tintinyproxyy троян?

[jorjik]

После удаления ANTIVIRUS2009 в Program Files оразовалась папка tintinyproxyy tinyproxy.exe.Эта дрянь не удаляется и мой антивирус на неё никак не реагирует. Посоветуйте пожалуйста что предпринять?

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Скачайте сканер RSIT кликнув по этой ссылке и сохраните файл на вашем рабочем столе.

Дважды кликните по скачанному файлу.
Кликните по кнопке Continue.
Когда программа закончит работу, будут показаны два лога (log.txt и info.txt).

Вставьте оба RSIT лога в ваш ответ. Каждый лог в отдельное сообщение.

[jorjik]

Здравствуйте!Я скачал RSIT и вот логи:

[Admin]

Судя по логам на вашем компьютере ещё осталось несколько троянов, включая autorun.inf троян.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов. Отключите ваш антивирус. Скачайте и запустите Flash_Disinfector, не забудьте при этом по требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации. Запускайте программу столько раз, сколько нужно чтобы очистить все ваши подключаемые диски.

Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.

:Processes

explorer.exe



:services

gdi32

aqqncj55



:reg

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]

"lphcgg2j0ev7a"=-

"in3"=-



[-HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregVVSN]

[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWinCtrl32]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{3819ac78-b630-11dd-a760-001d609a4dce}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676e-beb9-11dc-bff9-806d6172696f}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676f-beb9-11dc-bff9-806d6172696f}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde6770-beb9-11dc-bff9-806d6172696f}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c49058fa-9833-11dd-a71f-001d609a4dce}]



:files

C:WINDOWSsystem32driversgdi32.sys []

%ProgramFiles%tintinyproxyytinyproxy.exe

C:WINDOWStasksAt1.job

C:WINDOWStasksAt10.job

C:WINDOWStasksAt11.job

C:WINDOWStasksAt12.job

C:WINDOWStasksAt13.job

C:WINDOWStasksAt14.job

C:WINDOWStasksAt15.job

C:WINDOWStasksAt16.job

C:WINDOWStasksAt17.job

C:WINDOWStasksAt18.job

C:WINDOWStasksAt19.job

C:WINDOWStasksAt2.job

C:WINDOWStasksAt20.job

C:WINDOWStasksAt21.job

C:WINDOWStasksAt22.job

C:WINDOWStasksAt23.job

C:WINDOWStasksAt24.job

C:WINDOWStasksAt25.job

C:WINDOWStasksAt26.job

C:WINDOWStasksAt27.job

C:WINDOWStasksAt28.job

C:WINDOWStasksAt29.job

C:WINDOWStasksAt3.job

C:WINDOWStasksAt30.job

C:WINDOWStasksAt31.job

C:WINDOWStasksAt32.job

C:WINDOWStasksAt33.job

C:WINDOWStasksAt34.job

C:WINDOWStasksAt35.job

C:WINDOWStasksAt36.job

C:WINDOWStasksAt37.job

C:WINDOWStasksAt38.job

C:WINDOWStasksAt39.job

C:WINDOWStasksAt4.job

C:WINDOWStasksAt40.job

C:WINDOWStasksAt41.job

C:WINDOWStasksAt42.job

C:WINDOWStasksAt43.job

C:WINDOWStasksAt44.job

C:WINDOWStasksAt45.job

C:WINDOWStasksAt46.job

C:WINDOWStasksAt47.job

C:WINDOWStasksAt48.job

C:WINDOWStasksAt5.job

C:WINDOWStasksAt6.job

C:WINDOWStasksAt7.job

C:WINDOWStasksAt8.job

C:WINDOWStasksAt9.job



:Commands

[emptytemp]

[start explorer]

[Reboot]

Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Так же приложите к вашему ответу свежий RSIT лог, причём не присоединяйте лог, а вставьте его содержимое в ваше сообщение.

[jorjik]

Здравствуйте Валерий!Сделал всё как Вы просили.Вот логи: ========== PROCESSES ==========
Process explorer.exe killed successfully.
Unable to kill process: :services
Unable to kill process: gdi32
Unable to kill process: aqqncj55
Unable to kill process: :reg
Unable to kill process: [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
Unable to kill process: «lphcgg2j0ev7a»=-
Unable to kill process: «in3″=-
Unable to kill process: [-HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregVVSN]
Unable to kill process: [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWinCtrl32]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{3819ac78-b630-11dd-a760-001d609a4dce}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676e-beb9-11dc-bff9-806d6172696f}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676f-beb9-11dc-bff9-806d6172696f}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde6770-beb9-11dc-bff9-806d6172696f}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c49058fa-9833-11dd-a71f-001d609a4dce}]
Unable to kill process: :files
Unable to kill process: C:WINDOWSsystem32driversgdi32.sys []
Unable to kill process: %ProgramFiles%tintinyproxyytinyproxy.exe
Unable to kill process: C:WINDOWStasksAt1.job
Unable to kill process: C:WINDOWStasksAt10.job
Unable to kill process: C:WINDOWStasksAt11.job
Unable to kill process: C:WINDOWStasksAt12.job
Unable to kill process: C:WINDOWStasksAt13.job
Unable to kill process: C:WINDOWStasksAt14.job
Unable to kill process: C:WINDOWStasksAt15.job
Unable to kill process: C:WINDOWStasksAt16.job
Unable to kill process: C:WINDOWStasksAt17.job
Unable to kill process: C:WINDOWStasksAt18.job
Unable to kill process: C:WINDOWStasksAt19.job
Unable to kill process: C:WINDOWStasksAt2.job
Unable to kill process: C:WINDOWStasksAt20.job
Unable to kill process: C:WINDOWStasksAt21.job
Unable to kill process: C:WINDOWStasksAt22.job
Unable to kill process: C:WINDOWStasksAt23.job
Unable to kill process: C:WINDOWStasksAt24.job
Unable to kill process: C:WINDOWStasksAt25.job
Unable to kill process: C:WINDOWStasksAt26.job
Unable to kill process: C:WINDOWStasksAt27.job
Unable to kill process: C:WINDOWStasksAt28.job
Unable to kill process: C:WINDOWStasksAt29.job
Unable to kill process: C:WINDOWStasksAt3.job
Unable to kill process: C:WINDOWStasksAt30.job
Unable to kill process: C:WINDOWStasksAt31.job
Unable to kill process: C:WINDOWStasksAt32.job
Unable to kill process: C:WINDOWStasksAt33.job
Unable to kill process: C:WINDOWStasksAt34.job
Unable to kill process: C:WINDOWStasksAt35.job
Unable to kill process: C:WINDOWStasksAt36.job
Unable to kill process: C:WINDOWStasksAt37.job
Unable to kill process: C:WINDOWStasksAt38.job
Unable to kill process: C:WINDOWStasksAt39.job
Unable to kill process: C:WINDOWStasksAt4.job
Unable to kill process: C:WINDOWStasksAt40.job
Unable to kill process: C:WINDOWStasksAt41.job
Unable to kill process: C:WINDOWStasksAt42.job
Unable to kill process: C:WINDOWStasksAt43.job
Unable to kill process: C:WINDOWStasksAt44.job
Unable to kill process: C:WINDOWStasksAt45.job
Unable to kill process: C:WINDOWStasksAt46.job
Unable to kill process: C:WINDOWStasksAt47.job
Unable to kill process: C:WINDOWStasksAt48.job
Unable to kill process: C:WINDOWStasksAt5.job
Unable to kill process: C:WINDOWStasksAt6.job
Unable to kill process: C:WINDOWStasksAt7.job
Unable to kill process: C:WINDOWStasksAt8.job
Unable to kill process: C:WINDOWStasksAt9.job
Unable to kill process: :Commands
Unable to kill process: [emptytemp]
Unable to kill process: [start explorer]
Unable to kill process: [Reboot]

OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02112009_214417
и свежий Rsit лог:Logfile of random’s system information tool 1.05 (written by random/random)
Run by User at 2009-02-11 21:56:48
Microsoft Windows XP Professional Service Pack 2
System drive C: has 145 GB (76%) free of 191 GB
Total RAM: 1023 MB (65% free)

HijackThis download failed

======Scheduled tasks folder======

C:WINDOWStasksAt1.job
C:WINDOWStasksAt10.job
C:WINDOWStasksAt11.job
C:WINDOWStasksAt12.job
C:WINDOWStasksAt13.job
C:WINDOWStasksAt14.job
C:WINDOWStasksAt15.job
C:WINDOWStasksAt16.job
C:WINDOWStasksAt17.job
C:WINDOWStasksAt18.job
C:WINDOWStasksAt19.job
C:WINDOWStasksAt2.job
C:WINDOWStasksAt20.job
C:WINDOWStasksAt21.job
C:WINDOWStasksAt22.job
C:WINDOWStasksAt23.job
C:WINDOWStasksAt24.job
C:WINDOWStasksAt25.job
C:WINDOWStasksAt26.job
C:WINDOWStasksAt27.job
C:WINDOWStasksAt28.job
C:WINDOWStasksAt29.job
C:WINDOWStasksAt3.job
C:WINDOWStasksAt30.job
C:WINDOWStasksAt31.job
C:WINDOWStasksAt32.job
C:WINDOWStasksAt33.job
C:WINDOWStasksAt34.job
C:WINDOWStasksAt35.job
C:WINDOWStasksAt36.job
C:WINDOWStasksAt37.job
C:WINDOWStasksAt38.job
C:WINDOWStasksAt39.job
C:WINDOWStasksAt4.job
C:WINDOWStasksAt40.job
C:WINDOWStasksAt41.job
C:WINDOWStasksAt42.job
C:WINDOWStasksAt43.job
C:WINDOWStasksAt44.job
C:WINDOWStasksAt45.job
C:WINDOWStasksAt46.job
C:WINDOWStasksAt47.job
C:WINDOWStasksAt48.job
C:WINDOWStasksAt5.job
C:WINDOWStasksAt6.job
C:WINDOWStasksAt7.job
C:WINDOWStasksAt8.job
C:WINDOWStasksAt9.job
C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-776561741-1202660629-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2008-09-23 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-11-04 657904]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-06-19 2427968]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]
«snp2std»=C:WINDOWSvsnp2std.exe [2006-09-15 675840]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«lphcgg2j0ev7a»=C:WINDOWSsystem32lphcgg2j0ev7a.exe []
«in3″=C:WINDOWSTemp.tt8.tmp.exe /CR=44EC2F7153ED5CB7C3D95BB12E9FB9A40311B3CA8C6CD4334A264174AF45F61EEB4BCDB987EFD75B81454C50FBB29A7A8197ADE6F0F2D3245E8C17C22418300045F5AF4AC7546A6BFD2722F37B290FD7290B9C []
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2009-01-27 1601304]
«High Defination Audio»=C:WINDOWSHDaudio.exe []
«UserFaultCheck»=C:WINDOWSsystem32dumprep 0 -u []

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-07-23 68856]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«Google Update»=C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-01-20 133104]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcoholAutomount]
C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-07-02 220544]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregASUSGamerOSD]
C:Program FilesASUSGamerOSDGamerOSD.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
C:Program FilesDAEMON Toolsdaemon.exe [2005-11-09 128920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
C:Program FilesCommon FilesACD SystemsENDevDetect.exe [2003-09-17 212992]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLvagent.exe [2004-10-09 110592]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryTutor.exe [2004-10-09 1159168]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINDOWSsystem32NvMcTray.dll [2007-09-16 81920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2007-03-21 16126464]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregsnp2std]
C:WINDOWSvsnp2std.exe [2006-09-15 675840]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregVVSN]
C:Program FilesVVSNVVSN.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
C:PROGRA~1MEDIAK~1MagicKey.exe [2003-12-31 159744]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:PROGRA~1MICROS~2Office10OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2
«wscsvc»=2

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWinCtrl32]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«NoDispBackgroundPage»=1
«NoDispScrSavPage»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:GamesMedal of Honor PAmohpa.exe»=»C:GamesMedal of Honor PAmohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»
«C:GamesMedal of Honor AAMOHAA.exe»=»C:GamesMedal of Honor AAMOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)»
«C:WINDOWSsystem32hucq.exe»=»C:WINDOWSsystem32hucq.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserttm.exe»=»C:Documents and SettingsUserttm.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32naip.exe»=»C:WINDOWSsystem32naip.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserketnug.exe»=»C:Documents and SettingsUserketnug.exe:*:Enabled:ENABLE»
«C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe»=»C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe:*:Enabled:Программа установки Антивируса Касперского 7.0»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe»=»C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe:*:Enabled:FlatOut2»
«C:Program FilesAVGAVG8avgemc.exe»=»C:Program FilesAVGAVG8avgemc.exe:*:Enabled:avgemc.exe»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:WINDOWSHDaudio.exe»=»C:WINDOWSHDaudio.exe:*:Enabled:Explorer»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{3819ac78-b630-11dd-a760-001d609a4dce}]
shellAutoPlaycommand — H:USBFlash.exe
shellAutoRuncommand — H:USBFlash.exe
shellExplorecommand — H:USBFlash.exe
shellOpencommand — H:USBFlash.exe
shellScancommand — H:

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde6770-beb9-11dc-bff9-806d6172696f}]
shellAutoRuncommand — E:.BinAssetup.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c49058fa-9833-11dd-a71f-001d609a4dce}]
shellAutoRuncommand — H:bo1dhu.bat
shellexplorecommand — H:bo1dhu.bat
shellopencommand — H:bo1dhu.bat

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-02-11 21:56:48 —-D—- C:rsit
2009-02-11 21:44:17 —-D—- C:_OTMoveIt
2009-02-09 15:41:31 —-D—- C:Program Filestrend micro

======List of files/folders modified in the last 1 months======

2009-02-11 21:53:03 —-D—- C:Program FilesMozilla Firefox
2009-02-11 21:50:44 —-D—- C:WINDOWSTemp
2009-02-11 21:49:06 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-11 21:42:22 —-D—- C:WINDOWSPrefetch
2009-02-11 19:10:43 —-A—- C:WINDOWSNeroDigital.ini
2009-02-11 18:11:52 —-D—- C:WINDOWSMinidump
2009-02-11 18:11:52 —-D—- C:WINDOWS
2009-02-10 23:20:46 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-02-10 22:27:45 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle Updater
2009-02-10 20:53:27 —-HD—- C:$AVG8.VAULT$
2009-02-10 18:02:43 —-D—- C:Documents and SettingsUserApplication DataskypePM
2009-02-09 15:41:31 —-RD—- C:Program Files
2009-02-08 15:55:45 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-08 12:22:29 —-HD—- C:WINDOWSinf
2009-02-07 13:01:20 —-D—- C:WINDOWSAlbum
2009-02-05 13:18:27 —-D—- C:WINDOWSsystem32drivers
2009-02-04 11:54:47 —-SHD—- C:System Volume Information
2009-02-04 11:54:47 —-D—- C:WINDOWSsystem32Restore
2009-01-27 15:35:31 —-D—- C:WINDOWSsystem32
2009-01-27 15:33:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2009-01-27 15:33:21 —-A—- C:WINDOWSsystem32avgrsstx.dll
2009-01-23 11:02:28 —-SD—- C:WINDOWSTasks
2009-01-19 19:22:23 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-19 19:21:50 —-A—- C:WINDOWSimsins.BAK
2009-01-13 12:43:26 —-D—- C:Documents and SettingsAll UsersApplication DataCrucialSoft Ltd

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2009-01-27 107272]
R1 EIO;EIO; ??C:WINDOWSsystem32driversEIO.sys []
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
R1 kbfilter;Keyboard Filter Driver; C:WINDOWSsystem32driverskbfilter.sys [2002-07-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver; C:WINDOWSsystem32driversUsbFltr.sys [2003-12-29 8576]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:WINDOWSsystem32DRIVERSatl01_xp.sys [2007-03-15 38656]
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2008-05-15 223128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-09-16 6853088]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2006-03-02 9856]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:WINDOWSsystem32DRIVERSsnp2sxp.sys [2007-03-30 12033024]
R3 usbaudio;USB Audio Driver (WDM); C:WINDOWSsystem32driversusbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S1 gdi32;gdi32; ??C:WINDOWSsystem32driversgdi32.sys []
S3 asqppqlr;asqppqlr; C:WINDOWSsystem32driversasqppqlr.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:WINDOWSsystem32driversasusgsb.sys [2007-09-13 12416]
S3 ATE_PROCMON;ATE_PROCMON; ??C:Program FilesAnti Trojan EliteATEPMon.sys []
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 Video3D;ASUS Video3D Service; C:WINDOWSSystem32DriversVideo3D32.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:PROGRA~1AVGAVG8avgemc.exe [2009-01-27 903960]
R2 avg8wd;AVG Free8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2009-01-27 298264]
R2 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-04 168432]
R2 IPSEC Services (PolicyAgent) ;IPSEC Services (PolicyAgent) ; C:Program Filestintinyproxyytinyproxy.exe [2009-01-04 8960]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-09-16 155716]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S2 Google Online Services;Google Online Services; C:Documents and SettingsUserie_updates3r.exe -A []
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]

---

EOF

---

info.txt logfile of random’s system information tool 1.05 2009-02-11 21:56:53

======Uninstall list======

—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 10 Multilingual Dictionary—>MsiExec.exe /I{AA10000A-C75E-487C-88FC-37AA1AACFB60}
ACDSee 6.0 PowerPack—>MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 7.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Attansic Ethernet Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1F698102-5739-441E-96F0-74F4EA540F06}setup.exe» -l0x9 -removeonly
Attansic L1 Gigabit Ethernet Driver—>rundll32.exe C:WINDOWSsystem32AttansicL1atcInst.dll,AtcUninst C:WINDOWSsystem32AttansicL1 x86 1969 1048 L1
AVG Free 8.0—>C:Program FilesAVGAVG8setup.exe /UNINSTALL
Call Of Duty 2—>»C:Program FilesCall Of Duty 2unins000.exe»
Canon MF Toolbox 4.9.1.1.mf02—>MsiExec.exe /I{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}
Canon MF3200 Series—>»C:WINDOWSsystem32CanonMF Uninstaller Information{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76}miscDelDrv.exe» /U:{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76} /L0x0000
Desert Thunder—>C:WINDOWSIsUn0419.exe -f»C:Program FilesDT(rus)Uninst.isu»
Flat Out—>»C:Program FilesBukaFlat Outunins000.exe»
FlatOut2—>»C:Program FilesEmpire InteractiveFlatOut2unins000.exe»
GOM Player—>»C:Program FilesGRETECHGomPlayerUninstall.exe»
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
Hotfix for Windows XP (KB914440)—>»C:WINDOWS$NtUninstallKB914440$spuninstspuninst.exe»
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
Hotfix for Windows XP (KB935448)—>»C:WINDOWS$NtUninstallKB935448$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Internet for Kids—>»C:Program FilesСамоучитель Интернет для детейunins000.exe»
K-Lite Mega Codec Pack 1.42—>»C:Program FilesK-Lite Codec Packunins000.exe»
marvell 61xx—>C:Program FilesMarvell61xxuninst-61xx.exe
Medal of Honor Allied Assault—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0DEA94ED-915A-4834-A87E-388D012C8E02}Setup.exe» -l0x9
Medal of Honor Pacific Assault(tm)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}Setup.exe» -l0x9 -removeonly
Media Key—>C:WINDOWSISUNINST.EXE -f»C:Program FilesMedia Keyuninst.isu» -c»C:Program FilesMedia KeyUnInst.dll»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP Professional with FrontPage—>MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Russian User Interface Pack—>MsiExec.exe /I{901E0419-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows XP for Kids—>»C:Program FilesСамоучитель Microsoft Windows XP для детейunins000.exe»
Moto Racer 3—>C:GamesMOTORA~1UNWISE.EXE C:GamesMOTORA~1INSTALL.LOG
Mozilla Firefox (3.0.6)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSN—>C:Program FilesMSNMsnInstallermsninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Need for Speed Most Wanted—>»C:Program FilesEA GAMESNeed for Speed Most Wantedunins000.exe»
Need For Speed Underground—>C:EAGAME~1NEEDFO~1r{F7F2D~1UNWISE.EXE C:EAGAME~1NEEDFO~1r{F7F2D~1INSTALL.LOG
Nero 7 Essentials—>MsiExec.exe /I{C1E544E5-EF3C-4103-A57B-3A499FD91049}
NVIDIA Drivers—>C:WINDOWSsystem32nvudisp.exe UninstallGUI
Race Driver 3—>C:GamesTRD3unwise.exe
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
Security Update for Windows XP (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB950749)—>»C:WINDOWS$NtUninstallKB950749$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953838)—>»C:WINDOWS$NtUninstallKB953838$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Slim 1320—>C:Program FilesInstallShield Installation Information{393E0058-AE7E-4D6C-BA44-B42B3FE29332}setup.exe -runfromtemp -l0x0019 -removeonly -u
Update for Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Update for Windows XP (KB904942)—>»C:WINDOWS$NtUninstallKB904942$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows XP Hotfix — KB885884—>C:WINDOWS$NtUninstallKB885884$spuninstspuninst.exe
WinRAR archiver—>C:Program FilesWinRARuninstall.exe
XviD MPEG-4 Video Codec—>C:WINDOWSsystem32rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:WINDOWSINFxvid.inf
Занимательная математика—>»C:Program FilesРуссобит-МРазвивайка. Репетитор. Занимательная математикаunins000.exe»
Программа обновлений Google—>»C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe» -uninstall

======Security center information======

AV: AVG AntiiVirus Free

System event log

Computer Name: USER-
Event Code: 7901
Message: Сбой при запуске команды At23.job из-за ошибки
%%2147942402

Record Number: 25829
Source Name: Schedule
Time Written: 20090109220000.000000+240
Event Type: ошибка
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «IMAPI CD-Burning COM Service» перешла в состояние Остановлена.

Record Number: 25828
Source Name: Service Control Manager
Time Written: 20090109211526.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Computer Browser» перешла в состояние Остановлена.

Record Number: 25827
Source Name: Service Control Manager
Time Written: 20090109211526.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Remote Access Connection Manager» перешла в состояние Работает.

Record Number: 25826
Source Name: Service Control Manager
Time Written: 20090109211526.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Application Layer Gateway Service» перешла в состояние Работает.

Record Number: 25825
Source Name: Service Control Manager
Time Written: 20090109211526.000000+240
Event Type: информация
User:

Application event log

Computer Name: USER-
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 3979
Source Name: LightScribeService
Time Written: 20080630172340.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 3978
Source Name: Avg7UpdSvc
Time Written: 20080630172337.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 3977
Source Name: AVGEMS
Time Written: 20080630171811.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 3976
Source Name: LightScribeService
Time Written: 20080630171811.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 3975
Source Name: Avg7UpdSvc
Time Written: 20080630171807.000000+240
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 11, GenuineIntel
«PROCESSOR_REVISION»=0f0b
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

Спасибо большое за всё ,что вы делаете!

[Admin]

Повторите ещё раз инструкции из моего предыдущего сообщения.
Когда вставите текст скрипта в окно OTMoveIt, то проверьте что он выглядит так же как в моём сообщении, если есть пробелы слева, то удалите их.

[jorjik]

Здравствуйте Валерий! Сделал как Вы сказали.Логи ниже,появились новые проблемы: не открываются Internet Explorer и Mozilla.Может быть изменились какие-нибудь настройки?========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service gdi32 stopped successfully.
Service gdi32 deleted successfully.
Unable to stop service aqqncj55 .
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\lphcgg2j0ev7a deleted successfully.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\in3 deleted successfully.
Registry key HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregVVSN\ deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWinCtrl32\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{3819ac78-b630-11dd-a760-001d609a4dce}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676e-beb9-11dc-bff9-806d6172696f}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676f-beb9-11dc-bff9-806d6172696f}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde6770-beb9-11dc-bff9-806d6172696f}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c49058fa-9833-11dd-a71f-001d609a4dce}\ deleted successfully.
========== FILES ==========
File/Folder C:WINDOWSsystem32driversgdi32.sys [] not found.
C:Program Filestintinyproxyytinyproxy.exe moved successfully.
C:WINDOWStasksAt1.job moved successfully.
C:WINDOWStasksAt10.job moved successfully.
C:WINDOWStasksAt11.job moved successfully.
C:WINDOWStasksAt12.job moved successfully.
C:WINDOWStasksAt13.job moved successfully.
C:WINDOWStasksAt14.job moved successfully.
C:WINDOWStasksAt15.job moved successfully.
C:WINDOWStasksAt16.job moved successfully.
C:WINDOWStasksAt17.job moved successfully.
C:WINDOWStasksAt18.job moved successfully.
C:WINDOWStasksAt19.job moved successfully.
C:WINDOWStasksAt2.job moved successfully.
C:WINDOWStasksAt20.job moved successfully.
C:WINDOWStasksAt21.job moved successfully.
C:WINDOWStasksAt22.job moved successfully.
C:WINDOWStasksAt23.job moved successfully.
C:WINDOWStasksAt24.job moved successfully.
C:WINDOWStasksAt25.job moved successfully.
C:WINDOWStasksAt26.job moved successfully.
C:WINDOWStasksAt27.job moved successfully.
C:WINDOWStasksAt28.job moved successfully.
C:WINDOWStasksAt29.job moved successfully.
C:WINDOWStasksAt3.job moved successfully.
C:WINDOWStasksAt30.job moved successfully.
C:WINDOWStasksAt31.job moved successfully.
C:WINDOWStasksAt32.job moved successfully.
C:WINDOWStasksAt33.job moved successfully.
C:WINDOWStasksAt34.job moved successfully.
C:WINDOWStasksAt35.job moved successfully.
C:WINDOWStasksAt36.job moved successfully.
C:WINDOWStasksAt37.job moved successfully.
C:WINDOWStasksAt38.job moved successfully.
C:WINDOWStasksAt39.job moved successfully.
C:WINDOWStasksAt4.job moved successfully.
C:WINDOWStasksAt40.job moved successfully.
C:WINDOWStasksAt41.job moved successfully.
C:WINDOWStasksAt42.job moved successfully.
C:WINDOWStasksAt43.job moved successfully.
C:WINDOWStasksAt44.job moved successfully.
C:WINDOWStasksAt45.job moved successfully.
C:WINDOWStasksAt46.job moved successfully.
C:WINDOWStasksAt47.job moved successfully.
C:WINDOWStasksAt48.job moved successfully.
C:WINDOWStasksAt5.job moved successfully.
C:WINDOWStasksAt6.job moved successfully.
C:WINDOWStasksAt7.job moved successfully.
C:WINDOWStasksAt8.job moved successfully.
C:WINDOWStasksAt9.job moved successfully.
========== COMMANDS ==========
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02142009_212648
И свежие логи от rsitLogfile of random’s system information tool 1.05 (written by random/random)
Run by User at 2009-02-14 22:48:03
Microsoft Windows XP Professional Service Pack 2
System drive C: has 145 GB (76%) free of 191 GB
Total RAM: 1023 MB (58% free)

HijackThis download failed

======Scheduled tasks folder======

C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-776561741-1202660629-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2008-09-23 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-11-04 657904]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-06-19 2427968]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]
«snp2std»=C:WINDOWSvsnp2std.exe [2006-09-15 675840]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2009-01-27 1601304]
«High Defination Audio»=C:WINDOWSHDaudio.exe []
«UserFaultCheck»=C:WINDOWSsystem32dumprep 0 -u []

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-07-23 68856]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«Google Update»=C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-01-20 133104]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcoholAutomount]
C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-07-02 220544]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregASUSGamerOSD]
C:Program FilesASUSGamerOSDGamerOSD.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
C:Program FilesDAEMON Toolsdaemon.exe [2005-11-09 128920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
C:Program FilesCommon FilesACD SystemsENDevDetect.exe [2003-09-17 212992]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLvagent.exe [2004-10-09 110592]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryTutor.exe [2004-10-09 1159168]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINDOWSsystem32NvMcTray.dll [2007-09-16 81920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2007-03-21 16126464]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregsnp2std]
C:WINDOWSvsnp2std.exe [2006-09-15 675840]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
C:PROGRA~1MEDIAK~1MagicKey.exe [2003-12-31 159744]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:PROGRA~1MICROS~2Office10OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2
«wscsvc»=2

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«NoDispBackgroundPage»=1
«NoDispScrSavPage»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:GamesMedal of Honor PAmohpa.exe»=»C:GamesMedal of Honor PAmohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»
«C:GamesMedal of Honor AAMOHAA.exe»=»C:GamesMedal of Honor AAMOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)»
«C:WINDOWSsystem32hucq.exe»=»C:WINDOWSsystem32hucq.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserttm.exe»=»C:Documents and SettingsUserttm.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32naip.exe»=»C:WINDOWSsystem32naip.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserketnug.exe»=»C:Documents and SettingsUserketnug.exe:*:Enabled:ENABLE»
«C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe»=»C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe:*:Enabled:Программа установки Антивируса Касперского 7.0»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe»=»C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe:*:Enabled:FlatOut2»
«C:Program FilesAVGAVG8avgemc.exe»=»C:Program FilesAVGAVG8avgemc.exe:*:Enabled:avgemc.exe»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:WINDOWSHDaudio.exe»=»C:WINDOWSHDaudio.exe:*:Enabled:Explorer»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-02-14 22:48:03 —-D—- C:rsit
2009-02-14 22:48:03 —-D—- C:Program Filestrend micro
2009-02-14 21:26:48 —-D—- C:_OTMoveIt

======List of files/folders modified in the last 1 months======

2009-02-14 22:48:03 —-RD—- C:Program Files
2009-02-14 22:43:53 —-D—- C:Program FilesMozilla Firefox
2009-02-14 22:43:22 —-D—- C:WINDOWSPrefetch
2009-02-14 22:10:41 —-D—- C:WINDOWSTemp
2009-02-14 22:09:03 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-14 22:08:01 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-02-14 22:06:40 —-D—- C:Documents and SettingsUserApplication DataskypePM
2009-02-14 21:26:48 —-SD—- C:WINDOWSTasks
2009-02-14 12:07:11 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle Updater
2009-02-13 23:00:24 —-A—- C:WINDOWSNeroDigital.ini
2009-02-13 20:37:11 —-D—- C:WINDOWSMinidump
2009-02-13 20:37:11 —-D—- C:WINDOWS
2009-02-13 12:45:15 —-HD—- C:$AVG8.VAULT$
2009-02-08 15:55:45 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-08 12:22:29 —-HD—- C:WINDOWSinf
2009-02-07 13:01:20 —-D—- C:WINDOWSAlbum
2009-02-05 13:18:27 —-D—- C:WINDOWSsystem32drivers
2009-02-04 11:54:47 —-SHD—- C:System Volume Information
2009-02-04 11:54:47 —-D—- C:WINDOWSsystem32Restore
2009-01-27 15:35:31 —-D—- C:WINDOWSsystem32
2009-01-27 15:33:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2009-01-27 15:33:21 —-A—- C:WINDOWSsystem32avgrsstx.dll
2009-01-19 19:22:23 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-19 19:21:50 —-A—- C:WINDOWSimsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2009-01-27 107272]
R1 EIO;EIO; ??C:WINDOWSsystem32driversEIO.sys []
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
R1 kbfilter;Keyboard Filter Driver; C:WINDOWSsystem32driverskbfilter.sys [2002-07-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver; C:WINDOWSsystem32driversUsbFltr.sys [2003-12-29 8576]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:WINDOWSsystem32DRIVERSatl01_xp.sys [2007-03-15 38656]
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2008-05-15 223128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-09-16 6853088]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2006-03-02 9856]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:WINDOWSsystem32DRIVERSsnp2sxp.sys [2007-03-30 12033024]
R3 usbaudio;USB Audio Driver (WDM); C:WINDOWSsystem32driversusbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 a5ip2ohq;a5ip2ohq; C:WINDOWSsystem32driversa5ip2ohq.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:WINDOWSsystem32driversasusgsb.sys [2007-09-13 12416]
S3 ATE_PROCMON;ATE_PROCMON; ??C:Program FilesAnti Trojan EliteATEPMon.sys []
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 Video3D;ASUS Video3D Service; C:WINDOWSSystem32DriversVideo3D32.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:PROGRA~1AVGAVG8avgemc.exe [2009-01-27 903960]
R2 avg8wd;AVG Free8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2009-01-27 298264]
R2 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-04 168432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-09-16 155716]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S2 Google Online Services;Google Online Services; C:Documents and SettingsUserie_updates3r.exe -A []
S2 IPSEC Services (PolicyAgent) ;IPSEC Services (PolicyAgent) ; C:Program Filestintinyproxyytinyproxy.exe []
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]

---

EOF

---

info.txt logfile of random’s system information tool 1.05 2009-02-14 22:48:05

======Uninstall list======

—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 10 Multilingual Dictionary—>MsiExec.exe /I{AA10000A-C75E-487C-88FC-37AA1AACFB60}
ACDSee 6.0 PowerPack—>MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 7.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Attansic Ethernet Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1F698102-5739-441E-96F0-74F4EA540F06}setup.exe» -l0x9 -removeonly
Attansic L1 Gigabit Ethernet Driver—>rundll32.exe C:WINDOWSsystem32AttansicL1atcInst.dll,AtcUninst C:WINDOWSsystem32AttansicL1 x86 1969 1048 L1
AVG Free 8.0—>C:Program FilesAVGAVG8setup.exe /UNINSTALL
Call Of Duty 2—>»C:Program FilesCall Of Duty 2unins000.exe»
Canon MF Toolbox 4.9.1.1.mf02—>MsiExec.exe /I{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}
Canon MF3200 Series—>»C:WINDOWSsystem32CanonMF Uninstaller Information{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76}miscDelDrv.exe» /U:{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76} /L0x0000
Desert Thunder—>C:WINDOWSIsUn0419.exe -f»C:Program FilesDT(rus)Uninst.isu»
Flat Out—>»C:Program FilesBukaFlat Outunins000.exe»
FlatOut2—>»C:Program FilesEmpire InteractiveFlatOut2unins000.exe»
GOM Player—>»C:Program FilesGRETECHGomPlayerUninstall.exe»
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
Hotfix for Windows XP (KB914440)—>»C:WINDOWS$NtUninstallKB914440$spuninstspuninst.exe»
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
Hotfix for Windows XP (KB935448)—>»C:WINDOWS$NtUninstallKB935448$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Internet for Kids—>»C:Program FilesСамоучитель Интернет для детейunins000.exe»
K-Lite Mega Codec Pack 1.42—>»C:Program FilesK-Lite Codec Packunins000.exe»
marvell 61xx—>C:Program FilesMarvell61xxuninst-61xx.exe
Medal of Honor Allied Assault—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0DEA94ED-915A-4834-A87E-388D012C8E02}Setup.exe» -l0x9
Medal of Honor Pacific Assault(tm)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}Setup.exe» -l0x9 -removeonly
Media Key—>C:WINDOWSISUNINST.EXE -f»C:Program FilesMedia Keyuninst.isu» -c»C:Program FilesMedia KeyUnInst.dll»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP Professional with FrontPage—>MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Russian User Interface Pack—>MsiExec.exe /I{901E0419-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows XP for Kids—>»C:Program FilesСамоучитель Microsoft Windows XP для детейunins000.exe»
Moto Racer 3—>C:GamesMOTORA~1UNWISE.EXE C:GamesMOTORA~1INSTALL.LOG
Mozilla Firefox (3.0.1)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSN—>C:Program FilesMSNMsnInstallermsninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Need for Speed Most Wanted—>»C:Program FilesEA GAMESNeed for Speed Most Wantedunins000.exe»
Need For Speed Underground—>C:EAGAME~1NEEDFO~1r{F7F2D~1UNWISE.EXE C:EAGAME~1NEEDFO~1r{F7F2D~1INSTALL.LOG
Nero 7 Essentials—>MsiExec.exe /I{C1E544E5-EF3C-4103-A57B-3A499FD91049}
NVIDIA Drivers—>C:WINDOWSsystem32nvudisp.exe UninstallGUI
Race Driver 3—>C:GamesTRD3unwise.exe
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
Security Update for Windows XP (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB950749)—>»C:WINDOWS$NtUninstallKB950749$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953838)—>»C:WINDOWS$NtUninstallKB953838$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Slim 1320—>C:Program FilesInstallShield Installation Information{393E0058-AE7E-4D6C-BA44-B42B3FE29332}setup.exe -runfromtemp -l0x0019 -removeonly -u
Update for Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Update for Windows XP (KB904942)—>»C:WINDOWS$NtUninstallKB904942$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows XP Hotfix — KB885884—>C:WINDOWS$NtUninstallKB885884$spuninstspuninst.exe
WinRAR archiver—>C:Program FilesWinRARuninstall.exe
XviD MPEG-4 Video Codec—>C:WINDOWSsystem32rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:WINDOWSINFxvid.inf
Занимательная математика—>»C:Program FilesРуссобит-МРазвивайка. Репетитор. Занимательная математикаunins000.exe»
Программа обновлений Google—>»C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe» -uninstall

======Security center information======

AV: AVG Anti-Virus Free

System event log

Computer Name: USER-
Event Code: 7036
Message: Служба «Terminal Services» перешла в состояние Работает.

Record Number: 26185
Source Name: Service Control Manager
Time Written: 20090112112142.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7000
Message: Сбой при запуске службы «Parallel port driver» из-за ошибки
Указанная служба не может быть запущена, поскольку она отключена или все связанные с ней устройства отключены.

Record Number: 26184
Source Name: Service Control Manager
Time Written: 20090112112142.000000+240
Event Type: ошибка
User:

Computer Name: USER-
Event Code: 1007
Message: Компьютер автоматически настроил IP-адрес для сетевого адаптера
с адресом 001D609A4DCE. Используется IP-адрес 169.254.242.178.

Record Number: 26183
Source Name: Dhcp
Time Written: 20090112112112.000000+240
Event Type: предупреждение
User:

Computer Name: USER-
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 26182
Source Name: EventLog
Time Written: 20090112112011.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 26181
Source Name: EventLog
Time Written: 20090112112011.000000+240
Event Type: информация
User:

Application event log

Computer Name: USER-
Event Code: 1
Message:
Record Number: 4046
Source Name: Avg7UpdSvc
Time Written: 20080705110924.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1000
Message: Ошибка приложения skin.exe, версия 2.0.0.0, модуль skin.exe, версия 2.0.0.0, адрес 0x0005268e.

Record Number: 4045
Source Name: Application Error
Time Written: 20080705001046.000000+240
Event Type: ошибка
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 4044
Source Name: AVGEMS
Time Written: 20080704192716.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 4043
Source Name: LightScribeService
Time Written: 20080704192715.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 4042
Source Name: Avg7UpdSvc
Time Written: 20080704192711.000000+240
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 11, GenuineIntel
«PROCESSOR_REVISION»=0f0b
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[Admin]

RSIT лог выглядит нормально, есть ли проблемы с компьютером ?

[jorjik]

Здравствуйте Валерий!Спасибо большое за помощь,компьютер работает как раньше, но не открывается Internet Explorer.Вообще-то я им не особо пользуюсь,хочется узнать в чём может быть причина.

[Admin]

но не открывается Internet Explorer

Что происходит при попытке запуска ?

[jorjik]

У меня Internet Explorer 6.0.При попытке запуска появляется/ Cannot find server/.Я попробовал изменить настройки через Свойства Обозревателя,не получилось.

[Admin]

Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.

[jorjik]

Здравствуйте Валерий!В инструкции использования Combofix есть пункт об отключении антивируса.Как ни старался не отключается! У меня AVG 8.0 FREE. Посоветуйте пожалуйста как это сделать.А нельзя использовать другую программу? Заранее благодарю!

[Admin]

Запустите AVG 8 Control Center, кликнув правой клавишей на иконку AVG 8 на панели задач.
Кликните Tools.
Кликните Advanced.
В левой панели выберите «Resident Shield».
В правой панели отключите «Enable Resident Shield.»

[jorjik]

Уважаемый Валерий! Мне удалось запустить IE!Проблема была в настройках.Я их изменил и он запускается без проблем,вообще система работает отлично.Огромное Вам спасибо!!!Но,к сожалению, есть ещё одна проблема;значки жёсткого диска превратились в непонятные ярлыки.Подобное уже обсуждалось на форуме ( писал viv).Если Вам не трудно, просмотрите пожалуйста эту тему.Можно и мне воспользоваться предложенным вариантом?

[Автор]

Сообщения