24B~1LOCALS~1TempJETAF4.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStemp_avast4_Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempPerflib_Perfdata_6c8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 01072009_103405
Files moved on Reboot…
File move failed. C:DOCUME~1F24B~1LOCALS~1TempJETAF4.tmp scheduled to be moved on reboot.
File move failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be moved on reboot.
File move failed. C:WINDOWStemp_avast4_Webshlock.txt scheduled to be moved on reboot.
File move failed. C:WINDOWStempPerflib_Perfdata_6c8.dat scheduled to be moved on reboot.7 января, 2009 в 7:46 дп #20804А вот и свежий OTViewIt лог:
OTViewIt logfile created on: 07.01.2009 10:37:48 — Run 3
OTViewIt by OldTimer — Version 1.0.21.0 Folder = C:Documents and SettingsОлесяРабочий стол
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy957,48 Mb Total Physical Memory | 536,79 Mb Available Physical Memory | 56,06% Memory free
2,26 Gb Paging File | 1,87 Gb Available in Paging File | 82,79% Paging File free
Paging file location(s): C:pagefile.sys 1440 2880;%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 72,97 Gb Total Space | 13,59 Gb Free Space | 18,62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: BD283CD7CD86497
Current User Name: Олеся
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days========== Processes ==========
[2008.04.14 19:11:09 | 00,050,688 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32smss.exe
[2008.04.14 19:11:13 | 00,509,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32winlogon.exe
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe
[2008.11.26 20:12:08 | 00,018,752 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
[2008.11.26 20:18:46 | 00,155,160 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashServ.exe
[2006.02.28 12:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe
[2005.08.29 15:12:14 | 00,266,295 | —- | M] (Broadcom Corporation.) — C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
[2008.04.14 19:10:58 | 00,015,872 | —- | M] (Корпорация Майкрософт (Microsoft Corp.)) — C:WINDOWSsystem32inetsrvinetinfo.exe
[2007.03.31 04:06:26 | 01,189,424 | —- | M] (Wacom Technology, Corp.) — C:WINDOWSsystem32Tablet.exe
[2007.03.31 04:07:12 | 00,132,656 | —- | M] (Wacom Technology, Corp.) — C:WINDOWSsystem32WTabletTabUserW.exe
[2007.03.31 04:06:26 | 01,189,424 | —- | M] (Wacom Technology, Corp.) — C:WINDOWSsystem32Tablet.exe
[2008.11.26 20:18:32 | 00,254,040 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
[2008.11.26 20:16:23 | 00,352,920 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
[2005.08.11 16:30:30 | 00,081,920 | —- | M] (Macrovision Corporation) — C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
[2006.03.22 14:35:04 | 00,069,632 | —- | M] (Realtek Semiconductor Corp.) — C:WINDOWSSOUNDMAN.EXE
[2005.01.04 16:52:06 | 00,028,672 | —- | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32Keyhook.exe
[2004.11.01 16:55:58 | 00,077,824 | —- | M] () — C:WINDOWSSmCfg.exe
[2005.02.08 03:00:00 | 00,098,304 | —- | M] (SEIKO EPSON CORPORATION) — C:WINDOWSsystem32spooldriversw32x863E_FATIACP.EXE
[2005.07.19 17:32:18 | 00,221,184 | —- | M] (Logitech Inc.) — C:WINDOWSsystem32LVCOMSX.EXE
[2005.06.08 15:14:44 | 00,217,088 | —- | M] (Logitech Inc.) — C:Program FilesLogitechVideoLogiTray.exe
[2007.01.07 23:31:18 | 00,118,784 | —- | M] (Wacom Co., Ltd) — C:Program FilesJustWrite OfficeScreenMark.exe
[2006.06.09 01:11:00 | 00,024,576 | —- | M] (Creative Technology Ltd.) — C:Program FilesCreativeCreative Live! CamVideoFXStartFX.exe
[2008.02.28 14:31:50 | 00,063,048 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86LogMeInSystray.exe
[2008.11.26 20:18:51 | 00,081,000 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashDisp.exe
[2008.10.16 14:09:44 | 00,051,224 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32wuauclt.exe
[2008.05.28 11:32:30 | 00,087,360 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86LMIGuardian.exe
[2008.02.20 16:19:52 | 00,360,448 | —- | M] (Sony Ericsson Mobile Communications AB) — C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe
[2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.) — C:Program FilesICQ6ICQ.exe
[2005.06.08 14:44:56 | 00,192,512 | —- | M] (Logitech Inc.) — C:Program FilesLogitechVideoFxSvr2.exe
[2007.05.17 16:08:14 | 00,661,776 | —- | M] (IVT Corporation.) — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
[2005.10.09 00:16:54 | 00,610,365 | —- | M] (Broadcom Corporation.) — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
[2007.11.27 13:31:38 | 00,067,128 | —- | M] (Logitech Inc.) — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
[2005.01.04 16:52:52 | 00,331,776 | —- | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32sistray.exe
[2004.12.17 09:00:00 | 00,118,784 | —- | M] (WinZip Computing, Inc.) — C:Program FilesWinZipWZQKPICK.EXE
[2005.10.09 00:11:20 | 01,396,820 | —- | M] (Broadcom Corporation.) — C:Program FilesWIDCOMMBluetooth SoftwareBTStackServer.exe
[2007.09.20 10:35:36 | 00,118,336 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe
[2008.04.14 19:11:13 | 00,218,112 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32wbemwmiprvse.exe
[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe
[2009.01.05 13:47:35 | 00,422,912 | —- | M] (OldTimer Tools) — C:Documents and SettingsОлесяРабочий столOTViewIt.exe========== (O23) Win32 Services ==========
[2007.11.20 12:25:33 | 00,072,704 | —- | M] (Adobe Systems) — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe — (Adobe LM Service [On_Demand | Stopped])
[2007.10.24 00:47:22 | 00,033,800 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe — (aspnet_state [On_Demand | Stopped])
[2008.11.26 20:12:08 | 00,018,752 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe — (aswUpdSv [Auto | Running])
[2008.11.26 20:18:46 | 00,155,160 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashServ.exe — (avast! Antivirus [Auto | Running])
[2008.11.26 20:18:32 | 00,254,040 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe — (avast! Mail Scanner [On_Demand | Running])
[2008.11.26 20:16:23 | 00,352,920 | —- | M] (ALWIL Software) — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe — (avast! Web Scanner [On_Demand | Running])
[2006.02.28 12:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe — (Bonjour Service [Auto | Running])
[2005.08.29 15:12:14 | 00,266,295 | —- | M] (Broadcom Corporation.) — C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe — (btwdins [Auto | Running])
[2007.10.24 00:47:40 | 00,070,144 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe — (Eventlog [Auto | Running])
[2007.11.20 12:53:18 | 00,654,848 | —- | M] (Macrovision Europe Ltd.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe — (FLEXnet Licensing Service [On_Demand | Stopped])
[2008.01.30 23:26:38 | 00,138,168 | —- | M] (Google) — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe — (gusvc [On_Demand | Stopped])
[2008.04.14 19:10:58 | 00,015,872 | —- | M] (Корпорация Майкрософт (Microsoft Corp.)) — C:WINDOWSsystem32inetsrvinetinfo.exe — (IISADMIN [Auto | Running])
[2008.04.14 19:10:58 | 00,150,528 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32imapi.exe — (ImapiService [On_Demand | Stopped])
[2008.05.28 11:32:34 | 00,116,032 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86ramaint.exe — (LMIMaint [Disabled | Stopped])
[2008.02.28 14:31:50 | 00,063,040 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86LogMeIn.exe — (LogMeIn [Disabled | Stopped])
[2008.04.14 19:11:00 | 00,032,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32mnmsrvc.exe — (mnmsrvc [On_Demand | Stopped])
[2008.04.14 19:11:04 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32netdde.exe — (NetDDE [Disabled | Stopped])
[2008.04.14 19:11:04 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32netdde.exe — (NetDDEdsdm [Disabled | Stopped])
[2003.07.28 20:28:22 | 00,089,136 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe — (PlugPlay [Auto | Running])
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32sessmgr.exe — (RDSessMgr [On_Demand | Stopped])
[2008.04.14 19:11:07 | 00,096,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32scardsvr.exe — (SCardSvr [On_Demand | Stopped])
[2008.04.14 19:10:58 | 00,015,872 | —- | M] (Корпорация Майкрософт (Microsoft Corp.)) — C:WINDOWSsystem32inetsrvinetinfo.exe — (SMTPSVC [Auto | Running])
[2008.04.14 19:11:09 | 00,091,648 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32smlogsvc.exe — (SysmonLog [On_Demand | Stopped])
[2007.03.31 04:06:26 | 01,189,424 | —- | M] (Wacom Technology, Corp.) — C:WINDOWSsystem32Tablet.exe — (TabletService [Auto | Running])
[2008.04.14 19:11:11 | 00,073,216 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32tlntsvr.exe — (TlntSvr [Disabled | Stopped])
[2007.10.18 11:31:54 | 00,098,328 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengerusnsvc.exe — (usnjsvc [On_Demand | Stopped])
[2008.04.14 19:11:12 | 00,290,304 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32vssvc.exe — (VSS [On_Demand | Stopped])
[2008.04.14 19:10:58 | 00,015,872 | —- | M] (Корпорация Майкрософт (Microsoft Corp.)) — C:WINDOWSsystem32inetsrvinetinfo.exe — (W3SVC [Auto | Running])
[2007.10.25 15:27:54 | 00,266,240 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveinstallerWLSetupSvc.exe — (WLSetupSvc [On_Demand | Stopped])
[2008.04.14 19:11:13 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32wbemwmiapsrv.exe — (WmiApSrv [On_Demand | Stopped])
[2006.11.02 22:06:32 | 00,914,944 | —- | M] (Microsoft Corporation) — C:Program FilesWindows Media Playerwmpnetwk.exe — (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services ==========
[2008.11.26 20:15:35 | 00,026,944 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaavmker4.sys — (Aavmker4 [System | Running])
[2008.04.14 18:37:37 | 00,188,288 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversacpi.sys — (ACPI [Boot | Running])
[2001.10.20 15:00:00 | 00,011,776 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversacpiec.sys — (ACPIEC [Boot | Running])
[2006.03.22 14:35:09 | 02,278,784 | —- | M] (Realtek Semiconductor Corp.) — C:WINDOWSsystem32driversALCXWDM.SYS — (ALCXWDM [On_Demand | Running])
[2008.11.26 20:17:25 | 00,020,560 | —- | M] (ALWIL Software) — C:WINDOWSsystem32driversaswFsBlk.sys — (aswFsBlk [Auto | Running])
[2008.11.26 20:18:18 | 00,094,032 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswmon2.sys — (aswMon2 [Auto | Running])
[2008.11.26 20:16:29 | 00,023,152 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswRdr.sys — (aswRdr [On_Demand | Running])
[2008.11.26 20:17:36 | 00,111,184 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswSP.sys — (aswSP [System | Running])
[2008.11.26 20:16:38 | 00,050,864 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswTdi.sys — (aswTdi [System | Running])
[2007.05.11 02:10:50 | 00,034,704 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversblueletaudio.sys — (BlueletAudio [On_Demand | Running])
[2007.03.05 05:00:04 | 00,027,792 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversBlueletSCOAudio.sys — (BlueletSCOAudio [On_Demand | Running])
[2007.03.05 04:59:04 | 00,018,320 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversbtnetdrv.sys — (BT [On_Demand | Running])
[2005.08.29 14:55:18 | 00,030,363 | —- | M] (Broadcom Corporation.) — C:WINDOWSsystem32driversbtport.sys — (BTDriver [On_Demand | Stopped])
[2007.03.05 04:55:12 | 00,020,880 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversvbtenum.sys — (BTHidEnum [Boot | Running])
[2007.03.05 04:56:18 | 00,035,600 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversBTHidMgr.sys — (BTHidMgr [Boot | Running])
[2005.08.29 16:45:34 | 00,853,258 | —- | M] (Broadcom Corporation.) — C:WINDOWSsystem32driversbtkrnl.sys — (BTKRNL [On_Demand | Running])
[2005.08.29 14:54:36 | 00,064,344 | —- | M] (Broadcom Corporation.) — C:WINDOWSsystem32driversbtwusb.sys — (BTWUSB [On_Demand | Stopped])
[2004.03.08 12:55:50 | 00,013,567 | —- | M] (B.H.A Corporation) — C:WINDOWSSystem32driversCDRBSDRV.SYS — (cdrbsdrv [System | Running])
[2008.04.14 18:41:12 | 00,044,544 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversfips.sys — (Fips [System | Running])
[2001.10.20 15:00:00 | 00,125,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversftdisk.sys — (Ftdisk [Boot | Running])
[2008.04.14 18:44:08 | 00,053,120 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversi8042prt.sys — (i8042prt [System | Running])
[2008.04.14 18:47:15 | 00,037,504 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversisapnp.sys — (isapnp [Boot | Running])
[2008.04.14 18:47:55 | 00,024,832 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverskbdclass.sys — (Kbdclass [System | Running])
[2008.04.14 18:47:56 | 00,014,720 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverskbdhid.sys — (kbdhid [System | Stopped])
[2008.02.28 14:31:52 | 00,012,856 | —- | M] (LogMeIn, Inc.) — C:Program FilesLogMeInx86rainfo.sys — (LMIInfo [Auto | Running])
[2008.02.28 14:31:08 | 00,010,144 | —- | M] (LogMeIn, Inc.) — C:WINDOWSsystem32driverslmimirr.sys — (lmimirr [On_Demand | Running])
[2008.05.28 11:33:14 | 00,083,288 | —- | M] (LogMeIn, Inc.) — C:WINDOWSSystem32LMIRfsClientNP.dll — (LMIRfsClientNP [Disabled | Stopped])
[2008.03.07 12:39:50 | 00,045,848 | —- | M] (LogMeIn, Inc.) — C:WINDOWSsystem32driversLMIRfsDriver.sys — (LMIRfsDriver [Auto | Running])
[2005.01.31 13:12:48 | 00,022,016 | R— | M] (Logitech Inc.) — C:WINDOWSsystem32driversLVUSBSta.sys — (LVUSBSta [On_Demand | Stopped])
[2008.04.14 18:37:37 | 00,030,208 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversmodem.sys — (Modem [On_Demand | Running])
[2001.08.17 21:57:38 | 00,016,128 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversMODEMCSA.sys — (MODEMCSA [On_Demand | Running])
[2008.04.14 18:37:43 | 00,023,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversmouclass.sys — (Mouclass [System | Running])
[2001.10.19 20:33:10 | 00,012,160 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversmouhid.sys — (mouhid [On_Demand | Running])
[2004.11.01 16:24:00 | 00,229,720 | —- | M] ( ) — C:WINDOWSsystem32driversmtlmnt5.sys — (Mtlmnt5 [On_Demand | Running])
[2004.11.01 16:17:26 | 01,396,048 | —- | M] ( ) — C:WINDOWSsystem32driversmtlstrm.sys — (Mtlstrm [On_Demand | Stopped])
[2008.04.14 18:52:21 | 00,080,128 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversparport.sys — (Parport [On_Demand | Stopped])
[2001.10.20 15:00:00 | 00,006,912 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversparvdm.sys — (ParVdm [Auto | Stopped])
[2008.04.14 18:52:28 | 00,068,480 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverspci.sys — (PCI [Boot | Running])
[2001.10.20 15:00:00 | 00,003,328 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverspciide.sys — (PCIIde [Boot | Running])
[2008.04.14 18:52:30 | 00,120,192 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverspcmcia.sys — (Pcmcia [Boot | Running])
[2007.12.02 14:27:28 | 00,047,360 | —- | M] (VSO Software) — C:WINDOWSsystem32driverspcouffin.sys — (Pcouffin [On_Demand | Running])
[2005.01.31 13:20:04 | 00,211,712 | R— | M] (Logitech Inc.) — C:WINDOWSsystem32driversLV561AV.SYS — (PID_0928 [On_Demand | Stopped])
[2001.10.20 15:00:00 | 00,017,792 | —- | M] (Parallel Technologies, Inc.) — C:WINDOWSsystem32driversptilink.sys — (Ptilink [On_Demand | Running])
[2007.11.30 01:30:24 | 00,043,528 | —- | M] (Sonic Solutions) — C:WINDOWSsystem32driversPxHelp20.sys — (PxHelp20 [Boot | Running])
[2004.11.01 16:26:36 | 00,014,520 | —- | M] ( ) — C:WINDOWSsystem32driversRecAgent.sys — (RecAgent [Boot | Running])
[2008.04.14 18:41:47 | 00,058,368 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversredbook.sys — (redbook [System | Stopped])
[2001.10.20 15:00:00 | 00,005,888 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversrootmdm.sys — (ROOTMODEM [On_Demand | Running])
[2007.11.02 13:47:00 | 00,083,496 | R— | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916bus.sys — (s916bus [On_Demand | Running])
[2007.11.02 13:47:00 | 00,015,016 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916mdfl.sys — (s916mdfl [On_Demand | Running])
[2007.11.02 13:47:00 | 00,109,992 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916mdm.sys — (s916mdm [On_Demand | Running])
[2007.11.02 13:47:00 | 00,103,976 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916mgmt.sys — (s916mgmt [On_Demand | Running])
[2007.11.02 13:47:00 | 00,100,008 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32driverss916obex.sys — (s916obex [On_Demand | Running])
[2007.11.13 13:25:56 | 00,020,480 | —- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) — C:WINDOWSsystem32driverssecdrv.sys — (Secdrv [On_Demand | Stopped])
[2008.04.14 18:44:00 | 00,065,024 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversserial.sys — (Serial [Auto | Stopped])
[2005.08.10 15:44:04 | 00,050,688 | —- | M] (Protection Technology) — C:WINDOWSsystem32driverssfdrv01.sys — (sfdrv01 [Boot | Running])
[2005.05.16 16:20:39 | 00,006,656 | —- | M] (Protection Technology) — C:WINDOWSsystem32driverssfhlp02.sys — (sfhlp02 [Boot | Running])
[2005.10.13 16:46:08 | 00,035,328 | —- | M] (Protection Technology) — C:WINDOWSsystem32driverssfsync03.sys — (sfsync03 [Boot | Running])
[2006.03.22 14:36:06 | 00,240,128 | R— | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32driverssisgrp.sys — (SiS315 [On_Demand | Running])
[2006.03.22 14:36:02 | 00,036,992 | R— | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32driversSISAGPX.SYS — (SISAGP [Boot | Running])
[2006.03.22 14:36:07 | 00,013,184 | R— | M] (Silicon Integrated Systems Corporation) — C:WINDOWSsystem32driverssrvkp.sys — (SiSkp [System | Running])
[2004.08.04 01:31:36 | 00,032,768 | —- | M] (SiS Corporation) — C:WINDOWSsystem32driverssisnic.sys — (SISNIC [On_Demand | Stopped])
[2006.03.22 14:35:50 | 00,032,768 | R— | M] (SiS Corporation) — C:WINDOWSsystem32driverssisnicxp.sys — (SISNICXP [On_Demand | Running])
[2004.11.01 16:30:00 | 00,653,960 | —- | M] ( ) — C:WINDOWSsystem32driversslntamr.sys — (Slntamr [On_Demand | Running])
[2004.11.01 16:19:00 | 00,100,176 | —- | M] ( ) — C:WINDOWSsystem32driversslnthal.sys — (SlNtHal [On_Demand | Stopped])
[2004.11.01 16:07:50 | 00,013,216 | —- | M] ( ) — C:WINDOWSsystem32driversslwdmsup.sys — (SlWdmSup [On_Demand | Running])
[2001.08.17 21:56:16 | 00,007,552 | —- | M] (Sony Corporation) — C:WINDOWSsystem32driversSONYPVU1.SYS — (SONYPVU1 [On_Demand | Stopped])
[2008.02.22 19:15:11 | 00,642,560 | —- | M] () — C:WINDOWSsystem32driverssptd.sys — (sptd [Boot | Running])
[2008.04.14 18:52:45 | 00,073,472 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverssr.sys — (sr [Boot | Running])
[2008.04.13 21:36:40 | 00,044,672 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversuagp35.sys — (uagp35 [Boot | Running])
[2008.04.13 21:46:20 | 00,121,984 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversusbvideo.sys — (usbvideo [On_Demand | Stopped])
[2007.03.05 04:52:18 | 00,034,448 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversVComm.sys — (VComm [On_Demand | Running])
[2007.03.05 04:53:18 | 00,044,304 | —- | M] (IVT Corporation.) — C:WINDOWSsystem32driversVcommMgr.sys — (VcommMgr [On_Demand | Running])
[2008.04.14 18:40:08 | 00,051,968 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversvolsnap.sys — (VolSnap [Boot | Running])
[2005.04.30 11:01:56 | 03,281,408 | R— | M] (Intel® Corporation) — C:WINDOWSsystem32driversw29n51.sys — (w29n51 [On_Demand | Running])
[2007.02.16 22:12:36 | 00,011,312 | —- | M] (Wacom Technology) — C:WINDOWSsystem32driverswacommousefilter.sys — (wacommousefilter [On_Demand | Running])
[2007.02.16 21:30:12 | 00,012,848 | —- | M] (Wacom Technology) — C:WINDOWSsystem32driverswacomvhid.sys — (wacomvhid [On_Demand | Running])========== (R ) Internet Explorer ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain]
«Default_Page_URL»=http://go.microsoft.com/fwlink/?LinkId=69157
«Default_Search_URL»=http://go.microsoft.com/fwlink/?LinkId=54896
«Default_Secondary_Page_URL»=
«Extensions Off Page»=about:NoAdd-ons
«Local Page»=%SystemRoot%system32blank.htm
«Search Page»=http://go.microsoft.com/fwlink/?LinkId=54896
«Security Risk Page»=about:SecurityRisk
«Start Page»=http://go.microsoft.com/fwlink/?LinkId=69157[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearch]
«CustomizeSearch»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
«SearchAssistant»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMain]
«Local Page»=C:WINDOWSsystem32blank.htm
«Search Page»=http://www.google.com
«Start Page»=http://www.yandex.ru/?clid=40316[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — C:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0
«ProxyOverride» = *.local;localhost[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftInternet ExplorerMain]
«Local Page»=C:WINDOWSsystem32blank.htm
«Search Page»=http://www.google.com
«Start Page»=http://www.yandex.ru/?clid=40316[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — C:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0
«ProxyOverride» = *.local;localhost========== (O1) Hosts File ==========
HOSTS File = (0 bytes) — C:WINDOWSSystem32driversetcHosts
First 25 entries…========== (O2) BHO’s ==========
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll (Adobe Systems Incorporated)
{089C252F-A01C-41E7-877B-29C166C27147} (HKLM) — C:WINDOWSDownloaded Program Fileskl_bho.dll ()
{22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} (HKLM) — C:Program FilesWinfernoPC ConfidentialPCCBHO.dll (Capital Intellect Inc)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corporation)
{AA58ED58-01DD-4D91-8333-CF10577473F7} (HKLM) — C:Documents and SettingsОлесяGooglegoogletoolbar1.dll ()
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (HKLM) — C:Program FilesWindows Live Toolbarmsntb.dll (Microsoft Corporation)========== (O3) Toolbars ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{2318C2B1-4965-11d4-9B18-009027A5CD4F}» (HKLM) — c:Program FilesGoogleGoogleToolbar1.dll (Google Inc.)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{468CD8A9-7C25-45FA-969E-3D925C689DC4}» (HKLM) — C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}» (HKLM) — C:Program FilesWindows Live Toolbarmsntb.dll (Microsoft Corporation)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{07AA283A-43D7-4CBE-A064-32A21112D94D}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — c:Program FilesGoogleGoogleToolbar1.dll (Google Inc.)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{468CD8A9-7C25-45FA-969E-3D925C689DC4}» (HKLM) — C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}» (HKLM) — C:Program FilesWindows Live Toolbarmsntb.dll (Microsoft Corporation)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{07AA283A-43D7-4CBE-A064-32A21112D94D}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — c:Program FilesGoogleGoogleToolbar1.dll (Google Inc.)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{468CD8A9-7C25-45FA-969E-3D925C689DC4}» (HKLM) — C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}» (HKLM) — C:Program FilesWindows Live Toolbarmsntb.dll (Microsoft Corporation)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Adobe Reader Speed Launcher»=»C:Program FilesAdobeReader 8.0ReaderReader_sl.exe» (Adobe Systems Incorporated)
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe (ALWIL Software)
«AVFX Engine»=C:Program FilesCreativeCreative Live! CamVideoFXStartFX.exe (Creative Technology Ltd.)
«BVRPLiveUpdate»=C:Program FilesAvanquest updateEngineSetup.exe -s /PATCH,/SRCUPDATEC:DOCUME~1ALLUSE~1APPLIC~1SONYER~1SONYER~1LIVEUP~1LISTOF~1.DAT File not found
«EPSON Stylus CX3700 Series»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIACP.EXE /P26 «EPSON Stylus CX3700 Series» /O6 «USB001» /M «Stylus CX3700» (SEIKO EPSON CORPORATION)
«ISUSPM Startup»=»C:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup (Macrovision Corporation)
«ISUSScheduler»=»C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start (Macrovision Corporation)
«JWOSetup»=JWOSetup.exe -en (Wacom Co., Ltd)
«LogitechVideoRepair»=C:Program FilesLogitechVideoISStart.exe (Logitech Inc.)
«LogitechVideoTray»=C:Program FilesLogitechVideoLogiTray.exe (Logitech Inc.)
«LogMeIn GUI»=»C:Program FilesLogMeInx86LogMeInSystray.exe» (LogMeIn, Inc.)
«LVCOMSX»=C:WINDOWSsystem32LVCOMSX.EXE (Logitech Inc.)
«NevoDRM»=»C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe» File not found
«QuickTime Task»=»C:Program FilesQuickTimeqttask.exe» -atboottime (Apple Inc.)
«SiS Windows KeyHook»=C:WINDOWSsystem32keyhook.exe (Silicon Integrated Systems Corporation)
«SiSPower»=Rundll32.exe SiSPower.dll,ModeAgent (Silicon Integrated Systems Corporation)
«SMcfg»=smcfg.exe -s ()
«SMKRun»=C:Program FilesJustWrite OfficeScreenMark.exe -i (Wacom Co., Ltd)
«SoundMan»=SOUNDMAN.EXE (Realtek Semiconductor Corp.)[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«AdobeUpdater»=C:Program FilesCommon FilesAdobeUpdater5AdobeUpdater.exe (Adobe Systems Incorporated)
«ICQ»=»C:Program FilesICQ6ICQ.exe» silent (ICQ, Inc.)
«LDM»=C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe File not found
«LogitechSoftwareUpdate»=»C:Program FilesLogitechVideoManifestEngine.exe» boot (Logitech Inc.)
«Sony Ericsson PC Suite»=»C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe» /systray /nologon (Sony Ericsson Mobile Communications AB)
«swg»=C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe (Google Inc.)
«Uniblue RegistryBooster 2009″=C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionRun]
«AdobeUpdater»=C:Program FilesCommon FilesAdobeUpdater5AdobeUpdater.exe (Adobe Systems Incorporated)
«ICQ»=»C:Program FilesICQ6ICQ.exe» silent (ICQ, Inc.)
«LDM»=C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe File not found
«LogitechSoftwareUpdate»=»C:Program FilesLogitechVideoManifestEngine.exe» boot (Logitech Inc.)
«Sony Ericsson PC Suite»=»C:Program FilesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe» /systray /nologon (Sony Ericsson Mobile Communications AB)
«swg»=C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe (Google Inc.)
«Uniblue RegistryBooster 2009″=C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S File not found========== (O4) RunOnce Keys ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«OTMoveIt»=C:Documents and SettingsОлесяРабочий столOTMoveIt3.exe (OldTimer Tools)========== (O4) Startup Folders ==========
[2007.05.17 16:08:14 | 00,661,776 | —- | M] (IVT Corporation.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаBlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
[2005.10.09 00:16:54 | 00,610,365 | —- | M] (Broadcom Corporation.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаBTTray.lnk = C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
[2007.11.27 13:31:38 | 00,067,128 | —- | M] (Logitech Inc.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаLogitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
[2006.02.07 10:17:00 | 03,153,920 | R— | M] (Extensis Inc.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаSuitcase Startup.lnk = C:Program FilesExtensisSuitcase 9.2Suitcase.exe
[2005.01.04 16:52:52 | 00,331,776 | —- | M] (Silicon Integrated Systems Corporation) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаUtility Tray.lnk = C:WINDOWSsystem32sistray.exe
[2004.12.17 09:00:00 | 00,118,784 | —- | M] (WinZip Computing, Inc.) — C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаWinZip Quick Pick.lnk = C:Program FilesWinZipWZQKPICK.EXE========== (O6 & O7) Current Version Policies ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=36
«NoBandCustomize»=0
«NoMovingBands»=0
«NoCloseDragDropBands»=0
«NoSetTaskbar»=0
«NoToolbarsOnTaskbar»=0
«NoSaveSettings»=0
«NoActiveDesktop»=0
«ClassicShell»=0
«NoDriveAutoRun»=FF FF FF FF [binary data][HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=36
«NoBandCustomize»=0
«NoMovingBands»=0
«NoCloseDragDropBands»=0
«NoSetTaskbar»=0
«NoToolbarsOnTaskbar»=0
«NoSaveSettings»=0
«NoActiveDesktop»=0
«ClassicShell»=0
«NoDriveAutoRun»=FF FF FF FF [binary data]========== (O8) IE Context Menu Extensions ==========
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt]
&Translate: File not found
&Ubersetzen: File not found
&Windows Live Search: C:Program FilesWindows Live Toolbarmsntb.dll [2007.10.19 11:20:48 | 00,546,320 | —- | M] (Microsoft Corporation)
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE [2008.08.04 15:12:50 | 10,354,176 | —- | M] (Microsoft Corporation)
T&raduire: File not found
Traduc&ir: File not found
Tradurr&e: File not found
Yandex &Search: File not found
Найти с помощью Рамблера: C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found
Перевести с помощью словарей Рамблера: C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found[HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE [2008.08.04 15:12:50 | 10,354,176 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE [2008.08.04 15:12:50 | 10,354,176 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-19SoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-20SoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SoftwareMicrosoftInternet ExplorerMenuExt]
&Translate: File not found
&Ubersetzen: File not found
&Windows Live Search: C:Program FilesWindows Live Toolbarmsntb.dll [2007.10.19 11:20:48 | 00,546,320 | —- | M] (Microsoft Corporation)
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOFFICE11EXCEL.EXE [2008.08.04 15:12:50 | 10,354,176 | —- | M] (Microsoft Corporation)
T&raduire: File not found
Traduc&ir: File not found
Tradurr&e: File not found
Yandex &Search: File not found
Найти с помощью Рамблера: C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found
Перевести с помощью словарей Рамблера: C:Program FilesRambler AssistantramblertoolbarU5090.dll File not found========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Bunu Web Günlüğüne Al — %ProgramFiles%Windows LiveWriterWriterBrowserExtension.dll [2007.10.26 18:09:54 | 00,154,640 | —- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: Windows Live Writer içinde &Bunu Web Günlüğüne Al — %ProgramFiles%Windows LiveWriterWriterBrowserExtension.dll [2007.10.26 18:09:54 | 00,154,640 | —- | M] (Microsoft Corporation)
{53F6FCCD-9E22-4d71-86EA-6E43136192AB}: Menu: PC Confidential — %ProgramFiles%WinfernoPC ConfidentialPCConfidential.exe [2008.04.01 14:10:40 | 34,682,224 | —- | M] (Capital Intellect, Inc)
{925DAB62-F9AC-4221-806A-057BFB1014AA}: Button: PC Confidential — %ProgramFiles%WinfernoPC ConfidentialPCConfidential.exe [2008.04.01 14:10:40 | 34,682,224 | —- | M] (Capital Intellect, Inc)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Справочные материалы — %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [2007.04.19 13:10:18 | 00,063,840 | —- | M] (Microsoft Corporation)
{CCA281CA-C863-46ef-9331-5C8D4460577F}: Button: @btrez.dll,-4015 — %ProgramFiles%WIDCOMMBluetooth Softwarebtsendto_ie.htm [2003.05.29 12:53:08 | 00,002,681 | —- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}: Menu: @btrez.dll,-12650 — %ProgramFiles%WIDCOMMBluetooth Softwarebtsendto_ie.htm [2003.05.29 12:53:08 | 00,002,681 | —- | M] ()
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 — %SystemRoot%network diagnosticxpnetdiag.exe [2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation)
{E59EB121-F339-4851-A3BA-FE49C35617C2}: Button: ICQ6 — %ProgramFiles%ICQ6ICQ.exe [2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
{E59EB121-F339-4851-A3BA-FE49C35617C2}: Menu: ICQ6 — %ProgramFiles%ICQ6ICQ.exe [2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger — %ProgramFiles%Messengermsmsgs.exe [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger — %ProgramFiles%Messengermsmsgs.exe [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [Справочные материалы] -> [2007.04.19 13:10:18 | 00,063,840 | —- | M] (Microsoft Corporation)
CmdMapping\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> %ProgramFiles%ICQ6ICQ.exe [ICQ6] -> [2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [Справочные материалы] -> [2007.04.19 13:10:18 | 00,063,840 | —- | M] (Microsoft Corporation)
CmdMapping\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [@btrez.dll,-4015] -> File not found
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> %ProgramFiles%ICQ6ICQ.exe [ICQ6] -> [2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerPlugins]
PluginsPage: «» = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: «» = Microsoft ActiveX Gallery
Extension.spop: — C:Program FilesInternet ExplorerPLUGINSNPDocBox.dll [2001.01.30 13:56:24 | 00,225,280 | —- | M] (InterTrust Technologies Corporation, Inc.)========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLDefaultPrefix]
«»=http://========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
1 domain(s) and sub-domain(s) not assigned to a zone.========== (O16) DPF ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab — Reg Error: Key does not exist or could not be opened.
{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab — Windows Genuine Advantage Validation Tool
{2D4C57AA-54C0-4942-BB2A-51DF0727950B}: http://www.openkremlin.ru/cab/ImResCtl.cab — ImResize Class
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:Program FilesYahoo!Commonyinsthelper.dll — YInstStarter Class
{31435657-9980-0010-8000-00AA00389B71}: http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab — Reg Error: Key does not exist or could not be opened.
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}: http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab — MSN Photo Upload Tool
{4FC12A7E-AD73-4CCB-89AD-D9832A542C40}: http://kochka.ru/kochka.cab — KLLoader Object
{5C6698D9-7BE4-4122-8EC5-291D84DBD4A0}: http://upload.facebook.com/controls/FacebookPhotoUploader3.cab — Facebook Photo Uploader 4 Control
{7FC1B346-83E6-4774-8D20-1A6B09B0E737}: http://tuncum.spaces.live.com/PhotoUpload/MsnPUpld.cab — Windows Live Photo Upload Control
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab — Shockwave Flash Object========== (O17) DNS Name Servers ==========
{2972D4AE-8DF8-4EC3-A596-A13DC10A0D88} (Servers: | Description: SiS 900-Based PCI Fast Ethernet Adapter)
{2E68A854-DD01-4C06-8D9A-F55271893365} (Servers: | Description: Intel(R) PRO/Wireless 2200BG Network Connection)
{35962BD5-C9A8-46DE-B9D8-EDCD846691BA} (Servers: | Description: )
{B047D8F1-5DA4-4814-B8C0-61D6E0EF0CEC} (Servers: | Description: )========== (O20) HKLM Winlogon Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
«Shell»=explorer.exe
>[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe«UserInit»=C:WINDOWSsystem32userinit.exe,
>[2008.04.14 19:11:12 | 00,026,624 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32userinit.exe«UIHost»=logonui.exe
>[2008.04.14 19:10:59 | 00,515,072 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32logonui.exe«VMApplet»=rundll32 shell32,Control_RunDLL «sysdm.cpl»
>[2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32shell32.dll
>[2008.04.14 19:11:14 | 00,302,080 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32sysdm.cpl========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify]
crypt32chain: «DllName» = crypt32.dll — C:WINDOWSsystem32crypt32.dll (Корпорация Майкрософт)
cscdll: «DllName» = cscdll.dll — C:WINDOWSsystem32cscdll.dll (Корпорация Майкрософт)
LMIinit: «DllName» = LMIinit.dll — C:WINDOWSsystem32LMIinit.dll (LogMeIn, Inc.)
ScCertProp: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
Schedule: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
sclgntfy: «DllName» = sclgntfy.dll — C:WINDOWSsystem32sclgntfy.dll (Корпорация Майкрософт)
SensLogn: «DllName» = WlNotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
termsrv: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
wlballoon: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)========== (O21) SSODL Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«CDBurn»={fbeb8a05-beee-4442-804e-409d6c4515e9} (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«PostBootReminder»={7849596a-48ea-486e-8937-a2a3009f31a9} (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«SysTray»={35CEC8A3-2BE6-11D2-8773-92E220524153} (HKLM) — C:WINDOWSsystem32stobject.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«UPnPMonitor»={e57ce738-33e8-4c51-8354-bb4de9d215d1} (HKLM) — C:WINDOWSsystem32upnpui.dll (Корпорация Майкрософт)========== (O22) Shared Task Scheduler ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{438755C2-A8BA-11D1-B96B-00A0C90312E1}» (HKLM) = Предзагрузчик Browseui — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{8C7461EF-2B13-11d2-BE35-3078302C2030}» (HKLM) = Демон кэша категорий компонентов — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)========== HKLM *SecurityProviders* ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
>[2008.04.14 19:10:35 | 00,068,608 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32digest.dll
>[2008.04.14 19:10:40 | 00,290,816 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32msnsspc.dll========== Safeboot Options ==========
«AlternateShell»=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCdrom]
«AutoRun» = 1========== Autorun Files on Drives ==========
AUTOEXEC.BAT [PATH=%PATH%;C:PROGRA~1COMMON~1MUVEET~1 30625 | ]
[2007.12.19 13:29:13 | 00,000,050 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]autorun.inf []
[2009.01.07 10:16:20 | 00,000,000 | RHSD | M] — C:autorun.inf — [ NTFS ]========== Files/Folders — Created Within 30 Days ==========
[2009.01.07 10:20:11 | 00,000,000 | —D | C] — C:_OTMoveIt
[2009.01.07 10:18:59 | 00,348,160 | —- | C] (OldTimer Tools) — C:Documents and SettingsОлесяРабочий столOTMoveIt3.exe
[2009.01.07 10:16:20 | 00,000,000 | RHSD | C] — C:autorun.inf
[2009.01.07 10:14:57 | 00,132,597 | —- | C] () — C:Documents and SettingsОлесяРабочий столFlash_Disinfector.exe
[2009.01.05 13:47:26 | 00,422,912 | —- | C] (OldTimer Tools) — C:Documents and SettingsОлесяРабочий столOTViewIt.exe========== Files — Modified Within 30 Days ==========
[4 C:WINDOWSSystem32*.tmp files]
[4 C:WINDOWS*.tmp files]
[3 C:Documents and SettingsОлесяМои документы*.tmp files]
[2009.01.07 10:29:25 | 00,005,758 | —- | M] () — C:WINDOWSSystem32CONFIG.NT
[2009.01.07 10:26:37 | 00,000,434 | —- | M] () — C:WINDOWStasksRegPowerClean.job
[2009.01.07 10:26:35 | 00,000,420 | —- | M] () — C:WINDOWStasksRPCReminder.job
[2009.01.07 10:26:33 | 00,000,416 | —- | M] () — C:WINDOWStasksPCConfidential.job
[2009.01.07 10:26:21 | 00,000,006 | -H— | M] () — C:WINDOWStasksSA.DAT
[2009.01.07 10:26:16 | 00,002,206 | —- | M] () — C:WINDOWSSystem32wpa.dbl
[2009.01.07 10:26:14 | 00,002,048 | —S- | M] () — C:WINDOWSbootstat.dat
[2009.01.07 10:19:01 | 00,348,160 | —- | M] (OldTimer Tools) — C:Documents and SettingsОлесяРабочий столOTMoveIt3.exe
[2009.01.07 10:14:58 | 00,132,597 | —- | M] () — C:Documents and SettingsОлесяРабочий столFlash_Disinfector.exe
[2009.01.06 23:02:00 | 00,000,254 | —- | M] () — C:WINDOWStasksWindows Live Toolbar Güncelleştirmelerini Denetle.job
[2009.01.06 20:42:33 | 00,234,496 | —- | M] () — C:Documents and SettingsОлесяLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.05 13:47:35 | 00,422,912 | —- | M] (OldTimer Tools) — C:Documents and SettingsОлесяРабочий столOTViewIt.exe
[2009.01.02 18:34:04 | 00,000,284 | —- | M] () — C:WINDOWStasksAppleSoftwareUpdate.job
[2008.12.27 22:38:18 | 01,153,686 | —- | M] () — C:WINDOWSSystem32PerfStringBackup.INI
[2008.12.27 22:38:18 | 00,500,866 | —- | M] () — C:WINDOWSSystem32perfh019.dat
[2008.12.27 22:38:18 | 00,458,912 | —- | M] () — C:WINDOWSSystem32perfh009.dat
[2008.12.27 22:38:18 | 00,097,460 | —- | M] () — C:WINDOWSSystem32perfc019.dat
[2008.12.27 22:38:18 | 00,082,676 | —- | M] () — C:WINDOWSSystem32perfc009.dat
[2008.12.23 12:48:42 | 00,000,581 | —- | M] () — C:Documents and SettingsОлесяМои документыPaylaşım Klasörlerim.lnk
** — C:Documents and SettingsОлесяМои документыPaylas?m Klasorlerim.lnk
< End of report >7 января, 2009 в 7:47 дп #20805И отчет Extras:
OTViewIt Extras logfile created on: 07.01.2009 10:37:48 — Run 3
OTViewIt by OldTimer — Version 1.0.21.0 Folder = C:Documents and SettingsОлесяРабочий стол
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy957,48 Mb Total Physical Memory | 536,79 Mb Available Physical Memory | 56,06% Memory free
2,26 Gb Paging File | 1,87 Gb Available in Paging File | 82,79% Paging File free
Paging file location(s): C:pagefile.sys 1440 2880;%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 72,97 Gb Total Space | 13,59 Gb Free Space | 18,62% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: BD283CD7CD86497
Current User Name: Олеся
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days========== File Associations ==========
[HKEY_LOCAL_MACHINESOFTWAREClasses
]
.js [@ = Reg Error: Value does not exist or could not be read.] — Reg Error: Key does not exist or could not be opened. File not found========== Security Center Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«FirstRunDisabled»=1
«AntiVirusDisableNotify»=0
«FirewallDisableNotify»=0
«UpdatesDisableNotify»=0
«AntiVirusOverride»=0
«FirewallOverride»=0
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall]HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile
«EnableFirewall»=1
«DoNotAllowExceptions»=0
«DisableNotifications»=0
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplications]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPorts]========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2007.11.27 13:31:38 | 00,067,128 | —- | M] (Logitech Inc.) — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007.10.18 11:35:06 | 05,724,184 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger
[2007.10.02 17:18:24 | 00,304,488 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengerlivecall.exe:*:Enabled:Windows Live Messenger (Phone)[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2006.02.28 12:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour
[2008.09.01 18:08:21 | 00,173,304 | —- | M] (ICQ, Inc.) — C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6
[2008.10.25 11:27:15 | 00,270,128 | —- | M] (BitTorrent, Inc.) — C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent
[2007.11.27 13:31:38 | 00,067,128 | —- | M] (Logitech Inc.) — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
File not found — C:Program FilesSightSpeedSightSpeed.exe:*:Enabled:SightSpeed
File not found — C:Program FilesFlashGetFlashGet.exe:*:Enabled:Flashget
[2007.03.07 13:27:12 | 00,567,384 | —- | M] (http://www.sopcast.com) — C:Program FilesSopCastadvSopAdver.exe:*:Enabled:SopCast Adver
[2008.04.30 11:32:48 | 01,892,352 | —- | M] (http://www.sopcast.com) — C:Program FilesSopCastSopCast.exe:*:Enabled:SopCast Main Application
File not found — C:Program FilesUtkonosUtkonos.exe:*:Enabled:Резервирование товаров
[2008.08.23 08:56:15 | 00,635,848 | —- | M] (Microsoft Corporation) — C:Program FilesInternet Exploreriexplore.exe:*:Enabled:Internet Explorer
File not found — C:Program FilesCounter-Strike — Fusion Pack SourceCounter-Strike-Fusion Pack Sourcesetuphl2.exe:*:Enabled:hl2
[2007.05.17 16:08:14 | 00,661,776 | —- | M] (IVT Corporation.) — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe:*:Enabled:BlueSoleil
File not found — C:Program FilesBearShare ApplicationsBearShareBearShare.exe:*:Enabled:BearShare
[2007.07.27 11:59:42 | 01,275,136 | —- | M] (Sony Creative Software Inc.) — C:Program FilesSony EricssonSony Ericsson Media Manager 1.0MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0
[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe:*:Disabled:Проводник
File not found — C:Program Files1CТерминатор 3 — Война машинt3.exe:*:Disabled:T3
File not found — C:Program FilesTVUPlayerTVUPlayer.exe:*:Disabled:TVUPlayer Component
[2007.10.18 11:35:06 | 05,724,184 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger
[2007.10.02 17:18:24 | 00,304,488 | —- | M] (Microsoft Corporation) — C:Program FilesWindows LiveMessengerlivecall.exe:*:Enabled:Windows Live Messenger (Phone)========== (O10) Winsock2 Catalogs ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWinSock2Parameters]
NameSpace_Catalog5Catalog_Entries 00000000001 [TCP/IP] — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
NameSpace_Catalog5Catalog_Entries 00000000003 [Пространство имен службы сетевого расположения (NLA)] — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
NameSpace_Catalog5Catalog_Entries 00000000004 [mdnsNSP] — C:Program FilesBonjourmdnsNSP.dll (Apple Computer, Inc.)
Protocol_Catalog9Catalog_Entries 00000000001 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000002 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000003 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000004 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000005 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000006 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000007 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000008 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000009 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000010 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000011 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000012 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000013 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000014 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000015 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000016 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000017 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000018 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000019 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000020 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries 00000000021 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)========== (O18) Protocol Handlers ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.11.27 13:31:38 | 00,028,711 | —- | M] (Logitech Inc.) C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll (bwfile-8876480:{9462A756-7B47-47BC-8C80-C34B9B80B32B} (HKLM) [BackWeb GA Pluggable Protocol])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2008.04.14 19:10:41 | 01,431,552 | —- | M] (Корпорация Майкрософт) C:WINDOWSsystem32msvidctl.dll (dvd:{12D51199-0DB5-46FE-A120-47A3D7D937CC} (HKLM) [DVD: подключаемый протокол])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
ipp: [HKLM — No CLSID value][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.09.20 11:33:58 | 00,843,984 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesSystemOle DBMSDAIPP.DLL ipp x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAMON.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.10.18 10:31:54 | 00,066,072 | —- | M] (Microsoft Corporation) C:Program FilesWindows LiveMessengermsgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
msdaipp: [HKLM — No CLSID value][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.09.20 11:33:58 | 00,843,984 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesSystemOle DBMSDAIPP.DLL msdaipp x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAMON.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.09.20 11:33:58 | 00,843,984 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesSystemOle DBMSDAIPP.DLL msdaippoledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAIPP.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2000.04.19 18:47:36 | 00,520,117 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedInformation RetrievalMSITSS.DLL (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.10.18 10:31:54 | 00,066,072 | —- | M] (Microsoft Corporation) C:Program FilesWindows LiveMessengermsgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.03.14 12:10:22 | 07,255,384 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedWeb Components10OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.05.10 12:45:34 | 08,069,464 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedWeb Components11OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2008.04.14 19:10:41 | 01,431,552 | —- | M] (Корпорация Майкрософт) C:WINDOWSsystem32msvidctl.dll (tv:{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} (HKLM) [ТВ: подключаемый протокол])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.10.23 12:14:52 | 00,858,136 | —- | M] (Microsoft Corporation) C:Program FilesWindows LiveMailmailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])========== (O18) Protocol Filters ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSFilter] — Protocol Filters
[2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт) C:WINDOWSsystem32shell32.dll text/webviewhtml:{733AC4CB-F1A4-11d0-B951-00A0C90312E1} (HKLM) [WebView MIME Filter][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSFilter] — Protocol Filters
[2007.04.19 12:57:40 | 00,046,432 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{01AE68B4-C785-4865-BC7E-78456372BB75}»=RU
«{04AF207D-9A77-465A-8B76-991F6AB66245}»=Adobe Help Viewer CS3
«{08B32819-6EEF-4057-AEDA-5AB681A36A23}»=Adobe Bridge Start Meeting
«{0935DF3B-EA44-4C5E-9011-BD1958E88DFE}»=Akıllı Menüler (Windows Live Toolbar)
«{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}»=OpenOffice.org Installer 1.0
«{105CFC7C-6992-11D5-BD9D-000102C10FD8}»=Lizardtech DjVu Control
«{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}»=Adobe WinSoft Linguistics Plugin
«{18D10072035C4515918F7E37EAFAACFC}»=AutoUpdate
«{1B6BAD26-1406-43BA-ABD1-CEE99ADEF1ED}»=Windows Live installer
«{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}»=Google Планета Земля
«{2006113D-C99B-488D-B707-CA0710804F8F}»=Windows Live Fotoğraf Galerisi
«{2318C2B1-4965-11d4-9B18-009027A5CD4F}»=Google Toolbar for Internet Explorer
«{236BB7C4-4419-42FD-0409-1E257A25E34D}»=Adobe Photoshop CS2
«{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}»=PDF Settings
«{29E5EA97-5F74-4A57-B8B2-D4F169117183}»=Adobe Stock Photos CS3
«{2FFE93F0-BB72-4E52-8761-354D1AAA9387}»=Sony Ericsson PC Suite 3.209.00
«{301CC261-0ECA-448D-8F21-A9D474AB40B4}»=Windows Live Messenger
«{30981FCD-4150-4AB4-BAC5-75C9E914347D}»=Adobe Setup
«{350C9419-3D7C-4EE8-BAA9-00BCB3D54227}»=WebFldrs XP
«{3F4EC965-28EF-45C3-B063-04B25D4E9679}»=WIDCOMM Bluetooth Software
«{438BB9B4-65FE-4626-91D9-A8F57B18001D}»=Bluesoleil2.6.0.8 Release 070517
«{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}»=FontNav
«{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}»=Adobe Setup
«{50AE04E7-DCE6-4304-B65A-9F6C09935CE6}»=Windows Live Toolbar
«{510E9D24-C50A-4401-827E-0B2B0458C625}»=Windows Live Writer
«{51846830-E7B2-4218-8968-B77F0FF475B8}»=Adobe Color EU Extra Settings
«{52B99BCA-6251-498F-88CA-420D31CBC8C7}»=Wacom JustWrite Office
«{54793AA1-5001-42F4-ABB6-C364617C6078}»=Adobe Linguistics CS3
«{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}»=Macromedia Extension Manager
«{583EF20C-4DD0-43B0-8178-F0E8F76BBB09}»=Windows Live Mail
«{5B09BD67-4C99-46A1-8161-B7208CE18121}»=QuickTime
«{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}»=Sony USB Driver
«{60DE4033-9503-48D1-A483-7846BD217CA9}»=ICQ6
«{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}»=Adobe Color NA Extra Settings
«{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}»=Adobe Setup
«{67EDD823-135A-4D59-87BD-950616D6E857}»=EPSON Copy Utility 3
«{6ABE0BEE-D572-4FE8-B434-9E72A289431B}»=Adobe Fonts All
«{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}»=Adobe Color Common Settings
«{6D7B211A-88EA-490c-BAB9-3600D8D7C503}»=ConnectionServices
«{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}»=Adobe Asset Services CS3
«{7299052b-02a4-4627-81f2-1818da5d550d}»=Microsoft Visual C++ 2005 Redistributable
«{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}»=Avanquest update
«{77D2A9D3-5800-43E3-B274-87841BC87DB2}»=Adobe ExtendScript Toolkit 2
«{786C5747-1033-0000-B58E-000000000001}»=Adobe Stock Photos 1.0
«{7B63B2922B174135AFC0E1377DD81EC2}»=DivX Codec
«{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}»=CorelDRAW Graphics Suite X3
«{7F0F5F58-0EE4-4DAB-B5C2-C047A250C696}»=Adobe Setup
«{802771A9-A856-4A41-ACF7-1450E523C923}»=Adobe XMP Panels CS3
«{870F1750-BA89-11DA-A94D-0800200C9A66}_is1″=VSO CopyToDVD 4
«{885A63EA-382B-4DD4-A755-14809B8557D6}»=Macromedia Flash Player 8
«{8ADFC4160D694100B5B8A22DE9DCABD9}»=DivX Player
«{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}»=Adobe Setup
«{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}»=Macromedia Flash 8 Video Encoder
«{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}»=Adobe Device Central CS3
«{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}»=Adobe Type Support
«{8EDBA74D-0686-4C99-BFDD-F894678E5B39}»=Adobe Common File Installer
«{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}»=Logitech Desktop Messenger
«{90110419-6000-11D3-8CFE-0150048383C9}»=Microsoft Office — профессиональный выпуск версии 2003
«{90176341-0A8B-4CCC-A78D-F862228A6B95}»=Adobe Anchor Service CS3
«{90546A9B-9B86-4D8A-B381-EF8D8AAE73E1}»=Extensis Suitcase 9.2
«{91057632-CA70-413C-B628-2D3CDBBB906B}»=Macromedia Flash Player 8 Plugin
«{9233A730-542C-43B5-9A16-6C9EF69281B2}»=Windows Live Toolbar Uzantısı (Windows Live Toolbar)
«{95655ED4-7CA5-46DF-907F-7144877A32E5}»=Adobe Color NA Recommended Settings
«{9C9824D9-9000-4373-A6A5-D0E5D4831394}»=Adobe Bridge CS3
«{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}»=Adobe CMaps
«{A2D81E70-2A98-4A08-A628-94388B063C5E}»=Adobe Color — Photoshop Specific
«{AC76BA86-7AD7-1033-7B44-A81200000003}»=Adobe Reader 8.1.2
«{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}»=Windows Live Oturum Açma Yardımcısı
«{B13A7C41581B411290FBC0395694E2A9}»=DivX Converter
«{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}»=Adobe Camera Raw 4.0
«{B508B3F1-A24A-32C0-B310-85786919EF28}»=Microsoft .NET Framework 2.0 Service Pack 1
«{B7050CBDB2504B34BC2A9CA0A692CC29}»=DivX Web Player
«{B74D4E10-1033-0000-0000-000000000001}»=Adobe Bridge 1.0
«{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}»=Apple Software Update
«{B87B54F6-7CD5-45b2-B873-3F95C558768A}»=BitAccelerator
«{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}»=Adobe Default Language CS3
«{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}»=Adobe Color EU Recommended Settings
«{C1E54885-ABED-4B4D-8D9F-ECC7E379FB9F}»=Sony Ericsson Media Manager 1.0
«{C43048A9-742C-4DAD-90D2-E3B53C9DB825}»=Logitech QuickCam Software
«{C59CEB1E-097E-4603-8B43-EE0D8482897D}»=Vurgu Görüntüleyicisi (Windows Live Toolbar)
«{C94E45B0-6AA6-4FB9-9AAE-22085F631880}»=VBA
«{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}»=Microsoft .NET Framework 1.1
«{D0DFF92A-492E-4C40-B862-A74A173C25C5}»=Adobe Version Cue CS3 Client
«{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}»=Adobe PDF Library Files
«{D92B72E2-C854-4738-8ED6-4C3661CC17AE}»=Adobe Color JA Extra Settings
«{DBEA1034-5882-4A88-8033-81C4EF0CFA29}»=Google Toolbar for Internet Explorer
«{DC226AC9-0314-496C-BE6A-B6A132628466}»=SiSAGP driver
«{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}»=jetAudio Basic
«{E69AE897-9E0B-485C-8552-7841F48D42D8}»=Adobe Update Manager CS3
«{E9787678-1033-0000-8E67-000000000001}»=Adobe Help Center 1.0
«{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}»=LogMeIn
«{F08E8D2E-F132-4742-9C87-D5FF223A016A}»=Adobe Illustrator CS3
«{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}»=Microsoft SQL Server 2005 Compact Edition [ENU]
«{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}»=Update Manager
«{F4D0F248-2BF7-4912-814E-4FD751923838}»=Microsoft .NET Framework 2.0 Language Pack — RUS
«{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}»=ImageMixer VCD2
«{FB08F381-6533-4108-B7DD-039E11FBC27E}»=Realtek AC’97 Audio
«{FD0399AC-A38B-4D4B-8164-D7B73AC24030}»=Adobe Photoshop CS3
«9c9cd3577f7427dd7e3e465ca0f48ed0187731047″=Занимательная наука. Всемирная история
«Adobe Acrobat 5.0″=Adobe Acrobat 5.0
«Adobe Flash Player ActiveX»=Adobe Flash Player ActiveX
«Adobe Photoshop CS2″=Adobe Photoshop CS2
«Adobe Photoshop CS2 — {236BB7C4-4419-42FD-0409-1E257A25E34D}»=Adobe Photoshop CS2
«Adobe Shockwave Player»=Adobe Shockwave Player
«Adobe_0d5fe1f44895aadff2baacf24fe1402″=Adobe Photoshop CS3
«Adobe_3e054d2218e7aa282c2369d939e58ff»=Adobe ExtendScript Toolkit 2
«Adobe_6c8e2cb4fd241c55406016127a6ab2e»=Adobe Color Common Settings
«Adobe_a04a925a57548091300ada368235fc6″=Adobe Illustrator CS3
«Adobe_c6130331409d42b2f62a7cc73ec2c87″=Adobe InDesign CS3
«Advanced Video FX Engine»=Advanced Video FX Engine
«avast!»=avast! Antivirus
«CCleaner»=CCleaner (remove only)
«EPSON Printer and Utilities»=EPSON Printer Software
«EPSON Scanner»=EPSON Scan
«ESCX3700 Руководство пользователя»=ESCX3700 Руководство пользователя
«Fargus_is1″=My Program 1.5
«ffdshow_is1″=ffdshow [rev 1723] [2007-12-24]
«Get Yahoo! Messenger»=Get Yahoo! Messenger
«IDNMitigationAPIs»=Microsoft Internationalized Domain Names Mitigation APIs
«ie7″=Windows Internet Explorer 7
«KLiteCodecPack_is1″=K-Lite Codec Pack 2.25 Basic
«koi_solitaire»=NevoSoft Koi Solitaire (remove only)
«LHTTSENG»=L&H TTS3000 British English
«LingvoSoft Dictionary 2006 (Turkish<->Russian) for Windows»=LingvoSoft Dictionary 2006 (Turkish<->Russian) for Windows
«Logitech Print Service»=Logitech Print Service
«Microsoft .NET Framework 1.1 (1033)»=Microsoft .NET Framework 1.1
«Microsoft .NET Framework 2.0 Language Pack — RUS»=Microsoft .NET Framework 2.0 Language Pack — RUS
«MSCompPackV1″=Microsoft Compression Client Pack 1.0 for Windows XP
«NLSDownlevelMapping»=Microsoft National Language Support Downlevel APIs
«Oyna65″=Oyna65
«PCConfidential_is1″=PC Confidential 2008
«QcDrv»=##CAMERADRIVERNAME##
«Rambler.ru Toolbar»=Rambler-Ассистент
«RegPowerClean_is1″=Winferno Registry Power Cleaner
«Seekeen»=Seekeen 1.0 build 132
«ShockwaveFlash»=Adobe Flash Player 9 ActiveX
«SiS VGA Driver»=SiS VGA Utilities
«SiSLan»=SiS 900 PCI Fast Ethernet Adapter Driver
«SLAMRNTV»=Smart Link 56K Modem
«SopCast»=SopCast 3.0.3
«Tablet Driver»=Планшет
«WIC»=Windows Imaging Component
«Windows Live Toolbar»=Windows Live Toolbar
«Windows Media Format Runtime»=Windows Media Format 11 runtime
«Windows Media Player»=Проигрыватель Windows Media 11
«Windows XP Service Pack»=Windows XP Service Pack 3
«WinRAR archiver»=Архиватор WinRAR
«WinZip»=WinZip
«WMFDist11″=Windows Media Format 11 runtime
«wmp11″=Windows Media Player 11
«Wudf01000″=Microsoft User-Mode Driver Framework Feature Pack 1.0
«YInstHelper»=Yahoo! Install Manager
«Англо-русский тренажер 2.3″=Англо-русский тренажер 2.3
«Библиотека звуков»=Библиотека звуков========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent»=µTorrent========== HKEY_USERS Uninstall List ==========
[HKEY_USERSS-1-5-21-1343024091-413027322-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent»=µTorrent========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error — 21.11.2007 5:20:22 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://ftp.freenet.de/pub/filepilot/windows/multimedia/video/k-lite_codec_pack/klcodec353s.exe
failed, 0000001E.Error — 22.11.2007 9:01:57 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://nguest43.depositfiles.com/auth-971195743633_87.240.15.25-f45e4f77-606837/2241394/FS43-1/K-Lite_Mega_Codec_Pack___K-Lite_Codec_Pack_3.5.3.rar
failed, 0000001E.Error — 30.11.2007 3:32:08 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:фото2006гиюнь-июль2006готовыеDSC00157.JPG failed, 0000A420.Error — 30.11.2007 3:50:57 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:фото2006гиюнь-июль2006готовыеDSC00157.JPG failed, 0000A420.Error — 02.12.2007 7:30:34 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://download2.vso-software.fr/vsoConvertXtoDVD2_setup.exe failed, 00000026.Error — 06.04.2008 23:59:43 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.Error — 07.04.2008 3:36:46 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function C0000005.Error — 26.07.2008 16:32:06 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
E:DCIM100OLYMPP7260557.JPG failed, 0000001E.Error — 28.09.2008 11:35:33 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:pyrates.exe failed, 0000001E.Error — 11.10.2008 12:15:14 | Computer Name = BD283CD7CD86497 | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
E:пакетчерные.jpg failed, 0000A420.[ Application Events ]
Error — 09.12.2008 12:43:07 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 7.0.6000.16735, модуль unknown,
версия 0.0.0.0, адрес 0x00000005.Error — 11.12.2008 13:39:28 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 7.0.6000.16735, модуль unknown,
версия 0.0.0.0, адрес 0x00000005.Error — 11.12.2008 13:46:38 | Computer Name = BD283CD7CD86497 | Source = Adobe Version Cue CS3 | ID = 3
Description =Error — 11.12.2008 13:46:38 | Computer Name = BD283CD7CD86497 | Source = Adobe Version Cue CS3 | ID = 3
Description =Error — 11.12.2008 14:37:00 | Computer Name = BD283CD7CD86497 | Source = Application Hang | ID = 1002
Description = Зависшее приложение WeFi.exe, версия 3.3.6.3, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.Error — 01.01.2009 5:11:34 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 7.0.6000.16735, модуль ieui.dll,
версия 7.0.5730.13, адрес 0x000061b1.Error — 02.01.2009 12:51:32 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 7.0.6000.16735, модуль unknown,
версия 0.0.0.0, адрес 0x02f13c75.Error — 03.01.2009 17:15:23 | Computer Name = BD283CD7CD86497 | Source = Application Hang | ID = 1002
Description = Зависшее приложение explorer.exe, версия 6.0.2900.5512, зависший модуль
hungapp, версия 0.0.0.0, адрес 0x00000000.Error — 05.01.2009 9:17:41 | Computer Name = BD283CD7CD86497 | Source = Application Hang | ID = 1002
Description = Зависшее приложение JetAudio.exe, версия 7.0.5.3040, зависший модуль
hungapp, версия 0.0.0.0, адрес 0x00000000.Error — 07.01.2009 3:16:58 | Computer Name = BD283CD7CD86497 | Source = Application Error | ID = 1000
Description = Ошибка приложения bluesoleil.exe, версия 2.6.0.8, модуль mfc42.dll,
версия 6.2.4131.0, адрес 0x000011c7.[ System Events ]
Error — 02.01.2009 4:09:19 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262155
Description = Драйвер обнаружил ошибку контроллера DeviceHarddisk1D.Error — 02.01.2009 4:09:21 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262155
Description = Драйвер обнаружил ошибку контроллера DeviceHarddisk1D.Error — 02.01.2009 4:09:22 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262155
Description = Драйвер обнаружил ошибку контроллера DeviceHarddisk1D.Error — 02.01.2009 15:20:05 | Computer Name = BD283CD7CD86497 | Source = Disk | ID = 262151
Description = Неверный блок на устройстве DeviceHarddisk0D.Error — 03.01.2009 3:34:19 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.Error — 04.01.2009 4:58:37 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.Error — 04.01.2009 16:43:13 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.Error — 05.01.2009 3:38:48 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.Error — 06.01.2009 7:26:34 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 79.164.40.244 для сетевого адаптера
с сетевым адресом 0090F549FE1C.Error — 07.01.2009 3:06:18 | Computer Name = BD283CD7CD86497 | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 77.41.51.39 для сетевого адаптера
с сетевым адресом 0090F549FE1C.< End of report >
7 января, 2009 в 4:33 пп #20806Выглядит нормально.
Как работает компьютер ?8 января, 2009 в 6:40 дп #20807Сразу же перестал перескакивать с сайта газеты kp.ru на какой-то seeken и т.д., что меня просто бесило, так что я очнь довольна, спасибо Вам. Правда, я надеялась, что перестанут и бесконечные ссылки на порно выскакивать, и вот это «сайт заблокирован провайдером и т.д.). Я смотрю, тут у многих такие проблемы. Но, может, это не вирусах дело?
9 января, 2009 в 2:09 пп #20808Правда, я надеялась, что перестанут и бесконечные ссылки на порно выскакивать, и вот это «сайт заблокирован провайдером и т.д.). Я смотрю, тут у многих такие проблемы
Эта проблема постоянная? Или только на некоторых сайтах ?
И в каком браузере ?14 января, 2009 в 7:47 дп #20810Простите, сразу не ответила 😳
Я пользуюсь только Explorer. Всякая порнография, в прямом смысле слова, выпрыгивает аж во весь экран, а у меня два мальчишки 😥 Прям стыдно перед ними 😳
Возникают окна практически на каждом сайте. На сайте зайцев.нет выпрыгивает окно «Сайт заблокирован провайдером и т.д.» Ну вот, собственно, в чем наша беда и состоит. 🙁14 января, 2009 в 12:30 пп #20809Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.14 января, 2009 в 5:07 пп #20811Все сделала:
ComboFix 09-01-13.04 — Олеся 2009-01-14 19:56:33.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.1.1049.18.957.485 [GMT 3:00]
Running from: c:documents and settingsОлесяРабочий столComboFix.exeWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:documents and settingsОлесяApplication Datainst.exe
c:documents and settingsAll UsersApplication DataStarware406
c:documents and settingsAll UsersApplication DataStarware406buttons1270_button_1b_def.bmp
c:documents and settingsAll UsersApplication DataStarware406buttons1271_button_1b_def.bmp
c:documents and settingsAll UsersApplication DataStarware406buttons1271_button_1b_over.bmp
c:documents and settingsAll UsersApplication DataStarware406buttonsFindIt.bmp
c:documents and settingsAll UsersApplication DataStarware406buttonsFindItHot.bmp
c:documents and settingsAll UsersApplication DataStarware406buttonsfindithotxp.png
c:documents and settingsAll UsersApplication DataStarware406buttonsfinditxp.png
c:documents and settingsAll UsersApplication DataStarware406buttonslogo.bmp
c:documents and settingsAll UsersApplication DataStarware406buttonslogoxp.bmp
c:documents and settingsAll UsersApplication DataStarware406buttonsWeather.bmp
c:documents and settingsAll UsersApplication DataStarware406buttonsWeatherHot.bmp
c:documents and settingsAll UsersApplication DataStarware406buttonsweatherhotxp.png
c:documents and settingsAll UsersApplication DataStarware406buttonsweatherxp.png
c:documents and settingsAll UsersApplication DataStarware406contextserror.xml
c:documents and settingsAll UsersApplication DataStarware406contextsrelated.xml
c:documents and settingsAll UsersApplication DataStarware406contextstravel.xml
c:program filesautorun.inf
c:program filesStarware406
c:program filesStarware406iconsstar_16.ico
c:program filesStarware406Setup.exe
c:program filesStarware406Starware406Config.xml
c:recycledRecycled
c:windowsa3kebook.ini
c:windowsakebook.ini
c:windowsANS2000.INI
c:windowsDownloaded Program Filessetup.inf
c:windowssystem32Cache.
((((((((((((((((((((((((( Files Created from 2008-12-14 to 2009-01-14 )))))))))))))))))))))))))))))))
.2009-01-14 13:56 . 2009-01-14 13:58 1,374 —a
c:windowsimsins.BAK
2009-01-14 13:28 . 2009-01-14 13:28d
c:program filesCommon FilesAdobe AIR
2009-01-14 13:28 . 2009-01-14 13:28d
c:program filesAdobe Media Player
2009-01-07 18:53 . 2009-01-07 19:23d
c:program filesGameTop.com
2009-01-07 18:53 . 2009-01-07 18:53d
c:documents and settingsОлесяApplication DataEleFun Games
2009-01-07 10:20 . 2009-01-07 10:20d
C:_OTMoveIt.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-14 16:48
d
w c:documents and settingsОлесяApplication DataWTablet
2009-01-14 15:22
d
w c:documents and settingsLocalServiceApplication DataWTablet
2009-01-14 10:41
d
w c:program filesЗакаченное
2009-01-14 09:44
d
w c:documents and settingsОлесяApplication DatauTorrent
2009-01-11 19:51
d
w c:program filesSeekeen
2008-11-30 11:33
d
w c:program filesMacromedia
2008-11-30 11:31
d
w c:program filesCommon FilesMacromedia
2008-11-29 20:07
d
w c:program filesJetAudio
2008-11-29 14:55
d
w c:documents and settingsAll UsersApplication DataWinferno
2008-11-29 14:51
d
w c:program filesFreeze.com
2008-11-29 14:51
d
w c:program filesFree Offers from Freeze.com
2008-11-29 14:51
d
w c:program filesCommon FilesWinferno
2008-11-29 14:50
d
w c:program filesWinferno
2008-10-23 12:42 286,720 —-a-w c:windowssystem32gdi32.dll
2008-10-16 20:33 826,368 —-a-w c:windowssystem32wininet.dll
2008-10-16 11:13 202,776 —-a-w c:windowssystem32wuweb.dll
2008-10-16 11:13 1,809,944 —-a-w c:windowssystem32wuaueng.dll
2008-10-16 11:12 561,688 —-a-w c:windowssystem32wuapi.dll
2008-10-16 11:12 323,608 —-a-w c:windowssystem32wucltui.dll
2008-10-16 11:09 92,696 —-a-w c:windowssystem32cdm.dll
2008-10-16 11:09 51,224 —-a-w c:windowssystem32wuauclt.exe
2008-10-16 11:09 43,544 —-a-w c:windowssystem32wups2.dll
2008-10-16 11:08 34,328 —-a-w c:windowssystem32wups.dll
2008-10-16 11:06 268,648 —-a-w c:windowssystem32mucltui.dll
2008-10-16 11:06 208,744 —-a-w c:windowssystem32muweb.dll
2008-04-25 07:02 6,798,101 —-a-w c:program filesbluesol1614.zip
2008-03-11 09:01 6,900,099 —-a-w c:program filesES.9.2.2.rar
2008-03-07 06:25 280,055 —-a-w c:program filesdotnetfx.exe
2008-03-04 15:28 8,800,942 —-a-w c:program filesideolect-setup.exe
2007-12-02 11:27 47,360
w c:documents and settingsОлесяApplication Datapcouffin.sys
2007-11-20 17:59 3,770,510 —-a-w c:program filesffdshow-rev1620_20071118.zip
2007-11-20 13:10 13,676,952 —-a-w c:program filesinstall_rambler_icq6.exe
2006-02-07 11:22 7,580,628 —-a-w c:program filesExtensis Suitcase 9.2.2.exe
2005-11-13 23:40 72 —-a-w c:program filesLugaRus.Com.url
2005-09-19 15:40 75,264 —-a-w c:program files1049.mst
2005-07-05 02:20 14,289 —-a-r c:program filesbtcusb98.inf
2005-07-05 02:19 14,260 —-a-r c:program filesbtcusb.inf
2005-07-05 02:14 18,863 —-a-r c:program filesbttl.ini
2005-06-09 04:47 417 —-a-r c:program fileslayout.bin
2005-06-09 04:47 37,666 —-a-r c:program filesdata1.hdr
2005-06-09 04:47 2,971,774 —-a-r c:program filesdata2.cab
2005-06-09 04:47 1,369,814 —-a-r c:program filesdata1.cab
2005-05-31 01:17 89,640 —-a-r c:program filesConfig.dat
2005-04-30 07:04 2,440 —-a-r c:program filescopyfile.ini
2004-12-17 10:11 317 —-a-r c:program filesbtav.ini
2004-11-04 04:38 966,130 —-a-r c:program filesbluesoleil.chm
2004-08-04 04:41 3,638 —-a-r c:program filesbluetooth.ico
2003-07-01 08:38 64 —-a-r c:program filesconfig.ini
2002-07-26 05:07 346,602 —-a-r c:program filesikernel.ex_
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINE~Browser Helper Objects{089C252F-A01C-41E7-877B-29C166C27147}]
2007-04-23 13:01 106496 —a
c:windowsDownloaded Program Fileskl_bho.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-04-14 15360]
«LogitechSoftwareUpdate»=»c:program filesLogitechVideoManifestEngine.exe» [2005-06-08 196608]
«swg»=»c:program filesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe» [2008-01-30 171448]
«Sony Ericsson PC Suite»=»c:program filesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe» [2008-02-20 360448]
«ICQ»=»c:program filesICQ6ICQ.exe» [2008-09-01 173304]
«AdobeUpdater»=»c:program filesCommon FilesAdobeUpdater5AdobeUpdater.exe» [2007-02-28 2321600][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«ISUSPM Startup»=»c:program filesCommon FilesInstallShieldUpdateServiceisuspm.exe» [2005-08-11 249856]
«ISUSScheduler»=»c:program filesCommon FilesInstallShieldUpdateServiceissch.exe» [2005-08-11 81920]
«SiS Windows KeyHook»=»c:windowssystem32keyhook.exe» [2005-01-04 28672]
«EPSON Stylus CX3700 Series»=»c:windowsSystem32spoolDRIVERSW32X863E_FATIACP.EXE» [2005-02-08 98304]
«LVCOMSX»=»c:windowssystem32LVCOMSX.EXE» [2005-07-19 221184]
«LogitechVideoRepair»=»c:program filesLogitechVideoISStart.exe» [2005-06-08 458752]
«LogitechVideoTray»=»c:program filesLogitechVideoLogiTray.exe» [2005-06-08 217088]
«SMKRun»=»c:program filesJustWrite OfficeScreenMark.exe» [2007-01-07 118784]
«AVFX Engine»=»c:program filesCreativeCreative Live! CamVideoFXStartFX.exe» [2006-06-09 24576]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«QuickTime Task»=»c:program filesQuickTimeqttask.exe» [2007-10-19 286720]
«LogMeIn GUI»=»c:program filesLogMeInx86LogMeInSystray.exe» [2008-02-28 63048]
«SoundMan»=»SOUNDMAN.EXE» [2006-03-22 c:windowsSOUNDMAN.EXE]
«SiSPower»=»SiSPower.dll» [2006-03-22 c:windowssystem32SiSPower.dll]
«SMcfg»=»smcfg.exe» [2004-11-01 c:windowsSmCfg.exe]
«JWOSetup»=»JWOSetup.exe» [2007-01-09 c:windowsJWOSetup.exe][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-14 15360]c:documents and settingsЋ«Ґбпѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Adobe Media Player.lnk — c:program filesAdobe Media PlayerAdobe Media Player.exe [2009-01-14 261120]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
BlueSoleil.lnk — c:program filesIVT CorporationBlueSoleilBlueSoleil.exe [2007-05-17 661776]
BTTray.lnk — c:program filesWIDCOMMBluetooth SoftwareBTTray.exe [2005-10-09 610365]
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2007-11-27 67128]
Suitcase Startup.lnk — c:program filesExtensisSuitcase 9.2Suitcase.exe [2008-03-11 3153920]
Utility Tray.lnk — c:windowssystem32sistray.exe [2007-11-20 331776]
WinZip Quick Pick.lnk — c:program filesWinZipWZQKPICK.EXE [2007-11-20 118784][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLMIinit]
2008-05-28 11:32 87352 c:windowssystem32LMIinit.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«VIDC.MJPG»= mtkjpeg.dll[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«c:\Program Files\ICQ6\ICQ.exe»=
«c:\Program Files\uTorrent\uTorrent.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\SopCast\adv\SopAdver.exe»=
«c:\Program Files\SopCast\SopCast.exe»=
«c:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe»=
«c:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe»=
«c:\Program Files\Windows Live\Messenger\msnmsgr.exe»=
«c:\Program Files\Windows Live\Messenger\livecall.exe»=R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:windowssystem32driverssfsync03.sys [2005-10-13 35328]
R4 LMIInfo;LogMeIn Kernel Information Provider;c:program filesLogMeInx86rainfo.sys [2008-02-28 12856]
R4 LMIRfsDriver;LogMeIn Remote File System Driver;c:windowssystem32driversLMIRfsDriver.sys [2008-08-18 45848]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:windowssystem32driverss916bus.sys [2008-07-21 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:windowssystem32driverss916mdfl.sys [2008-07-21 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:windowssystem32driverss916mdm.sys [2008-07-21 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:windowssystem32driverss916mgmt.sys [2008-07-21 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:windowssystem32driverss916obex.sys [2008-07-21 100008]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
Contents of the ‘Scheduled Tasks’ folder2009-01-02 c:windowsTasksAppleSoftwareUpdate.job
— c:program filesApple Software UpdateSoftwareUpdate.exe [2007-08-29 13:57]2009-01-14 c:windowsTasksPCConfidential.job
— c:program filesWinfernoPC ConfidentialPCConfidential.exe [2008-04-01 14:10]2009-01-14 c:windowsTasksRegPowerClean.job
— c:program filesWinfernoRegistryPowerCleanerRegPowerClean.exe [2008-10-28 14:48]2009-01-14 c:windowsTasksRPCReminder.job
— c:program filesWinfernoRegistryPowerCleanerRPCReminder.exe [2008-10-28 14:34]
.
— — — — ORPHANS REMOVED — — — —HKCU-Run-LDM — c:program filesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
HKCU-Run-Uniblue RegistryBooster 2009 — c:program filesUniblueRegistryBoosterRegistryBooster.exe
HKCU-Run-ClearHistory — c:program filesClear HistoryClearHistory.exe
HKLM-Run-BVRPLiveUpdate — c:program filesAvanquest updateEngineSetup.exe
HKLM-Run-NevoDRM — c:program filesИгры от NevoSoftNevoDRMNevoDRM.exe.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=40316
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;localhost
IE: c:program filesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
IE: &Translate — http://lingvo.yandex.ru/ie5trans.htm
IE: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
IE: &Windows Live Search — c:program filesWindows Live Toolbarmsntb.dll/search.htm
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
IE: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
IE: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
IE: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
IE: Найти с помощью Рамблера — c:program filesRambler AssistantramblertoolbarU5090.dll/search.htm
IE: Перевести с помощью словарей Рамблера — c:program filesRambler AssistantramblertoolbarU5090.dll/dic.htm
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dllc:windowsDownloaded Program FilesImResCtl.dll — O16 -: {2D4C57AA-54C0-4942-BB2A-51DF0727950B}
hxxp://www.openkremlin.ru/cab/ImResCtl.cab
c:windowsDownloaded Program FilesImResCtl.infc:windowsDownloaded Program Fileskl_bho.dll — c:windowsDownloaded Program Fileskochka.dll
O16 -: {4FC12A7E-AD73-4CCB-89AD-D9832A542C40}
hxxp://kochka.ru/kochka.cab
c:windowsDownloaded Program Fileskochka.inf
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-14 20:02:06
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(844)
c:windowssystem32LMIinit.dll
.
Completion time: 2009-01-14 20:04:57
ComboFix-quarantined-files.txt 2009-01-14 17:04:00Pre-Run: 24,190,574,592 байт свободно
Post-Run: 25,230,831,616 байт свободно228 — E O F — 2009-01-14 11:00:33
15 января, 2009 в 4:20 пп #20812Откройте блокнот (Кликните Пуск, Выполнить, в строке ввода введите notepad и нажмите Enter) и вставьте в него следующий текст:
Registry::
[-HKEY_LOCAL_MACHINE~Browser Helper Objects{089C252F-A01C-41E7-877B-29C166C27147}]
File::
c:windowsDownloaded Program Fileskl_bho.dllЗапишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.
Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.
И конечно-же проверьте InternetExplorer в работе.16 января, 2009 в 10:25 дп #20813ComboFix 09-01-15.01 — Олеся 2009-01-16 13:14:12.3 — NTFSx86
Running from: c:documents and settingsОлесяРабочий столComboFix.exe
Command switches used :: c:documents and settingsОлесяРабочий столCFScript.txtWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
c:windowsDownloaded Program Fileskl_bho.dll
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:windowsDownloaded Program Fileskl_bho.dll
.
((((((((((((((((((((((((( Files Created from 2008-12-16 to 2009-01-16 )))))))))))))))))))))))))))))))
.2009-01-14 22:27 . 2009-01-14 22:30
d
c:windowsLastGood
2009-01-14 13:56 . 2009-01-14 13:58 1,374 —a
c:windowsimsins.BAK
2009-01-14 13:28 . 2009-01-14 13:28d
c:program filesCommon FilesAdobe AIR
2009-01-14 13:28 . 2009-01-14 13:28d
c:program filesAdobe Media Player
2009-01-07 18:53 . 2009-01-07 19:23d
c:program filesGameTop.com
2009-01-07 18:53 . 2009-01-07 18:53d
c:documents and settingsОлесяApplication DataEleFun Games
2009-01-07 18:53 . 2009-01-07 18:53d
c:documents and settingsОлесяApplication DataEleFun Games
2009-01-07 18:53 . 2009-01-07 18:53d
c:documents and settingsОлесяApplication DataEleFun Games
2009-01-07 10:20 . 2009-01-07 10:20d
C:_OTMoveIt.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-16 10:15
d
w c:documents and settingsОлесяApplication DatauTorrent
2009-01-16 10:15
d
w c:documents and settingsОлесяApplication DatauTorrent
2009-01-16 10:15
d
w c:documents and settingsОлесяApplication DatauTorrent
2009-01-14 16:48
d
w c:documents and settingsОлесяApplication DataWTablet
2009-01-14 16:48
d
w c:documents and settingsОлесяApplication DataWTablet
2009-01-14 16:48
d
w c:documents and settingsОлесяApplication DataWTablet
2009-01-14 15:22
d
w c:documents and settingsLocalServiceApplication DataWTablet
2009-01-14 10:41
d
w c:program filesЗакаченное
2009-01-11 19:51
d
w c:program filesSeekeen
2008-11-30 11:33
d
w c:program filesMacromedia
2008-11-30 11:31
d
w c:program filesCommon FilesMacromedia
2008-11-29 20:07
d
w c:program filesJetAudio
2008-11-29 14:55
d
w c:documents and settingsAll UsersApplication DataWinferno
2008-11-29 14:51
d
w c:program filesFreeze.com
2008-11-29 14:51
d
w c:program filesFree Offers from Freeze.com
2008-11-29 14:51
d
w c:program filesCommon FilesWinferno
2008-11-29 14:50
d
w c:program filesWinferno
2008-10-23 12:42 286,720 —-a-w c:windowssystem32gdi32.dll
2008-10-16 20:33 826,368 —-a-w c:windowssystem32wininet.dll
2008-10-16 11:13 202,776 —-a-w c:windowssystem32wuweb.dll
2008-10-16 11:13 1,809,944 —-a-w c:windowssystem32wuaueng.dll
2008-10-16 11:12 561,688 —-a-w c:windowssystem32wuapi.dll
2008-10-16 11:12 323,608 —-a-w c:windowssystem32wucltui.dll
2008-10-16 11:09 92,696 —-a-w c:windowssystem32cdm.dll
2008-10-16 11:09 51,224 —-a-w c:windowssystem32wuauclt.exe
2008-10-16 11:09 43,544 —-a-w c:windowssystem32wups2.dll
2008-10-16 11:08 34,328 —-a-w c:windowssystem32wups.dll
2008-10-16 11:06 268,648 —-a-w c:windowssystem32mucltui.dll
2008-10-16 11:06 208,744 —-a-w c:windowssystem32muweb.dll
2008-04-25 07:02 6,798,101 —-a-w c:program filesbluesol1614.zip
2008-03-11 09:01 6,900,099 —-a-w c:program filesES.9.2.2.rar
2008-03-07 06:25 280,055 —-a-w c:program filesdotnetfx.exe
2008-03-04 15:28 8,800,942 —-a-w c:program filesideolect-setup.exe
2007-12-02 11:27 47,360
w c:documents and settingsОлесяApplication Datapcouffin.sys
2007-12-02 11:27 47,360
w c:documents and settingsОлесяApplication Datapcouffin.sys
2007-12-02 11:27 47,360
w c:documents and settingsОлесяApplication Datapcouffin.sys
2007-11-20 17:59 3,770,510 —-a-w c:program filesffdshow-rev1620_20071118.zip
2007-11-20 13:10 13,676,952 —-a-w c:program filesinstall_rambler_icq6.exe
2006-02-07 11:22 7,580,628 —-a-w c:program filesExtensis Suitcase 9.2.2.exe
2005-11-13 23:40 72 —-a-w c:program filesLugaRus.Com.url
2005-09-19 15:40 75,264 —-a-w c:program files1049.mst
2005-07-05 02:20 14,289 —-a-r c:program filesbtcusb98.inf
2005-07-05 02:19 14,260 —-a-r c:program filesbtcusb.inf
2005-07-05 02:14 18,863 —-a-r c:program filesbttl.ini
2005-06-09 04:47 417 —-a-r c:program fileslayout.bin
2005-06-09 04:47 37,666 —-a-r c:program filesdata1.hdr
2005-06-09 04:47 2,971,774 —-a-r c:program filesdata2.cab
2005-06-09 04:47 1,369,814 —-a-r c:program filesdata1.cab
2005-05-31 01:17 89,640 —-a-r c:program filesConfig.dat
2005-04-30 07:04 2,440 —-a-r c:program filescopyfile.ini
2004-12-17 10:11 317 —-a-r c:program filesbtav.ini
2004-11-04 04:38 966,130 —-a-r c:program filesbluesoleil.chm
2004-08-04 04:41 3,638 —-a-r c:program filesbluetooth.ico
2003-07-01 08:38 64 —-a-r c:program filesconfig.ini
2002-07-26 05:07 346,602 —-a-r c:program filesikernel.ex_
.((((((((((((((((((((((((((((( snapshot@2009-01-14_20.02.42.67 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-15 10:22:00 112,016 —-a-w c:windowsLastGoodsystem32MacromedDownloadDownload.dll
+ 2008-09-15 10:22:00 59,719 —-a-w c:windowsLastGoodsystem32MacromedDownloadInstall.exe
+ 2008-09-15 10:22:00 112,016 —-a-w c:windowssystem32MacromedDownloadDownload.dll
+ 2008-09-15 20:21:58 67,984 —-a-w c:windowssystem32MacromedDownloadDownload.exe
+ 2008-09-15 10:22:00 59,719 —-a-w c:windowssystem32MacromedDownloadInstall.exe
— 2009-01-14 10:26:13 89,102 —-a-w c:windowssystem32MacromedFlashuninstall_activeX.exe
+ 2009-01-14 19:30:30 89,102 —-a-w c:windowssystem32MacromedFlashuninstall_activeX.exe
— 2009-01-14 10:42:09 84,661 —-a-w c:windowssystem32MacromedFlashuninstall_plugin.exe
+ 2009-01-14 19:55:42 84,661 —-a-w c:windowssystem32MacromedFlashuninstall_plugin.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-04-14 15360]
«LogitechSoftwareUpdate»=»c:program filesLogitechVideoManifestEngine.exe» [2005-06-08 196608]
«swg»=»c:program filesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe» [2008-01-30 171448]
«Sony Ericsson PC Suite»=»c:program filesSony EricssonSony Ericsson PC SuiteSEPCSuite.exe» [2008-02-20 360448]
«ICQ»=»c:program filesICQ6ICQ.exe» [2008-09-01 173304]
«AdobeUpdater»=»c:program filesCommon FilesAdobeUpdater5AdobeUpdater.exe» [2007-02-28 2321600][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«ISUSPM Startup»=»c:program filesCommon FilesInstallShieldUpdateServiceisuspm.exe» [2005-08-11 249856]
«ISUSScheduler»=»c:program filesCommon FilesInstallShieldUpdateServiceissch.exe» [2005-08-11 81920]
«SiS Windows KeyHook»=»c:windowssystem32keyhook.exe» [2005-01-04 28672]
«EPSON Stylus CX3700 Series»=»c:windowsSystem32spoolDRIVERSW32X863E_FATIACP.EXE» [2005-02-08 98304]
«LVCOMSX»=»c:windowssystem32LVCOMSX.EXE» [2005-07-19 221184]
«LogitechVideoRepair»=»c:program filesLogitechVideoISStart.exe» [2005-06-08 458752]
«LogitechVideoTray»=»c:program filesLogitechVideoLogiTray.exe» [2005-06-08 217088]
«SMKRun»=»c:program filesJustWrite OfficeScreenMark.exe» [2007-01-07 118784]
«AVFX Engine»=»c:program filesCreativeCreative Live! CamVideoFXStartFX.exe» [2006-06-09 24576]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«QuickTime Task»=»c:program filesQuickTimeqttask.exe» [2007-10-19 286720]
«LogMeIn GUI»=»c:program filesLogMeInx86LogMeInSystray.exe» [2008-02-28 63048]
«SoundMan»=»SOUNDMAN.EXE» [2006-03-22 c:windowsSOUNDMAN.EXE]
«SiSPower»=»SiSPower.dll» [2006-03-22 c:windowssystem32SiSPower.dll]
«SMcfg»=»smcfg.exe» [2004-11-01 c:windowsSmCfg.exe]
«JWOSetup»=»JWOSetup.exe» [2007-01-09 c:windowsJWOSetup.exe][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-14 15360]c:documents and settingsЋ«Ґбпѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Adobe Media Player.lnk — c:program filesAdobe Media PlayerAdobe Media Player.exe [2009-01-14 261120]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
BlueSoleil.lnk — c:program filesIVT CorporationBlueSoleilBlueSoleil.exe [2007-05-17 661776]
BTTray.lnk — c:program filesWIDCOMMBluetooth SoftwareBTTray.exe [2005-10-09 610365]
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2007-11-27 67128]
Suitcase Startup.lnk — c:program filesExtensisSuitcase 9.2Suitcase.exe [2008-03-11 3153920]
Utility Tray.lnk — c:windowssystem32sistray.exe [2007-11-20 331776]
WinZip Quick Pick.lnk — c:program filesWinZipWZQKPICK.EXE [2007-11-20 118784][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLMIinit]
2008-05-28 11:32 87352 c:windowssystem32LMIinit.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«VIDC.MJPG»= mtkjpeg.dll[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«c:\Program Files\ICQ6\ICQ.exe»=
«c:\Program Files\uTorrent\uTorrent.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\SopCast\adv\SopAdver.exe»=
«c:\Program Files\SopCast\SopCast.exe»=
«c:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe»=
«c:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe»=
«c:\Program Files\Windows Live\Messenger\msnmsgr.exe»=
«c:\Program Files\Windows Live\Messenger\livecall.exe»=R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:windowssystem32driverssfsync03.sys [2005-10-13 35328]
R4 LMIInfo;LogMeIn Kernel Information Provider;c:program filesLogMeInx86rainfo.sys [2008-02-28 12856]
R4 LMIRfsDriver;LogMeIn Remote File System Driver;c:windowssystem32driversLMIRfsDriver.sys [2008-08-18 45848]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:windowssystem32driverss916bus.sys [2008-07-21 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:windowssystem32driverss916mdfl.sys [2008-07-21 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:windowssystem32driverss916mdm.sys [2008-07-21 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:windowssystem32driverss916mgmt.sys [2008-07-21 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:windowssystem32driverss916obex.sys [2008-07-21 100008]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]— Other Services/Drivers In Memory —
*Deregistered* — usnjsvc
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{8ccc9ad9-9759-11dc-93df-0090f549fe1c}]
ShellAutoRuncommand — jun.exe
Shellexplorecommand — jun.exe
Shellopencommand — jun.exe
.
Contents of the ‘Scheduled Tasks’ folder2009-01-02 c:windowsTasksAppleSoftwareUpdate.job
— c:program filesApple Software UpdateSoftwareUpdate.exe [2007-08-29 13:57]2009-01-14 c:windowsTasksPCConfidential.job
— c:program filesWinfernoPC ConfidentialPCConfidential.exe [2008-04-01 14:10]2009-01-14 c:windowsTasksRegPowerClean.job
— c:program filesWinfernoRegistryPowerCleanerRegPowerClean.exe [2008-10-28 14:48]2009-01-14 c:windowsTasksRPCReminder.job
— c:program filesWinfernoRegistryPowerCleanerRPCReminder.exe [2008-10-28 14:34]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=40316
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;localhost
IE: c:program filesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
IE: &Translate — http://lingvo.yandex.ru/ie5trans.htm
IE: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
IE: &Windows Live Search — c:program filesWindows Live Toolbarmsntb.dll/search.htm
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
IE: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
IE: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
IE: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
IE: Найти с помощью Рамблера — c:program filesRambler AssistantramblertoolbarU5090.dll/search.htm
IE: Перевести с помощью словарей Рамблера — c:program filesRambler AssistantramblertoolbarU5090.dll/dic.htm
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dllc:windowsDownloaded Program FilesImResCtl.dll — O16 -: {2D4C57AA-54C0-4942-BB2A-51DF0727950B}
hxxp://www.openkremlin.ru/cab/ImResCtl.cab
c:windowsDownloaded Program FilesImResCtl.infc:windowsDownloaded Program Fileskl_bho.dll — c:windowsDownloaded Program Fileskochka.dll
O16 -: {4FC12A7E-AD73-4CCB-89AD-D9832A542C40}
hxxp://kochka.ru/kochka.cab
c:windowsDownloaded Program Fileskochka.inf
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-16 13:19:42
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(844)
c:windowssystem32LMIinit.dll
c:windowssystem32LMIRfsClientNP.dll
.
Completion time: 2009-01-16 13:22:41
ComboFix-quarantined-files.txt 2009-01-16 10:21:38
ComboFix2.txt 2009-01-14 17:04:58Pre-Run: 21 329 960 960 байт свободно
Post-Run: 21,466,611,712 байт свободно223 — E O F — 2009-01-14 11:00:33
-
АвторСообщения
- Для ответа в этой теме необходимо авторизоваться.