Троян и червь

[albash]

Здравствуйте!
Заразил домашний компьютер от рабочего. Два дня Panda и Microsoft Security усиленно что-то лечили, но периодически компьютер требует перезагрузки.
Помогите, пожалуйста.
Заранее спасибо.
Logfile of random’s system information tool 1.08 (written by random/random)
Run by Общий компьютер at 2010-12-02 11:50:02
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 80 GB (55%) free of 145 GB
Total RAM: 2046 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:51:17, on 02.12.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:PROGRAM FILESPANDA SECURITYPANDA INTERNET SECURITY 2010WebProxy.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program FilesRealtekAudioHDARtHDVCpl.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
C:Program FilesEgisTec Egis Software UpdateEgisUpdate.exe
C:Program FilesEgisTecMyWinLocker 3x86mwlDaemon.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
C:Program FilesHewlett-PackardDigital ImagingbinHpqSRmon.exe
C:Program FilesHewlett-PackardHP Software Updatehpwuschd2.exe
C:Program FilesMicrosoft Security Essentialsmsseces.exe
C:Program FilesCommon FilesJavaJava Updatejusched.exe
C:Program FilesMail.RuGuardGuardMailRu.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesPanda SecurityPanda Internet Security 2010PavBckPT.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesMSN ToolbarPlatform6.3.2322.0mswinext.exe
C:Program FilesMicrosoftSearch Enhancement PackSCServerSCServer.exe
C:Program FilesGoogleGoogle ToolbarGoogleToolbarUser_32.exe
C:Windowssystem32MacromedFlashFlashUtil10l_ActiveX.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesPanda SecurityPanda Internet Security 2010ApVxdWin.exe
C:UsersОбщий компьютерDesktopRSIT.exe
C:Program Filestrend microОбщий компьютер.exe
C:Program FilesPanda SecurityPanda Internet Security 2010avciman.exe
C:Windowssystem32SearchFilterHost.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0419&s=1&o=vb32&d=1006&m=aspire_x3810
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://yandex.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0419&s=1&o=vb32&d=1006&m=aspire_x3810
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0419&s=1&o=vb32&d=1006&m=aspire_x3810
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Windows Live ID Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Windows Live Messenger Companion Helper — {9FDDE16B-836F-4806-AB1F-1455CBEFF289} — C:Program FilesWindows LiveCompanioncompanioncore.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.6.5805.1910swg.dll
O2 — BHO: Bing Bar BHO — {d2ce3e00-f94a-4740-988e-03dc2f38c34f} — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: @C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll,-100 — {8dcb7100-df86-4384-8842-8fa844297b3f} — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [IAAnotif] C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
O4 — HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe
O4 — HKLM..Run: [Google Desktop Search] «C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe» /startup
O4 — HKLM..Run: [EgisTecLiveUpdate] «C:Program FilesEgisTec Egis Software UpdateEgisUpdate.exe»
O4 — HKLM..Run: [mwlDaemon] C:Program FilesEgisTecMyWinLocker 3x86mwlDaemon.exe
O4 — HKLM..Run: [APVXDWIN] «C:Program FilesPanda SecurityPanda Internet Security 2010APVXDWIN.EXE» /s
O4 — HKLM..Run: [SCANINICIO] «C:Program FilesPanda SecurityPanda Internet Security 2010Inicio.exe»
O4 — HKLM..Run: [Skytel] C:Program FilesRealtekAudioHDASkytel.exe
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [Share-to-Web Namespace Daemon] C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 — HKLM..Run: [hpqSRMon] C:Program FilesHewlett-PackardDigital ImagingbinhpqSRMon.exe
O4 — HKLM..Run: [HP Software Update] C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [MSSE] «C:Program FilesMicrosoft Security Essentialsmsseces.exe» -hide -runkey
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesCommon FilesJavaJava Updatejusched.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [Adobe ARM] «C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe»
O4 — HKLM..Run: [Guard.Mail.ru.gui] «C:Program FilesMail.RuGuardGuardMailRu.exe» /gui
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe
O4 — HKCU..Run: [Skype] «C:Program FilesSkype\PhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [msnmsgr] «C:Program FilesWindows LiveMessengermsnmsgr.exe» /background
O4 — HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 — HKCU..Run: [PCHDPlayer] C:Program FilespchdPCHDPlayer.exe
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — Global Startup: Монитор АПС-Печать.lnk = H:bp6RSPrintPrintMon.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Google ВикиКомментарии… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 — Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 — {0000036B-C524-4050-81A0-243669A86B9F} — C:Program FilesWindows LiveCompanioncompanioncore.dll
O9 — Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O16 — DPF: {0013C359-980C-4916-B47A-B313DDF56755} (Alfa-Direct Signer Control) — https://www.alfadirect.ru/ADSign/ADCrypto.cab
O16 — DPF: {D27CDB6E-AE6D-91CF-96B8-744553240000} — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O18 — Protocol: wlpg — {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O20 — AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL
O20 — Winlogon Notify: cpcsp — C:Program FilesCrypto ProCSPcpcspi.dll
O22 — SharedTaskScheduler: Component Categories cache daemon — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:Windowssystem32browseui.dll
O23 — Service: BlueSoleil Hid Service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Диспетчер Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) — Google — C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 — Service: Guard.Mail.ru — Unknown owner — C:Program FilesMail.RuGuardGuardMailRu.exe
O23 — Service: Служба Google Update (gupdate) (gupdate) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe
O23 — Service: MyWinLocker Service (MWLService) — EgisTec Inc. — C:Program FilesEgisTecMyWinLocker 3×86\MWLService.exe
O23 — Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) — NewTech InfoSystems, Inc. — C:Program FilesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe
O23 — Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) — NewTech Infosystems, Inc. — C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: Panda Software Controller — Panda Security, S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010PsCtrls.exe
O23 — Service: Panda Function Service (PAVFNSVR) — Unknown owner — C:Program FilesPanda SecurityPanda Internet Security 2010PavFnSvr.exe
O23 — Service: Panda Process Protection Service (PavPrSrv) — Unknown owner — C:Program FilesCommon FilesPanda SecurityPavShldpavprsrv.exe
O23 — Service: Panda On-Access Anti-Malware Service (PAVSRV) — Panda Security, S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010pavsrvx86.exe
O23 — Service: Panda Host Service (PSHost) — Unknown owner — c:program filespanda securitypanda internet security 2010firewallPSHOST.EXE
O23 — Service: Panda IManager Service (PSIMSVC) — Panda Security S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010PsImSvc.exe
O23 — Service: Panda PSK service (PskSvcRetail) — Panda Security, S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010PskSvc.exe
O23 — Service: Start BT in service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilStartSkysolSvc.exe
O23 — Service: Panda TPSrv (TPSrv) — Panda Security, S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010TPSrv.exe
O23 — Service: @C:WindowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) — Корпорация Майкрософт — C:WindowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe

—
End of file — 13291 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksUser_Feed_Synchronization-{40CBA629-AF20-4EA7-B068-C4E5C2E3414E}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2010-11-03 1243320]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper — C:Program FilesWindows LiveCompanioncompanioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-10-25 297648]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.6.5805.1910swg.dll [2010-10-25 843832]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} — @C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll,-100 — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll [2010-09-22 612616]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-10-25 297648]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2010-11-03 1243320]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-21 1008184]
«IAAnotif»=C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe [2008-09-12 182808]
«RtHDVCpl»=C:Program FilesRealtekAudioHDARtHDVCpl.exe [2009-03-10 6957600]
«Google Desktop Search»=C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe [2010-07-25 30192]
«EgisTecLiveUpdate»=C:Program FilesEgisTec Egis Software UpdateEgisUpdate.exe [2008-10-27 199464]
«mwlDaemon»=C:Program FilesEgisTecMyWinLocker 3x86mwlDaemon.exe [2008-10-27 346672]
«APVXDWIN»=C:Program FilesPanda SecurityPanda Internet Security 2010APVXDWIN.EXE [2009-09-25 906496]
«SCANINICIO»=C:Program FilesPanda SecurityPanda Internet Security 2010Inicio.exe [2009-08-12 56064]
«Skytel»=C:Program FilesRealtekAudioHDASkytel.exe [2009-03-10 1833504]
«WinampAgent»=C:Program FilesWinampwinampa.exe []
«Share-to-Web Namespace Daemon»=C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe [2002-04-17 69632]
«hpqSRMon»=C:Program FilesHewlett-PackardDigital ImagingbinhpqSRMon.exe [2008-08-20 150016]
«HP Software Update»=C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe [2008-12-08 54576]
«»= []
«MSSE»=C:Program FilesMicrosoft Security Essentialsmsseces.exe [2010-09-15 1094224]
«SunJavaUpdateSched»=C:Program FilesCommon FilesJavaJava Updatejusched.exe [2010-05-14 248552]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2010-09-23 35760]
«Adobe ARM»=C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2010-09-20 932288]
«Guard.Mail.ru.gui»=C:Program FilesMail.RuGuardGuardMailRu.exe [2010-11-03 992960]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-11-28 68856]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-04-11 1233920]
«Skype»=C:Program FilesSkype\PhoneSkype.exe [2010-03-09 26100520]
«msnmsgr»=C:Program FilesWindows LiveMessengermsnmsgr.exe [2010-09-22 4240760]
«WMPNSCFG»=C:Program FilesWindows Media PlayerWMPNSCFG.exe [2008-01-21 202240]
«PCHDPlayer»=C:Program FilespchdPCHDPlayer.exe []

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Монитор АПС-Печать.lnk — H:bp6RSPrintPrintMon.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLs»=»C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL»

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavldr]
C:Windowssystem32avldr.dll [2008-03-18 58672]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycpcsp]
C:Program FilesCrypto ProCSPcpcspi.dll [2009-07-29 717824]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPskSvcRetail]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalR5BaseSmc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSCardSvr]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaltoken]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMsMpSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkR5BaseSmc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworktoken]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«BindDirectlyToPropertySetStorage»=0

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:PROGRA~1PANDAS~1PANDAI~1PAVSCRIP.EXE «%1» %*
.vbs — open — C:PROGRA~1PANDAS~1PANDAI~1PAVSCRIP.EXE «%1» %*

======List of files/folders created in the last 1 months======

2010-12-02 11:50:04 —-D—- C:Program Filestrend micro
2010-12-02 11:50:02 —-D—- C:rsit
2010-11-18 12:28:44 —-ASH—- C:hiberfil.sys
2010-11-08 21:27:10 —-D—- C:pchd
2010-11-06 12:42:32 —-A—- C:Windowssystem32javaws.exe
2010-11-06 12:42:32 —-A—- C:Windowssystem32javaw.exe
2010-11-06 12:42:32 —-A—- C:Windowssystem32java.exe
2010-11-03 16:55:44 —-D—- C:Program FilesMultiSoft
2010-11-03 16:48:04 —-D—- C:UsersОбщий компьютерAppDataRoamingMedia Player Classic
2010-11-03 16:33:41 —-A—- C:Windowssystem32unrar.dll
2010-11-03 16:33:40 —-A—- C:Windowsavisplitter.ini
2010-11-03 16:33:29 —-A—- C:Windowssystem32yv12vfw.dll
2010-11-03 16:33:29 —-A—- C:Windowssystem32xvidvfw.dll
2010-11-03 16:33:29 —-A—- C:Windowssystem32xvidcore.dll
2010-11-03 16:33:28 —-A—- C:Windowssystem32ff_vfw.dll.manifest
2010-11-03 16:33:28 —-A—- C:Windowssystem32ff_vfw.dll
2010-11-03 16:33:21 —-D—- C:Program FilesK-Lite Codec Pack
2010-11-03 16:30:09 —-D—- C:UsersОбщий компьютерAppDataRoamingMail.Ru

======List of files/folders modified in the last 1 months======

2010-12-02 11:51:17 —-D—- C:WindowsTemp
2010-12-02 11:50:24 —-D—- C:WindowsPrefetch
2010-12-02 11:50:06 —-D—- C:Windowssystem32drivers
2010-12-02 11:50:04 —-D—- C:Program Files
2010-12-02 11:49:23 —-D—- C:Windowssystem32driversetc
2010-12-02 09:53:05 —-D—- C:WindowsSystem32
2010-12-02 09:52:56 —-A—- C:Windowssystem32PerfStringBackup.INI
2010-12-02 09:52:55 —-D—- C:Windowsinf
2010-12-02 09:50:35 —-SHD—- C:System Volume Information
2010-11-30 13:23:21 —-D—- C:Windowssystem32catroot2
2010-11-28 15:15:15 —-D—- C:UsersОбщий компьютерAppDataRoamingSkype
2010-11-28 15:15:04 —-D—- C:UsersОбщий компьютерAppDataRoamingskypePM
2010-11-24 10:59:05 —-D—- C:Windowswinsxs
2010-11-24 10:59:05 —-D—- C:Program FilesInternet Explorer
2010-11-24 09:41:38 —-D—- C:Windowssystem32catroot
2010-11-22 20:37:54 —-AD—- C:ProgramDataTemp
2010-11-20 12:09:46 —-SHD—- C:WindowsInstaller
2010-11-18 12:28:05 —-A—- C:Windowsntbtlog.txt
2010-11-10 11:06:15 —-D—- C:ProgramDataMicrosoft Help
2010-11-10 11:05:42 —-D—- C:Program FilesWindows Mail
2010-11-10 11:00:01 —-A—- C:Windowssystem32mrt.exe
2010-11-06 12:42:28 —-D—- C:Program Filesjava
2010-11-03 17:06:47 —-HD—- C:ProgramData
2010-11-03 17:06:45 —-D—- C:Program FilesWinamp
2010-11-03 16:33:40 —-D—- C:Windows
2010-11-03 16:30:23 —-D—- C:Program FilesMail.Ru

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:WindowsSystem32Driversvbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:WindowsSystem32DriversBTHidMgr.sys [2007-03-05 35600]
R0 iaStor;Intel AHCI Controller; C:Windowssystem32DRIVERSiaStor.sys [2008-09-12 327192]
R0 pavboot;Panda boot driver; C:Windowssystem32Driverspavboot.sys [2009-06-30 28552]
R1 APPFLT;App Filter Plugin; ??C:Windowssystem32DriversAPPFLT.SYS [2009-09-30 75016]
R1 CProCtrl;КриптоПро CSP драйвер; C:Windowssystem32DRIVERSCProCtrl.sys [2009-04-23 54536]
R1 DSAFLT;DSA Filter Plugin; ??C:Windowssystem32DriversDSAFLT.SYS [2009-06-16 53128]
R1 FNETMON;NetMon Filter Plugin; ??C:Windowssystem32Driversfnetmon.SYS [2008-03-28 22072]
R1 IDSFLT;Ids Filter Plugin; ??C:Windowssystem32DriversIDSFLT.SYS [2009-06-16 193800]
R1 MpFilter;Microsoft Malware Protection Driver; C:Windowssystem32DRIVERSMpFilter.sys [2010-03-25 151216]
R1 NETFLTDI;Panda Net Driver [TDI Layer]; ??C:Windowssystem32DriversNETFLTDI.SYS [2009-06-16 159112]
R2 AmFSM;AmFSM; C:Windowssystem32DRIVERSamm8660.sys [2009-08-06 49160]
R2 ComFiltr;Panda Anti-Dialer; ??C:Windowssystem32DRIVERSCOMFiltr.sys [2009-11-28 13880]
R2 mwlPSDFilter;mwlPSDFilter; C:Windowssystem32DRIVERSmwlPSDFilter.sys [2008-10-09 19504]
R2 mwlPSDNServ;mwlPSDNServ; C:Windowssystem32DRIVERSmwlPSDNServ.sys [2008-10-09 16432]
R2 mwlPSDVDisk;mwlPSDVDisk; C:Windowssystem32DRIVERSmwlPSDVDisk.sys [2008-10-09 59952]
R2 PavProc;Panda Process Protection Driver; ??C:Windowssystem32DRIVERSPavProc.sys [2009-06-30 163336]
R3 AvFlt;Antivirus Filter Driver; C:Windowssystem32driversav5flt.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:Windowssystem32DRIVERSblueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:Windowssystem32DRIVERSBlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:Windowssystem32DRIVERSbtnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WindowsSystem32Driversbtcusb.sys [2007-06-24 38920]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:Windowssystem32DRIVERSe1y6032.sys [2008-11-21 220288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2009-03-10 2338720]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:Windowssystem32DRIVERSMpNWMon.sys [2010-03-25 42368]
R3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39; C:Windowssystem32DRIVERSneti1639.sys [2009-09-09 199432]
R3 NTIDrvr;Upper Class Filter Driver; C:Windowssystem32DRIVERSNTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:Windowssystem32driversnvhda32v.sys [2009-05-11 64544]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2010-04-03 11573800]
R3 PavSRK.sys;PavSRK.sys; ??C:Windowssystem32PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys; ??C:Windowssystem32PavTPK.sys []
R3 R5BaseSmc;USB Token Holder Service; C:Windowssystem32DRIVERSsmccard.sys [2010-05-20 14592]
S1 aatksjzf;aatksjzf; ??C:Windowssystem32driversaatksjzf.sys []
S1 abrqfgyd;abrqfgyd; ??C:Windowssystem32driversabrqfgyd.sys []
S1 acbmeiun;acbmeiun; ??C:Windowssystem32driversacbmeiun.sys []
S1 acejoghr;acejoghr; ??C:Windowssystem32driversacejoghr.sys []
S1 acipanif;acipanif; ??C:Windowssystem32driversacipanif.sys []
S1 aeqvvcmr;aeqvvcmr; ??C:Windowssystem32driversaeqvvcmr.sys []
S1 aitmohax;aitmohax; ??C:Windowssystem32driversaitmohax.sys []
S1 alejpbzl;alejpbzl; ??C:Windowssystem32driversalejpbzl.sys []
S1 alpbmjcf;alpbmjcf; ??C:Windowssystem32driversalpbmjcf.sys []
S1 anhtuzog;anhtuzog; ??C:Windowssystem32driversanhtuzog.sys []
S1 aoftixqm;aoftixqm; ??C:Windowssystem32driversaoftixqm.sys []
S1 aotupanc;aotupanc; ??C:Windowssystem32driversaotupanc.sys []
S1 atbexzho;atbexzho; ??C:Windowssystem32driversatbexzho.sys []
S1 atvfxbzn;atvfxbzn; ??C:Windowssystem32driversatvfxbzn.sys []
S1 awxsrvva;awxsrvva; ??C:Windowssystem32driversawxsrvva.sys []
S1 axuuvqef;axuuvqef; ??C:Windowssystem32driversaxuuvqef.sys []
S1 aytplndr;aytplndr; ??C:Windowssystem32driversaytplndr.sys []
S1 azmdbhwx;azmdbhwx; ??C:Windowssystem32driversazmdbhwx.sys []
S1 bbtpsyfr;bbtpsyfr; ??C:Windowssystem32driversbbtpsyfr.sys []
S1 bcidwhou;bcidwhou; ??C:Windowssystem32driversbcidwhou.sys []
S1 bgsmmbsc;bgsmmbsc; ??C:Windowssystem32driversbgsmmbsc.sys []
S1 bqbxdjmt;bqbxdjmt; ??C:Windowssystem32driversbqbxdjmt.sys []
S1 bqhycprx;bqhycprx; ??C:Windowssystem32driversbqhycprx.sys []
S1 brhcvzbf;brhcvzbf; ??C:Windowssystem32driversbrhcvzbf.sys []
S1 bsjaimrf;bsjaimrf; ??C:Windowssystem32driversbsjaimrf.sys []
S1 btjbbssp;btjbbssp; ??C:Windowssystem32driversbtjbbssp.sys []
S1 bubiasay;bubiasay; ??C:Windowssystem32driversbubiasay.sys []
S1 bxrnwnny;bxrnwnny; ??C:Windowssystem32driversbxrnwnny.sys []
S1 byjdvhzh;byjdvhzh; ??C:Windowssystem32driversbyjdvhzh.sys []
S1 bylzosep;bylzosep; ??C:Windowssystem32driversbylzosep.sys []
S1 bymmbyxi;bymmbyxi; ??C:Windowssystem32driversbymmbyxi.sys []
S1 bzqtzjbi;bzqtzjbi; ??C:Windowssystem32driversbzqtzjbi.sys []
S1 cefofiee;cefofiee; ??C:Windowssystem32driverscefofiee.sys []
S1 cfsazvnn;cfsazvnn; ??C:Windowssystem32driverscfsazvnn.sys []
S1 cndlmavp;cndlmavp; ??C:Windowssystem32driverscndlmavp.sys []
S1 coigdlwv;coigdlwv; ??C:Windowssystem32driverscoigdlwv.sys []
S1 cphuhgif;cphuhgif; ??C:Windowssystem32driverscphuhgif.sys []
S1 ctywrpdm;ctywrpdm; ??C:Windowssystem32driversctywrpdm.sys []
S1 cwfalzch;cwfalzch; ??C:Windowssystem32driverscwfalzch.sys []
S1 cxtlmqyh;cxtlmqyh; ??C:Windowssystem32driverscxtlmqyh.sys []
S1 dbmbwhpe;dbmbwhpe; ??C:Windowssystem32driversdbmbwhpe.sys []
S1 ddikyqhp;ddikyqhp; ??C:Windowssystem32driversddikyqhp.sys []
S1 dgxpqedg;dgxpqedg; ??C:Windowssystem32driversdgxpqedg.sys []
S1 dgyqgatp;dgyqgatp; ??C:Windowssystem32driversdgyqgatp.sys []
S1 diaflwqh;diaflwqh; ??C:Windowssystem32driversdiaflwqh.sys []
S1 dkuaflna;dkuaflna; ??C:Windowssystem32driversdkuaflna.sys []
S1 dltxvnqk;dltxvnqk; ??C:Windowssystem32driversdltxvnqk.sys []
S1 dmiulizo;dmiulizo; ??C:Windowssystem32driversdmiulizo.sys []
S1 donzuqdt;donzuqdt; ??C:Windowssystem32driversdonzuqdt.sys []
S1 dujxocev;dujxocev; ??C:Windowssystem32driversdujxocev.sys []
S1 dvwnhqor;dvwnhqor; ??C:Windowssystem32driversdvwnhqor.sys []
S1 eakwgpou;eakwgpou; ??C:Windowssystem32driverseakwgpou.sys []
S1 eevsksml;eevsksml; ??C:Windowssystem32driverseevsksml.sys []
S1 efjjypxs;efjjypxs; ??C:Windowssystem32driversefjjypxs.sys []
S1 efwrpwmu;efwrpwmu; ??C:Windowssystem32driversefwrpwmu.sys []
S1 ehfnlbsq;ehfnlbsq; ??C:Windowssystem32driversehfnlbsq.sys []
S1 eidougqr;eidougqr; ??C:Windowssystem32driverseidougqr.sys []
S1 eilkguuw;eilkguuw; ??C:Windowssystem32driverseilkguuw.sys []
S1 ejkooqsa;ejkooqsa; ??C:Windowssystem32driversejkooqsa.sys []
S1 ekvpogxj;ekvpogxj; ??C:Windowssystem32driversekvpogxj.sys []
S1 ekwztbum;ekwztbum; ??C:Windowssystem32driversekwztbum.sys []
S1 enuoasje;enuoasje; ??C:Windowssystem32driversenuoasje.sys []
S1 eqaqkjim;eqaqkjim; ??C:Windowssystem32driverseqaqkjim.sys []
S1 eqxfonpl;eqxfonpl; ??C:Windowssystem32driverseqxfonpl.sys []
S1 errumlez;errumlez; ??C:Windowssystem32driverserrumlez.sys []
S1 esasovqg;esasovqg; ??C:Windowssystem32driversesasovqg.sys []
S1 esycgabw;esycgabw; ??C:Windowssystem32driversesycgabw.sys []
S1 fcfydytc;fcfydytc; ??C:Windowssystem32driversfcfydytc.sys []
S1 fdbwmcpi;fdbwmcpi; ??C:Windowssystem32driversfdbwmcpi.sys []
S1 fdsdzupx;fdsdzupx; ??C:Windowssystem32driversfdsdzupx.sys []
S1 fgivbtnq;fgivbtnq; ??C:Windowssystem32driversfgivbtnq.sys []
S1 fhllpztt;fhllpztt; ??C:Windowssystem32driversfhllpztt.sys []
S1 fizssudi;fizssudi; ??C:Windowssystem32driversfizssudi.sys []
S1 fngnvxll;fngnvxll; ??C:Windowssystem32driversfngnvxll.sys []
S1 freytfbq;freytfbq; ??C:Windowssystem32driversfreytfbq.sys []
S1 fureaasy;fureaasy; ??C:Windowssystem32driversfureaasy.sys []
S1 fvbwzkkp;fvbwzkkp; ??C:Windowssystem32driversfvbwzkkp.sys []
S1 fvlqrhpt;fvlqrhpt; ??C:Windowssystem32driversfvlqrhpt.sys []
S1 fyidhqov;fyidhqov; ??C:Windowssystem32driversfyidhqov.sys []
S1 gaytihvd;gaytihvd; ??C:Windowssystem32driversgaytihvd.sys []
S1 gogdsdmo;gogdsdmo; ??C:Windowssystem32driversgogdsdmo.sys []
S1 gprteagp;gprteagp; ??C:Windowssystem32driversgprteagp.sys []
S1 gqeejjtb;gqeejjtb; ??C:Windowssystem32driversgqeejjtb.sys []
S1 gscdthoz;gscdthoz; ??C:Windowssystem32driversgscdthoz.sys []
S1 gzhwuqvk;gzhwuqvk; ??C:Windowssystem32driversgzhwuqvk.sys []
S1 gztqehrp;gztqehrp; ??C:Windowssystem32driversgztqehrp.sys []
S1 haffqyqv;haffqyqv; ??C:Windowssystem32drivershaffqyqv.sys []
S1 hbnvknit;hbnvknit; ??C:Windowssystem32drivershbnvknit.sys []
S1 hcyhzuhj;hcyhzuhj; ??C:Windowssystem32drivershcyhzuhj.sys []
S1 hffabfxo;hffabfxo; ??C:Windowssystem32drivershffabfxo.sys []
S1 hgqnqluw;hgqnqluw; ??C:Windowssystem32drivershgqnqluw.sys []
S1 hmmmlata;hmmmlata; ??C:Windowssystem32drivershmmmlata.sys []
S1 hnetxblh;hnetxblh; ??C:Windowssystem32drivershnetxblh.sys []
S1 hpqtoyod;hpqtoyod; ??C:Windowssystem32drivershpqtoyod.sys []
S1 hqbngjah;hqbngjah; ??C:Windowssystem32drivershqbngjah.sys []
S1 hqiqgtqi;hqiqgtqi; ??C:Windowssystem32drivershqiqgtqi.sys []
S1 hqugyugt;hqugyugt; ??C:Windowssystem32drivershqugyugt.sys []
S1 hqzoraoc;hqzoraoc; ??C:Windowssystem32drivershqzoraoc.sys []
S1 hvpjrtbv;hvpjrtbv; ??C:Windowssystem32drivershvpjrtbv.sys []
S1 iayzuuru;iayzuuru; ??C:Windowssystem32driversiayzuuru.sys []
S1 idianbud;idianbud; ??C:Windowssystem32driversidianbud.sys []
S1 idzvgyqx;idzvgyqx; ??C:Windowssystem32driversidzvgyqx.sys []
S1 ieqdlapz;ieqdlapz; ??C:Windowssystem32driversieqdlapz.sys []
S1 ieumuczk;ieumuczk; ??C:Windowssystem32driversieumuczk.sys []
S1 iffsabmm;iffsabmm; ??C:Windowssystem32driversiffsabmm.sys []
S1 iganksje;iganksje; ??C:Windowssystem32driversiganksje.sys []
S1 igokxigz;igokxigz; ??C:Windowssystem32driversigokxigz.sys []
S1 ihlnrsxw;ihlnrsxw; ??C:Windowssystem32driversihlnrsxw.sys []
S1 imlgogyn;imlgogyn; ??C:Windowssystem32driversimlgogyn.sys []
S1 iowcrjrp;iowcrjrp; ??C:Windowssystem32driversiowcrjrp.sys []
S1 isbhwhxo;isbhwhxo; ??C:Windowssystem32driversisbhwhxo.sys []
S1 ivhuhxge;ivhuhxge; ??C:Windowssystem32driversivhuhxge.sys []
S1 jaetqehf;jaetqehf; ??C:Windowssystem32driversjaetqehf.sys []
S1 jdvhvzgn;jdvhvzgn; ??C:Windowssystem32driversjdvhvzgn.sys []
S1 jmzuwuuo;jmzuwuuo; ??C:Windowssystem32driversjmzuwuuo.sys []
S1 jnbmxsjy;jnbmxsjy; ??C:Windowssystem32driversjnbmxsjy.sys []
S1 jsklditq;jsklditq; ??C:Windowssystem32driversjsklditq.sys []
S1 jtwypmkj;jtwypmkj; ??C:Windowssystem32driversjtwypmkj.sys []
S1 jwdvlagf;jwdvlagf; ??C:Windowssystem32driversjwdvlagf.sys []
S1 jwkyqtum;jwkyqtum; ??C:Windowssystem32driversjwkyqtum.sys []
S1 jxzhrvla;jxzhrvla; ??C:Windowssystem32driversjxzhrvla.sys []
S1 jynozbbb;jynozbbb; ??C:Windowssystem32driversjynozbbb.sys []
S1 jyqrhxej;jyqrhxej; ??C:Windowssystem32driversjyqrhxej.sys []
S1 kejwwrbu;kejwwrbu; ??C:Windowssystem32driverskejwwrbu.sys []
S1 klakawzg;klakawzg; ??C:Windowssystem32driversklakawzg.sys []
S1 klgkhivm;klgkhivm; ??C:Windowssystem32driversklgkhivm.sys []
S1 kmbhlagz;kmbhlagz; ??C:Windowssystem32driverskmbhlagz.sys []
S1 kmveivqg;kmveivqg; ??C:Windowssystem32driverskmveivqg.sys []
S1 knlxtreg;knlxtreg; ??C:Windowssystem32driversknlxtreg.sys []
S1 kqnckoqq;kqnckoqq; ??C:Windowssystem32driverskqnckoqq.sys []
S1 krewdlfi;krewdlfi; ??C:Windowssystem32driverskrewdlfi.sys []
S1 ksgblcjx;ksgblcjx; ??C:Windowssystem32driversksgblcjx.sys []
S1 ktnoennw;ktnoennw; ??C:Windowssystem32driversktnoennw.sys []
S1 kxhgjyet;kxhgjyet; ??C:Windowssystem32driverskxhgjyet.sys []
S1 kzveidaj;kzveidaj; ??C:Windowssystem32driverskzveidaj.sys []
S1 laiufytq;laiufytq; ??C:Windowssystem32driverslaiufytq.sys []
S1 lczjgfhi;lczjgfhi; ??C:Windowssystem32driverslczjgfhi.sys []
S1 lfvbpqlh;lfvbpqlh; ??C:Windowssystem32driverslfvbpqlh.sys []
S1 lkarqfvj;lkarqfvj; ??C:Windowssystem32driverslkarqfvj.sys []
S1 lvhfdujb;lvhfdujb; ??C:Windowssystem32driverslvhfdujb.sys []
S1 lvrsnmra;lvrsnmra; ??C:Windowssystem32driverslvrsnmra.sys []
S1 lwqixjeo;lwqixjeo; ??C:Windowssystem32driverslwqixjeo.sys []
S1 lwzvxtve;lwzvxtve; ??C:Windowssystem32driverslwzvxtve.sys []
S1 lxryrkpn;lxryrkpn; ??C:Windowssystem32driverslxryrkpn.sys []
S1 lznkwpkc;lznkwpkc; ??C:Windowssystem32driverslznkwpkc.sys []
S1 mggmngcr;mggmngcr; ??C:Windowssystem32driversmggmngcr.sys []
S1 miwkbueh;miwkbueh; ??C:Windowssystem32driversmiwkbueh.sys []
S1 mkihfbkt;mkihfbkt; ??C:Windowssystem32driversmkihfbkt.sys []
S1 mkjojxaq;mkjojxaq; ??C:Windowssystem32driversmkjojxaq.sys []
S1 mkncivjr;mkncivjr; ??C:Windowssystem32driversmkncivjr.sys []
S1 mlctwxlm;mlctwxlm; ??C:Windowssystem32driversmlctwxlm.sys []
S1 mpawwhsx;mpawwhsx; ??C:Windowssystem32driversmpawwhsx.sys []
S1 mpwsoqhj;mpwsoqhj; ??C:Windowssystem32driversmpwsoqhj.sys []
S1 mskxhnya;mskxhnya; ??C:Windowssystem32driversmskxhnya.sys []
S1 mvjtogda;mvjtogda; ??C:Windowssystem32driversmvjtogda.sys []
S1 mwvcvsmd;mwvcvsmd; ??C:Windowssystem32driversmwvcvsmd.sys []
S1 mxkdudoe;mxkdudoe; ??C:Windowssystem32driversmxkdudoe.sys []
S1 mxnzlfyl;mxnzlfyl; ??C:Windowssystem32driversmxnzlfyl.sys []
S1 myuxbdtk;myuxbdtk; ??C:Windowssystem32driversmyuxbdtk.sys []
S1 najbglvg;najbglvg; ??C:Windowssystem32driversnajbglvg.sys []
S1 nbbmyosw;nbbmyosw; ??C:Windowssystem32driversnbbmyosw.sys []
S1 nbiwgjdq;nbiwgjdq; ??C:Windowssystem32driversnbiwgjdq.sys []
S1 nbozuaso;nbozuaso; ??C:Windowssystem32driversnbozuaso.sys []
S1 nhsedhkh;nhsedhkh; ??C:Windowssystem32driversnhsedhkh.sys []
S1 nkkxbmyp;nkkxbmyp; ??C:Windowssystem32driversnkkxbmyp.sys []
S1 nkybroxs;nkybroxs; ??C:Windowssystem32driversnkybroxs.sys []
S1 nnlszqob;nnlszqob; ??C:Windowssystem32driversnnlszqob.sys []
S1 nuaqhgyd;nuaqhgyd; ??C:Windowssystem32driversnuaqhgyd.sys []
S1 nxklmxkz;nxklmxkz; ??C:Windowssystem32driversnxklmxkz.sys []
S1 oagdongv;oagdongv; ??C:Windowssystem32driversoagdongv.sys []
S1 oaixvntl;oaixvntl; ??C:Windowssystem32driversoaixvntl.sys []
S1 ocgwakwa;ocgwakwa; ??C:Windowssystem32driversocgwakwa.sys []
S1 oeeckuki;oeeckuki; ??C:Windowssystem32driversoeeckuki.sys []
S1 oehrdddh;oehrdddh; ??C:Windowssystem32driversoehrdddh.sys []
S1 ogmiwfoh;ogmiwfoh; ??C:Windowssystem32driversogmiwfoh.sys []
S1 oteumqwh;oteumqwh; ??C:Windowssystem32driversoteumqwh.sys []
S1 otktpmqx;otktpmqx; ??C:Windowssystem32driversotktpmqx.sys []
S1 pafrqmpe;pafrqmpe; ??C:Windowssystem32driverspafrqmpe.sys []
S1 pahbmmhx;pahbmmhx; ??C:Windowssystem32driverspahbmmhx.sys []
S1 pdltmxeu;pdltmxeu; ??C:Windowssystem32driverspdltmxeu.sys []
S1 pepoclzz;pepoclzz; ??C:Windowssystem32driverspepoclzz.sys []
S1 phmwgmng;phmwgmng; ??C:Windowssystem32driversphmwgmng.sys []
S1 piyqdjog;piyqdjog; ??C:Windowssystem32driverspiyqdjog.sys []
S1 pjdonhme;pjdonhme; ??C:Windowssystem32driverspjdonhme.sys []
S1 plltqkbi;plltqkbi; ??C:Windowssystem32driversplltqkbi.sys []
S1 pndvqwva;pndvqwva; ??C:Windowssystem32driverspndvqwva.sys []
S1 posdnnth;posdnnth; ??C:Windowssystem32driversposdnnth.sys []
S1 ppspouac;ppspouac; ??C:Windowssystem32driversppspouac.sys []
S1 pwslvwth;pwslvwth; ??C:Windowssystem32driverspwslvwth.sys []
S1 pxvkangc;pxvkangc; ??C:Windowssystem32driverspxvkangc.sys []
S1 pyidrukl;pyidrukl; ??C:Windowssystem32driverspyidrukl.sys []
S1 pzuyxxqf;pzuyxxqf; ??C:Windowssystem32driverspzuyxxqf.sys []
S1 qajnvodv;qajnvodv; ??C:Windowssystem32driversqajnvodv.sys []
S1 qenavxvl;qenavxvl; ??C:Windowssystem32driversqenavxvl.sys []
S1 qgbbkada;qgbbkada; ??C:Windowssystem32driversqgbbkada.sys []
S1 qgqysdqe;qgqysdqe; ??C:Windowssystem32driversqgqysdqe.sys []
S1 qhgitbff;qhgitbff; ??C:Windowssystem32driversqhgitbff.sys []
S1 qjywaelf;qjywaelf; ??C:Windowssystem32driversqjywaelf.sys []
S1 qjzjtopt;qjzjtopt; ??C:Windowssystem32driversqjzjtopt.sys []
S1 qkxlnwwb;qkxlnwwb; ??C:Windowssystem32driversqkxlnwwb.sys []
S1 qmlhyzwp;qmlhyzwp; ??C:Windowssystem32driversqmlhyzwp.sys []
S1 qqsxopba;qqsxopba; ??C:Windowssystem32driversqqsxopba.sys []
S1 qrsqppvv;qrsqppvv; ??C:Windowssystem32driversqrsqppvv.sys []
S1 qrtkwssi;qrtkwssi; ??C:Windowssystem32driversqrtkwssi.sys []
S1 quxvaxyd;quxvaxyd; ??C:Windowssystem32driversquxvaxyd.sys []
S3 BthEnum;Драйвер блока запроса Bluetooth; C:Windowssystem32DRIVERSBthEnum.sys [2009-04-11 22528]
S3 BthPan;Устройства Bluetooth (личной сети); C:Windowssystem32DRIVERSbthpan.sys [2008-01-21 92160]
S3 BTHPORT;Драйвер порта Bluetooth; C:WindowsSystem32DriversBTHport.sys [2009-04-11 507904]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WindowsSystem32DriversBTHUSB.sys [2009-04-11 29696]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:Windowssystem32DRIVERSfssfltr.sys [2010-09-22 39272]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-21 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:Program FilesIVT CorporationBlueSoleilBTNtService.exe [2007-12-27 166520]
R2 cpcsp1;КриптоПро CSP KC1; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 Guard.Mail.ru;Guard.Mail.ru; C:Program FilesMail.RuGuardGuardMailRu.exe [2010-11-03 992960]
R2 Gwmsrv;Panda Goodware Cache Manager; C:Windowssystem32svchost -k Panda []
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe [2008-09-12 354840]
R2 MsMpSvc;Microsoft Antimalware Service; C:Program FilesMicrosoft Security EssentialsMsMpEng.exe [2010-03-25 17904]
R2 MWLService;MyWinLocker Service; C:Program FilesEgisTecMyWinLocker 3×86\MWLService.exe [2008-10-27 306736]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe [2008-09-23 144632]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2010-04-03 129640]
R2 Panda Software Controller;Panda Software Controller; C:Program FilesPanda SecurityPanda Internet Security 2010PsCtrls.exe [2009-08-10 173312]
R2 PAVFNSVR;Panda Function Service; C:Program FilesPanda SecurityPanda Internet Security 2010PavFnSvr.exe [2009-08-10 169216]
R2 PavPrSrv;Panda Process Protection Service; C:Program FilesCommon FilesPanda SecurityPavShldpavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:Program FilesPanda SecurityPanda Internet Security 2010pavsrvx86.exe [2009-09-17 293120]
R2 PSHost;Panda Host Service; c:program filespanda securitypanda internet security 2010firewallPSHOST.EXE [2009-04-08 226560]
R2 PSIMSVC;Panda IManager Service; C:Program FilesPanda SecurityPanda Internet Security 2010PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:Program FilesPanda SecurityPanda Internet Security 2010PskSvc.exe [2009-08-25 28928]
R3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Служба Google Update (gupdate); C:Program FilesGoogleUpdateGoogleUpdate.exe [2010-02-01 135664]
S3 fsssvc;Windows Live Family Safety Service; C:Program FilesWindows LiveFamily Safetyfsssvc.exe [2010-09-22 1493352]
S3 GoogleDesktopManager-051210-111108;Диспетчер Google Desktop 5.9.1005.12335; C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe [2010-07-25 30192]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-11-28 182768]
S3 hpqcxs08;hpqcxs08; C:Windowssystem32svchost.exe [2008-01-21 21504]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:Program FilesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S4 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-21 21504]

---

EOF

---

[albash]

Оба лога не поместились. Прикрепляю второй:
info.txt logfile of random’s system information tool 1.08 2010-12-02 11:51:27

======Uninstall list======

«Barbie(TM) — Barbie(TM) в роли Принцессы острова» 1.0c—>»C:Program FilesBarbie(TM)Barbie(TM) as Island Princessunins000.exe»
«Barbie(TM) — Приключения на ранчо» 1.0с—>»C:Program FilesBarbie(TM)Barbie(TM) — Приключения на ранчоunins000.exe»
«Начальная школа Кирилла и Мефодия. Математика. 1 класс. Часть 2»—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7320F37D-592C-4270-BDAA-E43CC977A77C}setup.exe» -l0x19
«Начальная школа Кирилла и Мефодия. Русский язык. 1 класс»—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2374BED8-2605-45E1-ACA8-D2AB38B3C63C}setup.exe» -l0x19
22 игры с собаками—>»C:Program FilesBuka22 игры с собакамиunins000.exe»
ABBYY FineReader 7.0 Home Edition—>MsiExec.exe /I{8BAE6262-5FB8-46FF-BF6E-AEE4970164AF}
Acer eRecovery Management—>»C:Program FilesInstallShield Installation Information{7F811A54-5A09-4579-90E1-C93498E230D9}setup.exe» -runfromtemp -l0x0019 -removeonly
Acer Product Registration—>»C:Program FilesInstallShield Installation Information{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}setup.exe» -runfromtemp -l0x0019 -removeonly
Acer ScreenSaver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}setup.exe» -l0x9 -removeonly
Adobe Flash Player 10 ActiveX—>C:Windowssystem32MacromedFlashFlashUtil10l_ActiveX.exe -maintain activex
Adobe Reader 9.4.1 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A94000000001}
Bing Bar Platform—>MsiExec.exe /I{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}
Bluesoleil2.7.0.13 VoIP Release 071227—>MsiExec.exe /X{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287}
Bookworm Adventures—>»C:Program FilesAcer GameZoneBookworm AdventuresUninstall.exe» «C:Program FilesAcer GameZoneBookworm Adventuresinstall.log»
Chicken Invaders 2—>»C:Program FilesAcer GameZoneChicken Invaders 2Uninstall.exe» «C:Program FilesAcer GameZoneChicken Invaders 2install.log»
D3DX10—>MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Dexster v3.3—>»I:Dexsterunins000.exe»
Dream Day First Home—>»C:Program FilesAcer GameZoneDream Day First HomeUninstall.exe» «C:Program FilesAcer GameZoneDream Day First Homeinstall.log»
eSobi v2—>C:Program FilesInstallShield Installation Information{15D967B5-A4BE-42AE-9E84-64CD062B25AA}setup.exe -runfromtemp -l0x0419
FBReader for Windows XP—>»C:Program FilesFBReaderuninstall.exe»
Go-Go Gourmet—>»C:Program FilesAcer GameZoneGo-Go GourmetUninstall.exe» «C:Program FilesAcer GameZoneGo-Go Gourmetinstall.log»
Google Desktop—>C:Program FilesGoogleGoogle Desktop SearchGoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer—>»C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarManager_AC0049E063DE2AEA.exe» /uninstall
Google Toolbar for Internet Explorer—>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper—>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Guard.Mail.ru—>»C:Program FilesMail.RuGuardGuardMailRu.exe» /uninstall
Heroes of Hellas—>»C:Program FilesAcer GameZoneHeroes of HellasUninstall.exe» «C:Program FilesAcer GameZoneHeroes of Hellasinstall.log»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>C:Windowssystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)—>C:Windowssystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=»»
HP Imaging Device Functions 13.0—>C:Program FilesHewlett-PackardDigital ImagingDeviceManagementhpzscr01.exe -datfile hpqbud01.dat
HP Photo and Imaging 2.1 — Scanjet 2400 Series—>MsiExec.exe /I{6F7ECD56-E224-4263-9B7E-158E5CECC43B}
HP Photosmart Essential 3.5—>C:Program FilesHewlett-PackardDigital ImagingPhotosmartEssentialhpzscr01.exe -datfile hpqbud13.dat -forcereboot
HP Scanjet G2410 and 2400—>C:Program FilesHewlett-PackardDigital Imaging{E5B04674-1885-4B08-BAE7-ECDEC1F84677}setuphpzscr01.exe -datfile hpgscr40.dat
HP Solution Center 13.0—>C:Program FilesHewlett-PackardDigital ImagingeSupporthpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update—>MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
Intel(R) Matrix Storage Manager—>C:Program FilesIntelIntel Matrix Storage ManagerUninstallimsmudlg.exe -uninstall
Java(TM) 6 Update 18—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018F0}
Java(TM) 6 Update 22—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Junk Mail filter update—>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
K-Lite Mega Codec Pack 6.5.0—>»C:Program FilesK-Lite Codec Packunins000.exe»
Magic Farm—>»C:Program FilesAcer GameZoneMagic FarmUninstall.exe» «C:Program FilesAcer GameZoneMagic Farminstall.log»
Magic Match Adventures—>»C:Program FilesAcer GameZoneMagic Match AdventuresUninstall.exe» «C:Program FilesAcer GameZoneMagic Match Adventuresinstall.log»
Mail.Ru Спутник 2.3.0.289—>C:Program FilesMail.RuSputnikMailRuSputnik.exe uninstall
Mesh Runtime—>MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 3.5 Language Pack SP1 — rus—>MsiExec.exe /I{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}
Microsoft .NET Framework 3.5 SP1—>C:WindowsMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 SP1setup.exe
Microsoft .NET Framework 3.5 SP1—>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile RUS Language Pack—>MsiExec.exe /X{5208FDB2-D561-3FB4-9763-6B10B06745B7}
Microsoft .NET Framework 4 Client Profile—>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientSetup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile—>MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Antimalware Service RU-RU Language Pack—>MsiExec.exe /X{FA8BA2B5-EB0E-428B-AAB2-2D608D959B18}
Microsoft Antimalware—>MsiExec.exe /X{E62A1F01-07B7-4541-A835-EE5B0BF064C2}
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {DCB382C1-7F1B-42B2-9D47-EDC4262E832F}
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {DCB382C1-7F1B-42B2-9D47-EDC4262E832F}
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {DCB382C1-7F1B-42B2-9D47-EDC4262E832F}
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-006E-0419-0000-0000000FF1CE} /uninstall {37317C49-30C4-412C-B0B9-D95090F330D8}
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-00A1-0419-0000-0000000FF1CE} /uninstall {DCB382C1-7F1B-42B2-9D47-EDC4262E832F}
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel 2007 Help Обновление (KB963678)—>msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {420938DB-BF97-4664-BE29-0C68B4802C00}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Home and Student 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007—>MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5—>MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help Обновление (KB963669)—>msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {BD1C2AC7-63F3-4C75-8B44-DE3D700B3BC8}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0419-0000-0000000FF1CE} /uninstall {57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0422-0000-0000000FF1CE} /uninstall {6F177D09-F21D-4F50-9436-353972D1D232}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word 2007 Help Обновление (KB963665)—>msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {D3A002FB-0F62-4840-80AD-2D2C63F83449}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Search Enhancement Pack—>MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
Microsoft Security Essentials—>C:Program FilesMicrosoft Security Essentialssetup.exe /x
Microsoft Security Essentials—>MsiExec.exe /I{EF98A02A-1748-4762-9B7D-5ED1600520D5}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]—>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 — x86 8.0.50727.4053—>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
MSVCRT—>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)—>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Solitaire — Secret Island—>»C:Program FilesAcer GameZoneMystery Solitaire — Secret IslandUninstall.exe» «C:Program FilesAcer GameZoneMystery Solitaire — Secret Islandinstall.log»
MyWinLocker—>MsiExec.exe /X{68301905-2DEA-41CE-A4D4-E8B443B099BA}
Nero 9 Lite—>C:Program FilesCommon FilesNeroNero ProductInstaller 4SetupX.exe REMOVESERIALNUMBER=»XM2C-50A9-HH4M-0ZM8-4X06-9P25-5A46-618P-AH19-6647″
Nero Installer—>MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NTI Backup Now 5—>C:Program FilesInstallShield Installation Information{12EFA1A4-AC3B-443C-8143-237EDE760403}setup.exe -runfromtemp -l0x0419
NTI Media Maker 8—>C:Program FilesInstallShield Installation Information{2413930C-8309-47A6-BC61-5EF27A4222BC}setup.exe -runfromtemp -l0x0419
NVIDIA Display Control Panel—>C:Program FilesNVIDIA CorporationUninstallnvuninst.exe DisplayControlPanel
NVIDIA Drivers—>C:Program FilesNVIDIA CorporationUninstallnvuninst.exe UninstallGUI
OCR Software by I.R.I.S. 13.0—>C:Program FilesHewlett-PackardDigital ImagingOCRhpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org 3.2—>MsiExec.exe /I{5C2F4253-6243-45CD-BE1D-C80409788370}
Panda Internet Security 2010—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7926EFB6-7CB4-4A9D-AB01-095F67F9D519}SETUP.exe» -l0x19 -removeonly
PVSonyDll—>MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
Realtek High Definition Audio Driver—>C:Program FilesRealtekAudioHDARtlUpd.exe -r -m -nrg2709
Rutoken Drivers—>MsiExec.exe /X{BC41DF50-6D8F-4F2F-B21E-38A1C452565D}
Rutoken Magistra Drivers—>MsiExec.exe /X{F6589A22-AFB4-4458-BBA3-90B75BB57044}
Security Update for 2007 Microsoft Office System (KB2288621)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2289158)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB2344875)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB2345043)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB969559)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)—>C:Windowssystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=»»
Security Update for Microsoft Office Excel 2007 (KB2345035)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office InfoPath 2007 (KB979441)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office system 2007 (972581)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Segoe UI—>MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
Skype Toolbars—>MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Update for 2007 Microsoft Office System (KB967642)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)—>C:Windowssystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=»»
Update for Microsoft Office OneNote 2007 (KB980729)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Viewpoint Media Player (Remove Only)—>C:Program FilesViewpointViewpoint Media PlayermtsAxInstaller.exe -u
Windows Live Communications Platform—>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Family Safety—>MsiExec.exe /I{02407A7A-D333-477C-B870-7BEB1EB47E33}
Windows Live Family Safety—>MsiExec.exe /X{F53D678E-238F-4A71-9742-08BB6774E9DC}
Windows Live ID Sign-in Assistant—>MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
Windows Live Installer—>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail—>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mesh—>MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D}
Windows Live Mesh—>MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core—>MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger—>MsiExec.exe /X{6986737B-F286-40D1-87AF-938339DCF6AB}
Windows Live Messenger—>MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter—>MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker—>MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B}
Windows Live Movie Maker—>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common—>MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1}
Windows Live Photo Common—>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery—>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform—>MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live Remote Client Resources—>MsiExec.exe /I{7A143876-9658-4A58-82E7-B5F02D942957}
Windows Live Remote Client—>MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources—>MsiExec.exe /I{D3CAE2CA-BE71-4CA4-9EB9-46E1C82E778B}
Windows Live Remote Service—>MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions—>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE—>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Sync—>MsiExec.exe /X{08BB86A3-BD8B-491F-9751-CDA93D8E0B59}
Windows Live UX Platform Language Pack—>MsiExec.exe /I{D8DAB025-C2CE-4821-8117-494E95ADA031}
Windows Live UX Platform—>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources—>MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62}
Windows Live Writer—>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer—>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer—>MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}
WinRAR archiver—>C:Program FilesWinRARuninstall.exe
Zuma Deluxe—>»C:Program FilesAcer GameZoneZuma DeluxeUninstall.exe» «C:Program FilesAcer GameZoneZuma Deluxeinstall.log»
Бизнес Пак 7.4.0.939—>»D:bp7unins000.exe»
Компаньон Messenger—>MsiExec.exe /I{3705D53F-BB01-4BEE-8585-289E71CAC4B4}
Король лев — Новые приключения—>C:WindowsIsUninst.exe -f»C:Program FilesDisney InteractiveLion_King_ACDeIsL1.isu»
КриптоПро CSP—>MsiExec.exe /I{54A08450-B343-40B0-924E-68F031450996}
Основные компоненты Windows Live—>C:Program FilesWindows LiveInstallerwlarp.exe
Основные компоненты Windows Live—>MsiExec.exe /I{E83DC314-C926-4214-AD58-147691D6FE9F}
Пакет обеспечения совместимости для выпуска 2007 системы Microsoft Office—>MsiExec.exe /X{90120000-0020-0419-0000-0000000FF1CE}
Панель Bing—>C:Program FilesBing Bar InstallerInstallManager.exe /UNINSTALL
Почта Windows Live—>MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}
Пятачок В Подводном Царстве—>»C:Program FilesBukaПятачок В Подводном Царствеunins000.exe»
Театр кошек—>C:Program FilesCom.MediaCats_TheatreCats_TheatreCats_Theatre.exe -u
Терминал Альфа-Директ™—>»C:Program FilesAlfaDirectADirect.exe» -remove
Фотоальбом Windows Live—>MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851}
Элемент управления Windows Live Mesh ActiveX для удаленных подключений—>MsiExec.exe /I{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}
Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS—>C:WindowsMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 Language Pack SP1 — russetup.exe
Языковой пакет клиентского профиля Microsoft.NET Framework 4 — RUS—>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientLPSetup.exe /repair /x86 /lcid 1049 /parameterfolder ClientLP

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: Общий-ПК
Event Code: 7036
Message: Служба «Инструментарий управления Windows» перешла в состояние Работает.
Record Number: 132905
Source Name: Service Control Manager
Time Written: 20100715032425.000000-000
Event Type: Сведения
User:

Computer Name: Общий-ПК
Event Code: 7036
Message: Служба «Служба регистрации ошибок Windows» перешла в состояние Работает.
Record Number: 132904
Source Name: Service Control Manager
Time Written: 20100715032425.000000-000
Event Type: Сведения
User:

Computer Name: Общий-ПК
Event Code: 7036
Message: Служба «Служба времени Windows» перешла в состояние Работает.
Record Number: 132903
Source Name: Service Control Manager
Time Written: 20100715032425.000000-000
Event Type: Сведения
User:

Computer Name: Общий-ПК
Event Code: 7036
Message: Служба «Узел универсальных PNP-устройств» перешла в состояние Работает.
Record Number: 132902
Source Name: Service Control Manager
Time Written: 20100715032425.000000-000
Event Type: Сведения
User:

Computer Name: Общий-ПК
Event Code: 7036
Message: Служба «Службы терминалов» перешла в состояние Работает.
Record Number: 132901
Source Name: Service Control Manager
Time Written: 20100715032425.000000-000
Event Type: Сведения
User:

=====Application event log=====

Computer Name: Общий-ПК
Event Code: 1000
Message: Cчетчики производительности для службы WmiApRpl (WmiApRpl) загружены успешно. Данные в секции данных содержат новые значения индексов, назначенные этой службе.
Record Number: 7208
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100122112227.000000-000
Event Type: Сведения
User:

Computer Name: Общий-ПК
Event Code: 1001
Message: Счетчики производительности для службы WmiApRpl (WmiApRpl) успешно удалены. Данные записи содержат новые значения разделов системного реестра Last Counter и Last Help.
Record Number: 7207
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100122112227.000000-000
Event Type: Сведения
User:

Computer Name: Общий-ПК
Event Code: 1000
Message: Cчетчики производительности для службы WmiApRpl (WmiApRpl) загружены успешно. Данные в секции данных содержат новые значения индексов, назначенные этой службе.
Record Number: 7206
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100122111658.000000-000
Event Type: Сведения
User:

Computer Name: Общий-ПК
Event Code: 1001
Message: Счетчики производительности для службы WmiApRpl (WmiApRpl) успешно удалены. Данные записи содержат новые значения разделов системного реестра Last Counter и Last Help.
Record Number: 7205
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100122111658.000000-000
Event Type: Сведения
User:

Computer Name: Общий-ПК
Event Code: 1
Message: Служба центра обеспечения безопасности Windows запущена.
Record Number: 7204
Source Name: SecurityCenter
Time Written: 20100122111449.000000-000
Event Type: Сведения
User:

=====Security event log=====

Computer Name: Общий-ПК
Event Code: 4672
Message: Новому сеансу входа назначены специальные привилегии.

Субъект:
ИД безопасности: S-1-5-18
Имя учетной записи: SYSTEM
Домен учетной записи: NT AUTHORITY
Код входа: 0x3e7

Привилегии: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 39649
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100711154035.206113-000
Event Type: Аудит выполнен успешно
User:

Computer Name: Общий-ПК
Event Code: 4624
Message: Вход с учетной записью выполнен успешно.

Субъект:
ИД безопасности: S-1-5-18
Имя учетной записи: ОБЩИЙ-ПК$
Домен учетной записи: WORKGROUP
Код входа: 0x3e7

Тип входа: 5

Новый вход:
ИД безопасности: S-1-5-18
Имя учетной записи: SYSTEM
Домен учетной записи: NT AUTHORITY
Код входа: 0x3e7
GUID входа: {00000000-0000-0000-0000-000000000000}

Сведения о процессе:
Идентификатор процесса: 0x350
Имя процесса: C:WindowsSystem32services.exe

Сведения о сети:
Имя рабочей станции:
Сетевой адрес источника: —
Порт источника: —

Сведения о проверке подлинности:
Процесс входа: Advapi
Пакет проверки подлинности: Negotiate
Промежуточные службы: —
Имя пакета (только NTLM): —
Длина ключа: 0

Данное событие возникает при создании сеанса входа. Оно создается в системе, вход в которую выполнен.

Поля «Субъект» указывают на учетную запись локальной системы, запросившую вход. Обычно это служба, например служба «Сервер», или локальный процесс, такой как Winlogon.exe или Services.exe.

В поле «Тип входа» указан тип выполненного входа. Самыми распространенными являются типы 2 (интерактивный) и 3 (сетевой).

Поля «Новый вход» указывают на учетную запись, для которой создан новый сеанс входа, то есть на учетную запись, с которой выполнен вход.

В полях, которые относятся к сети, указан источник запроса на удаленный вход. Имя рабочей станции доступно не всегда, и в некоторых случаях это поле может оставаться незаполненным.

Поля сведений о проверке подлинности содержат подробные данные о конкретном запросе на вход.
— GUID входа — это уникальный идентификатор, который позволяет сопоставить данное событие с событием KDC.
— В поле «Промежуточные службы» указано, какие промежуточные службы участвовали в данном запросе на вход.
— Поле «Имя пакета» указывает на подпротокол, использованный с протоколами NTLM.
— Поле «Длина ключа» содержит длину созданного ключа сеанса. Это поле может иметь значение «0», если ключ сеанса не запрашивался.
Record Number: 39648
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100711154035.206113-000
Event Type: Аудит выполнен успешно
User:

Computer Name: Общий-ПК
Event Code: 4648
Message: Выполнена попытка входа в систему с явным указанием учетных данных.

Субъект:
ИД безопасности: S-1-5-18
Имя учетной записи: ОБЩИЙ-ПК$
Домен учетной записи: WORKGROUP
Код входа: 0x3e7
GUID входа: {00000000-0000-0000-0000-000000000000}

Были использованы учетные данные следующей учетной записи:
Имя учетной записи: SYSTEM
Домен учетной записи: NT AUTHORITY
GUID входа: {00000000-0000-0000-0000-000000000000}

Целевой сервер:
Имя целевого сервера: localhost
Дополнительные сведения: localhost

Сведения о процессе:
Идентификатор процесса: 0x350
Имя процесса: C:WindowsSystem32services.exe

Сведения о сети:
Сетевой адрес: —
Порт: —

Данное событие возникает, когда процесс пытается выполнить вход с учетной записью, явно указав ее учетные данные. Это обычно происходит при использовании конфигураций пакетного типа, например назначенных задач, или выполнении команды RUNAS.
Record Number: 39647
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100711154035.206113-000
Event Type: Аудит выполнен успешно
User:

Computer Name: Общий-ПК
Event Code: 4672
Message: Новому сеансу входа назначены специальные привилегии.

Субъект:
ИД безопасности: S-1-5-20
Имя учетной записи: NETWORK SERVICE
Домен учетной записи: NT AUTHORITY
Код входа: 0x3e4

Привилегии: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 39646
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100711154035.096912-000
Event Type: Аудит выполнен успешно
User:

Computer Name: Общий-ПК
Event Code: 4624
Message: Вход с учетной записью выполнен успешно.

Субъект:
ИД безопасности: S-1-5-18
Имя учетной записи: ОБЩИЙ-ПК$
Домен учетной записи: WORKGROUP
Код входа: 0x3e7

Тип входа: 5

Новый вход:
ИД безопасности: S-1-5-20
Имя учетной записи: NETWORK SERVICE
Домен учетной записи: NT AUTHORITY
Код входа: 0x3e4
GUID входа: {00000000-0000-0000-0000-000000000000}

Сведения о процессе:
Идентификатор процесса: 0x350
Имя процесса: C:WindowsSystem32services.exe

Сведения о сети:
Имя рабочей станции:
Сетевой адрес источника: —
Порт источника: —

Сведения о проверке подлинности:
Процесс входа: Advapi
Пакет проверки подлинности: Negotiate
Промежуточные службы: —
Имя пакета (только NTLM): —
Длина ключа: 0

Данное событие возникает при создании сеанса входа. Оно создается в системе, вход в которую выполнен.

Поля «Субъект» указывают на учетную запись локальной системы, запросившую вход. Обычно это служба, например служба «Сервер», или локальный процесс, такой как Winlogon.exe или Services.exe.

В поле «Тип входа» указан тип выполненного входа. Самыми распространенными являются типы 2 (интерактивный) и 3 (сетевой).

Поля «Новый вход» указывают на учетную запись, для которой создан новый сеанс входа, то есть на учетную запись, с которой выполнен вход.

В полях, которые относятся к сети, указан источник запроса на удаленный вход. Имя рабочей станции доступно не всегда, и в некоторых случаях это поле может оставаться незаполненным.

Поля сведений о проверке подлинности содержат подробные данные о конкретном запросе на вход.
— GUID входа — это уникальный идентификатор, который позволяет сопоставить данное событие с событием KDC.
— В поле «Промежуточные службы» указано, какие промежуточные службы участвовали в данном запросе на вход.
— Поле «Имя пакета» указывает на подпротокол, использованный с протоколами NTLM.
— Поле «Длина ключа» содержит длину созданного ключа сеанса. Это поле может иметь значение «0», если ключ сеанса не запрашивался.
Record Number: 39645
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100711154035.096912-000
Event Type: Аудит выполнен успешно
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«Path»=C:Program FilesCommon FilesMicrosoft SharedWindows Live;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesEgisTecMyWinLocker 3×86;C:Program FilesEgisTecMyWinLocker 3×64;C:Program FilesPanda SecurityPanda Internet Security 2010;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program FilesWindows LiveShared
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
«PROCESSOR_ARCHITECTURE»=x86
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«USERNAME»=SYSTEM
«windir»=%SystemRoot%
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 13, GenuineIntel
«PROCESSOR_REVISION»=0f0d
«NUMBER_OF_PROCESSORS»=2
«TRACE_FORMAT_SEARCH_PATH»=\NTREL202.ntdev.corp.microsoft.com4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0TraceFormat
«DFSTRACINGON»=FALSE
«Pathtem»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesEgisTecMyWinLocker 3×86;C:Program FilesEgisTecMyWinLocker 3×64
«NTIPath»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesEgisTecMyWinLocker 3×86;C:Program FilesEgisTecMyWinLocker 3×64;C:Program FilesNewTech InfosystemsNTI Backup Now 5;
«PSModulePath»=%SystemRoot%system32WindowsPowerShellv1.0Modules

---

EOF

---

[albash]

Здравствуйте! Посмотрите, пожалуйста, логи. Нужно ли лечить компьютер? Спасибо.

[Helper]

Здравствуйте!Да, нужно.
сделайте такой лог и прикрепите в своем новом сообщении
Приношу извинения за задержку. 🙁

[albash]

Здравствуйте. лог Combofix:
ComboFix 11-01-10.07 — Общий компьютер 11.01.2011 14:33:14.1.2 — x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1251.7.1049.18.2046.916 [GMT 5:00]
Running from: c:usersОбщий компьютерDesktopComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
AV: Panda Internet Security 2010 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
FW: Panda Personal Firewall 2010 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Panda Internet Security 2010 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:program files\setup.exe
c:program filesSetup.exe
c:usersОбщий компьютерAppDataRoaming.#

.
((((((((((((((((((((((((( Files Created from 2010-12-11 to 2011-01-11 )))))))))))))))))))))))))))))))
.

2011-01-11 09:43 . 2011-01-11 09:43

---

d

---

w- c:usersDefaultAppDataLocaltemp
2011-01-11 09:03 . 2010-11-10 04:33 6273872 —-a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{7F402425-31C9-468E-B678-69386F841A22}mpengine.dll
2011-01-08 13:10 . 2011-01-08 13:10

---

d

---

w- c:program filesCommon FilesSkype
2011-01-04 10:10 . 2011-01-04 10:10

---

d

---

w- c:program filesMicrosoft CAPICOM 2.1.0.2
2011-01-03 13:19 . 2011-01-03 13:19

---

d

---

w- c:programdataLogiShrd
2011-01-03 13:17 . 2011-01-03 13:17

---

d

---

w- c:usersОбщий компьютерAppDataLocalLogiShrd
2011-01-03 13:15 . 2011-01-03 13:15

---

d

---

w- c:usersОбщий компьютерAppDataRoamingLeadertech
2011-01-03 13:15 . 2011-01-03 13:15 53248 —-a-r- c:usersОбщий компьютерAppDataRoamingMicrosoftInstaller{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}ARPPRODUCTICON.exe
2011-01-03 13:15 . 2011-01-11 08:57

---

d

---

w- c:windowssystem32logishrd
2011-01-03 13:15 . 2011-01-03 13:15

---

d

---

w- c:programdataLogitech
2011-01-03 13:14 . 2011-01-03 13:14

---

d

---

w- c:program filesCommon FilesLWS
2011-01-03 13:14 . 2011-01-03 13:16

---

d

---

w- c:program filesLogitech
2011-01-03 13:01 . 2011-01-03 13:16

---

d

---

w- c:program filesCommon Fileslogishrd
2010-12-28 05:27 . 2010-12-28 05:27

---

d

---

w- c:usersОбщий компьютерAppDataRoamingPeerNetworking
2010-12-23 17:24 . 2010-12-23 17:24

---

d

---

w- c:programdataGuard.Mail.Ru
2010-12-16 04:57 . 2010-10-18 13:37 81920 —-a-w- c:windowssystem32consent.exe
2010-12-16 04:56 . 2010-10-28 13:20 2048 —-a-w- c:windowssystem32tzres.dll
2010-12-16 04:55 . 2010-11-03 10:51 2409784 —-a-w- c:program filesWindows MailOESpamFilter.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-03 13:15 . 2011-01-03 13:15 53248 —-a-r- c:usersОбщий компьютерAppDataRoamingMicrosoftInstaller{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}ARPPRODUCTICON.exe
2011-01-03 13:15 . 2011-01-03 13:15 53248 —-a-r- c:usersОбщий компьютерAppDataRoamingMicrosoftInstaller{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}ARPPRODUCTICON.exe
2010-11-12 13:53 . 2010-05-04 14:18 472808 —-a-w- c:windowssystem32deployJava1.dll
2010-11-10 04:33 . 2010-08-26 03:23 6273872 —-a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll
2010-11-09 21:49 . 2010-11-09 21:49 4323040 —-a-w- c:windowssystem32driverslvuvc.sys
2010-11-09 21:49 . 2010-11-09 21:49 539232 —-a-w- c:windowssystem32LVUI2RC.dll
2010-11-09 21:49 . 2010-11-09 21:49 543328 —-a-w- c:windowssystem32LVUI2.dll
2010-11-09 21:47 . 2010-11-09 21:47 195168 —-a-w- c:windowssystem32lvci13101216.dll
2010-11-09 21:47 . 2010-11-09 21:47 416352 —-a-w- c:windowssystem32lvcodec2.dll
2010-11-09 21:45 . 2010-11-09 21:45 102744 —-a-w- c:windowssystem32LogiDPPApp.exe
2010-11-09 21:45 . 2010-11-09 21:45 10871128 —-a-w- c:windowssystem32LogiDPP.dll
2010-11-09 21:45 . 2010-11-09 21:45 316248 —-a-w- c:windowssystem32DevManagerCore.dll
2010-10-19 20:51 . 2009-12-21 04:50 222080

---

w- c:windowssystem32MpSigStub.exe
2010-10-18 08:00 . 2010-11-03 11:33 108032 —-a-w- c:windowssystem32ff_vfw.dll
2010-05-28 12:40 . 2010-05-28 12:40 3091968 —-a-w- c:program filesopenofficeorg32.msi
2002-03-11 09:06 . 2002-03-11 09:06 1822520 —-a-w- c:program filesinstmsiw.exe
2002-03-11 08:45 . 2002-03-11 08:45 1708856 —-a-w- c:program filesinstmsia.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersegisPSDP]
@=»{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}»
[HKEY_CLASSES_ROOTCLSID{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 08:05 40496 —-a-w- c:program filesEgisTecMyWinLocker 3x86PSDProtect.dll

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2009-11-28 68856]
«Sidebar»=»c:program filesWindows Sidebarsidebar.exe» [2009-04-11 1233920]
«msnmsgr»=»c:program filesWindows LiveMessengermsnmsgr.exe» [2010-09-22 4240760]
«WMPNSCFG»=»c:program filesWindows Media PlayerWMPNSCFG.exe» [2008-01-21 202240]
«CollaborationHost»=»c:windowssystem32p2phost.exe» [2008-01-21 192000]
«Logitech Vid»=»c:program filesLogitechVid HDVid.exe» [2010-10-29 5915480]
«Skype»=»c:program filesSkypePhoneSkype.exe» [2011-01-03 15028104]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«IAAnotif»=»c:program filesIntelIntel Matrix Storage Manageriaanotif.exe» [2008-09-12 182808]
«RtHDVCpl»=»c:program filesRealtekAudioHDARtHDVCpl.exe» [2009-03-10 6957600]
«Google Desktop Search»=»c:program filesGoogleGoogle Desktop SearchGoogleDesktop.exe» [2010-07-25 30192]
«EgisTecLiveUpdate»=»c:program filesEgisTec Egis Software UpdateEgisUpdate.exe» [2008-10-27 199464]
«mwlDaemon»=»c:program filesEgisTecMyWinLocker 3x86mwlDaemon.exe» [2008-10-27 346672]
«APVXDWIN»=»c:program filesPanda SecurityPanda Internet Security 2010APVXDWIN.EXE» [2009-09-25 906496]
«SCANINICIO»=»c:program filesPanda SecurityPanda Internet Security 2010Inicio.exe» [2009-08-12 56064]
«Skytel»=»c:program filesRealtekAudioHDASkytel.exe» [2009-03-10 1833504]
«Share-to-Web Namespace Daemon»=»c:program filesHewlett-PackardHP Share-to-Webhpgs2wnd.exe» [2002-04-17 69632]
«hpqSRMon»=»c:program filesHewlett-PackardDigital ImagingbinhpqSRMon.exe» [2008-08-20 150016]
«HP Software Update»=»c:program filesHewlett-PackardHP Software UpdateHPWuSchd2.exe» [2008-12-08 54576]
«MSSE»=»c:program filesMicrosoft Security Essentialsmsseces.exe» [2010-09-14 1094224]
«SunJavaUpdateSched»=»c:program filesCommon FilesJavaJava Updatejusched.exe» [2010-05-14 248552]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 9.0ReaderReader_sl.exe» [2010-09-22 35760]
«Adobe ARM»=»c:program filesCommon FilesAdobeARM1.0AdobeARM.exe» [2010-09-20 932288]
«Guard.Mail.ru.gui»=»c:program filesMail.RuGuardGuardMailRu.exe» [2010-12-23 1041088]
«LWS»=»c:program filesLogitechLWSWebcam SoftwareLWS.exe» [2010-05-07 165208]

c:usersЋЎйЁ© Є®¬ЇмовҐаAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Logitech . ђҐЈЁбва жЁп Џа®¤гЄв .lnk — c:program filesLogitechEregeReg.exe [2009-11-16 517384]

c:programdataMicrosoftWindowsStart MenuProgramsStartup
Њ®­Ёв®а ЂЏ‘-ЏҐз вм.lnk — h:bp6RSPrintPrintMon.exe [N/A]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«EnableUIADesktopToggle»= 0 (0x0)

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]
2008-03-18 11:58 58672 —-a-w- c:windowsSystem32avldr.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifycpcsp]
2009-07-29 04:47 717824 —-a-w- c:program filesCrypto ProCSPcpcspi.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows]
«AppInit_DLLs»=c:progra~1GoogleGOOGLE~1GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«mixer6″=wdmaud.drv

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 wdigest tspkg cpssl

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc]
@=»Service»

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPskSvcRetail]
@=»Service»

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalR5BaseSmc]
@=»»

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSCardSvr]
@=»»

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaltoken]
@=»»

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
@=»»

R1 aatksjzf;aatksjzf;c:windowssystem32driversaatksjzf.sys [x]
R1 abrqfgyd;abrqfgyd;c:windowssystem32driversabrqfgyd.sys [x]
R1 acbmeiun;acbmeiun;c:windowssystem32driversacbmeiun.sys [x]
R1 acejoghr;acejoghr;c:windowssystem32driversacejoghr.sys [x]
R1 acipanif;acipanif;c:windowssystem32driversacipanif.sys [x]
R1 aeqvvcmr;aeqvvcmr;c:windowssystem32driversaeqvvcmr.sys [x]
R1 aitmohax;aitmohax;c:windowssystem32driversaitmohax.sys [x]
R1 alejpbzl;alejpbzl;c:windowssystem32driversalejpbzl.sys [x]
R1 alpbmjcf;alpbmjcf;c:windowssystem32driversalpbmjcf.sys [x]
R1 anhtuzog;anhtuzog;c:windowssystem32driversanhtuzog.sys [x]
R1 aoftixqm;aoftixqm;c:windowssystem32driversaoftixqm.sys [x]
R1 aotupanc;aotupanc;c:windowssystem32driversaotupanc.sys [x]
R1 atbexzho;atbexzho;c:windowssystem32driversatbexzho.sys [x]
R1 atvfxbzn;atvfxbzn;c:windowssystem32driversatvfxbzn.sys [x]
R1 awxsrvva;awxsrvva;c:windowssystem32driversawxsrvva.sys [x]
R1 axuuvqef;axuuvqef;c:windowssystem32driversaxuuvqef.sys [x]
R1 aytplndr;aytplndr;c:windowssystem32driversaytplndr.sys [x]
R1 azmdbhwx;azmdbhwx;c:windowssystem32driversazmdbhwx.sys [x]
R1 bbtpsyfr;bbtpsyfr;c:windowssystem32driversbbtpsyfr.sys [x]
R1 bcidwhou;bcidwhou;c:windowssystem32driversbcidwhou.sys [x]
R1 bgsmmbsc;bgsmmbsc;c:windowssystem32driversbgsmmbsc.sys [x]
R1 bqbxdjmt;bqbxdjmt;c:windowssystem32driversbqbxdjmt.sys [x]
R1 bqhycprx;bqhycprx;c:windowssystem32driversbqhycprx.sys [x]
R1 brhcvzbf;brhcvzbf;c:windowssystem32driversbrhcvzbf.sys [x]
R1 bsjaimrf;bsjaimrf;c:windowssystem32driversbsjaimrf.sys [x]
R1 btjbbssp;btjbbssp;c:windowssystem32driversbtjbbssp.sys [x]
R1 bubiasay;bubiasay;c:windowssystem32driversbubiasay.sys [x]
R1 bxrnwnny;bxrnwnny;c:windowssystem32driversbxrnwnny.sys [x]
R1 byjdvhzh;byjdvhzh;c:windowssystem32driversbyjdvhzh.sys [x]
R1 bylzosep;bylzosep;c:windowssystem32driversbylzosep.sys [x]
R1 bymmbyxi;bymmbyxi;c:windowssystem32driversbymmbyxi.sys [x]
R1 bzqtzjbi;bzqtzjbi;c:windowssystem32driversbzqtzjbi.sys [x]
R1 cefofiee;cefofiee;c:windowssystem32driverscefofiee.sys [x]
R1 cfsazvnn;cfsazvnn;c:windowssystem32driverscfsazvnn.sys [x]
R1 cndlmavp;cndlmavp;c:windowssystem32driverscndlmavp.sys [x]
R1 coigdlwv;coigdlwv;c:windowssystem32driverscoigdlwv.sys [x]
R1 cphuhgif;cphuhgif;c:windowssystem32driverscphuhgif.sys [x]
R1 ctywrpdm;ctywrpdm;c:windowssystem32driversctywrpdm.sys [x]
R1 cwfalzch;cwfalzch;c:windowssystem32driverscwfalzch.sys [x]
R1 cxtlmqyh;cxtlmqyh;c:windowssystem32driverscxtlmqyh.sys [x]
R1 dbmbwhpe;dbmbwhpe;c:windowssystem32driversdbmbwhpe.sys [x]
R1 ddikyqhp;ddikyqhp;c:windowssystem32driversddikyqhp.sys [x]
R1 dgxpqedg;dgxpqedg;c:windowssystem32driversdgxpqedg.sys [x]
R1 dgyqgatp;dgyqgatp;c:windowssystem32driversdgyqgatp.sys [x]
R1 diaflwqh;diaflwqh;c:windowssystem32driversdiaflwqh.sys [x]
R1 dkuaflna;dkuaflna;c:windowssystem32driversdkuaflna.sys [x]
R1 dltxvnqk;dltxvnqk;c:windowssystem32driversdltxvnqk.sys [x]
R1 dmiulizo;dmiulizo;c:windowssystem32driversdmiulizo.sys [x]
R1 donzuqdt;donzuqdt;c:windowssystem32driversdonzuqdt.sys [x]
R1 dujxocev;dujxocev;c:windowssystem32driversdujxocev.sys [x]
R1 dvwnhqor;dvwnhqor;c:windowssystem32driversdvwnhqor.sys [x]
R1 eakwgpou;eakwgpou;c:windowssystem32driverseakwgpou.sys [x]
R1 eevsksml;eevsksml;c:windowssystem32driverseevsksml.sys [x]
R1 efjjypxs;efjjypxs;c:windowssystem32driversefjjypxs.sys [x]
R1 efwrpwmu;efwrpwmu;c:windowssystem32driversefwrpwmu.sys [x]
R1 ehfnlbsq;ehfnlbsq;c:windowssystem32driversehfnlbsq.sys [x]
R1 eidougqr;eidougqr;c:windowssystem32driverseidougqr.sys [x]
R1 eilkguuw;eilkguuw;c:windowssystem32driverseilkguuw.sys [x]
R1 ejkooqsa;ejkooqsa;c:windowssystem32driversejkooqsa.sys [x]
R1 ekvpogxj;ekvpogxj;c:windowssystem32driversekvpogxj.sys [x]
R1 ekwztbum;ekwztbum;c:windowssystem32driversekwztbum.sys [x]
R1 enuoasje;enuoasje;c:windowssystem32driversenuoasje.sys [x]
R1 eqaqkjim;eqaqkjim;c:windowssystem32driverseqaqkjim.sys [x]
R1 eqxfonpl;eqxfonpl;c:windowssystem32driverseqxfonpl.sys [x]
R1 errumlez;errumlez;c:windowssystem32driverserrumlez.sys [x]
R1 esasovqg;esasovqg;c:windowssystem32driversesasovqg.sys [x]
R1 esycgabw;esycgabw;c:windowssystem32driversesycgabw.sys [x]
R1 fcfydytc;fcfydytc;c:windowssystem32driversfcfydytc.sys [x]
R1 fdbwmcpi;fdbwmcpi;c:windowssystem32driversfdbwmcpi.sys [x]
R1 fdsdzupx;fdsdzupx;c:windowssystem32driversfdsdzupx.sys [x]
R1 fgivbtnq;fgivbtnq;c:windowssystem32driversfgivbtnq.sys [x]
R1 fhllpztt;fhllpztt;c:windowssystem32driversfhllpztt.sys [x]
R1 fizssudi;fizssudi;c:windowssystem32driversfizssudi.sys [x]
R1 fngnvxll;fngnvxll;c:windowssystem32driversfngnvxll.sys [x]
R1 freytfbq;freytfbq;c:windowssystem32driversfreytfbq.sys [x]
R1 fureaasy;fureaasy;c:windowssystem32driversfureaasy.sys [x]
R1 fvbwzkkp;fvbwzkkp;c:windowssystem32driversfvbwzkkp.sys [x]
R1 fvlqrhpt;fvlqrhpt;c:windowssystem32driversfvlqrhpt.sys [x]
R1 fyidhqov;fyidhqov;c:windowssystem32driversfyidhqov.sys [x]
R1 gaytihvd;gaytihvd;c:windowssystem32driversgaytihvd.sys [x]
R1 gogdsdmo;gogdsdmo;c:windowssystem32driversgogdsdmo.sys [x]
R1 gprteagp;gprteagp;c:windowssystem32driversgprteagp.sys [x]
R1 gqeejjtb;gqeejjtb;c:windowssystem32driversgqeejjtb.sys [x]
R1 gscdthoz;gscdthoz;c:windowssystem32driversgscdthoz.sys [x]
R1 gzhwuqvk;gzhwuqvk;c:windowssystem32driversgzhwuqvk.sys [x]
R1 gztqehrp;gztqehrp;c:windowssystem32driversgztqehrp.sys [x]
R1 haffqyqv;haffqyqv;c:windowssystem32drivershaffqyqv.sys [x]
R1 hbnvknit;hbnvknit;c:windowssystem32drivershbnvknit.sys [x]
R1 hcyhzuhj;hcyhzuhj;c:windowssystem32drivershcyhzuhj.sys [x]
R1 hffabfxo;hffabfxo;c:windowssystem32drivershffabfxo.sys [x]
R1 hgqnqluw;hgqnqluw;c:windowssystem32drivershgqnqluw.sys [x]
R1 hmmmlata;hmmmlata;c:windowssystem32drivershmmmlata.sys [x]
R1 hnetxblh;hnetxblh;c:windowssystem32drivershnetxblh.sys [x]
R1 hpqtoyod;hpqtoyod;c:windowssystem32drivershpqtoyod.sys [x]
R1 hqbngjah;hqbngjah;c:windowssystem32drivershqbngjah.sys [x]
R1 hqiqgtqi;hqiqgtqi;c:windowssystem32drivershqiqgtqi.sys [x]
R1 hqugyugt;hqugyugt;c:windowssystem32drivershqugyugt.sys [x]
R1 hqzoraoc;hqzoraoc;c:windowssystem32drivershqzoraoc.sys [x]
R1 hvpjrtbv;hvpjrtbv;c:windowssystem32drivershvpjrtbv.sys [x]
R1 iayzuuru;iayzuuru;c:windowssystem32driversiayzuuru.sys [x]
R1 idianbud;idianbud;c:windowssystem32driversidianbud.sys [x]
R1 idzvgyqx;idzvgyqx;c:windowssystem32driversidzvgyqx.sys [x]
R1 ieqdlapz;ieqdlapz;c:windowssystem32driversieqdlapz.sys [x]
R1 ieumuczk;ieumuczk;c:windowssystem32driversieumuczk.sys [x]
R1 iffsabmm;iffsabmm;c:windowssystem32driversiffsabmm.sys [x]
R1 iganksje;iganksje;c:windowssystem32driversiganksje.sys [x]
R1 igokxigz;igokxigz;c:windowssystem32driversigokxigz.sys [x]
R1 ihlnrsxw;ihlnrsxw;c:windowssystem32driversihlnrsxw.sys [x]
R1 imlgogyn;imlgogyn;c:windowssystem32driversimlgogyn.sys [x]
R1 iowcrjrp;iowcrjrp;c:windowssystem32driversiowcrjrp.sys [x]
R1 isbhwhxo;isbhwhxo;c:windowssystem32driversisbhwhxo.sys [x]
R1 ivhuhxge;ivhuhxge;c:windowssystem32driversivhuhxge.sys [x]
R1 jaetqehf;jaetqehf;c:windowssystem32driversjaetqehf.sys [x]
R1 jdvhvzgn;jdvhvzgn;c:windowssystem32driversjdvhvzgn.sys [x]
R1 jmzuwuuo;jmzuwuuo;c:windowssystem32driversjmzuwuuo.sys [x]
R1 jnbmxsjy;jnbmxsjy;c:windowssystem32driversjnbmxsjy.sys [x]
R1 jsklditq;jsklditq;c:windowssystem32driversjsklditq.sys [x]
R1 jtwypmkj;jtwypmkj;c:windowssystem32driversjtwypmkj.sys [x]
R1 jwdvlagf;jwdvlagf;c:windowssystem32driversjwdvlagf.sys [x]
R1 jwkyqtum;jwkyqtum;c:windowssystem32driversjwkyqtum.sys [x]
R1 jxzhrvla;jxzhrvla;c:windowssystem32driversjxzhrvla.sys [x]
R1 jynozbbb;jynozbbb;c:windowssystem32driversjynozbbb.sys [x]
R1 jyqrhxej;jyqrhxej;c:windowssystem32driversjyqrhxej.sys [x]
R1 kejwwrbu;kejwwrbu;c:windowssystem32driverskejwwrbu.sys [x]
R1 klakawzg;klakawzg;c:windowssystem32driversklakawzg.sys [x]
R1 klgkhivm;klgkhivm;c:windowssystem32driversklgkhivm.sys [x]
R1 kmbhlagz;kmbhlagz;c:windowssystem32driverskmbhlagz.sys [x]
R1 kmveivqg;kmveivqg;c:windowssystem32driverskmveivqg.sys [x]
R1 knlxtreg;knlxtreg;c:windowssystem32driversknlxtreg.sys [x]
R1 kqnckoqq;kqnckoqq;c:windowssystem32driverskqnckoqq.sys [x]
R1 krewdlfi;krewdlfi;c:windowssystem32driverskrewdlfi.sys [x]
R1 ksgblcjx;ksgblcjx;c:windowssystem32driversksgblcjx.sys [x]
R1 ktnoennw;ktnoennw;c:windowssystem32driversktnoennw.sys [x]
R1 kxhgjyet;kxhgjyet;c:windowssystem32driverskxhgjyet.sys [x]
R1 kzveidaj;kzveidaj;c:windowssystem32driverskzveidaj.sys [x]
R1 laiufytq;laiufytq;c:windowssystem32driverslaiufytq.sys [x]
R1 lczjgfhi;lczjgfhi;c:windowssystem32driverslczjgfhi.sys [x]
R1 lfvbpqlh;lfvbpqlh;c:windowssystem32driverslfvbpqlh.sys [x]
R1 lkarqfvj;lkarqfvj;c:windowssystem32driverslkarqfvj.sys [x]
R1 lvhfdujb;lvhfdujb;c:windowssystem32driverslvhfdujb.sys [x]
R1 lvrsnmra;lvrsnmra;c:windowssystem32driverslvrsnmra.sys [x]
R1 lwqixjeo;lwqixjeo;c:windowssystem32driverslwqixjeo.sys [x]
R1 lwzvxtve;lwzvxtve;c:windowssystem32driverslwzvxtve.sys [x]
R1 lxryrkpn;lxryrkpn;c:windowssystem32driverslxryrkpn.sys [x]
R1 lznkwpkc;lznkwpkc;c:windowssystem32driverslznkwpkc.sys [x]
R1 mggmngcr;mggmngcr;c:windowssystem32driversmggmngcr.sys [x]
R1 miwkbueh;miwkbueh;c:windowssystem32driversmiwkbueh.sys [x]
R1 mkihfbkt;mkihfbkt;c:windowssystem32driversmkihfbkt.sys [x]
R1 mkjojxaq;mkjojxaq;c:windowssystem32driversmkjojxaq.sys [x]
R1 mkncivjr;mkncivjr;c:windowssystem32driversmkncivjr.sys [x]
R1 mlctwxlm;mlctwxlm;c:windowssystem32driversmlctwxlm.sys [x]
R1 mpawwhsx;mpawwhsx;c:windowssystem32driversmpawwhsx.sys [x]
R1 mpwsoqhj;mpwsoqhj;c:windowssystem32driversmpwsoqhj.sys [x]
R1 mskxhnya;mskxhnya;c:windowssystem32driversmskxhnya.sys [x]
R1 mvjtogda;mvjtogda;c:windowssystem32driversmvjtogda.sys [x]
R1 mwvcvsmd;mwvcvsmd;c:windowssystem32driversmwvcvsmd.sys [x]
R1 mxkdudoe;mxkdudoe;c:windowssystem32driversmxkdudoe.sys [x]
R1 mxnzlfyl;mxnzlfyl;c:windowssystem32driversmxnzlfyl.sys [x]
R1 myuxbdtk;myuxbdtk;c:windowssystem32driversmyuxbdtk.sys [x]
R1 najbglvg;najbglvg;c:windowssystem32driversnajbglvg.sys [x]
R1 nbbmyosw;nbbmyosw;c:windowssystem32driversnbbmyosw.sys [x]
R1 nbiwgjdq;nbiwgjdq;c:windowssystem32driversnbiwgjdq.sys [x]
R1 nbozuaso;nbozuaso;c:windowssystem32driversnbozuaso.sys [x]
R1 nhsedhkh;nhsedhkh;c:windowssystem32driversnhsedhkh.sys [x]
R1 nkkxbmyp;nkkxbmyp;c:windowssystem32driversnkkxbmyp.sys [x]
R1 nkybroxs;nkybroxs;c:windowssystem32driversnkybroxs.sys [x]
R1 nnlszqob;nnlszqob;c:windowssystem32driversnnlszqob.sys [x]
R1 nuaqhgyd;nuaqhgyd;c:windowssystem32driversnuaqhgyd.sys [x]
R1 nxklmxkz;nxklmxkz;c:windowssystem32driversnxklmxkz.sys [x]
R1 oagdongv;oagdongv;c:windowssystem32driversoagdongv.sys [x]
R1 oaixvntl;oaixvntl;c:windowssystem32driversoaixvntl.sys [x]
R1 ocgwakwa;ocgwakwa;c:windowssystem32driversocgwakwa.sys [x]
R1 oeeckuki;oeeckuki;c:windowssystem32driversoeeckuki.sys [x]
R1 oehrdddh;oehrdddh;c:windowssystem32driversoehrdddh.sys [x]
R1 ogmiwfoh;ogmiwfoh;c:windowssystem32driversogmiwfoh.sys [x]
R1 oteumqwh;oteumqwh;c:windowssystem32driversoteumqwh.sys [x]
R1 otktpmqx;otktpmqx;c:windowssystem32driversotktpmqx.sys [x]
R1 pafrqmpe;pafrqmpe;c:windowssystem32driverspafrqmpe.sys [x]
R1 pahbmmhx;pahbmmhx;c:windowssystem32driverspahbmmhx.sys [x]
R1 pdltmxeu;pdltmxeu;c:windowssystem32driverspdltmxeu.sys [x]
R1 pepoclzz;pepoclzz;c:windowssystem32driverspepoclzz.sys [x]
R1 phmwgmng;phmwgmng;c:windowssystem32driversphmwgmng.sys [x]
R1 piyqdjog;piyqdjog;c:windowssystem32driverspiyqdjog.sys [x]
R1 pjdonhme;pjdonhme;c:windowssystem32driverspjdonhme.sys [x]
R1 plltqkbi;plltqkbi;c:windowssystem32driversplltqkbi.sys [x]
R1 pndvqwva;pndvqwva;c:windowssystem32driverspndvqwva.sys [x]
R1 posdnnth;posdnnth;c:windowssystem32driversposdnnth.sys [x]
R1 ppspouac;ppspouac;c:windowssystem32driversppspouac.sys [x]
R1 pwslvwth;pwslvwth;c:windowssystem32driverspwslvwth.sys [x]
R1 pxvkangc;pxvkangc;c:windowssystem32driverspxvkangc.sys [x]
R1 pyidrukl;pyidrukl;c:windowssystem32driverspyidrukl.sys [x]
R1 pzuyxxqf;pzuyxxqf;c:windowssystem32driverspzuyxxqf.sys [x]
R1 qajnvodv;qajnvodv;c:windowssystem32driversqajnvodv.sys [x]
R1 qenavxvl;qenavxvl;c:windowssystem32driversqenavxvl.sys [x]
R1 qgbbkada;qgbbkada;c:windowssystem32driversqgbbkada.sys [x]
R1 qgqysdqe;qgqysdqe;c:windowssystem32driversqgqysdqe.sys [x]
R1 qhgitbff;qhgitbff;c:windowssystem32driversqhgitbff.sys [x]
R1 qjywaelf;qjywaelf;c:windowssystem32driversqjywaelf.sys [x]
R1 qjzjtopt;qjzjtopt;c:windowssystem32driversqjzjtopt.sys [x]
R1 qkxlnwwb;qkxlnwwb;c:windowssystem32driversqkxlnwwb.sys [x]
R1 qmlhyzwp;qmlhyzwp;c:windowssystem32driversqmlhyzwp.sys [x]
R1 qqsxopba;qqsxopba;c:windowssystem32driversqqsxopba.sys [x]
R1 qrsqppvv;qrsqppvv;c:windowssystem32driversqrsqppvv.sys [x]
R1 qrtkwssi;qrtkwssi;c:windowssystem32driversqrtkwssi.sys [x]
R1 quxvaxyd;quxvaxyd;c:windowssystem32driversquxvaxyd.sys [x]
R1 rcrglqzt;rcrglqzt;c:windowssystem32driversrcrglqzt.sys [x]
R1 rjhousmg;rjhousmg;c:windowssystem32driversrjhousmg.sys [x]
R1 rluhnqtz;rluhnqtz;c:windowssystem32driversrluhnqtz.sys [x]
R1 rmhxhrit;rmhxhrit;c:windowssystem32driversrmhxhrit.sys [x]
R1 rnnbsajz;rnnbsajz;c:windowssystem32driversrnnbsajz.sys [x]
R1 romgulfv;romgulfv;c:windowssystem32driversromgulfv.sys [x]
R1 rpvuarzc;rpvuarzc;c:windowssystem32driversrpvuarzc.sys [x]
R1 rqpsdyvh;rqpsdyvh;c:windowssystem32driversrqpsdyvh.sys [x]
R1 rscjfvhd;rscjfvhd;c:windowssystem32driversrscjfvhd.sys [x]
R1 rvocjati;rvocjati;c:windowssystem32driversrvocjati.sys [x]
R1 rvpjhthx;rvpjhthx;c:windowssystem32driversrvpjhthx.sys [x]
R1 ryzewucx;ryzewucx;c:windowssystem32driversryzewucx.sys [x]
R1 rzvcycfm;rzvcycfm;c:windowssystem32driversrzvcycfm.sys [x]
R1 satjyvbl;satjyvbl;c:windowssystem32driverssatjyvbl.sys [x]
R1 scammfqe;scammfqe;c:windowssystem32driversscammfqe.sys [x]
R1 sdzowcsg;sdzowcsg;c:windowssystem32driverssdzowcsg.sys [x]
R1 sjddvsys;sjddvsys;c:windowssystem32driverssjddvsys.sys [x]
R1 slvfzaon;slvfzaon;c:windowssystem32driversslvfzaon.sys [x]
R1 snbulavj;snbulavj;c:windowssystem32driverssnbulavj.sys [x]
R1 snpuvskk;snpuvskk;c:windowssystem32driverssnpuvskk.sys [x]
R1 svtqjbjh;svtqjbjh;c:windowssystem32driverssvtqjbjh.sys [x]
R1 syigsfep;syigsfep;c:windowssystem32driverssyigsfep.sys [x]
R1 szaqwaha;szaqwaha;c:windowssystem32driversszaqwaha.sys [x]
R1 tbcjqswc;tbcjqswc;c:windowssystem32driverstbcjqswc.sys [x]
R1 tegapedi;tegapedi;c:windowssystem32driverstegapedi.sys [x]
R1 tjcxupzx;tjcxupzx;c:windowssystem32driverstjcxupzx.sys [x]
R1 tklhloni;tklhloni;c:windowssystem32driverstklhloni.sys [x]
R1 tkmtqjqt;tkmtqjqt;c:windowssystem32driverstkmtqjqt.sys [x]
R1 tlplzhvs;tlplzhvs;c:windowssystem32driverstlplzhvs.sys [x]
R1 tlvjwskd;tlvjwskd;c:windowssystem32driverstlvjwskd.sys [x]
R1 tosjqfgp;tosjqfgp;c:windowssystem32driverstosjqfgp.sys [x]
R1 tqikgrrh;tqikgrrh;c:windowssystem32driverstqikgrrh.sys [x]
R1 trqgltio;trqgltio;c:windowssystem32driverstrqgltio.sys [x]
R1 tvhbqxus;tvhbqxus;c:windowssystem32driverstvhbqxus.sys [x]
R1 tvrulqcp;tvrulqcp;c:windowssystem32driverstvrulqcp.sys [x]
R1 ubeetzmh;ubeetzmh;c:windowssystem32driversubeetzmh.sys [x]
R1 uenvymmv;uenvymmv;c:windowssystem32driversuenvymmv.sys [x]
R1 ugifxsgk;ugifxsgk;c:windowssystem32driversugifxsgk.sys [x]
R1 uhmhwvfn;uhmhwvfn;c:windowssystem32driversuhmhwvfn.sys [x]
R1 uierngev;uierngev;c:windowssystem32driversuierngev.sys [x]
R1 ukfevhxs;ukfevhxs;c:windowssystem32driversukfevhxs.sys [x]
R1 uthhpste;uthhpste;c:windowssystem32driversuthhpste.sys [x]
R1 utvnwreg;utvnwreg;c:windowssystem32driversutvnwreg.sys [x]
R1 vcpeikkf;vcpeikkf;c:windowssystem32driversvcpeikkf.sys [x]
R1 vebtyqzy;vebtyqzy;c:windowssystem32driversvebtyqzy.sys [x]
R1 vixfedri;vixfedri;c:windowssystem32driversvixfedri.sys [x]
R1 vlocunyf;vlocunyf;c:windowssystem32driversvlocunyf.sys [x]
R1 vogkrjtg;vogkrjtg;c:windowssystem32driversvogkrjtg.sys [x]
R1 voyukojo;voyukojo;c:windowssystem32driversvoyukojo.sys [x]
R1 vrqcaudg;vrqcaudg;c:windowssystem32driversvrqcaudg.sys [x]
R1 vshllhbm;vshllhbm;c:windowssystem32driversvshllhbm.sys [x]
R1 vwojjbbc;vwojjbbc;c:windowssystem32driversvwojjbbc.sys [x]
R1 vwuocgcz;vwuocgcz;c:windowssystem32driversvwuocgcz.sys [x]
R1 vxhwcrko;vxhwcrko;c:windowssystem32driversvxhwcrko.sys [x]
R1 vzfqsqer;vzfqsqer;c:windowssystem32driversvzfqsqer.sys [x]
R1 wbcnqiac;wbcnqiac;c:windowssystem32driverswbcnqiac.sys [x]
R1 weszgous;weszgous;c:windowssystem32driversweszgous.sys [x]
R1 whxvfnfi;whxvfnfi;c:windowssystem32driverswhxvfnfi.sys [x]
R1 wmlexebm;wmlexebm;c:windowssystem32driverswmlexebm.sys [x]
R1 wqrayuid;wqrayuid;c:windowssystem32driverswqrayuid.sys [x]
R1 wsrafeob;wsrafeob;c:windowssystem32driverswsrafeob.sys [x]
R1 wthnylnv;wthnylnv;c:windowssystem32driverswthnylnv.sys [x]
R1 wtohdiod;wtohdiod;c:windowssystem32driverswtohdiod.sys [x]
R1 wuglshpn;wuglshpn;c:windowssystem32driverswuglshpn.sys [x]
R1 wvjfasqc;wvjfasqc;c:windowssystem32driverswvjfasqc.sys [x]
R1 wxhytjax;wxhytjax;c:windowssystem32driverswxhytjax.sys [x]
R1 wzzlxvcw;wzzlxvcw;c:windowssystem32driverswzzlxvcw.sys [x]
R1 xaqenenp;xaqenenp;c:windowssystem32driversxaqenenp.sys [x]
R1 xcyhzjfs;xcyhzjfs;c:windowssystem32driversxcyhzjfs.sys [x]
R1 xlcjabba;xlcjabba;c:windowssystem32driversxlcjabba.sys [x]
R1 xltdbqsw;xltdbqsw;c:windowssystem32driversxltdbqsw.sys [x]
R1 xuihzmyr;xuihzmyr;c:windowssystem32driversxuihzmyr.sys [x]
R1 xxehihwk;xxehihwk;c:windowssystem32driversxxehihwk.sys [x]
R1 xyxvxnzb;xyxvxnzb;c:windowssystem32driversxyxvxnzb.sys [x]
R1 ycubbghw;ycubbghw;c:windowssystem32driversycubbghw.sys [x]
R1 yedcpluf;yedcpluf;c:windowssystem32driversyedcpluf.sys [x]
R1 yeprmeqr;yeprmeqr;c:windowssystem32driversyeprmeqr.sys [x]
R1 yfgarfcn;yfgarfcn;c:windowssystem32driversyfgarfcn.sys [x]
R1 yihckcvy;yihckcvy;c:windowssystem32driversyihckcvy.sys [x]
R1 yotbjdtv;yotbjdtv;c:windowssystem32driversyotbjdtv.sys [x]
R1 ywtxjzae;ywtxjzae;c:windowssystem32driversywtxjzae.sys [x]
R1 ywzxcgul;ywzxcgul;c:windowssystem32driversywzxcgul.sys [x]
R1 zackbtpe;zackbtpe;c:windowssystem32driverszackbtpe.sys [x]
R1 zgmmmjqw;zgmmmjqw;c:windowssystem32driverszgmmmjqw.sys [x]
R1 zgrxcghi;zgrxcghi;c:windowssystem32driverszgrxcghi.sys [x]
R1 zgxlumyo;zgxlumyo;c:windowssystem32driverszgxlumyo.sys [x]
R1 zirjktry;zirjktry;c:windowssystem32driverszirjktry.sys [x]
R1 zkkwdjdm;zkkwdjdm;c:windowssystem32driverszkkwdjdm.sys [x]
R1 zmpeccrk;zmpeccrk;c:windowssystem32driverszmpeccrk.sys [x]
R1 zmqraynb;zmqraynb;c:windowssystem32driverszmqraynb.sys [x]
R1 zrofwamv;zrofwamv;c:windowssystem32driverszrofwamv.sys [x]
R1 zttzszgy;zttzszgy;c:windowssystem32driverszttzszgy.sys [x]
R1 zvddqptv;zvddqptv;c:windowssystem32driverszvddqptv.sys [x]
R1 zxnsrywm;zxnsrywm;c:windowssystem32driverszxnsrywm.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Служба Google Update (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [2010-02-01 135664]
R3 GoogleDesktopManager-051210-111108;Диспетчер Google Desktop 5.9.1005.12335;c:program filesGoogleGoogle Desktop SearchGoogleDesktop.exe [2010-07-25 30192]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:program filesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe [2008-09-23 50424]
R3 token;USB Token Service;c:windowssystem32DRIVERSeps2kt1.sys [2010-05-20 31744]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 51040]
S0 pavboot;Panda boot driver;c:windowssystem32Driverspavboot.sys [2009-06-30 28552]
S1 APPFLT;App Filter Plugin;c:windowssystem32DriversAPPFLT.SYS [2009-09-30 75016]
S1 CProCtrl;КриптоПро CSP драйвер;c:windowssystem32DRIVERSCProCtrl.sys [2009-04-22 54536]
S1 DSAFLT;DSA Filter Plugin;c:windowssystem32DriversDSAFLT.SYS [2009-06-16 53128]
S1 FNETMON;NetMon Filter Plugin;c:windowssystem32Driversfnetmon.SYS [2008-03-28 22072]
S1 IDSFLT;Ids Filter Plugin;c:windowssystem32DriversIDSFLT.SYS [2009-06-16 193800]
S1 NETFLTDI;Panda Net Driver [TDI Layer];c:windowssystem32DriversNETFLTDI.SYS [2009-06-16 08:33 159112]
S1 ShldDrv;Panda File Shield Driver;c:windowssystem32DRIVERSShlDrv51.sys [2008-03-04 41144]
S1 WNMFLT;Wifi Monitor Filter Plugin;c:windowssystem32DriversWNMFLT.SYS [2009-06-16 46728]
S2 AmFSM;AmFSM;c:windowssystem32DRIVERSamm8660.sys [2009-08-06 49160]
S2 ComFiltr;Panda Anti-Dialer;c:windowssystem32DRIVERSCOMFiltr.sys [2009-11-28 13880]
S2 cpcsp1;КриптоПро CSP KC1;c:windowssystem32svchost.exe [2008-01-21 21504]
S2 Guard.Mail.ru;Guard.Mail.ru;c:program filesMail.RuGuardGuardMailRu.exe [2010-12-23 1041088]
S2 Gwmsrv;Panda Goodware Cache Manager;c:windowssystem32svchost [x]
S2 mwlPSDFilter;mwlPSDFilter;c:windowssystem32DRIVERSmwlPSDFilter.sys [2008-10-09 19504]
S2 mwlPSDNServ;mwlPSDNServ;c:windowssystem32DRIVERSmwlPSDNServ.sys [2008-10-09 16432]
S2 mwlPSDVDisk;mwlPSDVDisk;c:windowssystem32DRIVERSmwlPSDVDisk.sys [2008-10-09 59952]
S2 MWLService;MyWinLocker Service;c:program filesEgisTecMyWinLocker 3×86\MWLService.exe [2008-10-27 306736]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:program filesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe [2008-09-23 144632]
S2 PavProc;Panda Process Protection Driver;c:windowssystem32DRIVERSPavProc.sys [2009-06-30 163336]
S2 PskSvcRetail;Panda PSK service;c:program filesPanda SecurityPanda Internet Security 2010PskSvc.exe [2009-08-25 28928]
S2 Start BT in service;Start BT in service;c:program filesIVT CorporationBlueSoleilStartSkysolSvc.exe [2007-12-27 51816]
S3 AvFlt;Antivirus Filter Driver;c:windowssystem32driversav5flt.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:windowssystem32DRIVERSe1y6032.sys [2008-11-21 220288]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:windowssystem32DRIVERSMpNWMon.sys [2010-03-25 42368]
S3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;c:windowssystem32DRIVERSneti1639.sys [2009-09-09 199432]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:windowssystem32driversnvhda32v.sys [2009-05-11 64544]
S3 PavSRK.sys;PavSRK.sys;c:windowssystem32PavSRK.sys [x]
S3 PavTPK.sys;PavTPK.sys;c:windowssystem32PavTPK.sys [x]
S3 R5BaseSmc;USB Token Holder Service;c:windowssystem32DRIVERSsmccard.sys [2010-05-20 14592]
S3 RTIFDH;RTIFDH;c:windowssystem32DRIVERSrtIFDH.sys [2009-07-01 13312]
S3 RTUSB;Rutoken;c:windowssystem32DRIVERSrtUSB.sys [2009-07-01 29824]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
panda REG_MULTI_SZ Gwmsrv
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08
cpcsp REG_MULTI_SZ cpcsp1
.
Contents of the ‘Scheduled Tasks’ folder

2011-01-11 c:windowsTasksGoogleUpdateTaskMachineCore.job
— c:program filesGoogleUpdateGoogleUpdate.exe [2010-02-01 16:29]

2011-01-11 c:windowsTasksGoogleUpdateTaskMachineUA.job
— c:program filesGoogleUpdateGoogleUpdate.exe [2010-02-01 16:29]

2011-01-11 c:windowsTasksUser_Feed_Synchronization-{40CBA629-AF20-4EA7-B068-C4E5C2E3414E}.job
— c:windowssystem32msfeedssync.exe [2010-12-16 04:25]
.
.

---

Supplementary Scan

---

.
uStart Page = hxxp://yandex.ru/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0419&s=1&o=vb32&d=1006&m=aspire_x3810
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Google ВикиКомментарии… — c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
DPF: {0013C359-980C-4916-B47A-B313DDF56755} — hxxps://www.alfadirect.ru/ADSign/ADCrypto.cab
.
— — — — ORPHANS REMOVED — — — —

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} — (no file)
HKCU-Run-PCHDPlayer — c:program filespchdPCHDPlayer.exe
HKLM-Run-WinampAgent — c:program filesWinampwinampa.exe
AddRemove-Dexster_is1 — i:dexsterunins000.exe
AddRemove-PV_BP_7_is1 — d:bp7unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-11 14:43
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

HKCUSoftwareMicrosoftWindowsCurrentVersionRun
PCHDPlayer = c:program filespchdPCHDPlayer.exe??W????[Zi?? ???x???u?r?r?e?n?t?V?e?r?s?i?o?n??R?u?n???????]??]Qi?? ???x??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

---

LOCKED REGISTRY KEYS

---

[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}000AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000

[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}001AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000
.

---

DLLs Loaded Under Running Processes

---

— — — — — — — > ‘winlogon.exe'(952)
c:program filesCrypto ProCSPdetoured.dll

— — — — — — — > ‘lsass.exe'(876)
c:program filesCrypto ProCSPdetoured.dll

— — — — — — — > ‘csrss.exe'(756)
c:program filesCrypto ProCSPdetoured.dll

— — — — — — — > ‘csrss.exe'(824)
c:program filesCrypto ProCSPdetoured.dll
.
Completion time: 2011-01-11 14:45:56
ComboFix-quarantined-files.txt 2011-01-11 09:45

Pre-Run: 84 908 834 816 байт свободно
Post-Run: 88 691 605 504 байт свободно

— — End Of File — — F45F50BD5EBA6AEC4E3A7218D8CE0D7A

[Helper]

AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}

AV: Panda Internet Security 2010 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}

FW: Panda Personal Firewall 2010 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}

SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}

SP: Panda Internet Security 2010 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Слишком много антивирусов.Нужно оставить один.В логе видны службы зловреда, проверим еще одной программой.
Если вы подозреваете заражение системы, но RSIT и DDS не запускается, а также если Вас попросил сделать лог OTL «хэлпер», ниже предложена инструкция:

• Скачать OTL.exe и сохранить его на рабочем столе.
• Запустите файл двойной щелчок мыши.
• Сделайте следующие настройки:

В с Copy / Paste, введите следующую информацию:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%SYSTEMDRIVE%*.exe

%systemroot%*. /mp /s

%ALLUSERSPROFILE%Application Data*.

%ALLUSERSPROFILE%Application Data*.exe /s

%APPDATA%*.

%APPDATA%*.exe /s

/md5start

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

beep.sys

explorer.exe

svchost.exe

userinit.exe

symmpi.sys

qmgr.dll

ws2_32.dll

proquota.exe

imm32.dll

kernel32.dll

ndis.sys

autochk.exe

spoolsv.exe

xmlprov.dll

ntmssvc.dll

mswsock.dll

ntfs.sys

tcpip.sys

termsrv.dll

sfcfiles.dll

st3shark.sys

srsvc.dll

adp3132.sys

mv61xx.sys

/md5stop

CREATERESTOREPOINT

%systemroot%system32*.dll /lockedfiles

%systemroot%Tasks*.job /lockedfiles

%systemroot%system32drivers*.sys /lockedfiles

%systemroot%System32config*.sav

%systemroot%system32drivers*.sys /90

• Нажмите на кнопку, выделенные синим цветом:
• После завершения проверки, будут созданы два файла — OTL.Txt и Extras.Txt..Прикрепите их в следующий комментарий.

[albash]

Логи OTL:
OTL logfile created on: 16.01.2011 12:33:38 — Run 1
OTL by OldTimer — Version 3.2.20.2 Folder = C:UsersОбщий компьютерDesktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) — Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): ?:pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files
Drive C: | 141,29 Gb Total Space | 81,25 Gb Free Space | 57,50% Space Free | Partition Type: NTFS
Drive F: | 141,29 Gb Total Space | 141,20 Gb Free Space | 99,93% Space Free | Partition Type: NTFS

Computer Name: ОБЩИЙ-ПК | User Name: Общий компьютер | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (SafeList) ==========

PRC — C:UsersОбщий компьютерDesktopOTL.exe (OldTimer Tools)
PRC — C:Program FilesMail.RuGuardGuardMailRu.exe ()
PRC — C:Program FilesLogitechVid HDVid.exe (Logitech Inc.)
PRC — C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe (Microsoft Corporation)
PRC — C:Program FilesMicrosoft Security Essentialsmsseces.exe (Microsoft Corporation)
PRC — C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe (Google)
PRC — C:Program FilesCommon FileslogishrdLVMVFMLVPrcSrv.exe (Logitech Inc.)
PRC — C:Program FilesLogitechLWSWebcam SoftwareLWS.exe (Logitech Inc.)
PRC — C:Program FilesMicrosoft Security EssentialsMsMpEng.exe (Microsoft Corporation)
PRC — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (Google Inc.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010ApVxdWin.exe (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010pavsrvx86.exe (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010AVENGINE.EXE (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010psksvc.exe (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010PsCtrlS.exe (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010PavFnSvr.exe (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010PavBckPT.exe (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010WebProxy.exe (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010TPSrv.exe (Panda Security, S.L.)
PRC — C:Windowsexplorer.exe (Microsoft Corporation)
PRC — c:Program FilesPanda SecurityPanda Internet Security 2010FIREWALLPSHost.exe (Panda Security International)
PRC — C:Program FilesRealtekAudioHDARtHDVCpl.exe (Realtek Semiconductor)
PRC — C:Program FilesHewlett-PackardHP Software Updatehpwuschd2.exe (Hewlett-Packard)
PRC — C:Program FilesEgisTec Egis Software UpdateEgisUpdate.exe (EgisTec Inc.)
PRC — C:Program FilesEgisTecMyWinLocker 3x86MWLService.exe (EgisTec Inc.)
PRC — C:Program FilesEgisTecMyWinLocker 3x86mwlDaemon.exe (EgisTec Inc.)
PRC — C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe (NewTech Infosystems, Inc.)
PRC — C:Program FilesIntelIntel Matrix Storage ManagerIAANTmon.exe (Intel Corporation)
PRC — C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe (Intel Corporation)
PRC — C:Program FilesHewlett-PackardDigital ImagingbinHpqSRmon.exe (Hewlett-Packard)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010SrvLoad.exe (Panda Security, S.L.)
PRC — C:Program FilesPanda SecurityPanda Internet Security 2010PsImSvc.exe (Panda Security S.L.)
PRC — C:Program FilesCommon FilesPanda SecurityPavShldPavPrSrv.exe (Panda Security, S.L.)
PRC — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe ()
PRC — C:Program FilesIVT CorporationBlueSoleilStartSkysolSvc.exe ()
PRC — C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe ()
PRC — C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe (Hewlett-Packard)

========== Modules (SafeList) ==========

MOD — C:UsersОбщий компьютерDesktopOTL.exe (OldTimer Tools)
MOD — C:Windowswinsxsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3comctl32.dll (Microsoft Corporation)
MOD — C:Program FilesPanda SecurityPanda Internet Security 2010PavTrc.dll (Panda Security, S.L.)
MOD — C:Program FilesPanda SecurityPanda Internet Security 2010PavOEpl.dll (Panda Security, S.L.)
MOD — C:Program FilesCrypto ProCSPcpadvai.dll (Компания Крипто-Про)
MOD — C:Program FilesCrypto ProCSPdetoured.dll (Microsoft Corporation)
MOD — C:WindowsSystem32PavSHook.dll (Panda Security, S.L.)
MOD — C:WindowsSystem32PavLspHook.dll (Panda Security, S.L.)
MOD — C:WindowsSystem32SYSTOOLS.DLL (Panda Software)

========== Win32 Services (SafeList) ==========

SRV — (Guard.Mail.ru) — C:Program FilesMail.RuGuardGuardMailRu.exe ()
SRV — (fsssvc) — C:Program FilesWindows LiveFamily Safetyfsssvc.exe (Microsoft Corporation)
SRV — (wlcrasvc) — C:Program FilesWindows LiveMeshwlcrasvc.exe (Microsoft Corporation)
SRV — (SeaPort) — C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe (Microsoft Corporation)
SRV — (GoogleDesktopManager-051210-111108) — C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe (Google)
SRV — (LVPrcSrv) — C:Program FilesCommon FilesLogishrdLVMVFMLVPrcSrv.exe (Logitech Inc.)
SRV — (MsMpSvc) — C:Program FilesMicrosoft Security EssentialsMsMpEng.exe (Microsoft Corporation)
SRV — (WPFFontCache_v0400) — C:WindowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe (Корпорация Майкрософт)
SRV — (clr_optimization_v4.0.30319_32) — C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe (Microsoft Corporation)
SRV — (FontCache) — C:WindowsSystem32FntCache.dll (Microsoft Corporation)
SRV — (PAVSRV) — C:Program FilesPanda SecurityPanda Internet Security 2010pavsrvx86.exe (Panda Security, S.L.)
SRV — (PskSvcRetail) — C:Program FilesPanda SecurityPanda Internet Security 2010PskSvc.exe (Panda Security, S.L.)
SRV — (Panda Software Controller) — C:Program FilesPanda SecurityPanda Internet Security 2010PsCtrls.exe (Panda Security, S.L.)
SRV — (PAVFNSVR) — C:Program FilesPanda SecurityPanda Internet Security 2010PavFnSvr.exe (Panda Security, S.L.)
SRV — (cpcsp1) — C:Program FilesCrypto ProCSPcpcspi.dll (Компания Крипто-Про)
SRV — (hpqcxs08) — C:Program FilesHewlett-PackardDigital Imagingbinhpqcxs08.dll (Hewlett-Packard Co.)
SRV — (TPSrv) — C:Program FilesPanda SecurityPanda Internet Security 2010TPSrv.exe (Panda Security, S.L.)
SRV — (DFSR) — C:WindowsSystem32dfsr.exe (Корпорация Майкрософт)
SRV — (PSHost) — c:program filespanda securitypanda internet security 2010firewallPSHOST.EXE (Panda Security International)
SRV — (MWLService) — C:Program FilesEgisTecMyWinLocker 3×86\MWLService.exe ()
SRV — (NTISchedulerSvc) — C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe (NewTech Infosystems, Inc.)
SRV — (NTIBackupSvc) — C:Program FilesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV — (IAANTMON) Intel(R) — C:Program FilesIntelIntel Matrix Storage ManagerIAANTmon.exe (Intel Corporation)
SRV — (Gwmsrv) — C:Program FilesPanda SecurityPanda Internet Security 2010GWMsrv.dll (Panda Security, S.L.)
SRV — (PSIMSVC) — C:Program FilesPanda SecurityPanda Internet Security 2010PsImSvc.exe (Panda Security S.L.)
SRV — (PavPrSrv) — C:Program FilesCommon FilesPanda SecurityPavShldpavprsrv.exe (Panda Security, S.L.)
SRV — (WinDefend) — C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
SRV — (BlueSoleil Hid Service) — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe ()
SRV — (Start BT in service) — C:Program FilesIVT CorporationBlueSoleilStartSkysolSvc.exe ()

========== Driver Services (SafeList) ==========

DRV — (PavTPK.sys) — File not found
DRV — (PavSRK.sys) — File not found
DRV — (AvFlt) — File not found
DRV — (LVUVC) Logitech Webcam C100(UVC) — C:WindowsSystem32driverslvuvc.sys (Logitech Inc.)
DRV — (fssfltr) — C:WindowsSystem32driversfssfltr.sys (Microsoft Corporation)
DRV — (token) — C:WindowsSystem32driverseps2kt1.sys ()
DRV — (R5BaseSmc) — C:WindowsSystem32driverssmccard.sys (OEM)
DRV — (LVPr2Mon) — C:WindowsSystem32driversLVPr2Mon.sys ()
DRV — (nvlddmkm) — C:WindowsSystem32driversnvlddmkm.sys (NVIDIA Corporation)
DRV — (MpNWMon) — C:WindowsSystem32driversMpNWMon.sys (Microsoft Corporation)
DRV — (ComFiltr) — C:WindowsSystem32driversCOMFiltr.sys ()
DRV — (APPFLT) — C:WindowsSystem32driversAPPFLT.SYS (Panda Security, S.L.)
DRV — (NETIMFLT01060039) — C:WindowsSystem32driversneti1639.sys (Panda Security, S.L.)
DRV — (AmFSM) — C:WindowsSystem32driversamm8660.sys (Panda Security, S.L.)
DRV — (RTUSB) — C:WindowsSystem32driversrtUSB.sys (Компания «Актив»)
DRV — (RTIFDH) — C:WindowsSystem32driversrtIFDH.sys (Компания «Актив»)
DRV — (PavProc) — C:WindowsSystem32driversPavProc.sys (Panda Security, S.L.)
DRV — (pavboot) — C:Windowssystem32Driverspavboot.sys (Panda Security, S.L.)
DRV — (WNMFLT) — C:WindowsSystem32driverswnmflt.sys (Panda Security, S.L.)
DRV — (NETFLTDI) — C:WindowsSystem32driversNETFLTDI.SYS (Panda Security, S.L.)
DRV — (IDSFLT) — C:WindowsSystem32driversidsflt.sys (Panda Security, S.L.)
DRV — (DSAFLT) — C:WindowsSystem32driversdsaflt.sys (Panda Security, S.L.)
DRV — (NVHDA) — C:WindowsSystem32driversnvhda32v.sys (NVIDIA Corporation)
DRV — (CProCtrl) — C:WindowsSystem32driversCProCtrl.sys (Компания Крипто-Про)
DRV — (IntcAzAudAddService) Service for Realtek HD Audio (WDM) — C:WindowsSystem32driversRTKVHDA.sys (Realtek Semiconductor Corp.)
DRV — (e1yexpress) Intel(R) — C:WindowsSystem32driverse1y6032.sys (Intel Corporation)
DRV — (mwlPSDVDisk) — C:WindowsSystem32driversmwlPSDVDisk.sys (Egis Incorporated.)
DRV — (mwlPSDFilter) — C:WindowsSystem32driversmwlPSDFilter.sys (Egis Incorporated.)
DRV — (mwlPSDNServ) — C:WindowsSystem32driversmwlPSDNserv.sys (Egis Incorporated.)
DRV — (iaStor) — C:Windowssystem32DRIVERSiaStor.sys (Intel Corporation)
DRV — (FNETMON) — C:WindowsSystem32driversfnetmon.sys (Panda Security, S.L.)
DRV — (ShldDrv) — C:WindowsSystem32driversShlDrv51.sys (Panda Security, S.L.)
DRV — (NTIDrvr) — C:WindowsSystem32driversNTIDrvr.sys (NewTech Infosystems, Inc.)
DRV — (UBHelper) — C:WindowsSystem32driversUBHelper.sys (NewTech Infosystems Corporation)
DRV — (adpu320) — C:Windowssystem32driversadpu320.sys (Adaptec, Inc.)
DRV — (megasas) — C:Windowssystem32driversmegasas.sys (LSI Corporation)
DRV — (MegaSR) — C:Windowssystem32driversmegasr.sys (LSI Corporation, Inc.)
DRV — (adpu160m) — C:Windowssystem32driversadpu160m.sys (Adaptec, Inc.)
DRV — (SiSRaid4) — C:Windowssystem32driverssisraid4.sys (Silicon Integrated Systems)
DRV — (HpCISSs) — C:Windowssystem32drivershpcisss.sys (Hewlett-Packard Company)
DRV — (adpahci) — C:Windowssystem32driversadpahci.sys (Adaptec, Inc.)
DRV — (LSI_SAS) — C:Windowssystem32driverslsi_sas.sys (LSI Logic)
DRV — (ql2300) — C:Windowssystem32driversql2300.sys (QLogic Corporation)
DRV — (E1G60) Intel(R) — C:WindowsSystem32driversE1G60I32.sys (Корпорация Intel)
DRV — (arcsas) — C:Windowssystem32driversarcsas.sys (Adaptec, Inc.)
DRV — (iaStorV) — C:Windowssystem32driversiastorv.sys (Intel Corporation)
DRV — (vsmraid) — C:Windowssystem32driversvsmraid.sys (VIA Technologies Inc.,Ltd)
DRV — (ulsata2) — C:Windowssystem32driversulsata2.sys (Promise Technology, Inc.)
DRV — (LSI_FC) — C:Windowssystem32driverslsi_fc.sys (LSI Logic)
DRV — (arc) — C:Windowssystem32driversarc.sys (Adaptec, Inc.)
DRV — (elxstor) — C:Windowssystem32driverselxstor.sys (Emulex)
DRV — (LSI_SCSI) — C:Windowssystem32driverslsi_scsi.sys (LSI Logic)
DRV — (nvraid) — C:Windowssystem32driversnvraid.sys (NVIDIA Corporation)
DRV — (nvstor) — C:Windowssystem32driversnvstor.sys (NVIDIA Corporation)
DRV — (adp94xx) — C:Windowssystem32driversadp94xx.sys (Adaptec, Inc.)
DRV — (uliahci) — C:Windowssystem32driversuliahci.sys (ULi Electronics Inc.)
DRV — (viaide) — C:Windowssystem32driversviaide.sys (VIA Technologies, Inc.)
DRV — (cmdide) — C:Windowssystem32driverscmdide.sys (CMD Technology, Inc.)
DRV — (aliide) — C:Windowssystem32driversaliide.sys (Acer Laboratories Inc.)
DRV — (Btcsrusb) — C:WindowsSystem32driversbtcusb.sys (IVT Corporation.)
DRV — (BlueletSCOAudio) — C:WindowsSystem32driversBlueletSCOAudio.sys (IVT Corporation.)
DRV — (BlueletAudio) — C:WindowsSystem32driversblueletaudio.sys (IVT Corporation.)
DRV — (BT) — C:WindowsSystem32driversbtnetdrv.sys (IVT Corporation.)
DRV — (BTHidMgr) — C:WindowsSystem32DriversBTHidMgr.sys (IVT Corporation.)
DRV — (BTHidEnum) — C:WindowsSystem32Driversvbtenum.sys (IVT Corporation.)
DRV — (VcommMgr) — C:WindowsSystem32driversVCommMgr.sys (IVT Corporation.)
DRV — (VComm) — C:WindowsSystem32driversVComm.sys (IVT Corporation.)
DRV — (ql40xx) — C:Windowssystem32driversql40xx.sys (QLogic Corporation)
DRV — (UlSata) — C:Windowssystem32driversulsata.sys (Promise Technology, Inc.)
DRV — (nfrd960) — C:Windowssystem32driversnfrd960.sys (IBM Corporation)
DRV — (iirsp) — C:Windowssystem32driversiirsp.sys (Intel Corp./ICP vortex GmbH)
DRV — (aic78xx) — C:Windowssystem32driversdjsvs.sys (Adaptec, Inc.)
DRV — (iteraid) — C:Windowssystem32driversiteraid.sys (Integrated Technology Express, Inc.)
DRV — (iteatapi) — C:Windowssystem32driversiteatapi.sys (Integrated Technology Express, Inc.)
DRV — (Symc8xx) — C:Windowssystem32driverssymc8xx.sys (LSI Logic)
DRV — (Sym_u3) — C:Windowssystem32driverssym_u3.sys (LSI Logic)
DRV — (Mraid35x) — C:Windowssystem32driversmraid35x.sys (LSI Logic Corporation)
DRV — (Sym_hi) — C:Windowssystem32driverssym_hi.sys (LSI Logic)
DRV — (Brserid) Brother MFC Serial Port Interface Driver (WDM) — C:Windowssystem32driversbrserid.sys (Brother Industries Ltd.)
DRV — (BrUsbSer) — C:Windowssystem32driversbrusbser.sys (Brother Industries Ltd.)
DRV — (BrFiltUp) — C:Windowssystem32driversbrfiltup.sys (Brother Industries, Ltd.)
DRV — (BrFiltLo) — C:Windowssystem32driversbrfiltlo.sys (Brother Industries, Ltd.)
DRV — (BrSerWdm) — C:Windowssystem32driversbrserwdm.sys (Brother Industries Ltd.)
DRV — (BrUsbMdm) — C:Windowssystem32driversbrusbmdm.sys (Brother Industries Ltd.)
DRV — (ntrigdigi) — C:Windowssystem32driversntrigdigi.sys (N-trig Innovative Technologies)
DRV — (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) — C:WindowsSystem32driversssm_bus.sys (MCCI)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0419&s=1&o=vb32&d=1006&m=aspire_x3810

IE — HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

IE — HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

IE — HKUS-1-5-21-4185180753-1838458010-2851130701-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE — HKUS-1-5-21-4185180753-1838458010-2851130701-1000SOFTWAREMicrosoftInternet ExplorerMain,SearchDefaultBranded = 1
IE — HKUS-1-5-21-4185180753-1838458010-2851130701-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://yandex.ru/
IE — HKUS-1-5-21-4185180753-1838458010-2851130701-1000SOFTWAREMicrosoftInternet ExplorerMain,StartPageCache = 1
IE — HKUS-1-5-21-4185180753-1838458010-2851130701-1000..URLSearchHook: {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll (@Mail.Ru)
IE — HKUS-1-5-21-4185180753-1838458010-2851130701-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

O1 HOSTS File: ([2011.01.11 14:43:24 | 000,000,027 | —- | M]) — C:WindowsSystem32driversetchosts
O1 — Hosts: 127.0.0.1 localhost
O2 — BHO: (Search Helper) — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll (Microsoft Corporation)
O2 — BHO: (MailRuBHO Class) — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll (@Mail.Ru)
O2 — BHO: (Windows Live Messenger Companion Helper) — {9FDDE16B-836F-4806-AB1F-1455CBEFF289} — C:Program FilesWindows LiveCompanioncompanioncore.dll (Microsoft Corporation)
O2 — BHO: (Google Toolbar Helper) — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.)
O2 — BHO: (Skype Plug-In) — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
O2 — BHO: (Google Toolbar Notifier BHO) — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.6.5805.1910swg.dll (Google Inc.)
O2 — BHO: (Bing Bar BHO) — {d2ce3e00-f94a-4740-988e-03dc2f38c34f} — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll (Microsoft Corporation)
O3 — HKLM..Toolbar: (Спутник@Mail.Ru) — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll (@Mail.Ru)
O3 — HKLM..Toolbar: (Google Toolbar) — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.)
O3 — HKLM..Toolbar: (@C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll,-100) — {8dcb7100-df86-4384-8842-8fa844297b3f} — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll (Microsoft Corporation)
O3 — HKU.DEFAULT..ToolbarWebBrowser: (Google Toolbar) — {2318C2B1-4965-11D4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.)
O3 — HKUS-1-5-18..ToolbarWebBrowser: (Google Toolbar) — {2318C2B1-4965-11D4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.)
O3 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000..ToolbarWebBrowser: (Спутник@Mail.Ru) — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll (@Mail.Ru)
O3 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000..ToolbarWebBrowser: (Google Toolbar) — {2318C2B1-4965-11D4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.)
O4 — HKLM..Run: [APVXDWIN] C:Program FilesPanda SecurityPanda Internet Security 2010APVXDWIN.EXE (Panda Security, S.L.)
O4 — HKLM..Run: [EgisTecLiveUpdate] C:Program FilesEgisTec Egis Software UpdateEgisUpdate.exe (EgisTec Inc.)
O4 — HKLM..Run: [Google Desktop Search] C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe (Google)
O4 — HKLM..Run: [Guard.Mail.ru.gui] C:Program FilesMail.RuGuardGuardMailRu.exe ()
O4 — HKLM..Run: [HP Software Update] C:Program FilesHewlett-PackardHP Software Updatehpwuschd2.exe (Hewlett-Packard)
O4 — HKLM..Run: [hpqSRMon] C:Program FilesHewlett-PackardDigital ImagingbinHpqSRmon.exe (Hewlett-Packard)
O4 — HKLM..Run: [IAAnotif] C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe (Intel Corporation)
O4 — HKLM..Run: [LWS] C:Program FilesLogitechLWSWebcam SoftwareLWS.exe (Logitech Inc.)
O4 — HKLM..Run: [MSSE] C:Program FilesMicrosoft Security Essentialsmsseces.exe (Microsoft Corporation)
O4 — HKLM..Run: [mwlDaemon] C:Program FilesEgisTecMyWinLocker 3x86mwlDaemon.exe (EgisTec Inc.)
O4 — HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe (Realtek Semiconductor)
O4 — HKLM..Run: [SCANINICIO] C:Program FilesPanda SecurityPanda Internet Security 2010Inicio.exe (Panda Security, S.L.)
O4 — HKLM..Run: [Share-to-Web Namespace Daemon] C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe (Hewlett-Packard)
O4 — HKLM..Run: [Skytel] C:Program FilesRealtekAudioHDASkyTel.exe (Realtek Semiconductor Corp.)
O4 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000..Run: [CollaborationHost] C:WindowsSystem32p2phost.exe (Microsoft Corporation)
O4 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000..Run: [Logitech Vid] C:Program FilesLogitechVid HDVid.exe (Logitech Inc.)
O4 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (Google Inc.)
O4 — Startup: C:UsersОбщий компьютерAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupLogitech . Регистрация Продукта.lnk = C:Program FilesLogitechEregeReg.exe (Leader Technologies/Logitech)
O6 — HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O7 — HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O8 — Extra context menu item: Google ВикиКомментарии… — C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 — Extra Button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 — {0000036B-C524-4050-81A0-243669A86B9F} — C:Program FilesWindows LiveCompanioncompanioncore.dll (Microsoft Corporation)
O9 — Extra Button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll (Microsoft Corporation)
O9 — Extra ‘Tools’ menuitem : @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll (Microsoft Corporation)
O9 — Extra Button: Skype Plug-In — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
O9 — Extra ‘Tools’ menuitem : Skype Plug-In — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
O15 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000..Trusted Domains: localhost ([]http in Local intranet)
O15 — HKUS-1-5-21-4185180753-1838458010-2851130701-1000..Trusted Ranges: GD ([http] in Local intranet)
O16 — DPF: {0013C359-980C-4916-B47A-B313DDF56755} https://www.alfadirect.ru/ADSign/ADCrypto.cab (Alfa-Direct Signer Control)
O16 — DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 — DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 — DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 — DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 — DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 — DPF: {D27CDB6E-AE6D-91CF-96B8-744553240000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 — HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.0.1
O18 — ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies)
O18 — ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)
O18 — ProtocolHandlerwlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} — C:Program FilesWindows LiveMailmailcomm.dll (Microsoft Corporation)
O18 — ProtocolHandlerwlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 — AppInit_DLLs: (C:PROGRA~1GoogleGOOGLE~1GoogleDesktopNetwork3.dll) — C:Program FilesGoogleGoogle Desktop SearchGoogleDesktopNetwork3.dll (Google)
O20 — HKLM Winlogon: Shell — (Explorer.exe) — C:Windowsexplorer.exe (Microsoft Corporation)
O20 — WinlogonNotifyavldr: DllName — avldr.dll — C:WindowsSystem32avldr.dll (Panda Security, S.L.)
O20 — WinlogonNotifycpcsp: DllName — C:Program FilesCrypto ProCSPcpcspi.dll — C:Program FilesCrypto ProCSPcpcspi.dll (Компания Крипто-Про)
O24 — Desktop WallPaper: C:UsersОбщий компьютерAppDataRoamingMicrosoftInternet ExplorerInternet Explorer Wallpaper.bmp
O24 — Desktop BackupWallPaper: C:UsersОбщий компьютерAppDataRoamingMicrosoftInternet ExplorerInternet Explorer Wallpaper.bmp
O28 — HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} — Reg Error: Key error. File not found
O30 — LSA: Security Packages — (cpssl) — C:WindowsSystem32cpssl.dll (Компания Крипто-Про)
O32 — HKLM CDRom: AutoRun — 1
O32 — AutoRun File — [2006.09.19 02:43:36 | 000,000,024 | —- | M] () — C:autoexec.bat — [ NTFS ]
O34 — HKLM BootExecute: (autocheck autochk *) — File not found
O35 — HKLM..comfile [open] — «%1» %*
O35 — HKLM..exefile [open] — «%1» %*
O37 — HKLM…com [@ = ComFile] — «%1» %*
O37 — HKLM…exe [@ = exefile] — «%1» %*

NetSvcs: FastUserSwitchingCompatibility — File not found
NetSvcs: Ias — File not found
NetSvcs: Nla — File not found
NetSvcs: Ntmssvc — File not found
NetSvcs: NWCWorkstation — File not found
NetSvcs: Nwsapagent — File not found
NetSvcs: SRService — File not found
NetSvcs: WmdmPmSp — File not found
NetSvcs: LogonHours — File not found
NetSvcs: PCAudit — File not found
NetSvcs: helpsvc — File not found
NetSvcs: uploadmgr — File not found

MsConfig — State: «services» — 0

SafeBootMin: AppMgmt — File not found
SafeBootMin: Base — Driver Group
SafeBootMin: Boot Bus Extender — Driver Group
SafeBootMin: Boot file system — Driver Group
SafeBootMin: File system — Driver Group
SafeBootMin: Filter — Driver Group
SafeBootMin: HelpSvc — Service
SafeBootMin: MsMpSvc — C:Program FilesMicrosoft Security EssentialsMsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS — File not found
SafeBootMin: PCI Configuration — Driver Group
SafeBootMin: PNP Filter — Driver Group
SafeBootMin: Primary disk — Driver Group
SafeBootMin: PskSvcRetail — C:Program FilesPanda SecurityPanda Internet Security 2010PskSvc.exe (Panda Security, S.L.)
SafeBootMin: R5BaseSmc — C:WindowsSystem32driverssmccard.sys (OEM)
SafeBootMin: sacsvr — Service
SafeBootMin: SCSI Class — Driver Group
SafeBootMin: System Bus Extender — Driver Group
SafeBootMin: token — C:WindowsSystem32driverseps2kt1.sys ()
SafeBootMin: WinDefend — C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} — Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} — CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} — DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} — Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} — Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} — Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} — Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} — PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} — SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} — System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} — Floppy disk drive
SafeBootMin: {50DD5230-BA8A-11D1-BF5D-0000F805F530} — Reg Error: Value error.
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} — Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} — IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} — Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} — Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} — SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} — SecurityDevices

SafeBootNet: AppMgmt — File not found
SafeBootNet: Base — Driver Group
SafeBootNet: Boot Bus Extender — Driver Group
SafeBootNet: Boot file system — Driver Group
SafeBootNet: File system — Driver Group
SafeBootNet: Filter — Driver Group
SafeBootNet: HelpSvc — Service
SafeBootNet: Messenger — Service
SafeBootNet: MsMpSvc — C:Program FilesMicrosoft Security EssentialsMsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper — Driver Group
SafeBootNet: NetBIOSGroup — Driver Group
SafeBootNet: NetDDEGroup — Driver Group
SafeBootNet: Network — Driver Group
SafeBootNet: NetworkProvider — Driver Group
SafeBootNet: NTDS — File not found
SafeBootNet: PCI Configuration — Driver Group
SafeBootNet: PNP Filter — Driver Group
SafeBootNet: PNP_TDI — Driver Group
SafeBootNet: Primary disk — Driver Group
SafeBootNet: R5BaseSmc — C:WindowsSystem32driverssmccard.sys (OEM)
SafeBootNet: rdsessmgr — Service
SafeBootNet: sacsvr — Service
SafeBootNet: SCSI Class — Driver Group
SafeBootNet: Streams Drivers — Driver Group
SafeBootNet: System Bus Extender — Driver Group
SafeBootNet: TDI — Driver Group
SafeBootNet: token — C:WindowsSystem32driverseps2kt1.sys ()
SafeBootNet: WinDefend — C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf — Driver
SafeBootNet: WudfUsbccidDriver — Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} — Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} — CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} — DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} — Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} — Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} — Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} — Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} — Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} — NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} — NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} — NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} — PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} — SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} — System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} — Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} — Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} — Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} — IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} — Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} — Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} — SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} — SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} — Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} —
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} — Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} — %SystemRoot%system32regsvr32.exe /s /n /i:/UserInstall %SystemRoot%system32themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} — Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} — .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} — «%ProgramFiles%Windows MailWinMail.exe» OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} —
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} — DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} — Internet Explorer Help
ActiveX: {47B3BDBB-F2AE-4B55-95C8-921C25DB3B76} — .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} — Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} — Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} — Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} — Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} — MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} — Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} — .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} — regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} — C:Windowssystem32ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} — C:Windowssystem32Rundll32.exe C:Windowssystem32mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} — Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} — Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} — Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} — Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} — HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} — Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} — C:Windowssystem32unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} — C:Windowssystem32ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} — «C:WindowsSystem32rundll32.exe» «C:WindowsSystem32iedkcs32.dll»,BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm — C:WindowsSystem32ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm — C:WindowsSystem32l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg — C:WindowsSystem32mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo — C:WindowsSystem32vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 — C:WindowsSystem32vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid — C:WindowsSystem32iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS — C:WindowsSystem32ff_vfw.dll ()
Drivers32: vidc.i420 — C:WindowsSystem32lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.XVID — C:WindowsSystem32xvidvfw.dll ()
Drivers32: VIDC.YV12 — C:WindowsSystem32yv12vfw.dll (http://www.helixcommunity.org)

[albash]

Продолжение:
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders — Created Within 30 Days ==========

[2011.01.16 12:29:23 | 000,602,112 | —- | C] (OldTimer Tools) — C:UsersОбщий компьютерDesktopOTL.exe
[2011.01.11 14:57:56 | 000,000,000 | —D | C] — C:Windowstemp
[2011.01.11 14:46:06 | 000,000,000 | -HSD | C] — C:$RECYCLE.BIN
[2011.01.11 14:30:55 | 000,161,792 | —- | C] (SteelWerX) — C:WindowsSWREG.exe
[2011.01.11 14:30:55 | 000,136,704 | —- | C] (SteelWerX) — C:WindowsSWSC.exe
[2011.01.11 14:30:55 | 000,031,232 | —- | C] (NirSoft) — C:WindowsNIRCMD.exe
[2011.01.11 14:30:38 | 000,000,000 | —D | C] — C:WindowsERDNT
[2011.01.11 14:30:37 | 000,000,000 | —D | C] — C:ComboFix
[2011.01.11 14:30:26 | 000,000,000 | —D | C] — C:Qoobox
[2011.01.11 14:30:04 | 000,212,480 | —- | C] (SteelWerX) — C:WindowsSWXCACLS.exe
[2011.01.08 18:10:25 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
[2011.01.08 18:10:24 | 000,000,000 | —D | C] — C:Program FilesCommon FilesSkype
[2011.01.04 15:10:12 | 000,000,000 | —D | C] — C:Program FilesMicrosoft CAPICOM 2.1.0.2
[2011.01.03 18:19:20 | 000,000,000 | —D | C] — C:ProgramDataLogiShrd
[2011.01.03 18:17:26 | 000,000,000 | —D | C] — C:UsersОбщий компьютерAppDataLocalLogiShrd
[2011.01.03 18:15:37 | 000,000,000 | —D | C] — C:UsersОбщий компьютерAppDataRoamingLeadertech
[2011.01.03 18:15:15 | 000,000,000 | —D | C] — C:WindowsSystem32logishrd
[2011.01.03 18:15:00 | 000,000,000 | —D | C] — C:ProgramDataLogitech
[2011.01.03 18:14:57 | 000,000,000 | —D | C] — C:Program FilesCommon FilesLWS
[2011.01.03 18:14:25 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsLogitech
[2011.01.03 18:14:21 | 000,000,000 | —D | C] — C:Program FilesLogitech
[2011.01.03 18:01:41 | 000,000,000 | —D | C] — C:Program FilesCommon Fileslogishrd
[2010.12.28 10:27:37 | 000,000,000 | —D | C] — C:UsersОбщий компьютерAppDataRoamingPeerNetworking
[2010.12.23 22:24:06 | 000,000,000 | —D | C] — C:ProgramDataGuard.Mail.Ru
[2009.05.21 12:04:28 | 000,049,152 | R— | C] ( ) — C:WindowsInterop.IWshRuntimeLibrary.dll
[2002.03.11 14:06:30 | 001,822,520 | —- | C] (Microsoft Corporation) — C:Program Filesinstmsiw.exe
[2002.03.11 13:45:04 | 001,708,856 | —- | C] (Microsoft Corporation) — C:Program Filesinstmsia.exe
[2 C:WindowsSystem32*.tmp files -> C:WindowsSystem32*.tmp -> ]

========== Files — Modified Within 30 Days ==========

[2011.01.16 12:46:35 | 002,621,440 | -HS- | M] () — C:UsersОбщий компьютерntuser.dat
[2011.01.16 12:30:59 | 000,602,112 | —- | M] (OldTimer Tools) — C:UsersОбщий компьютерDesktopOTL.exe
[2011.01.16 12:05:23 | 000,000,199 | —- | M] () — C:WindowsSystem32driversetcpfdnnt.act
[2011.01.16 12:05:19 | 000,001,132 | —- | M] () — C:WindowsSystem32driversAPPFLTR.CFG.bck
[2011.01.16 12:05:19 | 000,001,132 | —- | M] () — C:WindowsSystem32driversAPPFLTR.CFG
[2011.01.16 12:05:19 | 000,000,252 | —- | M] () — C:WindowsSystem32driversetcIdsFlt.cfg.bck
[2011.01.16 12:05:19 | 000,000,252 | —- | M] () — C:WindowsSystem32driversetcIdsFlt.cfg
[2011.01.16 12:05:19 | 000,000,092 | —- | M] () — C:WindowsSystem32driversetcNetLoc.wlt.bck
[2011.01.16 12:05:19 | 000,000,092 | —- | M] () — C:WindowsSystem32driversetcNetLoc.wlt
[2011.01.16 12:05:19 | 000,000,068 | —- | M] () — C:WindowsSystem32driversetcNetFlt.cfg.bck
[2011.01.16 12:05:19 | 000,000,068 | —- | M] () — C:WindowsSystem32driversetcNetFlt.cfg
[2011.01.16 12:05:19 | 000,000,056 | —- | M] () — C:WindowsSystem32driversetcWnmFlt.cfg.bck
[2011.01.16 12:05:19 | 000,000,056 | —- | M] () — C:WindowsSystem32driversetcWnmFlt.cfg
[2011.01.16 12:05:19 | 000,000,056 | —- | M] () — C:WindowsSystem32driversetcDsaFlt.cfg.bck
[2011.01.16 12:05:19 | 000,000,056 | —- | M] () — C:WindowsSystem32driversetcDsaFlt.cfg
[2011.01.16 12:05:03 | 000,418,468 | —- | M] () — C:WindowsSystem32driversetcDsaFlt.rls.bck
[2011.01.16 12:05:03 | 000,418,468 | —- | M] () — C:WindowsSystem32driversetcDsaFlt.rls
[2011.01.16 12:02:39 | 000,000,464 | -H— | M] () — C:WindowstasksUser_Feed_Synchronization-{40CBA629-AF20-4EA7-B068-C4E5C2E3414E}.job
[2011.01.16 12:02:22 | 000,000,136 | —- | M] () — C:WindowsSystem32driversetcNetAdapt.cfg.bck
[2011.01.16 12:02:22 | 000,000,136 | —- | M] () — C:WindowsSystem32driversetcNetAdapt.cfg
[2011.01.16 12:02:21 | 000,000,064 | —- | M] () — C:WindowsSystem32driversetcNetAR.wlt.bck
[2011.01.16 12:02:21 | 000,000,064 | —- | M] () — C:WindowsSystem32driversetcNetAR.wlt
[2011.01.16 12:02:01 | 000,054,181 | —- | M] () — C:ProgramDatanvModes.dat
[2011.01.16 12:02:00 | 000,054,181 | —- | M] () — C:ProgramDatanvModes.001
[2011.01.16 11:59:44 | 000,000,928 | —- | M] () — C:WindowstasksGoogleUpdateTaskMachineCore.job
[2011.01.16 11:59:40 | 000,003,216 | -H— | M] () — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.16 11:59:40 | 000,000,006 | -H— | M] () — C:WindowstasksSA.DAT
[2011.01.16 11:59:39 | 000,003,216 | -H— | M] () — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.16 11:59:31 | 000,067,584 | —S- | M] () — C:Windowsbootstat.dat
[2011.01.16 11:59:28 | 000,000,000 | —- | M] () — C:WindowsSystem32driverslvuvc.hs
[2011.01.16 11:59:27 | 2146,619,392 | -HS- | M] () — C:hiberfil.sys
[2011.01.15 21:58:00 | 000,524,288 | -HS- | M] () — C:UsersОбщий компьютерntuser.dat{176ebc84-5348-11df-a606-00158333c2b0}.TMContainer00000000000000000001.regtrans-ms
[2011.01.15 21:58:00 | 000,065,536 | -HS- | M] () — C:UsersОбщий компьютерntuser.dat{176ebc84-5348-11df-a606-00158333c2b0}.TM.blf
[2011.01.15 21:57:40 | 003,279,506 | -H— | M] () — C:UsersОбщий компьютерAppDataLocalIconCache.db
[2011.01.15 21:54:01 | 000,000,932 | —- | M] () — C:WindowstasksGoogleUpdateTaskMachineUA.job
[2011.01.15 10:48:35 | 000,322,592 | —- | M] () — C:WindowsSystem32driversAPPFCONT.DAT.bck
[2011.01.15 10:48:35 | 000,322,592 | —- | M] () — C:WindowsSystem32driversAPPFCONT.DAT
[2011.01.14 09:51:47 | 000,008,627 | —- | M] () — C:WindowsSystem32PAV_FOG.OPC
[2011.01.11 14:43:36 | 000,000,215 | —- | M] () — C:Windowssystem.ini
[2011.01.11 14:43:24 | 000,000,027 | —- | M] () — C:WindowsSystem32driversetchosts
[2011.01.11 14:29:57 | 004,152,003 | R— | M] () — C:UsersОбщий компьютерDesktopComboFix.exe
[2011.01.11 14:20:14 | 001,484,556 | —- | M] () — C:WindowsSystem32PerfStringBackup.INI
[2011.01.11 14:20:14 | 000,662,300 | —- | M] () — C:WindowsSystem32perfh019.dat
[2011.01.11 14:20:14 | 000,595,798 | —- | M] () — C:WindowsSystem32perfh009.dat
[2011.01.11 14:20:14 | 000,129,218 | —- | M] () — C:WindowsSystem32perfc019.dat
[2011.01.11 14:20:14 | 000,103,872 | —- | M] () — C:WindowsSystem32perfc009.dat
[2011.01.10 09:59:36 | 251,797,106 | —- | M] () — C:WindowsMEMORY.DMP
[2011.01.08 18:10:25 | 000,001,878 | —- | M] () — C:UsersPublicDesktopSkype.lnk
[2011.01.05 20:41:08 | 000,000,877 | —- | M] () — C:UsersОбщий компьютерAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupLogitech . Регистрация Продукта.lnk
[2011.01.04 11:42:23 | 000,021,504 | —- | M] () — C:UsersОбщий компьютерAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.03 18:16:30 | 000,001,750 | —- | M] () — C:UsersPublicDesktopLogitech Vid HD.lnk
[2011.01.03 18:14:25 | 000,001,437 | —- | M] () — C:UsersPublicDesktopLogitech Webcam Software .lnk
[2010.12.28 10:27:44 | 000,024,064 | —- | M] () — C:UsersОбщий компьютерAppDataRoamingUserTile.png
[2 C:WindowsSystem32*.tmp files -> C:WindowsSystem32*.tmp -> ]

========== Files Created — No Company Name ==========

[2011.01.11 14:30:55 | 000,256,512 | —- | C] () — C:WindowsPEV.exe
[2011.01.11 14:30:55 | 000,098,816 | —- | C] () — C:Windowssed.exe
[2011.01.11 14:30:55 | 000,089,088 | —- | C] () — C:WindowsMBR.exe
[2011.01.11 14:30:55 | 000,080,412 | —- | C] () — C:Windowsgrep.exe
[2011.01.11 14:30:55 | 000,068,096 | —- | C] () — C:Windowszip.exe
[2011.01.11 14:29:26 | 004,152,003 | R— | C] () — C:UsersОбщий компьютерDesktopComboFix.exe
[2011.01.10 10:00:29 | 2146,619,392 | -HS- | C] () — C:hiberfil.sys
[2011.01.08 18:10:25 | 000,001,878 | —- | C] () — C:UsersPublicDesktopSkype.lnk
[2011.01.05 20:41:08 | 000,000,877 | —- | C] () — C:UsersОбщий компьютерAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupLogitech . Регистрация Продукта.lnk
[2011.01.03 18:16:30 | 000,001,750 | —- | C] () — C:UsersPublicDesktopLogitech Vid HD.lnk
[2011.01.03 18:14:25 | 000,001,437 | —- | C] () — C:UsersPublicDesktopLogitech Webcam Software .lnk
[2011.01.03 18:01:59 | 000,000,000 | —- | C] () — C:WindowsSystem32driverslvuvc.hs
[2010.12.28 10:27:37 | 000,024,064 | —- | C] () — C:UsersОбщий компьютерAppDataRoamingUserTile.png
[2010.12.09 13:14:37 | 000,000,036 | —- | C] () — C:UsersОбщий компьютерAppDataLocalhousecall.guid.cache
[2010.11.10 02:45:30 | 010,871,128 | —- | C] () — C:WindowsSystem32LogiDPP.dll
[2010.11.10 02:45:20 | 000,316,248 | —- | C] () — C:WindowsSystem32DevManagerCore.dll
[2010.11.10 02:31:42 | 000,026,286 | —- | C] () — C:WindowsSystem32lvcoinst.ini
[2010.11.03 16:33:41 | 000,165,376 | —- | C] () — C:WindowsSystem32unrar.dll
[2010.11.03 16:33:40 | 000,000,038 | —- | C] () — C:Windowsavisplitter.ini
[2010.11.03 16:33:29 | 000,790,528 | —- | C] () — C:WindowsSystem32xvidcore.dll
[2010.11.03 16:33:29 | 000,134,144 | —- | C] () — C:WindowsSystem32xvidvfw.dll
[2010.11.03 16:33:28 | 000,108,032 | —- | C] () — C:WindowsSystem32ff_vfw.dll
[2010.11.03 16:33:28 | 000,000,547 | —- | C] () — C:WindowsSystem32ff_vfw.dll.manifest
[2010.08.03 09:24:27 | 000,311,296 | —- | C] () — C:WindowsSystem32ibank2ccom.dll
[2010.08.03 09:24:27 | 000,102,400 | —- | C] () — C:WindowsSystem32ibank2agava.dll
[2010.05.28 17:40:52 | 003,091,968 | —- | C] () — C:Program Filesopenofficeorg32.msi
[2010.05.28 17:37:28 | 128,699,053 | —- | C] () — C:Program Filesopenofficeorg1.cab
[2010.05.28 16:49:02 | 000,000,290 | —- | C] () — C:Program Filessetup.ini
[2010.05.20 11:48:46 | 000,031,744 | —- | C] () — C:WindowsSystem32driverseps2kt1.sys
[2010.05.20 11:48:46 | 000,004,608 | —- | C] () — C:WindowsSystem32R5CoInst.dll
[2010.05.07 18:46:36 | 000,014,168 | —- | C] () — C:WindowsSystem32driversiKeyLFT2.dll
[2010.05.07 18:43:30 | 000,025,824 | —- | C] () — C:WindowsSystem32driversLVPr2Mon.sys
[2010.02.20 08:55:13 | 000,000,084 | —- | C] () — C:Windowsnetdet.ini
[2010.02.20 08:54:15 | 000,237,568 | —- | C] () — C:WindowsSystem32lame_enc.dll
[2010.02.14 15:23:25 | 000,018,944 | —- | C] () — C:WindowsSystem32ventmon.dll
[2010.02.04 09:34:48 | 000,000,810 | —- | C] () — C:WindowsNTIWVEDT.INI
[2010.02.01 10:52:37 | 000,000,000 | —- | C] () — C:WindowsJCMKR32.INI
[2010.01.31 18:34:35 | 000,000,790 | —- | C] () — C:ProgramDatahpzinstall.log
[2009.12.18 12:00:50 | 000,000,069 | —- | C] () — C:Windowscm.ini
[2009.11.30 13:54:24 | 000,021,504 | —- | C] () — C:UsersОбщий компьютерAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.30 13:32:35 | 000,000,091 | —- | C] () — C:ProgramDataPS.log
[2009.11.29 19:01:42 | 000,117,248 | —- | C] () — C:WindowsSystem32EhStorAuthn.dll
[2009.11.29 19:01:25 | 000,368,640 | —- | C] () — C:WindowsSystem32msjetoledb40.dll
[2009.11.28 18:56:16 | 000,000,056 | -H— | C] () — C:ProgramDataezsidmv.dat
[2009.11.28 18:18:33 | 000,013,880 | —- | C] () — C:WindowsSystem32driversCOMFiltr.sys
[2009.11.28 17:11:14 | 003,279,506 | -H— | C] () — C:UsersОбщий компьютерAppDataLocalIconCache.db
[2009.11.28 16:59:17 | 000,000,272 | —- | C] () — C:Windowshpqcopy.INI
[2009.11.28 16:56:53 | 000,000,235 | —- | C] () — C:UsersОбщий компьютерAppDataRoamingdevices.xml
[2009.11.28 16:56:53 | 000,000,012 | —- | C] () — C:UsersОбщий компьютерAppDataRoamingsettings.xml
[2009.11.28 16:38:08 | 000,106,496 | —- | C] () — C:WindowsSystem32VSHP1018.DLL
[2009.11.28 16:29:33 | 000,082,384 | —- | C] () — C:UsersОбщий компьютерAppDataLocalGDIPFONTCACHEV1.DAT
[2008.01.21 10:59:39 | 001,484,556 | —- | C] () — C:WindowsSystem32PerfStringBackup.INI
[2008.01.21 07:34:22 | 000,060,124 | —- | C] () — C:WindowsSystem32tcpmon.ini
[2006.11.02 17:48:00 | 000,000,174 | -HS- | C] () — C:Program Filesdesktop.ini
[2006.11.02 15:24:31 | 000,001,405 | —- | C] () — C:Windowsmsdfmap.ini
[2006.11.02 15:23:31 | 000,000,221 | —- | C] () — C:Windowswin.ini
[2006.11.02 15:23:31 | 000,000,215 | —- | C] () — C:Windowssystem.ini
[2006.11.02 12:40:29 | 000,013,750 | —- | C] () — C:WindowsSystem32pacerprf.ini
[2006.11.02 12:09:45 | 000,027,097 | —- | C] () — C:WindowsSystem32country.sys
[2006.11.02 12:09:44 | 000,042,809 | —- | C] () — C:WindowsSystem32KEY01.SYS
[2006.11.02 12:09:44 | 000,042,537 | —- | C] () — C:WindowsSystem32KEYBOARD.SYS
[2006.11.02 12:09:42 | 000,009,029 | —- | C] () — C:WindowsSystem32ANSI.SYS
[2006.11.02 12:09:41 | 000,004,768 | —- | C] () — C:WindowsSystem32HIMEM.SYS
[2006.11.02 12:09:40 | 000,029,274 | —- | C] () — C:WindowsSystem32NTDOS412.SYS
[2006.11.02 12:09:38 | 000,029,370 | —- | C] () — C:WindowsSystem32NTDOS411.SYS
[2006.11.02 12:09:35 | 000,029,146 | —- | C] () — C:WindowsSystem32NTDOS404.SYS
[2006.11.02 12:09:31 | 000,029,146 | —- | C] () — C:WindowsSystem32NTDOS804.SYS
[2006.11.02 12:09:29 | 000,027,866 | —- | C] () — C:WindowsSystem32NTDOS.SYS
[2006.11.02 12:09:26 | 000,035,536 | —- | C] () — C:WindowsSystem32NTIO412.SYS
[2006.11.02 12:09:24 | 000,035,776 | —- | C] () — C:WindowsSystem32NTIO411.SYS
[2006.11.02 12:09:23 | 000,034,672 | —- | C] () — C:WindowsSystem32NTIO404.SYS
[2006.11.02 12:09:22 | 000,034,672 | —- | C] () — C:WindowsSystem32NTIO804.SYS
[2006.11.02 12:09:20 | 000,033,952 | —- | C] () — C:WindowsSystem32NTIO.SYS
[2006.11.02 11:25:08 | 000,013,312 | —- | C] () — C:WindowsSystem32win87em.dll
[2006.10.10 14:08:14 | 000,000,044 | —- | C] () — C:WindowsAcer(Normal).ini
[2006.10.10 14:08:14 | 000,000,042 | —- | C] () — C:WindowsAcer(Wide).ini
[2006.10.10 14:04:58 | 000,007,372 | —- | C] () — C:ProgramDataArcadeDeluxe2.log
[2006.10.10 13:59:17 | 000,054,181 | —- | C] () — C:ProgramDatanvModes.001
[2006.10.10 13:59:16 | 000,054,181 | —- | C] () — C:ProgramDatanvModes.dat

========== LOP Check ==========

[2009.05.21 01:58:02 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingAcer GameZone Console
[2009.11.30 18:19:14 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingBarbieIP
[2010.01.16 17:52:42 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingcerasus.media
[2010.02.20 16:40:10 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingCrypto Pro
[2009.11.28 22:21:49 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingeSobi
[2011.01.03 18:15:37 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingLeadertech
[2010.11.03 16:30:09 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingMail.Ru
[2010.02.08 16:33:28 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingMeridian93
[2010.08.02 14:03:11 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingMra
[2009.12.07 10:17:45 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingOpenOffice.org
[2009.11.28 18:17:38 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingPanda Security
[2010.12.28 10:27:37 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingPeerNetworking
[2009.11.28 16:33:50 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingSoftDMA
[2009.11.28 16:55:01 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingПапка выгрузки Share-to-Web
[2011.01.15 21:58:09 | 000,032,568 | —- | M] () — C:WindowsTasksSCHEDLGU.TXT
[2011.01.16 12:02:39 | 000,000,464 | -H— | M] () — C:WindowsTasksUser_Feed_Synchronization-{40CBA629-AF20-4EA7-B068-C4E5C2E3414E}.job

========== Purity Check ==========

========== Custom Scans ==========

[2009.05.21 01:58:02 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingAcer GameZone Console
[2009.12.14 12:23:43 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingAdobe
[2010.01.19 20:56:27 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingApple Computer
[2009.11.30 18:19:14 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingBarbieIP
[2010.01.16 17:52:42 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingcerasus.media
[2010.02.20 16:40:10 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingCrypto Pro
[2010.02.04 10:28:02 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingCyberLink
[2009.11.28 22:21:49 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingeSobi
[2009.11.28 16:41:46 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingGoogle
[2010.01.31 21:35:59 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingHP
[2010.07.30 22:05:59 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingHpUpdate
[2009.11.28 16:29:19 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingIdentities
[2011.01.03 18:15:37 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingLeadertech
[2009.11.28 16:29:49 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingMacromedia
[2010.11.03 16:30:09 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingMail.Ru
[2010.11.03 16:48:04 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingMedia Player Classic
[2010.02.08 16:33:28 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingMeridian93
[2011.01.03 18:15:36 | 000,000,000 | —SD | M] — C:UsersОбщий компьютерAppDataRoamingMicrosoft
[2010.08.02 14:03:11 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingMra
[2010.01.27 15:42:58 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingNero
[2009.12.07 10:17:45 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingOpenOffice.org
[2009.11.28 18:17:38 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingPanda Security
[2010.12.28 10:27:37 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingPeerNetworking
[2011.01.16 12:04:10 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingSkype
[2011.01.16 12:03:20 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingskypePM
[2009.11.28 16:33:50 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingSoftDMA
[2010.01.29 12:37:24 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingWinRAR
[2009.11.28 16:55:01 | 000,000,000 | —D | M] — C:UsersОбщий компьютерAppDataRoamingПапка выгрузки Share-to-Web

[2011.01.03 18:15:36 | 000,053,248 | R— | M] (Acresso Software Inc.) — C:UsersОбщий компьютерAppDataRoamingMicrosoftInstaller{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}ARPPRODUCTICON.exe

[2008.01.21 07:32:22 | 000,056,376 | —- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 — C:WindowsERDNTcacheAGP440.sys
[2008.01.21 07:32:22 | 000,056,376 | —- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 — C:WindowsSystem32driversAGP440.sys
[2008.01.21 07:32:22 | 000,056,376 | —- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 — C:WindowsSystem32DriverStoreFileRepositorymachine.inf_51b95d75AGP440.sys
[2008.01.21 07:32:22 | 000,056,376 | —- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 — C:WindowsSystem32DriverStoreFileRepositorymachine.inf_f750e484AGP440.sys
[2008.01.21 07:32:22 | 000,056,376 | —- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 — C:Windowswinsxsx86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97aAGP440.sys
[2008.01.21 07:32:22 | 000,056,376 | —- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 — C:Windowswinsxsx86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6AGP440.sys
[2006.11.02 14:49:52 | 000,053,864 | —- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 — C:WindowsSystem32DriverStoreFileRepositorymachine.inf_920a2c1fAGP440.sys

[2009.04.11 11:32:26 | 000,019,944 | —- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 — C:WindowsSystem32DriverStoreFileRepositorymshdc.inf_b12d8e84atapi.sys
[2009.04.11 11:32:26 | 000,019,944 | —- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 — C:Windowswinsxsx86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8atapi.sys
[2008.01.21 07:32:21 | 000,021,560 | —- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 — C:WindowsERDNTcacheatapi.sys
[2008.01.21 07:32:21 | 000,021,560 | —- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 — C:WindowsSystem32driversatapi.sys
[2008.01.21 07:32:21 | 000,021,560 | —- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 — C:WindowsSystem32DriverStoreFileRepositorymshdc.inf_cc18792datapi.sys
[2008.01.21 07:32:21 | 000,021,560 | —- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 — C:Windowswinsxsx86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9catapi.sys
[2006.11.02 14:49:36 | 000,019,048 | —- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F — C:WindowsSystem32DriverStoreFileRepositorymshdc.inf_c6c2e699atapi.sys

[2009.04.11 11:27:20 | 000,643,072 | —- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 — C:WindowsSystem32autochk.exe
[2009.04.11 11:27:20 | 000,643,072 | —- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 — C:Windowswinsxsx86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3bautochk.exe
[2008.01.21 07:34:33 | 000,642,560 | —- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 — C:Windowswinsxsx86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122efautochk.exe

[2008.01.21 07:33:14 | 000,006,144 | —- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 — C:WindowsERDNTcachebeep.sys
[2008.01.21 07:33:14 | 000,006,144 | —- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 — C:WindowsSystem32driversbeep.sys
[2008.01.21 07:33:14 | 000,006,144 | —- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 — C:Windowswinsxsx86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485bbeep.sys

[2006.11.02 14:46:03 | 000,011,776 | —- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D — C:WindowsERDNTcachecngaudit.dll
[2006.11.02 14:46:03 | 000,011,776 | —- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D — C:WindowsSystem32cngaudit.dll
[2006.11.02 14:46:03 | 000,011,776 | —- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D — C:Windowswinsxsx86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6cngaudit.dll

[2008.10.29 11:20:29 | 002,923,520 | —- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3explorer.exe
[2008.10.29 11:29:41 | 002,927,104 | —- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8explorer.exe
[2008.10.30 08:59:17 | 002,927,616 | —- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1explorer.exe
[2009.04.11 11:27:36 | 002,926,592 | —- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 — C:WindowsERDNTcacheexplorer.exe
[2009.04.11 11:27:36 | 002,926,592 | —- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 — C:Windowsexplorer.exe
[2009.04.11 11:27:36 | 002,926,592 | —- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0bexplorer.exe
[2008.10.28 07:15:02 | 002,923,520 | —- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990bexplorer.exe
[2008.01.21 07:34:05 | 002,927,104 | —- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebfexplorer.exe

[2008.09.12 14:48:26 | 000,406,040 | —- | M] (Intel Corporation) MD5=756879FA65978DF948437CE3FD1EACCD — C:Program FilesIntelIntel Matrix Storage Managerdriver64IaStor.sys
[2008.09.12 14:32:56 | 000,327,192 | —- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 — C:Program FilesIntelIntel Matrix Storage ManagerdriverIaStor.sys
[2008.09.12 14:32:56 | 000,327,192 | —- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 — C:WindowsSystem32driversiaStor.sys
[2008.09.12 14:32:56 | 000,327,192 | —- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 — C:WindowsSystem32DriverStoreFileRepositoryiaahci.inf_3c4af4a0iaStor.sys

[2008.01.21 07:32:49 | 000,235,064 | —- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 — C:WindowsSystem32driversiaStorV.sys
[2008.01.21 07:32:49 | 000,235,064 | —- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 — C:WindowsSystem32DriverStoreFileRepositoryiastorv.inf_c9df7691iaStorV.sys
[2008.01.21 07:32:49 | 000,235,064 | —- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 — C:Windowswinsxsx86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8fiaStorV.sys
[2006.11.02 14:51:25 | 000,232,040 | —- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 — C:WindowsSystem32DriverStoreFileRepositoryiastorv.inf_37cdafa4iaStorV.sys

[2009.04.11 11:28:20 | 000,114,688 | —- | M] (Microsoft Corporation) MD5=C8BDCECEE082B54F0BAC838BF0A34597 — C:WindowsERDNTcacheimm32.dll
[2008.01.21 07:34:05 | 000,114,688 | —- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93DFA9A2E — C:Windowswinsxsx86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02imm32.dll
[2009.04.11 11:28:20 | 000,114,688 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:WindowsSystem32imm32.dll
[2009.04.11 11:28:20 | 000,114,688 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:Windowswinsxsx86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84eimm32.dll

[2009.02.13 13:21:09 | 000,890,880 | —- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026FDDB79 — C:Windowswinsxsx86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67kernel32.dll
[2009.02.13 12:26:37 | 000,875,520 | —- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D64C7F3 — C:Windowswinsxsx86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529edkernel32.dll
[2009.02.13 12:13:01 | 000,875,520 | —- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50FEAD39 — C:Windowswinsxsx86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108kernel32.dll
[2009.04.11 11:28:20 | 000,891,392 | —- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC — C:WindowsERDNTcachekernel32.dll
[2009.02.13 13:49:05 | 000,888,832 | —- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B5787F7C6 — C:Windowswinsxsx86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0kernel32.dll
[2008.01.21 07:33:52 | 000,888,320 | —- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60206DDD — C:Windowswinsxsx86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88aekernel32.dll
[2009.04.11 11:28:20 | 000,891,392 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:WindowsSystem32kernel32.dll
[2009.04.11 11:28:20 | 000,891,392 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:Windowswinsxsx86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fakernel32.dll

[2009.04.11 11:28:22 | 000,223,232 | —- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB — C:WindowsERDNTcachemswsock.dll
[2009.04.11 11:28:22 | 000,223,232 | —- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB — C:WindowsSystem32mswsock.dll
[2009.04.11 11:28:22 | 000,223,232 | —- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB — C:Windowswinsxsx86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89damswsock.dll
[2008.01.21 07:33:36 | 000,223,232 | —- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 — C:Windowswinsxsx86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8emswsock.dll

[2009.04.11 11:32:49 | 000,527,848 | —- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 — C:WindowsERDNTcachendis.sys
[2009.04.11 11:32:49 | 000,527,848 | —- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 — C:WindowsSystem32driversndis.sys
[2009.04.11 11:32:49 | 000,527,848 | —- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 — C:Windowswinsxsx86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864ndis.sys
[2008.01.21 07:33:22 | 000,529,464 | —- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 — C:Windowswinsxsx86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18ndis.sys

[2009.04.11 11:28:23 | 000,592,896 | —- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE — C:WindowsERDNTcachenetlogon.dll
[2009.04.11 11:28:23 | 000,592,896 | —- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE — C:WindowsSystem32netlogon.dll
[2009.04.11 11:28:23 | 000,592,896 | —- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE — C:Windowswinsxsx86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3netlogon.dll
[2008.01.21 07:33:41 | 000,592,384 | —- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F — C:Windowswinsxsx86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857netlogon.dll

[2009.04.11 11:32:49 | 001,083,880 | —- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 — C:WindowsERDNTcachentfs.sys
[2009.04.11 11:32:49 | 001,083,880 | —- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 — C:WindowsSystem32driversntfs.sys
[2009.04.11 11:32:49 | 001,083,880 | —- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 — C:Windowswinsxsx86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64dfntfs.sys
[2008.01.21 07:33:23 | 001,081,912 | —- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D — C:Windowswinsxsx86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993ntfs.sys

[2008.01.21 07:35:18 | 000,460,288 | —- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0369953 — C:Windowswinsxsx86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007ntmssvc.dll

[2006.11.02 14:50:13 | 000,040,040 | —- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC — C:WindowsSystem32DriverStoreFileRepositorynvraid.inf_733654ffnvstor.sys
[2008.01.21 07:32:47 | 000,045,112 | —- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 — C:WindowsSystem32driversnvstor.sys
[2008.01.21 07:32:47 | 000,045,112 | —- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 — C:WindowsSystem32DriverStoreFileRepositorynvraid.inf_31c3d71dnvstor.sys
[2008.01.21 07:32:47 | 000,045,112 | —- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 — C:Windowswinsxsx86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467nvstor.sys

[2006.11.02 14:45:33 | 000,027,648 | —- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 — C:WindowsSystem32proquota.exe
[2006.11.02 14:45:33 | 000,027,648 | —- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 — C:Windowswinsxsx86_microsoft-windows-proquota_31bf3856ad364e35_6.0.6000.16386_none_259035db957a1715proquota.exe

[2008.01.21 07:34:49 | 000,758,272 | —- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D — C:Windowswinsxsx86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8cqmgr.dll
[2009.04.11 11:28:23 | 000,758,784 | —- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F — C:WindowsERDNTcacheqmgr.dll
[2009.04.11 11:28:23 | 000,758,784 | —- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F — C:WindowsSystem32qmgr.dll
[2009.04.11 11:28:23 | 000,758,784 | —- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F — C:Windowswinsxsx86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8qmgr.dll

[2008.01.21 07:34:39 | 000,177,152 | —- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 — C:Windowswinsxsx86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12scecli.dll
[2009.04.11 11:28:24 | 000,177,152 | —- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 — C:WindowsERDNTcachescecli.dll
[2009.04.11 11:28:24 | 000,177,152 | —- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 — C:WindowsSystem32scecli.dll
[2009.04.11 11:28:24 | 000,177,152 | —- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 — C:Windowswinsxsx86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5escecli.dll

[2010.08.17 18:32:33 | 000,126,464 | —- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 — C:Windowswinsxsx86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21spoolsv.exe
[2009.04.11 11:28:05 | 000,127,488 | —- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E — C:Windowswinsxsx86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062spoolsv.exe
[2008.01.21 07:34:33 | 000,125,952 | —- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 — C:Windowswinsxsx86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516spoolsv.exe
[2010.08.17 19:11:37 | 000,128,000 | —- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 — C:WindowsERDNTcachespoolsv.exe
[2010.08.17 19:11:37 | 000,128,000 | —- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 — C:WindowsSystem32spoolsv.exe
[2010.08.17 19:11:37 | 000,128,000 | —- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 — C:Windowswinsxsx86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2spoolsv.exe
[2010.08.17 19:20:09 | 000,128,000 | —- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB — C:Windowswinsxsx86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4cspoolsv.exe
[2010.08.17 18:27:48 | 000,128,000 | —- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 — C:Windowswinsxsx86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93spoolsv.exe

[2008.01.21 07:33:13 | 000,021,504 | —- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF — C:WindowsERDNTcachesvchost.exe
[2008.01.21 07:33:13 | 000,021,504 | —- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF — C:WindowsSystem32svchost.exe
[2008.01.21 07:33:13 | 000,021,504 | —- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF — C:Windowswinsxsx86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5svchost.exe

[2008.04.26 13:08:16 | 000,891,448 | —- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7tcpip.sys
[2009.04.11 11:33:02 | 000,897,000 | —- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42tcpip.sys
[2009.12.09 01:52:30 | 000,897,624 | —- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63tcpip.sys
[2009.08.16 02:30:53 | 000,816,640 | —- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF — C:Windowswinsxsx86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00tcpip.sys
[2009.08.14 22:01:55 | 000,900,168 | —- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850ftcpip.sys
[2010.02.18 16:51:51 | 000,818,688 | —- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 — C:Windowswinsxsx86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15btcpip.sys
[2010.02.18 19:49:38 | 000,898,952 | —- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5tcpip.sys
[2009.08.14 19:24:47 | 000,813,568 | —- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 — C:Windowswinsxsx86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4tcpip.sys
[2009.12.09 01:15:00 | 000,907,832 | —- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560dtcpip.sys
[2010.02.18 19:07:16 | 000,904,576 | —- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bectcpip.sys
[2010.02.18 17:05:37 | 000,815,104 | —- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 — C:Windowswinsxsx86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7tcpip.sys
[2009.12.09 01:37:09 | 000,900,696 | —- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54tcpip.sys
[2010.06.16 20:55:58 | 000,902,032 | —- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0tcpip.sys
[2009.08.14 21:27:34 | 000,904,776 | —- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25ftcpip.sys
[2010.06.16 21:39:32 | 000,912,776 | —- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63tcpip.sys
[2010.06.16 20:59:54 | 000,898,952 | —- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10tcpip.sys
[2008.04.26 13:26:49 | 000,891,448 | —- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1tcpip.sys
[2009.12.08 22:58:13 | 000,813,568 | —- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 — C:Windowswinsxsx86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8tcpip.sys
[2009.08.14 22:07:56 | 000,897,608 | —- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3tcpip.sys
[2010.02.18 22:36:50 | 000,902,024 | —- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60tcpip.sys
[2010.06.16 21:04:57 | 000,905,088 | —- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF — C:WindowsERDNTcachetcpip.sys
[2010.06.16 21:04:57 | 000,905,088 | —- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF — C:WindowsSystem32driverstcpip.sys
[2010.06.16 21:04:57 | 000,905,088 | —- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22tcpip.sys
[2009.12.08 22:45:32 | 000,816,640 | —- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA — C:Windowswinsxsx86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692tcpip.sys
[2010.02.18 19:22:11 | 000,910,216 | —- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2tcpip.sys
[2009.12.09 01:01:08 | 000,904,776 | —- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325ctcpip.sys
[2008.01.21 07:34:55 | 000,891,448 | —- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6tcpip.sys
[2009.08.14 21:33:50 | 000,905,784 | —- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 — C:Windowswinsxsx86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80tcpip.sys

[2009.04.11 11:28:24 | 000,449,024 | —- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D — C:WindowsERDNTcachetermsrv.dll
[2009.04.11 11:28:24 | 000,449,024 | —- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D — C:WindowsSystem32termsrv.dll
[2009.04.11 11:28:24 | 000,449,024 | —- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D — C:Windowswinsxsx86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2aetermsrv.dll
[2008.01.21 07:33:51 | 000,448,512 | —- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F1603A6 — C:Windowswinsxsx86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762termsrv.dll

[2008.01.21 07:34:37 | 000,025,088 | —- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 — C:WindowsERDNTcacheuserinit.exe
[2008.01.21 07:34:37 | 000,025,088 | —- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 — C:WindowsSystem32userinit.exe
[2008.01.21 07:34:37 | 000,025,088 | —- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 — C:Windowswinsxsx86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80buserinit.exe

[2008.01.21 07:34:36 | 000,179,200 | —- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B — C:WindowsERDNTcachews2_32.dll
[2008.01.21 07:34:36 | 000,179,200 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:WindowsSystem32ws2_32.dll
[2008.01.21 07:34:36 | 000,179,200 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:Windowswinsxsx86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4ws2_32.dll

[2009.03.08 16:31:42 | 000,348,160 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:WindowsSystem32dxtmsft.dll
[2009.03.08 16:31:37 | 000,216,064 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:WindowsSystem32dxtrans.dll
[2009.04.11 11:27:47 | 000,241,128 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:WindowsSystem32rsaenh.dll
[2009.04.11 11:28:23 | 000,228,352 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:WindowsSystem32SLC.dll
[2 C:Windowssystem32*.tmp files -> C:Windowssystem32*.tmp -> ]

[2008.01.21 08:31:11 | 015,716,352 | —- | M] () — C:WindowsSystem32configCOMPONENTS.SAV
[2008.01.21 08:31:01 | 000,102,400 | —- | M] () — C:WindowsSystem32configDEFAULT.SAV
[2008.01.21 08:31:12 | 000,020,480 | —- | M] () — C:WindowsSystem32configSECURITY.SAV
[2006.11.02 15:34:08 | 010,133,504 | —- | M] () — C:WindowsSystem32configSOFTWARE.SAV
[2006.11.02 15:34:08 | 001,826,816 | —- | M] () — C:WindowsSystem32configSYSTEM.SAV

[2010.11.10 02:49:50 | 004,323,040 | —- | M] (Logitech Inc.) — C:WindowsSystem32driverslvuvc.sys

========== Alternate Data Streams ==========

@Alternate Data Stream — 144 bytes -> C:ProgramDataTemp:B623B5B8
@Alternate Data Stream — 131 bytes -> C:ProgramDataTemp:A42A9F39
@Alternate Data Stream — 130 bytes -> C:ProgramDataTemp:F880DE59
@Alternate Data Stream — 124 bytes -> C:ProgramDataTemp:5D7E5A8F
@Alternate Data Stream — 122 bytes -> C:ProgramDataTemp:793F316E
@Alternate Data Stream — 121 bytes -> C:ProgramDataTemp:7CACEF61
@Alternate Data Stream — 120 bytes -> C:ProgramDataTemp:4CF61E54
@Alternate Data Stream — 117 bytes -> C:ProgramDataTemp:F3176E45
@Alternate Data Stream — 117 bytes -> C:ProgramDataTemp:798A3728
@Alternate Data Stream — 116 bytes -> C:ProgramDataTemp:4D066AD2
@Alternate Data Stream — 109 bytes -> C:ProgramDataTemp:DAFD38AE
@Alternate Data Stream — 109 bytes -> C:ProgramDataTemp:AB689DEA

[albash]

Лог Extras:
OTL Extras logfile created on: 16.01.2011 12:33:38 — Run 1
OTL by OldTimer — Version 3.2.20.2 Folder = C:UsersОбщий компьютерDesktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) — Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): ?:pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files
Drive C: | 141,29 Gb Total Space | 81,25 Gb Free Space | 57,50% Space Free | Partition Type: NTFS
Drive F: | 141,29 Gb Total Space | 141,20 Gb Free Space | 99,93% Space Free | Partition Type: NTFS

Computer Name: ОБЩИЙ-ПК | User Name: Общий компьютер | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINESOFTWAREClasses]
.hlp [@ = hlpfile] — C:Windowswinhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
batfile [open] — «%1» %*
cmdfile [open] — «%1» %*
comfile [open] — «%1» %*
exefile [open] — «%1» %*
helpfile [open] — Reg Error: Key error.
hlpfile [open] — %SystemRoot%winhlp32.exe %1 (Microsoft Corporation)
piffile [open] — «%1» %*
regfile [merge] — Reg Error: Key error.
scrfile [config] — «%1»
scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] — «%1» /S
txtfile [edit] — Reg Error: Key error.
Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«cval» = 1
«FirewallDisableNotify» = 0
«AntiVirusDisableNotify» = 0
«UpdatesDisableNotify» = 0

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
«AntiVirusOverride» = 0
«AntiSpywareOverride» = 0
«FirewallOverride» = 0
«VistaSp1» = Reg Error: Unknown registry data type — File not found
«VistaSp2» = Reg Error: Unknown registry data type — File not found

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore]
«DisableSR» = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewall]

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallDomainProfile]

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallStandardProfile]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
«EnableFirewall» = 1
«DisableNotifications» = 0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
«EnableFirewall» = 0
«DisableNotifications» = 0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
«EnableFirewall» = 1
«DisableNotifications» = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
«{08C68459-A223-40A0-BABB-55EF50544CAE}» = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
«{26A09244-EC58-4D00-BD96-835F4C792FD0}» = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%system32svchost.exe |
«{28EA0969-CC84-44F7-9445-D2C80AF9FD9D}» = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
«{3F3FAFE5-3D0B-440B-AA3C-9F6E1D702C75}» = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%system32svchost.exe |
«{4958402E-178F-49B6-9BC5-F907B1F7959D}» = lport=139 | protocol=6 | dir=in | app=system |
«{4B46F493-ABEB-45FC-B6A8-9371E009F6D1}» = lport=2869 | protocol=6 | dir=in | app=system |
«{4B7CD7B1-F04F-415B-89B0-77F1E72DB058}» = rport=139 | protocol=6 | dir=out | app=system |
«{4BDD8365-00E8-41FD-AC85-622E5E5A6821}» = rport=138 | protocol=17 | dir=out | app=system |
«{57469917-C399-4024-845D-D2F524744EB7}» = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
«{5B694C12-42EA-48F6-BE98-D9F70E682542}» = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%system32svchost.exe |
«{67923EC0-1E54-4F3F-A926-91F1CE044BF1}» = lport=137 | protocol=17 | dir=in | app=system |
«{6EEF2781-D1E1-4F56-957C-62EA5836414B}» = lport=138 | protocol=17 | dir=in | app=system |
«{88F741A2-7AA8-494A-9F23-C1C6C24D239D}» = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%system32spoolsv.exe |
«{AAC32147-6629-42FE-84C1-4762F819BDA4}» = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
«{B08F6341-B14F-4DE1-854A-E19D9F6F3D01}» = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
«{D5779E5D-2EC9-40CF-AC33-A84D6C81F93C}» = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%system32svchost.exe |
«{DDD2D6D7-FC48-402D-87BA-23BF98FD0C03}» = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
«{E05BB445-FD92-45F7-B1F9-78099F053CAD}» = rport=445 | protocol=6 | dir=out | app=system |
«{E2122D09-1DE2-45E9-8B2B-B9BDDE657A87}» = rport=137 | protocol=17 | dir=out | app=system |
«{E3ADD3E8-90DA-4F22-8723-FDD947B3EE06}» = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%system32svchost.exe |
«{E465187B-7AFF-4047-B9C3-4F2CB3FC752F}» = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%system32svchost.exe |
«{FD9D36E0-81E6-4E6E-8D69-B20648CAB66D}» = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
«{08479E98-BB97-452D-A95E-212A65B77303}» = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
«{0BA625BF-258D-414C-850A-CC0861E427F2}» = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
«{0E82E578-83C3-4C6A-9B8F-7834377AC99A}» = dir=in | app=c:program fileswindows livemessengermsnmsgr.exe |
«{0EFF2B83-1B83-4F18-8742-CE04D7D79608}» = protocol=17 | dir=in | app=c:program filesnewtech infosystemsnti backup now 5backupsvc.exe |
«{0F97F01F-8BCC-47F1-96AE-B9DCC854CBC3}» = protocol=17 | dir=in | app=c:program filesivt corporationbluesoleilbluesoleil.exe |
«{1881BA75-8E4A-4707-80D8-8C2D9C9B221F}» = protocol=6 | dir=in | app=c:program filesmicrosoft officeoffice12onenote.exe |
«{2D44502B-0536-433C-BC65-FD6A9F727064}» = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
«{2E1C4E26-AEFB-4F8B-B82D-ECF7EDF97270}» = protocol=17 | dir=in | app=c:program filesmail.rusputniksputnikhelper.exe |
«{2EA52A94-DE46-48DE-A9E4-F581DB34E1A0}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpqgplgtupl.exe |
«{2EDC6089-B0C9-4E52-8BE6-46D281112B3C}» = protocol=6 | dir=in | app=c:program filesnewtech infosystemsnti backup now 5backupsvc.exe |
«{30EC5D0B-9121-40DF-A615-CCF7051080CF}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpqgpc01.exe |
«{3401A129-CF65-4F61-B3F8-96E89E3FD16E}» = protocol=6 | dir=out | svc=upnphost | app=%systemroot%system32svchost.exe |
«{4BCAAB3C-1205-4D33-BFFF-52582BED0B8D}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpqpse.exe |
«{4CCABA30-2753-4961-AFBC-58FA482733E5}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpqsudi.exe |
«{4F67B330-AD87-425A-9ED4-520BAE90612B}» = protocol=17 | dir=in | app=c:program filesivt corporationbluesoleilbluesoleil.exe |
«{590FFF10-0099-49D1-806A-1395DD5B7D96}» = protocol=17 | dir=in | app=c:program filesmicrosoft officeoffice12onenote.exe |
«{5AE2CB97-ADF3-4FB1-A4A5-39B856F16E27}» = protocol=17 | dir=in | app=c:program filesmicrosoft officeoffice12onenote.exe |
«{5D02A8D3-3F9E-463A-89D5-4AC4021B3F95}» = protocol=6 | dir=in | app=c:program filesmail.rusputniksputnikhelper.exe |
«{6264DD64-ABC5-434E-8D69-0A9AE1350BA5}» = protocol=6 | dir=in | app=c:program filesivt corporationbluesoleilbluesoleil.exe |
«{62C29A2E-4CCB-44FE-852D-6E5F54A613E7}» = dir=in | app=c:program filesskypephoneskype.exe |
«{6A2F23D4-CCC8-4D99-A375-6AA18A3D77B6}» = protocol=6 | dir=in | app=c:program filesivt corporationbluesoleilbluesoleil.exe |
«{6F220302-5992-454F-872D-9ECDDD3DA57A}» = dir=in | app=c:program filescommon fileshpdigital imagingbinhpqphotocrm.exe |
«{88A6A17A-7DE4-4838-B85B-7A285B9761CB}» = protocol=6 | dir=in | app=c:program filesmail.rusputniksputnikflashplayer.exe |
«{902DAF92-60E5-435F-8985-E745E8F9B7D2}» = dir=in | app=c:program fileswindows livesyncwindowslivesync.exe |
«{952D3757-F322-4D7C-94F4-B387454588E5}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpiscnapp.exe |
«{957F13D0-7855-42CA-AE8E-874AED2D9525}» = protocol=17 | dir=in | app=c:program filesmail.rusputniksputnikflashplayer.exe |
«{9B15F9F6-3C9B-4A22-83AB-F97EF5DF4B2C}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpqscnvw.exe |
«{A3B21322-A7ED-4C7D-9210-E4B726DC225D}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpfccopy.exe |
«{A7BD600F-8519-4C8D-B291-55D1CB030596}» = protocol=6 | dir=in | app=c:program filesmicrosoft officeoffice12onenote.exe |
«{BBE383C2-DBC0-423B-AAE2-426CA87527F5}» = protocol=17 | dir=in | app=c:program filesnewtech infosystemsnti backup now 5schedulersvc.exe |
«{BF6D1787-5173-40C4-9530-29AB9A0407F4}» = protocol=6 | dir=in | app=c:program fileslogitechvid hdvid.exe |
«{CA558ACD-C44F-4E8A-9E89-90B5C098741C}» = dir=in | app=c:program fileshewlett-packardhp software updatehpwucli.exe |
«{CB8C9DC0-C69B-4525-8D88-17C87670369D}» = dir=in | app=c:program fileswindows livemeshmoe.exe |
«{CEB8754B-45EF-4863-8403-6A8C245E7B32}» = dir=in | app=c:program fileswindows livecontactswlcomm.exe |
«{D5EBED24-B67B-4095-A439-A6EBAEB5EE14}» = protocol=6 | dir=in | app=c:program filesnewtech infosystemsnti backup now 5schedulersvc.exe |
«{DCBFAC71-9EE2-4C6D-90F3-6944A14C843E}» = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
«{E4201F91-7050-40C8-BC98-D0335217BE5E}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpqkygrp.exe |
«{EDB00B78-89CB-48B1-B592-BB1D56FB10E1}» = protocol=17 | dir=in | app=c:program fileslogitechvid hdvid.exe |
«{FD348BBE-9BF6-47BC-9F46-D33D75883F3F}» = dir=in | app=c:program fileshewlett-packarddigital imagingbinhpqpsapp.exe |
«TCP Query User{69C673D6-76D6-4F56-9974-605D7743461E}C:program filesmail.ruagentmagent.exe» = protocol=6 | dir=in | app=c:program filesmail.ruagentmagent.exe |
«UDP Query User{4241B978-7AA5-4512-9834-95405CD3AD2E}C:program filesmail.ruagentmagent.exe» = protocol=17 | dir=in | app=c:program filesmail.ruagentmagent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{00000000-0000-ACTI-RUSS-BARBIEISLAND}_is1» = «Barbie(TM) — Barbie(TM) в роли Принцессы острова» 1.0c
«{02407A7A-D333-477C-B870-7BEB1EB47E33}» = Windows Live Family Safety
«{039480EE-6933-4845-88B8-77FD0C3D059D}» = Windows Live Mesh
«{06A1D88C-E102-4527-AF70-29FFD7AF215A}» = Scan
«{08234a0d-cf39-4dca-99f0-0c5cb496da81}» = Панель Bing
«{08610298-29AE-445B-B37D-EFBE05802967}» = LWS Pictures And Video
«{08BB86A3-BD8B-491F-9751-CDA93D8E0B59}» = Windows Live Sync
«{0B0F231F-CE6A-483D-AA23-77B364F75917}» = Windows Live Installer
«{12EFA1A4-AC3B-443C-8143-237EDE760403}» = NTI Backup Now Standard
«{138A4072-9E64-46BD-B5F9-DB2BB395391F}» = LWS VideoEffects
«{15634701-BACE-4449-8B25-1567DA8C9FD3}» = CameraHelperMsi
«{15D967B5-A4BE-42AE-9E84-64CD062B25AA}» = eSobi v2
«{1651216E-E7AD-4250-92A1-FB8ED61391C9}» = LWS Help_main
«{168E7302-890A-4138-9109-A225ACAF7AD1}» = Windows Live Photo Common
«{174A3B31-4C43-43DD-866F-73C9DB887B48}» = LWS Twitter
«{18455581-E099-4BA8-BC6B-F34B2F06600C}» = Google Toolbar for Internet Explorer
«{19A4A990-5343-4FF7-B3B5-6F046C091EDF}» = Windows Live Remote Client
«{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}» = Junk Mail filter update
«{200FEC62-3C34-4D60-9CE8-EC372E01C08F}» = Windows Live SOXE Definitions
«{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}» = LWS YouTube Plugin
«{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}» = Windows Live Remote Service
«{2318C2B1-4965-11d4-9B18-009027A5CD4F}» = Google Toolbar for Internet Explorer
«{2374BED8-2605-45E1-ACA8-D2AB38B3C63C}» = «Начальная школа Кирилла и Мефодия. Русский язык. 1 класс»
«{2413930C-8309-47A6-BC61-5EF27A4222BC}» = NTI Media Maker 8
«{26A24AE4-039D-4CA4-87B4-2F83216016FF}» = Java(TM) 6 Update 23
«{26A24AE4-039D-4CA4-87B4-2F83216018F0}» = Java(TM) 6 Update 18
«{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}» = Microsoft .NET Framework 3.5 Language Pack SP1 — rus
«{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}» = BufferChm
«{3336F667-9049-4D46-98B6-4C743EEBC5B1}» = Windows Live Photo Gallery
«{3705D53F-BB01-4BEE-8585-289E71CAC4B4}» = Компаньон Messenger
«{3C3901C5-3455-3E0A-A214-0B093A5070A6}» = Microsoft .NET Framework 4 Client Profile
«{3D3E663D-4E7E-4577-A560-7ECDDD45548A}» = PVSonyDll
«{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}» = erLT
«{43CDF946-F5D9-4292-B006-BA0D92013021}» = WebReg
«{4A03706F-666A-4037-7777-5F2748764D10}» = Java Auto Updater
«{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}» = SolutionCenter
«{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}» = Windows Live PIMT Platform
«{5208FDB2-D561-3FB4-9763-6B10B06745B7}» = Microsoft .NET Framework 4 Client Profile RUS Language Pack
«{54A08450-B343-40B0-924E-68F031450996}» = КриптоПро CSP
«{568161BB-4D77-4534-AB92-55040CD92798}» = Panda Internet Security 2010
«{56C049BE-79E9-4502-BEA7-9754A3E60F9B}» = neroxml
«{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}» = ShareIns
«{5C2F4253-6243-45CD-BE1D-C80409788370}» = OpenOffice.org 3.2
«{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}» = Segoe UI
«{61AD15B2-50DB-4686-A739-14FE180D4429}» = Windows Live ID Sign-in Assistant
«{63FF21C9-A810-464F-B60A-3111747B1A6D}» = GPBaseService2
«{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}» = Bing Bar Platform
«{682B3E4F-696A-42DE-A41C-4C07EA1678B4}» = Windows Live SOXE
«{68301905-2DEA-41CE-A4D4-E8B443B099BA}» = MyWinLocker
«{6986737B-F286-40D1-87AF-938339DCF6AB}» = Windows Live Messenger
«{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}» = LWS Gallery
«{6F7ECD56-E224-4263-9B7E-158E5CECC43B}» = HP Photo and Imaging 2.1 — Scanjet 2400 Series
«{71E66D3F-A009-44AB-8784-75E2819BA4BA}» = LWS Motion Detection
«{7320F37D-592C-4270-BDAA-E43CC977A77C}» = «Начальная школа Кирилла и Мефодия. Математика. 1 класс. Часть 2»
«{7465A996-0FCA-4D2D-A52C-F833B0829B5B}» = Windows Live Movie Maker
«{770657D0-A123-3C07-8E44-1C83EC895118}» = Microsoft Visual C++ 2005 ATL Update kb973923 — x86 8.0.50727.4053
«{77F69CA1-E53D-4D77-8BA3-FA07606CC851}» = Фотоальбом Windows Live
«{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}» = Windows Live Messenger Companion Core
«{7926EFB6-7CB4-4A9D-AB01-095F67F9D519}» = Panda Internet Security 2010
«{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}» = Acer ScreenSaver
«{7A143876-9658-4A58-82E7-B5F02D942957}» = Windows Live Remote Client Resources
«{7F811A54-5A09-4579-90E1-C93498E230D9}» = Acer eRecovery Management
«{7FF11E53-C002-4F40-8D68-6BE751E5DD62}» = Windows Live Writer Resources
«{818ABC3C-635C-4651-8183-D0E9640B7DD1}» = HP Update
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}» = Zuma Deluxe
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}» = Chicken Invaders 2
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}» = Mystery Solitaire — Secret Island
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111940693}» = Bookworm Adventures
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}» = Heroes of Hellas
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}» = Dream Day First Home
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}» = Go-Go Gourmet
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}» = Magic Match Adventures
«{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}» = Magic Farm
«{837b34e3-7c30-493c-8f6a-2b0f04e2912c}» = Microsoft Visual C++ 2005 Redistributable
«{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}» = LWS Launcher
«{8937D274-C281-42E4-8CDB-A0B2DF979189}» = LWS Webcam Software
«{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}» = Microsoft Silverlight
«{8BAE6262-5FB8-46FF-BF6E-AEE4970164AF}» = ABBYY FineReader 7.0 Home Edition
«{8C6D6116-B724-4810-8F2D-D047E6B7D68E}» = Mesh Runtime
«{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}» = MSVCRT
«{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287}» = Bluesoleil2.7.0.13 VoIP Release 071227
«{90120000-0016-0419-0000-0000000FF1CE}» = Microsoft Office Excel MUI (Russian) 2007
«{90120000-0016-0419-0000-0000000FF1CE}_HOMESTUDENTR_{DCB382C1-7F1B-42B2-9D47-EDC4262E832F}» = Microsoft Office 2007 Service Pack 2 (SP2)
«{90120000-0018-0419-0000-0000000FF1CE}» = Microsoft Office PowerPoint MUI (Russian) 2007
«{90120000-0018-0419-0000-0000000FF1CE}_HOMESTUDENTR_{DCB382C1-7F1B-42B2-9D47-EDC4262E832F}» = Microsoft Office 2007 Service Pack 2 (SP2)
«{90120000-001B-0419-0000-0000000FF1CE}» = Microsoft Office Word MUI (Russian) 2007
«{90120000-001B-0419-0000-0000000FF1CE}_HOMESTUDENTR_{DCB382C1-7F1B-42B2-9D47-EDC4262E832F}» = Microsoft Office 2007 Service Pack 2 (SP2)
«{90120000-001F-0407-0000-0000000FF1CE}» = Microsoft Office Proof (German) 2007
«{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}» = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
«{90120000-001F-0409-0000-0000000FF1CE}» = Microsoft Office Proof (English) 2007
«{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}» = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
«{90120000-001F-0419-0000-0000000FF1CE}» = Microsoft Office Proof (Russian) 2007
«{90120000-001F-0419-0000-0000000FF1CE}_HOMESTUDENTR_{57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}» = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
«{90120000-001F-0422-0000-0000000FF1CE}» = Microsoft Office Proof (Ukrainian) 2007
«{90120000-001F-0422-0000-0000000FF1CE}_HOMESTUDENTR_{6F177D09-F21D-4F50-9436-353972D1D232}» = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
«{90120000-0020-0419-0000-0000000FF1CE}» = Пакет обеспечения совместимости для выпуска 2007 системы Microsoft Office
«{90120000-002C-0419-0000-0000000FF1CE}» = Microsoft Office Proofing (Russian) 2007
«{90120000-006E-0419-0000-0000000FF1CE}» = Microsoft Office Shared MUI (Russian) 2007
«{90120000-006E-0419-0000-0000000FF1CE}_HOMESTUDENTR_{37317C49-30C4-412C-B0B9-D95090F330D8}» = Microsoft Office 2007 Service Pack 2 (SP2)
«{90120000-00A1-0419-0000-0000000FF1CE}» = Microsoft Office OneNote MUI (Russian) 2007
«{90120000-00A1-0419-0000-0000000FF1CE}_HOMESTUDENTR_{DCB382C1-7F1B-42B2-9D47-EDC4262E832F}» = Microsoft Office 2007 Service Pack 2 (SP2)
«{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}» = Intel(R) Matrix Storage Manager
«{91120000-002F-0000-0000-0000000FF1CE}» = Microsoft Office Home and Student 2007
«{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}» = Microsoft Office 2007 Service Pack 2 (SP2)
«{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}» = Security Update for Microsoft Office system 2007 (972581)
«{92EA4134-10D1-418A-91E1-5A0453131A38}» = Windows Live Movie Maker
«{95120000-00B9-0409-0000-0000000FF1CE}» = Microsoft Application Error Reporting
«{9B362566-EC1B-4700-BB9C-EC661BDE2175}» = DocProc
«{9D56775A-93F3-44A3-8092-840E3826DE30}» = Windows Live Mail
«{9DAEA76B-E50F-4272-A595-0124E826553D}» = LWS WLM Plugin
«{a289dbea-4877-48b3-bdf8-752e7a690d97}» = Nero 9 Lite
«{A726AE06-AAA3-43D1-87E3-70F510314F04}» = Windows Live Writer
«{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}» = Google Update Helper
«{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}» = Windows Live Photo Common
«{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}» = Windows Live Writer
«{AC76BA86-7AD7-1049-7B44-A94000000001}» = Adobe Reader 9.4.1 — Russian
«{AF844339-2F8A-4593-81B3-9F4C54038C4E}» = Windows Live MIME IFilter
«{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}» = Почта Windows Live
«{BC41DF50-6D8F-4F2F-B21E-38A1C452565D}» = Rutoken Drivers
«{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}» = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
«{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}» = Destinations
«{C021A311-1124-4E23-A06A-0D8B5557E9C1}_is1» = «Barbie(TM) — Приключения на ранчо» 1.0с
«{C43326F5-F135-4551-8270-7F7ABA0462E1}» = HPProductAssistant
«{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}» = Skype Toolbars
«{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}» = Windows Live Writer
«{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}» = Microsoft .NET Framework 3.5 SP1
«{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}» = Windows Live UX Platform
«{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}» = Microsoft Search Enhancement Pack
«{D3CAE2CA-BE71-4CA4-9EB9-46E1C82E778B}» = Windows Live Remote Service Resources
«{D40EB009-0499-459c-A8AF-C9C110766215}» = Logitech Webcam Software
«{D45240D3-B6B3-4FF9-B243-54ECE3E10066}» = Windows Live Communications Platform
«{D79113E7-274C-470B-BD46-01B10219DF6A}» = HPPhotosmartEssential
«{D8DAB025-C2CE-4821-8117-494E95ADA031}» = Windows Live UX Platform Language Pack
«{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}» = Acer Product Registration
«{DECDCB7C-58CC-4865-91AF-627F9798FE48}» = Windows Live Mesh
«{E09C4DB7-630C-4F06-A631-8EA7239923AF}» = D3DX10
«{E3B67F67-F1BA-4709-96CE-72E92A8BF5E3}» = hpg2410
«{E5B04674-1885-4B08-BAE7-ECDEC1F84677}» = HP Scanjet G2410 and 2400
«{E62A1F01-07B7-4541-A835-EE5B0BF064C2}» = Microsoft Antimalware
«{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}» = Skype™ 5.1
«{E83DC314-C926-4214-AD58-147691D6FE9F}» = Основные компоненты Windows Live
«{E8A80433-302B-4FF1-815D-FCC8EAC482FF}» = Nero Installer
«{EB4DF488-AAEF-406F-A341-CB2AAA315B90}» = Windows Live Messenger
«{EED027B7-0DB6-404B-8F45-6DFEE34A0441}» = LWS Video Mask Maker
«{EF98A02A-1748-4762-9B7D-5ED1600520D5}» = Microsoft Security Essentials
«{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}» = Microsoft SQL Server 2005 Compact Edition [ENU]
«{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}» = Realtek High Definition Audio Driver
«{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}» = Microsoft Office Live Add-in 1.5
«{F53D678E-238F-4A71-9742-08BB6774E9DC}» = Windows Live Family Safety
«{F6589A22-AFB4-4458-BBA3-90B75BB57044}» = Rutoken Magistra Drivers
«{FA8BA2B5-EB0E-428B-AAB2-2D608D959B18}» = Microsoft Antimalware Service RU-RU Language Pack
«{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}» = LWS Facebook
«22 игры с собаками_is1» = 22 игры с собаками
«Adobe Flash Player ActiveX» = Adobe Flash Player 10 ActiveX
«AlfaDirect» = Терминал Альфа-Директ™
«Cats_Theatre.exe» = Театр кошек
«ESET Online Scanner» = ESET Online Scanner v3
«FBReader for Windows XP» = FBReader for Windows XP
«Google Desktop» = Google Desktop
«Guard.Mail.ru» = Guard.Mail.ru
«HOMESTUDENTR» = Microsoft Office Home and Student 2007
«HP Imaging Device Functions» = HP Imaging Device Functions 13.0
«HP Photosmart Essential» = HP Photosmart Essential 3.5
«HP Solution Center & Imaging Support Tools» = HP Solution Center 13.0
«HPOCR» = OCR Software by I.R.I.S. 13.0
«InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}» = NTI Backup Now 5
«InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}» = eSobi v2
«InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}» = NTI Media Maker 8
«KLiteCodecPack_is1» = K-Lite Mega Codec Pack 6.5.0
«Logitech Vid» = Logitech Vid HD
«MailRuSputnik» = Mail.Ru Спутник 2.3.0.289
«Microsoft .NET Framework 3.5 Language Pack SP1 — rus» = Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS
«Microsoft .NET Framework 3.5 SP1» = Microsoft .NET Framework 3.5 SP1
«Microsoft .NET Framework 4 Client Profile» = Microsoft .NET Framework 4 Client Profile
«Microsoft .NET Framework 4 Client Profile RUS Language Pack» = Языковой пакет клиентского профиля Microsoft.NET Framework 4 — RUS
«Microsoft Security Essentials» = Microsoft Security Essentials
«NVIDIA Display Control Panel» = NVIDIA Display Control Panel
«NVIDIA Drivers» = NVIDIA Drivers
«ViewpointMediaPlayer» = Viewpoint Media Player (Remove Only)
«WinLiveSuite» = Основные компоненты Windows Live
«WinRAR archiver» = WinRAR archiver
«Король лев — Новые приключения» = Король лев — Новые приключения
«Пятачок В Подводном Царстве_is1» = Пятачок В Подводном Царстве

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error — 19.09.2010 23:42:30 | Computer Name = Общий-ПК | Source = WinMgmt | ID = 10
Description =

Error — 20.09.2010 10:33:11 | Computer Name = Общий-ПК | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error — 20.09.2010 10:33:11 | Computer Name = Общий-ПК | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error — 20.09.2010 10:33:11 | Computer Name = Общий-ПК | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error — 20.09.2010 10:33:35 | Computer Name = Общий-ПК | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error — 20.09.2010 10:40:29 | Computer Name = Общий-ПК | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error — 20.09.2010 10:40:30 | Computer Name = Общий-ПК | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error — 20.09.2010 10:40:31 | Computer Name = Общий-ПК | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error — 20.09.2010 10:41:08 | Computer Name = Общий-ПК | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error — 20.09.2010 10:47:16 | Computer Name = Общий-ПК | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error — 05.10.2010 0:24:08 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error — 07.10.2010 9:37:13 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error — 07.10.2010 9:50:02 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error — 10.10.2010 5:31:12 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error — 08.11.2010 0:00:24 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.

Error — 08.11.2010 12:57:16 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.

Error — 08.11.2010 13:00:35 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
seconds with 0 seconds of active time. This session ended with a crash.

Error — 08.11.2010 13:01:23 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error — 03.12.2010 12:31:07 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error — 21.12.2010 11:07:05 | Computer Name = Общий-ПК | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error — 13.01.2011 0:35:40 | Computer Name = Общий-ПК | Source = Service Control Manager | ID = 7000
Description =

Error — 13.01.2011 0:36:03 | Computer Name = Общий-ПК | Source = Microsoft Antimalware | ID = 3002
Description = %%861: при выполнении функции защиты в режиме реального времени произошла
ошибка, приведшая к завершению работы данной функции. Функция: %%835 Код ошибки:
0x80004005 Описание ошибки: Неопознанная ошибка Причина: %%842

Error — 13.01.2011 11:22:43 | Computer Name = Общий-ПК | Source = Microsoft Antimalware | ID = 3002
Description = %%861: при выполнении функции защиты в режиме реального времени произошла
ошибка, приведшая к завершению работы данной функции. Функция: %%835 Код ошибки:
0x80004005 Описание ошибки: Неопознанная ошибка Причина: %%842

Error — 13.01.2011 23:51:40 | Computer Name = Общий-ПК | Source = Microsoft Antimalware | ID = 3002
Description = %%861: при выполнении функции защиты в режиме реального времени произошла
ошибка, приведшая к завершению работы данной функции. Функция: %%835 Код ошибки:
0x80004005 Описание ошибки: Неопознанная ошибка Причина: %%842

Error — 14.01.2011 7:43:14 | Computer Name = Общий-ПК | Source = Dhcp | ID = 1002
Description = Аренда IP-адреса 192.168.0.100 для сетевого адаптера с сетевым адресом
001F16F40336 отклонена DHCP-сервером 192.168.0.1 (DHCP-сервер отправил сообщение
DHCPNACK).

Error — 14.01.2011 7:43:42 | Computer Name = Общий-ПК | Source = Microsoft Antimalware | ID = 3002
Description = %%861: при выполнении функции защиты в режиме реального времени произошла
ошибка, приведшая к завершению работы данной функции. Функция: %%835 Код ошибки:
0x80004005 Описание ошибки: Неопознанная ошибка Причина: %%842

Error — 14.01.2011 7:44:14 | Computer Name = Общий-ПК | Source = Service Control Manager | ID = 7011
Description =

Error — 14.01.2011 10:16:59 | Computer Name = Общий-ПК | Source = Microsoft Antimalware | ID = 3002
Description = %%861: при выполнении функции защиты в режиме реального времени произошла
ошибка, приведшая к завершению работы данной функции. Функция: %%835 Код ошибки:
0x80004005 Описание ошибки: Неопознанная ошибка Причина: %%842

Error — 15.01.2011 1:45:33 | Computer Name = Общий-ПК | Source = Microsoft Antimalware | ID = 3002
Description = %%861: при выполнении функции защиты в режиме реального времени произошла
ошибка, приведшая к завершению работы данной функции. Функция: %%835 Код ошибки:
0x80004005 Описание ошибки: Неопознанная ошибка Причина: %%842

Error — 16.01.2011 3:01:55 | Computer Name = Общий-ПК | Source = Microsoft Antimalware | ID = 3002
Description = %%861: при выполнении функции защиты в режиме реального времени произошла
ошибка, приведшая к завершению работы данной функции. Функция: %%834 Код ошибки:
0x80004005 Описание ошибки: Неопознанная ошибка Причина: %%838

[Helper]

]Прочитайте описание программы Malwarebytes Anti-malware (MBAM).
Скачайте и выполните сканирование вашего компьютера. Удалите всё что будет найдено.
В конце работы будет показан лог, вставьте его в ваш ответ + приложите свежий RSIT лог (только log.txt), причём запускайте RSIT после MBAM.

[albash]

Здравствуйте. лог MBAM:
Malwarebytes’ Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Версия базы данных: 5552

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

19.01.2011 13:21:22
mbam-log-2011-01-19 (13-21-22).txt

Тип сканирования: Полное сканирование (C:|D:|E:|F:|G:|H:|I:|K:|L:|)
Просканированные объекты: 277898
Времени прошло: 1 часов, 25 минут, 38 секунд

Заражённые процессы в памяти: 0
Заражённые модули в памяти: 0
Заражённые ключи в реестре: 0
Заражённые параметры в реестре: 0
Объекты реестра заражены: 0
Заражённые папки: 0
Заражённые файлы: 0

Заражённые процессы в памяти:
(Вредоносных программ не обнаружено)

Заражённые модули в памяти:
(Вредоносных программ не обнаружено)

Заражённые ключи в реестре:
(Вредоносных программ не обнаружено)

Заражённые параметры в реестре:
(Вредоносных программ не обнаружено)

Объекты реестра заражены:
(Вредоносных программ не обнаружено)

Заражённые папки:
(Вредоносных программ не обнаружено)

Заражённые файлы:
(Вредоносных программ не обнаружено)

[albash]

Лог RSIT:
Logfile of random’s system information tool 1.08 (written by random/random)
Run by Общий компьютер at 2011-01-19 13:27:31
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 85 GB (59%) free of 145 GB
Total RAM: 2046 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:27:57, on 19.01.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:PROGRAM FILESPANDA SECURITYPANDA INTERNET SECURITY 2010WebProxy.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe
C:WindowsSystem32mobsync.exe
C:Program FilesRealtekAudioHDARtHDVCpl.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
C:Program FilesEgisTec Egis Software UpdateEgisUpdate.exe
C:Program FilesEgisTecMyWinLocker 3x86mwlDaemon.exe
C:Program FilesPanda SecurityPanda Internet Security 2010ApVxdWin.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
C:Program FilesHewlett-PackardDigital ImagingbinHpqSRmon.exe
C:Program FilesHewlett-PackardHP Software Updatehpwuschd2.exe
C:Program FilesMicrosoft Security Essentialsmsseces.exe
C:Program FilesCommon FilesJavaJava Updatejusched.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:Program FilesLogitechLWSWebcam SoftwareLWS.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesLogitechVid HDVid.exe
C:Program FilesSkypePhoneSkype.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:Program FilesPanda SecurityPanda Internet Security 2010PavBckPT.exe
C:Windowssystem32SearchProtocolHost.exe
C:Windowssystem32SearchFilterHost.exe
C:UsersОбщий компьютерDesktopRSIT.exe
C:Program Filestrend microОбщий компьютер.exe
C:Program FilesPanda SecurityPanda Internet Security 2010avciman.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://yandex.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0419&s=1&o=vb32&d=1006&m=aspire_x3810
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — (no file)
O2 — BHO: Windows Live ID Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Windows Live Messenger Companion Helper — {9FDDE16B-836F-4806-AB1F-1455CBEFF289} — C:Program FilesWindows LiveCompanioncompanioncore.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.6.5805.1910swg.dll
O2 — BHO: Bing Bar BHO — {d2ce3e00-f94a-4740-988e-03dc2f38c34f} — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: @C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll,-100 — {8dcb7100-df86-4384-8842-8fa844297b3f} — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [IAAnotif] C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
O4 — HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe
O4 — HKLM..Run: [Google Desktop Search] «C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe» /startup
O4 — HKLM..Run: [EgisTecLiveUpdate] «C:Program FilesEgisTec Egis Software UpdateEgisUpdate.exe»
O4 — HKLM..Run: [mwlDaemon] C:Program FilesEgisTecMyWinLocker 3x86mwlDaemon.exe
O4 — HKLM..Run: [APVXDWIN] «C:Program FilesPanda SecurityPanda Internet Security 2010APVXDWIN.EXE» /s
O4 — HKLM..Run: [SCANINICIO] «C:Program FilesPanda SecurityPanda Internet Security 2010Inicio.exe»
O4 — HKLM..Run: [Skytel] C:Program FilesRealtekAudioHDASkytel.exe
O4 — HKLM..Run: [Share-to-Web Namespace Daemon] C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 — HKLM..Run: [hpqSRMon] C:Program FilesHewlett-PackardDigital ImagingbinhpqSRMon.exe
O4 — HKLM..Run: [HP Software Update] C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [MSSE] «C:Program FilesMicrosoft Security Essentialsmsseces.exe» -hide -runkey
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesCommon FilesJavaJava Updatejusched.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [Adobe ARM] «C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe»
O4 — HKLM..Run: [LWS] C:Program FilesLogitechLWSWebcam SoftwareLWS.exe -hide
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe
O4 — HKCU..Run: [msnmsgr] «C:Program FilesWindows LiveMessengermsnmsgr.exe» /background
O4 — HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 — HKCU..Run: [CollaborationHost] C:Windowssystem32p2phost.exe -s
O4 — HKCU..Run: [Logitech Vid] «C:Program FilesLogitechVid HDVid.exe» -bootmode
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — Startup: Logitech . Регистрация Продукта.lnk = C:Program FilesLogitechEregeReg.exe
O4 — Global Startup: Монитор АПС-Печать.lnk = H:bp6RSPrintPrintMon.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Google ВикиКомментарии… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 — Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 — {0000036B-C524-4050-81A0-243669A86B9F} — C:Program FilesWindows LiveCompanioncompanioncore.dll
O9 — Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Skype Plug-In — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype Plug-In — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O16 — DPF: {0013C359-980C-4916-B47A-B313DDF56755} (Alfa-Direct Signer Control) — https://www.alfadirect.ru/ADSign/ADCrypto.cab
O16 — DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} — http://download.eset.com/special/eos/OnlineScanner.cab
O16 — DPF: {D27CDB6E-AE6D-91CF-96B8-744553240000} — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O18 — Protocol: wlpg — {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O20 — AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GoogleDesktopNetwork3.dll
O20 — Winlogon Notify: cpcsp — C:Program FilesCrypto ProCSPcpcspi.dll
O22 — SharedTaskScheduler: Component Categories cache daemon — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:Windowssystem32browseui.dll
O23 — Service: BlueSoleil Hid Service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Диспетчер Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) — Google — C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 — Service: Служба Google Update (gupdate) (gupdate) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe
O23 — Service: Process Monitor (LVPrcSrv) — Logitech Inc. — C:Program FilesCommon FilesLogishrdLVMVFMLVPrcSrv.exe
O23 — Service: MyWinLocker Service (MWLService) — EgisTec Inc. — C:Program FilesEgisTecMyWinLocker 3×86\MWLService.exe
O23 — Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) — NewTech InfoSystems, Inc. — C:Program FilesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe
O23 — Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) — NewTech Infosystems, Inc. — C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: Panda Software Controller — Panda Security, S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010PsCtrls.exe
O23 — Service: Panda Function Service (PAVFNSVR) — Unknown owner — C:Program FilesPanda SecurityPanda Internet Security 2010PavFnSvr.exe
O23 — Service: Panda Process Protection Service (PavPrSrv) — Unknown owner — C:Program FilesCommon FilesPanda SecurityPavShldpavprsrv.exe
O23 — Service: Panda On-Access Anti-Malware Service (PAVSRV) — Panda Security, S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010pavsrvx86.exe
O23 — Service: Panda Host Service (PSHost) — Unknown owner — c:program filespanda securitypanda internet security 2010firewallPSHOST.EXE
O23 — Service: Panda IManager Service (PSIMSVC) — Panda Security S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010PsImSvc.exe
O23 — Service: Panda PSK service (PskSvcRetail) — Panda Security, S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010PskSvc.exe
O23 — Service: Start BT in service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilStartSkysolSvc.exe
O23 — Service: Panda TPSrv (TPSrv) — Panda Security, S.L. — C:Program FilesPanda SecurityPanda Internet Security 2010TPSrv.exe
O23 — Service: @C:WindowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) — Корпорация Майкрософт — C:WindowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe

—
End of file — 12236 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksUser_Feed_Synchronization-{40CBA629-AF20-4EA7-B068-C4E5C2E3414E}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper — C:Program FilesWindows LiveCompanioncompanioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-12-09 297648]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.6.5805.1910swg.dll [2010-10-25 843832]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} — @C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll,-100 — C:Program FilesMSN ToolbarPlatform6.3.2322.0npwinext.dll [2010-09-22 612616]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-12-09 297648]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«IAAnotif»=C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe [2008-09-12 182808]
«RtHDVCpl»=C:Program FilesRealtekAudioHDARtHDVCpl.exe [2009-03-10 6957600]
«Google Desktop Search»=C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe [2010-07-25 30192]
«EgisTecLiveUpdate»=C:Program FilesEgisTec Egis Software UpdateEgisUpdate.exe [2008-10-27 199464]
«mwlDaemon»=C:Program FilesEgisTecMyWinLocker 3x86mwlDaemon.exe [2008-10-27 346672]
«APVXDWIN»=C:Program FilesPanda SecurityPanda Internet Security 2010APVXDWIN.EXE [2009-09-25 906496]
«SCANINICIO»=C:Program FilesPanda SecurityPanda Internet Security 2010Inicio.exe [2009-08-12 56064]
«Skytel»=C:Program FilesRealtekAudioHDASkytel.exe [2009-03-10 1833504]
«Share-to-Web Namespace Daemon»=C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe [2002-04-17 69632]
«hpqSRMon»=C:Program FilesHewlett-PackardDigital ImagingbinhpqSRMon.exe [2008-08-20 150016]
«HP Software Update»=C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe [2008-12-08 54576]
«MSSE»=C:Program FilesMicrosoft Security Essentialsmsseces.exe [2010-09-15 1094224]
«SunJavaUpdateSched»=C:Program FilesCommon FilesJavaJava Updatejusched.exe [2010-05-14 248552]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2010-09-23 35760]
«Adobe ARM»=C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2010-09-20 932288]
«LWS»=C:Program FilesLogitechLWSWebcam SoftwareLWS.exe [2010-05-07 165208]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-11-28 68856]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-04-11 1233920]
«msnmsgr»=C:Program FilesWindows LiveMessengermsnmsgr.exe [2010-09-22 4240760]
«WMPNSCFG»=C:Program FilesWindows Media PlayerWMPNSCFG.exe [2008-01-21 202240]
«CollaborationHost»=C:Windowssystem32p2phost.exe [2008-01-21 192000]
«Logitech Vid»=C:Program FilesLogitechVid HDVid.exe [2010-10-30 5915480]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2011-01-03 15028104]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Монитор АПС-Печать.lnk — H:bp6RSPrintPrintMon.exe

C:UsersОбщий компьютерAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Logitech . Регистрация Продукта.lnk — C:Program FilesLogitechEregeReg.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLs»=»C:PROGRA~1GoogleGOOGLE~1GoogleDesktopNetwork3.dll»

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavldr]
C:Windowssystem32avldr.dll [2008-03-18 58672]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycpcsp]
C:Program FilesCrypto ProCSPcpcspi.dll [2009-07-29 717824]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}»= []

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPskSvcRetail]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalR5BaseSmc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSCardSvr]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaltoken]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMsMpSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkR5BaseSmc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworktoken]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDrives»=0

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«BindDirectlyToPropertySetStorage»=0
«NoDrives»=0

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-19 11:30:52 —-D—- C:UsersОбщий компьютерAppDataRoamingMalwarebytes
2011-01-19 11:30:44 —-A—- C:Windowssystem32driversmbamswissarmy.sys
2011-01-19 11:30:43 —-D—- C:ProgramDataMalwarebytes
2011-01-19 11:30:39 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2011-01-19 11:30:39 —-A—- C:Windowssystem32driversmbam.sys
2011-01-16 18:50:47 —-ASH—- C:hiberfil.sys
2011-01-13 09:25:40 —-A—- C:Windowssystem32odbc32.dll
2011-01-13 09:25:19 —-A—- C:Windowssystem32sdclt.exe
2011-01-11 14:57:56 —-D—- C:Windowstemp
2011-01-11 14:46:06 —-SHD—- C:$RECYCLE.BIN
2011-01-11 14:45:57 —-A—- C:ComboFix.txt
2011-01-11 14:30:55 —-A—- C:Windowszip.exe
2011-01-11 14:30:55 —-A—- C:WindowsSWSC.exe
2011-01-11 14:30:55 —-A—- C:WindowsSWREG.exe
2011-01-11 14:30:55 —-A—- C:Windowssed.exe
2011-01-11 14:30:55 —-A—- C:WindowsPEV.exe
2011-01-11 14:30:55 —-A—- C:WindowsNIRCMD.exe
2011-01-11 14:30:55 —-A—- C:WindowsMBR.exe
2011-01-11 14:30:55 —-A—- C:Windowsgrep.exe
2011-01-11 14:30:38 —-D—- C:WindowsERDNT
2011-01-11 14:30:37 —-D—- C:ComboFix
2011-01-11 14:30:26 —-D—- C:Qoobox
2011-01-11 14:30:04 —-A—- C:WindowsSWXCACLS.exe
2011-01-09 14:54:17 —-A—- C:Windowssystem32javaws.exe
2011-01-09 14:54:17 —-A—- C:Windowssystem32javaw.exe
2011-01-09 14:54:17 —-A—- C:Windowssystem32java.exe
2011-01-08 18:10:24 —-D—- C:Program FilesCommon FilesSkype
2011-01-04 15:10:12 —-D—- C:Program FilesMicrosoft CAPICOM 2.1.0.2
2011-01-03 18:19:20 —-D—- C:ProgramDataLogiShrd
2011-01-03 18:15:37 —-D—- C:UsersОбщий компьютерAppDataRoamingLeadertech
2011-01-03 18:15:15 —-D—- C:Windowssystem32logishrd
2011-01-03 18:15:00 —-D—- C:ProgramDataLogitech
2011-01-03 18:14:57 —-D—- C:Program FilesCommon FilesLWS
2011-01-03 18:14:21 —-D—- C:Program FilesLogitech
2011-01-03 18:01:41 —-D—- C:Program FilesCommon Fileslogishrd
2010-12-28 10:27:37 —-D—- C:UsersОбщий компьютерAppDataRoamingPeerNetworking
2010-12-23 22:24:06 —-D—- C:ProgramDataGuard.Mail.Ru

======List of files/folders modified in the last 1 months======

2011-01-19 13:27:54 —-D—- C:WindowsPrefetch
2011-01-19 13:27:44 —-D—- C:Program Filestrend micro
2011-01-19 13:23:09 —-D—- C:UsersОбщий компьютерAppDataRoamingSkype
2011-01-19 12:21:17 —-D—- C:Windowssystem32driversetc
2011-01-19 11:54:31 —-D—- C:Windowssystem32drivers
2011-01-19 11:51:38 —-D—- C:UsersОбщий компьютерAppDataRoamingskypePM
2011-01-19 11:49:17 —-D—- C:WindowsSystem32
2011-01-19 11:30:43 —-D—- C:ProgramData
2011-01-19 11:30:39 —-D—- C:Program Files
2011-01-19 11:16:26 —-SHD—- C:System Volume Information
2011-01-17 17:41:17 —-D—- C:ProgramDataeSobi
2011-01-16 18:50:06 —-D—- C:WindowsMinidump
2011-01-16 18:50:05 —-A—- C:Windowsntbtlog.txt
2011-01-16 18:49:55 —-D—- C:Windows
2011-01-13 09:27:19 —-A—- C:Windowssystem32mrt.exe
2011-01-13 09:27:15 —-D—- C:Windowswinsxs
2011-01-13 09:25:01 —-D—- C:Windowssystem32catroot
2011-01-13 09:25:00 —-D—- C:Windowssystem32catroot2
2011-01-11 14:43:36 —-A—- C:Windowssystem.ini
2011-01-11 14:38:38 —-D—- C:WindowsAppPatch
2011-01-11 14:38:36 —-D—- C:Program FilesCommon Files
2011-01-11 14:20:14 —-D—- C:Windowsinf
2011-01-11 14:20:14 —-A—- C:Windowssystem32PerfStringBackup.INI
2011-01-09 14:54:31 —-SHD—- C:WindowsInstaller
2011-01-09 14:54:14 —-D—- C:Program Filesjava
2011-01-08 18:10:50 —-RD—- C:Program FilesSkype
2011-01-08 18:10:31 —-D—- C:Windowssystem32Tasks
2011-01-08 18:10:04 —-D—- C:ProgramDataSkype
2011-01-03 18:15:36 —-SD—- C:UsersОбщий компьютерAppDataRoamingMicrosoft
2011-01-03 18:01:42 —-D—- C:Windowstwain_32

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:WindowsSystem32Driversvbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:WindowsSystem32DriversBTHidMgr.sys [2007-03-05 35600]
R0 iaStor;Intel AHCI Controller; C:Windowssystem32DRIVERSiaStor.sys [2008-09-12 327192]
R0 pavboot;Panda boot driver; C:Windowssystem32Driverspavboot.sys [2009-06-30 28552]
R1 APPFLT;App Filter Plugin; ??C:Windowssystem32DriversAPPFLT.SYS [2009-09-30 75016]
R1 CProCtrl;КриптоПро CSP драйвер; C:Windowssystem32DRIVERSCProCtrl.sys [2009-04-23 54536]
R1 DSAFLT;DSA Filter Plugin; ??C:Windowssystem32DriversDSAFLT.SYS [2009-06-16 53128]
R1 FNETMON;NetMon Filter Plugin; ??C:Windowssystem32Driversfnetmon.SYS [2008-03-28 22072]
R1 IDSFLT;Ids Filter Plugin; ??C:Windowssystem32DriversIDSFLT.SYS [2009-06-16 193800]
R1 MpFilter;Microsoft Malware Protection Driver; C:Windowssystem32DRIVERSMpFilter.sys [2010-03-25 151216]
R1 NETFLTDI;Panda Net Driver [TDI Layer]; ??C:Windowssystem32DriversNETFLTDI.SYS [2009-06-16 159112]
R2 AmFSM;AmFSM; C:Windowssystem32DRIVERSamm8660.sys [2009-08-06 49160]
R2 ComFiltr;Panda Anti-Dialer; ??C:Windowssystem32DRIVERSCOMFiltr.sys [2009-11-28 13880]
R2 mwlPSDFilter;mwlPSDFilter; C:Windowssystem32DRIVERSmwlPSDFilter.sys [2008-10-09 19504]
R2 mwlPSDNServ;mwlPSDNServ; C:Windowssystem32DRIVERSmwlPSDNServ.sys [2008-10-09 16432]
R2 mwlPSDVDisk;mwlPSDVDisk; C:Windowssystem32DRIVERSmwlPSDVDisk.sys [2008-10-09 59952]
R2 PavProc;Panda Process Protection Driver; ??C:Windowssystem32DRIVERSPavProc.sys [2009-06-30 163336]
R3 AvFlt;Antivirus Filter Driver; C:Windowssystem32driversav5flt.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:Windowssystem32DRIVERSblueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:Windowssystem32DRIVERSBlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:Windowssystem32DRIVERSbtnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WindowsSystem32Driversbtcusb.sys [2007-06-24 38920]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:Windowssystem32DRIVERSe1y6032.sys [2008-11-21 220288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2009-03-10 2338720]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:Windowssystem32DRIVERSLVPr2Mon.sys [2010-05-07 25824]
R3 LVUVC;Logitech Webcam C100(UVC); C:Windowssystem32DRIVERSlvuvc.sys [2010-11-10 4323040]
R3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39; C:Windowssystem32DRIVERSneti1639.sys [2009-09-09 199432]
R3 NTIDrvr;Upper Class Filter Driver; C:Windowssystem32DRIVERSNTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:Windowssystem32driversnvhda32v.sys [2009-05-11 64544]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2010-04-03 11573800]
R3 PavSRK.sys;PavSRK.sys; ??C:Windowssystem32PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys; ??C:Windowssystem32PavTPK.sys []
S1 aatksjzf;aatksjzf; ??C:Windowssystem32driversaatksjzf.sys []
S1 abrqfgyd;abrqfgyd; ??C:Windowssystem32driversabrqfgyd.sys []
S1 acbmeiun;acbmeiun; ??C:Windowssystem32driversacbmeiun.sys []
S1 acejoghr;acejoghr; ??C:Windowssystem32driversacejoghr.sys []
S1 acipanif;acipanif; ??C:Windowssystem32driversacipanif.sys []
S1 aeqvvcmr;aeqvvcmr; ??C:Windowssystem32driversaeqvvcmr.sys []
S1 aitmohax;aitmohax; ??C:Windowssystem32driversaitmohax.sys []
S1 alejpbzl;alejpbzl; ??C:Windowssystem32driversalejpbzl.sys []
S1 alpbmjcf;alpbmjcf; ??C:Windowssystem32driversalpbmjcf.sys []
S1 anhtuzog;anhtuzog; ??C:Windowssystem32driversanhtuzog.sys []
S1 aoftixqm;aoftixqm; ??C:Windowssystem32driversaoftixqm.sys []
S1 aotupanc;aotupanc; ??C:Windowssystem32driversaotupanc.sys []
S1 atbexzho;atbexzho; ??C:Windowssystem32driversatbexzho.sys []
S1 atvfxbzn;atvfxbzn; ??C:Windowssystem32driversatvfxbzn.sys []
S1 awxsrvva;awxsrvva; ??C:Windowssystem32driversawxsrvva.sys []
S1 axuuvqef;axuuvqef; ??C:Windowssystem32driversaxuuvqef.sys []
S1 aytplndr;aytplndr; ??C:Windowssystem32driversaytplndr.sys []
S1 azmdbhwx;azmdbhwx; ??C:Windowssystem32driversazmdbhwx.sys []
S1 bbtpsyfr;bbtpsyfr; ??C:Windowssystem32driversbbtpsyfr.sys []
S1 bcidwhou;bcidwhou; ??C:Windowssystem32driversbcidwhou.sys []
S1 bgsmmbsc;bgsmmbsc; ??C:Windowssystem32driversbgsmmbsc.sys []
S1 bqbxdjmt;bqbxdjmt; ??C:Windowssystem32driversbqbxdjmt.sys []
S1 bqhycprx;bqhycprx; ??C:Windowssystem32driversbqhycprx.sys []
S1 brhcvzbf;brhcvzbf; ??C:Windowssystem32driversbrhcvzbf.sys []
S1 bsjaimrf;bsjaimrf; ??C:Windowssystem32driversbsjaimrf.sys []
S1 btjbbssp;btjbbssp; ??C:Windowssystem32driversbtjbbssp.sys []
S1 bubiasay;bubiasay; ??C:Windowssystem32driversbubiasay.sys []
S1 bxrnwnny;bxrnwnny; ??C:Windowssystem32driversbxrnwnny.sys []
S1 byjdvhzh;byjdvhzh; ??C:Windowssystem32driversbyjdvhzh.sys []
S1 bylzosep;bylzosep; ??C:Windowssystem32driversbylzosep.sys []
S1 bymmbyxi;bymmbyxi; ??C:Windowssystem32driversbymmbyxi.sys []
S1 bzqtzjbi;bzqtzjbi; ??C:Windowssystem32driversbzqtzjbi.sys []
S1 cefofiee;cefofiee; ??C:Windowssystem32driverscefofiee.sys []
S1 cfsazvnn;cfsazvnn; ??C:Windowssystem32driverscfsazvnn.sys []
S1 cndlmavp;cndlmavp; ??C:Windowssystem32driverscndlmavp.sys []
S1 coigdlwv;coigdlwv; ??C:Windowssystem32driverscoigdlwv.sys []
S1 cphuhgif;cphuhgif; ??C:Windowssystem32driverscphuhgif.sys []
S1 ctywrpdm;ctywrpdm; ??C:Windowssystem32driversctywrpdm.sys []
S1 cwfalzch;cwfalzch; ??C:Windowssystem32driverscwfalzch.sys []
S1 cxtlmqyh;cxtlmqyh; ??C:Windowssystem32driverscxtlmqyh.sys []
S1 dbmbwhpe;dbmbwhpe; ??C:Windowssystem32driversdbmbwhpe.sys []
S1 ddikyqhp;ddikyqhp; ??C:Windowssystem32driversddikyqhp.sys []
S1 dgxpqedg;dgxpqedg; ??C:Windowssystem32driversdgxpqedg.sys []
S1 dgyqgatp;dgyqgatp; ??C:Windowssystem32driversdgyqgatp.sys []
S1 diaflwqh;diaflwqh; ??C:Windowssystem32driversdiaflwqh.sys []
S1 dkuaflna;dkuaflna; ??C:Windowssystem32driversdkuaflna.sys []
S1 dltxvnqk;dltxvnqk; ??C:Windowssystem32driversdltxvnqk.sys []
S1 dmiulizo;dmiulizo; ??C:Windowssystem32driversdmiulizo.sys []
S1 donzuqdt;donzuqdt; ??C:Windowssystem32driversdonzuqdt.sys []
S1 dujxocev;dujxocev; ??C:Windowssystem32driversdujxocev.sys []
S1 dvwnhqor;dvwnhqor; ??C:Windowssystem32driversdvwnhqor.sys []
S1 eakwgpou;eakwgpou; ??C:Windowssystem32driverseakwgpou.sys []
S1 eevsksml;eevsksml; ??C:Windowssystem32driverseevsksml.sys []
S1 efjjypxs;efjjypxs; ??C:Windowssystem32driversefjjypxs.sys []
S1 efwrpwmu;efwrpwmu; ??C:Windowssystem32driversefwrpwmu.sys []
S1 ehfnlbsq;ehfnlbsq; ??C:Windowssystem32driversehfnlbsq.sys []
S1 eidougqr;eidougqr; ??C:Windowssystem32driverseidougqr.sys []
S1 eilkguuw;eilkguuw; ??C:Windowssystem32driverseilkguuw.sys []
S1 ejkooqsa;ejkooqsa; ??C:Windowssystem32driversejkooqsa.sys []
S1 ekvpogxj;ekvpogxj; ??C:Windowssystem32driversekvpogxj.sys []
S1 ekwztbum;ekwztbum; ??C:Windowssystem32driversekwztbum.sys []
S1 enuoasje;enuoasje; ??C:Windowssystem32driversenuoasje.sys []
S1 eqaqkjim;eqaqkjim; ??C:Windowssystem32driverseqaqkjim.sys []
S1 eqxfonpl;eqxfonpl; ??C:Windowssystem32driverseqxfonpl.sys []
S1 errumlez;errumlez; ??C:Windowssystem32driverserrumlez.sys []
S1 esasovqg;esasovqg; ??C:Windowssystem32driversesasovqg.sys []
S1 esycgabw;esycgabw; ??C:Windowssystem32driversesycgabw.sys []
S1 fcfydytc;fcfydytc; ??C:Windowssystem32driversfcfydytc.sys []
S1 fdbwmcpi;fdbwmcpi; ??C:Windowssystem32driversfdbwmcpi.sys []
S1 fdsdzupx;fdsdzupx; ??C:Windowssystem32driversfdsdzupx.sys []
S1 fgivbtnq;fgivbtnq; ??C:Windowssystem32driversfgivbtnq.sys []
S1 fhllpztt;fhllpztt; ??C:Windowssystem32driversfhllpztt.sys []
S1 fizssudi;fizssudi; ??C:Windowssystem32driversfizssudi.sys []
S1 fngnvxll;fngnvxll; ??C:Windowssystem32driversfngnvxll.sys []
S1 freytfbq;freytfbq; ??C:Windowssystem32driversfreytfbq.sys []
S1 fureaasy;fureaasy; ??C:Windowssystem32driversfureaasy.sys []
S1 fvbwzkkp;fvbwzkkp; ??C:Windowssystem32driversfvbwzkkp.sys []
S1 fvlqrhpt;fvlqrhpt; ??C:Windowssystem32driversfvlqrhpt.sys []
S1 fyidhqov;fyidhqov; ??C:Windowssystem32driversfyidhqov.sys []
S1 gaytihvd;gaytihvd; ??C:Windowssystem32driversgaytihvd.sys []
S1 gogdsdmo;gogdsdmo; ??C:Windowssystem32driversgogdsdmo.sys []
S1 gprteagp;gprteagp; ??C:Windowssystem32driversgprteagp.sys []
S1 gqeejjtb;gqeejjtb; ??C:Windowssystem32driversgqeejjtb.sys []
S1 gscdthoz;gscdthoz; ??C:Windowssystem32driversgscdthoz.sys []
S1 gzhwuqvk;gzhwuqvk; ??C:Windowssystem32driversgzhwuqvk.sys []
S1 gztqehrp;gztqehrp; ??C:Windowssystem32driversgztqehrp.sys []
S1 haffqyqv;haffqyqv; ??C:Windowssystem32drivershaffqyqv.sys []
S1 hbnvknit;hbnvknit; ??C:Windowssystem32drivershbnvknit.sys []
S1 hcyhzuhj;hcyhzuhj; ??C:Windowssystem32drivershcyhzuhj.sys []
S1 hffabfxo;hffabfxo; ??C:Windowssystem32drivershffabfxo.sys []
S1 hgqnqluw;hgqnqluw; ??C:Windowssystem32drivershgqnqluw.sys []
S1 hmmmlata;hmmmlata; ??C:Windowssystem32drivershmmmlata.sys []
S1 hnetxblh;hnetxblh; ??C:Windowssystem32drivershnetxblh.sys []
S1 hpqtoyod;hpqtoyod; ??C:Windowssystem32drivershpqtoyod.sys []
S1 hqbngjah;hqbngjah; ??C:Windowssystem32drivershqbngjah.sys []
S1 hqiqgtqi;hqiqgtqi; ??C:Windowssystem32drivershqiqgtqi.sys []
S1 hqugyugt;hqugyugt; ??C:Windowssystem32drivershqugyugt.sys []
S1 hqzoraoc;hqzoraoc; ??C:Windowssystem32drivershqzoraoc.sys []
S1 hvpjrtbv;hvpjrtbv; ??C:Windowssystem32drivershvpjrtbv.sys []
S1 iayzuuru;iayzuuru; ??C:Windowssystem32driversiayzuuru.sys []
S1 idianbud;idianbud; ??C:Windowssystem32driversidianbud.sys []
S1 idzvgyqx;idzvgyqx; ??C:Windowssystem32driversidzvgyqx.sys []
S1 ieqdlapz;ieqdlapz; ??C:Windowssystem32driversieqdlapz.sys []
S1 ieumuczk;ieumuczk; ??C:Windowssystem32driversieumuczk.sys []
S1 iffsabmm;iffsabmm; ??C:Windowssystem32driversiffsabmm.sys []
S1 iganksje;iganksje; ??C:Windowssystem32driversiganksje.sys []
S1 igokxigz;igokxigz; ??C:Windowssystem32driversigokxigz.sys []
S1 ihlnrsxw;ihlnrsxw; ??C:Windowssystem32driversihlnrsxw.sys []
S1 imlgogyn;imlgogyn; ??C:Windowssystem32driversimlgogyn.sys []
S1 iowcrjrp;iowcrjrp; ??C:Windowssystem32driversiowcrjrp.sys []
S1 isbhwhxo;isbhwhxo; ??C:Windowssystem32driversisbhwhxo.sys []
S1 ivhuhxge;ivhuhxge; ??C:Windowssystem32driversivhuhxge.sys []
S1 jaetqehf;jaetqehf; ??C:Windowssystem32driversjaetqehf.sys []
S1 jdvhvzgn;jdvhvzgn; ??C:Windowssystem32driversjdvhvzgn.sys []
S1 jmzuwuuo;jmzuwuuo; ??C:Windowssystem32driversjmzuwuuo.sys []
S1 jnbmxsjy;jnbmxsjy; ??C:Windowssystem32driversjnbmxsjy.sys []
S1 jsklditq;jsklditq; ??C:Windowssystem32driversjsklditq.sys []
S1 jtwypmkj;jtwypmkj; ??C:Windowssystem32driversjtwypmkj.sys []
S1 jwdvlagf;jwdvlagf; ??C:Windowssystem32driversjwdvlagf.sys []
S1 jwkyqtum;jwkyqtum; ??C:Windowssystem32driversjwkyqtum.sys []
S1 jxzhrvla;jxzhrvla; ??C:Windowssystem32driversjxzhrvla.sys []
S1 jynozbbb;jynozbbb; ??C:Windowssystem32driversjynozbbb.sys []
S1 jyqrhxej;jyqrhxej; ??C:Windowssystem32driversjyqrhxej.sys []
S1 kejwwrbu;kejwwrbu; ??C:Windowssystem32driverskejwwrbu.sys []
S1 klakawzg;klakawzg; ??C:Windowssystem32driversklakawzg.sys []
S1 klgkhivm;klgkhivm; ??C:Windowssystem32driversklgkhivm.sys []
S1 kmbhlagz;kmbhlagz; ??C:Windowssystem32driverskmbhlagz.sys []
S1 kmveivqg;kmveivqg; ??C:Windowssystem32driverskmveivqg.sys []
S1 knlxtreg;knlxtreg; ??C:Windowssystem32driversknlxtreg.sys []
S1 kqnckoqq;kqnckoqq; ??C:Windowssystem32driverskqnckoqq.sys []
S1 krewdlfi;krewdlfi; ??C:Windowssystem32driverskrewdlfi.sys []
S1 ksgblcjx;ksgblcjx; ??C:Windowssystem32driversksgblcjx.sys []
S1 ktnoennw;ktnoennw; ??C:Windowssystem32driversktnoennw.sys []
S1 kxhgjyet;kxhgjyet; ??C:Windowssystem32driverskxhgjyet.sys []
S1 kzveidaj;kzveidaj; ??C:Windowssystem32driverskzveidaj.sys []
S1 laiufytq;laiufytq; ??C:Windowssystem32driverslaiufytq.sys []
S1 lczjgfhi;lczjgfhi; ??C:Windowssystem32driverslczjgfhi.sys []
S1 lfvbpqlh;lfvbpqlh; ??C:Windowssystem32driverslfvbpqlh.sys []
S1 lkarqfvj;lkarqfvj; ??C:Windowssystem32driverslkarqfvj.sys []
S1 lvhfdujb;lvhfdujb; ??C:Windowssystem32driverslvhfdujb.sys []
S1 lvrsnmra;lvrsnmra; ??C:Windowssystem32driverslvrsnmra.sys []
S1 lwqixjeo;lwqixjeo; ??C:Windowssystem32driverslwqixjeo.sys []
S1 lwzvxtve;lwzvxtve; ??C:Windowssystem32driverslwzvxtve.sys []
S1 lxryrkpn;lxryrkpn; ??C:Windowssystem32driverslxryrkpn.sys []
S1 lznkwpkc;lznkwpkc; ??C:Windowssystem32driverslznkwpkc.sys []
S1 mggmngcr;mggmngcr; ??C:Windowssystem32driversmggmngcr.sys []
S1 miwkbueh;miwkbueh; ??C:Windowssystem32driversmiwkbueh.sys []
S1 mkihfbkt;mkihfbkt; ??C:Windowssystem32driversmkihfbkt.sys []
S1 mkjojxaq;mkjojxaq; ??C:Windowssystem32driversmkjojxaq.sys []
S1 mkncivjr;mkncivjr; ??C:Windowssystem32driversmkncivjr.sys []
S1 mlctwxlm;mlctwxlm; ??C:Windowssystem32driversmlctwxlm.sys []
S1 mpawwhsx;mpawwhsx; ??C:Windowssystem32driversmpawwhsx.sys []
S1 mpwsoqhj;mpwsoqhj; ??C:Windowssystem32driversmpwsoqhj.sys []
S1 mskxhnya;mskxhnya; ??C:Windowssystem32driversmskxhnya.sys []
S1 mvjtogda;mvjtogda; ??C:Windowssystem32driversmvjtogda.sys []
S1 mwvcvsmd;mwvcvsmd; ??C:Windowssystem32driversmwvcvsmd.sys []
S1 mxkdudoe;mxkdudoe; ??C:Windowssystem32driversmxkdudoe.sys []
S1 mxnzlfyl;mxnzlfyl; ??C:Windowssystem32driversmxnzlfyl.sys []
S1 myuxbdtk;myuxbdtk; ??C:Windowssystem32driversmyuxbdtk.sys []
S1 najbglvg;najbglvg; ??C:Windowssystem32driversnajbglvg.sys []
S1 nbbmyosw;nbbmyosw; ??C:Windowssystem32driversnbbmyosw.sys []
S1 nbiwgjdq;nbiwgjdq; ??C:Windowssystem32driversnbiwgjdq.sys []
S1 nbozuaso;nbozuaso; ??C:Windowssystem32driversnbozuaso.sys []
S1 nhsedhkh;nhsedhkh; ??C:Windowssystem32driversnhsedhkh.sys []
S1 nkkxbmyp;nkkxbmyp; ??C:Windowssystem32driversnkkxbmyp.sys []
S1 nkybroxs;nkybroxs; ??C:Windowssystem32driversnkybroxs.sys []
S1 nnlszqob;nnlszqob; ??C:Windowssystem32driversnnlszqob.sys []
S1 nuaqhgyd;nuaqhgyd; ??C:Windowssystem32driversnuaqhgyd.sys []
S1 nxklmxkz;nxklmxkz; ??C:Windowssystem32driversnxklmxkz.sys []
S1 oagdongv;oagdongv; ??C:Windowssystem32driversoagdongv.sys []
S1 oaixvntl;oaixvntl; ??C:Windowssystem32driversoaixvntl.sys []
S1 ocgwakwa;ocgwakwa; ??C:Windowssystem32driversocgwakwa.sys []
S1 oeeckuki;oeeckuki; ??C:Windowssystem32driversoeeckuki.sys []
S1 oehrdddh;oehrdddh; ??C:Windowssystem32driversoehrdddh.sys []
S1 ogmiwfoh;ogmiwfoh; ??C:Windowssystem32driversogmiwfoh.sys []
S1 oteumqwh;oteumqwh; ??C:Windowssystem32driversoteumqwh.sys []
S1 otktpmqx;otktpmqx; ??C:Windowssystem32driversotktpmqx.sys []
S1 pafrqmpe;pafrqmpe; ??C:Windowssystem32driverspafrqmpe.sys []
S1 pahbmmhx;pahbmmhx; ??C:Windowssystem32driverspahbmmhx.sys []
S1 pdltmxeu;pdltmxeu; ??C:Windowssystem32driverspdltmxeu.sys []
S1 pepoclzz;pepoclzz; ??C:Windowssystem32driverspepoclzz.sys []
S1 phmwgmng;phmwgmng; ??C:Windowssystem32driversphmwgmng.sys []
S1 piyqdjog;piyqdjog; ??C:Windowssystem32driverspiyqdjog.sys []
S1 pjdonhme;pjdonhme; ??C:Windowssystem32driverspjdonhme.sys []
S1 plltqkbi;plltqkbi; ??C:Windowssystem32driversplltqkbi.sys []
S1 pndvqwva;pndvqwva; ??C:Windowssystem32driverspndvqwva.sys []
S1 posdnnth;posdnnth; ??C:Windowssystem32driversposdnnth.sys []
S1 ppspouac;ppspouac; ??C:Windowssystem32driversppspouac.sys []
S1 pwslvwth;pwslvwth; ??C:Windowssystem32driverspwslvwth.sys []
S1 pxvkangc;pxvkangc; ??C:Windowssystem32driverspxvkangc.sys []
S1 pyidrukl;pyidrukl; ??C:Windowssystem32driverspyidrukl.sys []
S1 pzuyxxqf;pzuyxxqf; ??C:Windowssystem32driverspzuyxxqf.sys []
S1 qajnvodv;qajnvodv; ??C:Windowssystem32driversqajnvodv.sys []
S1 qenavxvl;qenavxvl; ??C:Windowssystem32driversqenavxvl.sys []
S1 qgbbkada;qgbbkada; ??C:Windowssystem32driversqgbbkada.sys []
S1 qgqysdqe;qgqysdqe; ??C:Windowssystem32driversqgqysdqe.sys []
S1 qhgitbff;qhgitbff; ??C:Windowssystem32driversqhgitbff.sys []
S1 qjywaelf;qjywaelf; ??C:Windowssystem32driversqjywaelf.sys []
S1 qjzjtopt;qjzjtopt; ??C:Windowssystem32driversqjzjtopt.sys []
S1 qkxlnwwb;qkxlnwwb; ??C:Windowssystem32driversqkxlnwwb.sys []
S1 qmlhyzwp;qmlhyzwp; ??C:Windowssystem32driversqmlhyzwp.sys []
S1 qqsxopba;qqsxopba; ??C:Windowssystem32driversqqsxopba.sys []
S1 qrsqppvv;qrsqppvv; ??C:Windowssystem32driversqrsqppvv.sys []
S1 qrtkwssi;qrtkwssi; ??C:Windowssystem32driversqrtkwssi.sys []
S1 quxvaxyd;quxvaxyd; ??C:Windowssystem32driversquxvaxyd.sys []
S3 BthEnum;Драйвер блока запроса Bluetooth; C:Windowssystem32DRIVERSBthEnum.sys [2009-04-11 22528]
S3 BthPan;Устройства Bluetooth (личной сети); C:Windowssystem32DRIVERSbthpan.sys [2008-01-21 92160]
S3 BTHPORT;Драйвер порта Bluetooth; C:WindowsSystem32DriversBTHport.sys [2009-04-11 507904]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WindowsSystem32DriversBTHUSB.sys [2009-04-11 29696]
S3 catchme;catchme; ??C:UsersC588~1AppDataLocalTempcatchme.sys []
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:Windowssystem32DRIVERSfssfltr.sys [2010-09-22 39272]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:Windowssystem32DRIVERSMpNWMon.sys [2010-03-25 42368]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-21 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:Program FilesIVT CorporationBlueSoleilBTNtService.exe [2007-12-27 166520]
R2 cpcsp1;КриптоПро CSP KC1; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 Gwmsrv;Panda Goodware Cache Manager; C:Windowssystem32svchost -k Panda []
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe [2008-09-12 354840]
R2 LVPrcSrv;Process Monitor; C:Program FilesCommon FilesLogishrdLVMVFMLVPrcSrv.exe [2010-05-07 162648]
R2 MsMpSvc;Microsoft Antimalware Service; C:Program FilesMicrosoft Security EssentialsMsMpEng.exe [2010-03-25 17904]
R2 MWLService;MyWinLocker Service; C:Program FilesEgisTecMyWinLocker 3×86\MWLService.exe [2008-10-27 306736]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe [2008-09-23 144632]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2010-04-03 129640]
R2 Panda Software Controller;Panda Software Controller; C:Program FilesPanda SecurityPanda Internet Security 2010PsCtrls.exe [2009-08-10 173312]
R2 PAVFNSVR;Panda Function Service; C:Program FilesPanda SecurityPanda Internet Security 2010PavFnSvr.exe [2009-08-10 169216]
R2 PavPrSrv;Panda Process Protection Service; C:Program FilesCommon FilesPanda SecurityPavShldpavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:Program FilesPanda SecurityPanda Internet Security 2010pavsrvx86.exe [2009-09-17 293120]
R2 PSHost;Panda Host Service; c:program filespanda securitypanda internet security 2010firewallPSHOST.EXE [2009-04-08 226560]
R2 PSIMSVC;Panda IManager Service; C:Program FilesPanda SecurityPanda Internet Security 2010PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:Program FilesPanda SecurityPanda Internet Security 2010PskSvc.exe [2009-08-25 28928]
R3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Служба Google Update (gupdate); C:Program FilesGoogleUpdateGoogleUpdate.exe [2010-02-01 135664]
S3 fsssvc;Windows Live Family Safety Service; C:Program FilesWindows LiveFamily Safetyfsssvc.exe [2010-09-22 1493352]
S3 GoogleDesktopManager-051210-111108;Диспетчер Google Desktop 5.9.1005.12335; C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe [2010-07-25 30192]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-11-28 182768]
S3 hpqcxs08;hpqcxs08; C:Windowssystem32svchost.exe [2008-01-21 21504]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:Program FilesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S4 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-21 21504]

---

EOF

---

[albash]

Здравствуйте.
Какие действия нужно предпринимать дальше.
Спасибо.

[Автор]

Сообщения