[1980]

Добрый день!

Спасибо за помощь, вроде бы все нормальнол, ничего не вылазит. Интернет стал сразу загружаться, раньше приходилось ждать по 5 минут, прежде чем он откроет страничку.

Еще раз огромное вам спасибо!!!

[1980]

Еще раз, Здравствуйте!

ComboFix 08-12-07.04 — OEM 2008-12-09 19:06:00.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.1.1033.18.632 [GMT 3:00]
Running from: c:documents and settingsOEMDesktopлЕЧЕНИЕ КОМПАComboFix.exe
Command switches used :: c:documents and settingsOEMDesktopCFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
c:windowssystem32Driversati2alxx.sys
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:windowssystem32Driversati2alxx.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

---

Legacy_ATI2ALXX

---

Service_ati2alxx

---

Service_Rfsyvcwcrra

((((((((((((((((((((((((( Files Created from 2008-11-09 to 2008-12-09 )))))))))))))))))))))))))))))))
.

2008-12-07 20:07 . 2008-12-07 20:07

d

---

C:rsit
2008-12-07 19:57 . 2008-12-07 19:57 d

---

C:_OTMoveIt
2008-12-04 11:08 . 2008-12-04 11:08 d

---

c:program filesTrend Micro
2008-11-16 22:56 . 2008-11-16 22:56 287 —a

---

c:windowssystem32MRT.INI
2008-11-16 19:51 . 2008-10-24 14:21 455,296

---

c— c:windowssystem32dllcachemrxsmb.sys
2008-11-16 19:50 . 2008-09-04 20:15 1,106,944

---

c— c:windowssystem32dllcachemsxml3.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-09 16:11

---

d

---

w c:program filesDrWeb
2008-12-07 18:52

---

d

---

w c:program filesCall of Duty
2008-11-30 16:17

---

d

---

w c:documents and settingsOEMApplication DataMra
2008-11-06 08:22

---

d

---

w c:program filesBlack and White 2 — Battle of the Gods
2008-11-05 18:06

---

d

---

w c:program filesSpore
2008-11-05 18:06

---

d

---

w c:documents and settingsOEMApplication DataSPORE
2008-11-05 10:16

---

d

---

w c:program filesThe Adventure Company
2008-11-05 10:14

---

d

---

w c:program files1C
2008-11-04 19:13 646,392 —-a-w c:windowssystem32driverssptd.sys
2008-10-24 11:21 455,296 —-a-w c:windowssystem32driversmrxsmb.sys
2007-02-05 12:33 52,136 —-a-w c:documents and settingsOEMApplication DataGDIPFONTCACHEV1.DAT
2007-01-03 10:48 2,819,584 —sha-w c:program filesehthumbs.db
.

((((((((((((((((((((((((((((( snapshot@2008-12-09_13.28.34.90 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-08-14 10:39:28 2,145,280 —-a-w c:windows$hf_mig$KB956841SP3QFEntkrnlmp.exe
+ 2008-08-14 11:39:46 2,066,048 —-a-w c:windows$hf_mig$KB956841SP3QFEntkrnlpa.exe
+ 2008-08-14 10:09:44 2,023,936 —-a-w c:windows$hf_mig$KB956841SP3QFEntkrpamp.exe
+ 2008-08-14 12:11:10 2,189,184 —-a-w c:windows$hf_mig$KB956841SP3QFEntoskrnl.exe
+ 2007-11-30 11:18:51 17,272 —-a-w c:windows$hf_mig$KB956841spmsg.dll
+ 2007-11-30 11:18:51 231,288 —-a-w c:windows$hf_mig$KB956841spuninst.exe
+ 2007-11-30 11:18:51 26,488 —-a-w c:windows$hf_mig$KB956841updatespcustom.dll
+ 2007-11-30 11:18:51 755,576 —-a-w c:windows$hf_mig$KB956841updateupdate.exe
+ 2008-07-09 07:38:37 382,840 —-a-w c:windows$hf_mig$KB956841updateupdspapi.dll
+ 2008-08-14 10:09:26 2,145,280

---

w c:windowsDriver Cachei386ntkrnlmp.exe
+ 2008-08-14 09:33:16 2,066,048

---

w c:windowsDriver Cachei386ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936

---

w c:windowsDriver Cachei386ntkrpamp.exe
+ 2008-08-14 10:11:02 2,189,184

---

w c:windowsDriver Cachei386ntoskrnl.exe
+ 2008-12-09 10:50:46 32,768 —-a-r c:windowsInstaller{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}icon.exe
— 2008-09-10 06:27:02 593,920 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}accicons.exe
+ 2008-12-09 10:53:16 593,920 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}accicons.exe
— 2008-09-10 06:27:02 12,288 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}cagicon.exe
+ 2008-12-09 10:53:17 12,288 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}cagicon.exe
— 2008-09-10 06:27:02 86,016 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}inficon.exe
+ 2008-12-09 10:53:17 86,016 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}inficon.exe
— 2008-09-10 06:27:02 135,168 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}misc.exe
+ 2008-12-09 10:53:16 135,168 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}misc.exe
— 2008-09-10 06:27:02 11,264 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}mspicons.exe
+ 2008-12-09 10:53:17 11,264 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}mspicons.exe
— 2008-09-10 06:27:02 27,136 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}oisicon.exe
+ 2008-12-09 10:53:17 27,136 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}oisicon.exe
— 2008-09-10 06:27:02 4,096 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}opwicon.exe
+ 2008-12-09 10:53:17 4,096 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}opwicon.exe
— 2008-09-10 06:27:02 794,624 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}outicon.exe
+ 2008-12-09 10:53:17 794,624 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}outicon.exe
— 2008-09-10 06:27:02 249,856 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}pptico.exe
+ 2008-12-09 10:53:16 249,856 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}pptico.exe
— 2008-09-10 06:27:02 61,440 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}pubs.exe
+ 2008-12-09 10:53:16 61,440 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}pubs.exe
— 2008-09-10 06:27:03 23,040 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}unbndico.exe
+ 2008-12-09 10:53:17 23,040 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}unbndico.exe
— 2008-09-10 06:27:02 286,720 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}wordicon.exe
+ 2008-12-09 10:53:16 286,720 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}wordicon.exe
— 2008-09-10 06:27:02 409,600 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}xlicons.exe
+ 2008-12-09 10:53:16 409,600 —-a-r c:windowsInstaller{90110419-6000-11D3-8CFE-0150048383C9}xlicons.exe
+ 2008-08-14 10:09:26 2,145,280 -c—-w c:windowssystem32dllcachentkrnlmp.exe
+ 2008-08-14 09:33:16 2,066,048 -c—-w c:windowssystem32dllcachentkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 -c—-w c:windowssystem32dllcachentkrpamp.exe
+ 2008-08-14 10:11:02 2,189,184 -c—-w c:windowssystem32dllcachentoskrnl.exe
— 2007-05-08 11:03:04 1,275,392

---

w c:windowssystem32msxml4.dll
+ 2008-09-30 13:43:34 1,286,152 —-a-w c:windowssystem32msxml4.dll
— 2008-04-13 18:31:21 2,023,936 —-a-w c:windowssystem32ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 —-a-w c:windowssystem32ntkrnlpa.exe
— 2008-04-13 19:24:37 2,145,280 —-a-w c:windowssystem32ntoskrnl.exe
+ 2008-08-14 10:09:26 2,145,280 —-a-w c:windowssystem32ntoskrnl.exe
— 2008-07-08 13:02:01 17,272

---

w c:windowssystem32spmsg.dll
+ 2007-11-30 11:18:51 17,272

---

w c:windowssystem32spmsg.dll
+ 2008-09-30 13:42:08 1,286,152 —-a-w c:windowsWinSxSx86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cfmsxml4.dll
+ 2008-09-30 13:45:12 91,656 —-a-w c:windowsWinSxSx86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bcebmsxml4r.dll
.
— Snapshot reset to current date —
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{83821C2B-32A8-4DD7-B6D4-44309A78E668}»= «c:program filesMail.RuAgentMradllnewmrasearch.dll» [2008-10-25 79352]

[HKEY_CLASSES_ROOTclsid{83821c2b-32a8-4dd7-b6d4-44309a78e668}]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-04-14 15360]
«MSMSGS»=»c:program filesMessengermsmsgs.exe» [2008-04-14 1695232]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2008-10-13 68856]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«ehTray»=»c:windowsehomeehtray.exe» [2005-08-05 64512]
«NVMixerTray»=»c:program filesNVIDIA CorporationNvMixerNVMixerTray.exe» [2004-10-07 131072]
«type32″=»c:program filesMicrosoft IntelliType Protype32.exe» [2005-06-10 196608]
«IntelliPoint»=»c:program filesMicrosoft IntelliPointpoint32.exe» [2005-06-10 217088]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2005-12-10 7311360]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2005-12-10 86016]
«ATICCC»=»c:program filesATI TechnologiesATI.ACEcli.exe» [2006-01-02 45056]
«Samsung PanelMgr»=»c:windowsSamsungPanelMgrssmmgr.exe» [2005-10-31 503808]
«DLA»=»c:windowsSystem32DLADLACTRLW.EXE» [2006-06-13 127036]
«SpIDerMail»=»c:program filesDrWebspiderml.exe» [2006-10-23 161792]
«DrWebScheduler»=»c:program filesDrWebDRWEBSCD.EXE» [2006-05-10 125440]
«SpIDerNT»=»c:progra~1DrWebspidernt.exe» [2006-05-02 118784]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2008-10-25 4412920]
«nwiz»=»nwiz.exe» [2005-12-10 c:windowssystem32nwiz.exe]
«RTHDCPL»=»RTHDCPL.EXE» [2005-11-10 c:windowsRTHDCPL.EXE]
«SoundMan»=»SOUNDMAN.EXE» [2005-11-11 c:windowssoundman.exe]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-14 15360]

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupAdobe Gamma Loader.lnk
backup=c:windowspssAdobe Gamma Loader.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupAutoCAD Startup Accelerator.lnk
backup=c:windowspssAutoCAD Startup Accelerator.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupMicrosoft Office.lnk
backup=c:windowspssMicrosoft Office.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ускоренный запуск Adobe Reader.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupУскоренный запуск Adobe Reader.lnk
backup=c:windowspssУскоренный запуск Adobe Reader.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^OEM^Start Menu^Programs^Startup^Инструмент проверки носителя Picture Motion Browser.lnk]
path=c:documents and settingsOEMStart MenuProgramsStartupИнструмент проверки носителя Picture Motion Browser.lnk
backup=c:windowspssИнструмент проверки носителя Picture Motion Browser.lnkStartup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMAgent]
—a

---

2008-10-25 16:28 4412920 c:program filesMail.RuAgentmagent.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
—a

---

2001-07-09 10:50 155648 c:windowssystem32NeroCheck.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001
«FirewallOverride»=dword:00000001

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Messenger\msmsgs.exe»=
«c:\Program Files\Mail.Ru\Agent\Magent.exe»=
«c:\Program Files\Activision\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=

R0 m5287;m5287;c:windowssystem32DRIVERSm5287.sys [2006-07-14 101120]
R0 pe3anvub;T-34 (DVD) Environment Driver (pe3anvub);c:windowssystem32driverspe3anvub.sys [2007-10-25 64632]
R0 ps7anvub;T-34 (DVD) Synchronization Driver (ps7anvub);c:windowssystem32driversps7anvub.sys [2007-10-25 68224]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:windowssystem32driverssfsync03.sys [2005-12-06 35328]
R1 drwebnet;SpIDer Guard boot hook driver for Windows NT;c:windowssystem32driversdrwebnet.sys [2007-04-10 5856]
R2 SPIDER;SpIDer FS Monitor for Windows NT;??c:progra~1DrWebspider.sys [2007-04-10 310992]
R2 spidernt;SpIDer Guard for Windows NT;c:progra~1DrWebSpiderNT.exe [2007-04-10 118784]
S2 pr2anvub;T-34 (DVD) Drivers Auto Removal (pr2anvub);c:windowssystem32pr2anvub.exe svc []
S3 PavSRK.sys;PavSRK.sys;??c:windowssystem32PavSRK.sys []
S3 Slnt7554;USB Soft Modem Driver;c:windowssystem32DRIVERSslnt7554.sys [2006-11-22 129535]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2514b64f-7093-11da-ba55-806d6172696f}]
ShellAutoRuncommand — D:d_setup.exe
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-09 19:11:53
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

---

DLLs Loaded Under Running Processes

---

— — — — — — — > ‘winlogon.exe'(740)
c:windowssystem32Ati2evxx.dll

— — — — — — — > ‘lsass.exe'(796)
c:windowssystem32DRWEBSP.DLL
.

---

Other Running Processes

---

.
c:windowssystem32ati2evxx.exe
c:windowssystem32ati2evxx.exe
c:windowsehomeehrecvr.exe
c:windowsehomeehSched.exe
c:program filesCommon FilesMicrosoft SharedVS7DebugMDM.EXE
c:windowsehomemcrdsvc.exe
c:windowssystem32dllhost.exe
c:windowsehomeehmsas.exe
c:windowssystem32wbemwmiapsrv.exe
.
**************************************************************************
.
Completion time: 2008-12-09 19:16:32 — machine was rebooted
ComboFix-quarantined-files.txt 2008-12-09 16:16:29
ComboFix2.txt 2008-12-09 10:28:57

Pre-Run: 27 643 047 936 bytes free
Post-Run: 27,635,609,600 байт свободно

209 — E O F — 2008-12-09 10:53:26

[1980]

Здравствуйте!

Лог от ComboFix:

ComboFix 08-12-07.04 — OEM 2008-12-09 13:19:03.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.1.1033.18.615 [GMT 3:00]
Running from: c:documents and settingsOEMDesktopлЕЧЕНИЕ КОМПАComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:documents and settingsOEMLocal SettingsTemporary Internet Files0EB9F12C_6E6B_4c03_AEBA_8C04CFA98AA4.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files15913497_F86C_4218_8817_F50940D1E1B2.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files29887DDE_00B9_4011_9CF7_59511F1ECC1B.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files2A665EDD_5758_480c_8366_66DFC5F23877.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files35B7DFFA_884F_4fbc_8E60_DA601BDC7BF7.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files362FD6E8_8CDA_4c2a_A8AA-BDA22B321711.jpg
c:documents and settingsOEMLocal SettingsTemporary Internet Files3DF04940_9866_4241_A998_0CDDFAFD147A.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files426500D7_0FF3_426c_828D_065DBAEA0581.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files478BD4AE_2691_438d_BDCA_3485DC022700.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files5C6C645F_BAA8_4149_BFEB_2031230FF0FD.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files61EA7D69_19D4_421a_A899_0DF4D58CD119.jpg
c:documents and settingsOEMLocal SettingsTemporary Internet Files777FDAFB_83CF_4960_AA71_4E5D7BCD8E57.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files8DA878D5_E80B_4721_B75A_17EFFAF1A700.gif
c:documents and settingsOEMLocal SettingsTemporary Internet Files98F6DF79_7171_452d_9C26_C0193E12DBDF.gif
c:documents and settingsOEMLocal SettingsTemporary Internet FilesA2B240D6_0386_419e_91C5_3F7D90437CD0.jpg
c:documents and settingsOEMLocal SettingsTemporary Internet FilesC75CEF8D_5AF4_4563_8594_C45A45E14E63.gif
c:documents and settingsOEMLocal SettingsTemporary Internet FilesE21285C1_40E6_435c_A69F_3387E7BD89CB.gif
c:documents and settingsOEMLocal SettingsTemporary Internet FilesE9A4D648_ED73_4ea7_88B2_18332DBA4F3E.jpg
c:windowsIE4 Error Log.txt
c:windowsmsauc.exe
c:windowssystem32~.exe
c:windowssystem32a.exe
c:windowssystem32driversRJSZNPUT.sys
c:windowssystem32msansspc.dll
c:windowssystem32shell31.dll
c:windowssystem32wpv243.cpx
c:windowssystem32wpv468.cpx
c:windowssystem32wpv8592.cpx
c:windowssystem32wpv942.cpx
c:windowswiaservb.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

---

Legacy_RJSZNPUT

---

Service_RJSZNPUT

((((((((((((((((((((((((( Files Created from 2008-11-09 to 2008-12-09 )))))))))))))))))))))))))))))))
.

2008-12-07 20:07 . 2008-12-07 20:07

d

---

C:rsit
2008-12-07 19:57 . 2008-12-07 19:57 d

---

C:_OTMoveIt
2008-12-04 11:08 . 2008-12-04 11:08 d

---

c:program filesTrend Micro
2008-11-16 22:56 . 2008-11-16 22:56 287 —a

---

c:windowssystem32MRT.INI
2008-11-16 19:51 . 2008-10-24 14:21 455,296

---

c— c:windowssystem32dllcachemrxsmb.sys
2008-11-16 19:50 . 2008-09-04 20:15 1,106,944

---

c— c:windowssystem32dllcachemsxml3.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-09 10:23

---

d

---

w c:program filesDrWeb
2008-12-07 18:52

---

d

---

w c:program filesCall of Duty
2008-11-30 16:17

---

d

---

w c:documents and settingsOEMApplication DataMra
2008-11-16 19:56 32,768 —-a-w c:windowssystem32driversati2alxx.sys
2008-11-06 08:22

---

d

---

w c:program filesBlack and White 2 — Battle of the Gods
2008-11-05 18:06

---

d

---

w c:program filesSpore
2008-11-05 18:06

---

d

---

w c:documents and settingsOEMApplication DataSPORE
2008-11-05 10:16

---

d

---

w c:program filesThe Adventure Company
2008-11-05 10:14

---

d

---

w c:program files1C
2008-11-04 19:13 646,392 —-a-w c:windowssystem32driverssptd.sys
2008-10-24 11:21 455,296 —-a-w c:windowssystem32driversmrxsmb.sys
2007-02-05 12:33 52,136 —-a-w c:documents and settingsOEMApplication DataGDIPFONTCACHEV1.DAT
2007-01-03 10:48 2,819,584 —sha-w c:program filesehthumbs.db
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{83821C2B-32A8-4DD7-B6D4-44309A78E668}»= «c:program filesMail.RuAgentMradllnewmrasearch.dll» [2008-10-25 79352]

[HKEY_CLASSES_ROOTclsid{83821c2b-32a8-4dd7-b6d4-44309a78e668}]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-04-14 15360]
«MSMSGS»=»c:program filesMessengermsmsgs.exe» [2008-04-14 1695232]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2008-10-13 68856]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«ehTray»=»c:windowsehomeehtray.exe» [2005-08-05 64512]
«NVMixerTray»=»c:program filesNVIDIA CorporationNvMixerNVMixerTray.exe» [2004-10-07 131072]
«type32″=»c:program filesMicrosoft IntelliType Protype32.exe» [2005-06-10 196608]
«IntelliPoint»=»c:program filesMicrosoft IntelliPointpoint32.exe» [2005-06-10 217088]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2005-12-10 7311360]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2005-12-10 86016]
«ATICCC»=»c:program filesATI TechnologiesATI.ACEcli.exe» [2006-01-02 45056]
«Samsung PanelMgr»=»c:windowsSamsungPanelMgrssmmgr.exe» [2005-10-31 503808]
«DLA»=»c:windowsSystem32DLADLACTRLW.EXE» [2006-06-13 127036]
«SpIDerMail»=»c:program filesDrWebspiderml.exe» [2006-10-23 161792]
«DrWebScheduler»=»c:program filesDrWebDRWEBSCD.EXE» [2006-05-10 125440]
«SpIDerNT»=»c:progra~1DrWebspidernt.exe» [2006-05-02 118784]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2008-10-25 4412920]
«nwiz»=»nwiz.exe» [2005-12-10 c:windowssystem32nwiz.exe]
«RTHDCPL»=»RTHDCPL.EXE» [2005-11-10 c:windowsRTHDCPL.EXE]
«SoundMan»=»SOUNDMAN.EXE» [2005-11-11 c:windowssoundman.exe]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-14 15360]

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupAdobe Gamma Loader.lnk
backup=c:windowspssAdobe Gamma Loader.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupAutoCAD Startup Accelerator.lnk
backup=c:windowspssAutoCAD Startup Accelerator.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupMicrosoft Office.lnk
backup=c:windowspssMicrosoft Office.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ускоренный запуск Adobe Reader.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupУскоренный запуск Adobe Reader.lnk
backup=c:windowspssУскоренный запуск Adobe Reader.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^OEM^Start Menu^Programs^Startup^Инструмент проверки носителя Picture Motion Browser.lnk]
path=c:documents and settingsOEMStart MenuProgramsStartupИнструмент проверки носителя Picture Motion Browser.lnk
backup=c:windowspssИнструмент проверки носителя Picture Motion Browser.lnkStartup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMAgent]
—a

---

2008-10-25 16:28 4412920 c:program filesMail.RuAgentmagent.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
—a

---

2001-07-09 10:50 155648 c:windowssystem32NeroCheck.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001
«FirewallOverride»=dword:00000001

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Messenger\msmsgs.exe»=
«c:\Program Files\Mail.Ru\Agent\Magent.exe»=
«c:\Program Files\Activision\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=

R0 m5287;m5287;c:windowssystem32DRIVERSm5287.sys [2006-07-14 101120]
R0 pe3anvub;T-34 (DVD) Environment Driver (pe3anvub);c:windowssystem32driverspe3anvub.sys [2007-10-25 64632]
R0 ps7anvub;T-34 (DVD) Synchronization Driver (ps7anvub);c:windowssystem32driversps7anvub.sys [2007-10-25 68224]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:windowssystem32driverssfsync03.sys [2005-12-06 35328]
R1 drwebnet;SpIDer Guard boot hook driver for Windows NT;c:windowssystem32driversdrwebnet.sys [2007-04-10 5856]
R2 SPIDER;SpIDer FS Monitor for Windows NT;??c:progra~1DrWebspider.sys [2007-04-10 310992]
R2 spidernt;SpIDer Guard for Windows NT;c:progra~1DrWebSpiderNT.exe [2007-04-10 118784]
S0 ati2alxx;ati2alxx;c:windowssystem32Driversati2alxx.sys [2008-10-27 32768]
S2 pr2anvub;T-34 (DVD) Drivers Auto Removal (pr2anvub);c:windowssystem32pr2anvub.exe svc []
S3 PavSRK.sys;PavSRK.sys;??c:windowssystem32PavSRK.sys []
S3 Slnt7554;USB Soft Modem Driver;c:windowssystem32DRIVERSslnt7554.sys [2006-11-22 129535]
S4 Rfsyvcwcrra;Rfsyvcwcrra; []

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2514b64f-7093-11da-ba55-806d6172696f}]
ShellAutoRuncommand — D:d_setup.exe
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-09 13:24:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

---

DLLs Loaded Under Running Processes

---

— — — — — — — > ‘winlogon.exe'(748)
c:windowssystem32Ati2evxx.dll

— — — — — — — > ‘lsass.exe'(804)
c:windowssystem32DRWEBSP.DLL
.

---

Other Running Processes

---

.
c:windowssystem32ati2evxx.exe
c:windowssystem32ati2evxx.exe
c:windowsehomeehrecvr.exe
c:windowsehomeehSched.exe
c:program filesCommon FilesMicrosoft SharedVS7DebugMDM.EXE
c:windowsehomeehmsas.exe
c:windowsehomemcrdsvc.exe
c:windowssystem32dllhost.exe
c:windowssystem32wbemwmiapsrv.exe
.
**************************************************************************
.
Completion time: 2008-12-09 13:28:55 — machine was rebooted
ComboFix-quarantined-files.txt 2008-12-09 10:28:52

Pre-Run: 27 841 368 064 bytes free
Post-Run: 27,772,805,120 байт свободно

177 — E O F — 2008-12-08 16:01:30

[1980]

Добрый вечер!

Спасибо за помощь. Вот лог по новой ссылке:

========== SERVICES/DRIVERS ==========
Service bfastfao stopped successfully.
Service bfastfao deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\services deleted successfully.
HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders\»SecurityProviders»|»msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll» /E : value set successfully!
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati2alxx.sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati2alxx.sys\ deleted successfully.
========== FILES ==========
C:WINDOWSsystem32usulib.dll unregistered successfully.
C:WINDOWSsystem32usulib.dll moved successfully.
C:WINDOWSsystem32pnblib.dll unregistered successfully.
C:WINDOWSsystem32pnblib.dll moved successfully.
C:WINDOWSservices.exe moved successfully.
========== COMMANDS ==========
File delete failed. C:DOCUME~1OEMLOCALS~1TempPerflib_Perfdata_900.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1OEMLOCALS~1TempPerflib_Perfdata_d90.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1OEMLOCALS~1TempPerflib_Perfdata_d9c.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1OEMLOCALS~1Temp~DF2C56.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer — Version 1.0.7.2 log created on 12072008_195707

Files moved on Reboot…
File C:DOCUME~1OEMLOCALS~1TempPerflib_Perfdata_900.dat not found!
File C:DOCUME~1OEMLOCALS~1TempPerflib_Perfdata_d90.dat not found!
File C:DOCUME~1OEMLOCALS~1TempPerflib_Perfdata_d9c.dat not found!
C:DOCUME~1OEMLOCALS~1Temp~DF2C56.tmp moved successfully.
File move failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be moved on reboot.

И лог по RSIT:

LOG.TXT:
Logfile of random’s system information tool 1.04 (written by random/random)
Run by OEM at 2008-12-07 20:07:02
Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (17%) free of 153 GB
Total RAM: 1022 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:07:10, on 07.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSYSTEM32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32slserv.exe
C:PROGRA~1DrWebSpiderNT.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32dllhost.exe
C:WINDOWSnotepad.exe
C:WINDOWSehomeehtray.exe
C:Program FilesMicrosoft IntelliType Protype32.exe
C:Program FilesMicrosoft IntelliPointpoint32.exe
C:WINDOWSeHomeehmsas.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSSamsungPanelMgrssmmgr.exe
C:WINDOWSSystem32DLADLACTRLW.EXE
C:Program FilesDrWebspiderml.exe
C:Program FilesDrWebDRWEBSCD.EXE
C:PROGRA~1DrWebspidernt.exe
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsOEMLocal SettingsTemporary Internet FilesContent.IE5CBVR6G9PRSIT[1].exe
C:Program FilesTrend MicroHijackThisOEM.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
R1 — HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: DriveLetterAccess — {5CA3D70E-1895-11CF-8E15-001234567890} — C:WINDOWSSystem32DLADLASHX_W.DLL
O2 — BHO: ConnectionServices module — {6D7B211A-88EA-490c-BAB9-3600D8D7C503} — C:Program FilesConnectionServicesConnectionServices.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: BitAccelerator module — {92860A02-4D69-48c1-82D7-EF6B2C609502} — C:Program FilesBitAcceleratorBitAccelerator.dll (file missing)
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O4 — HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 — HKLM..Run: [NVMixerTray] «C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe»
O4 — HKLM..Run: [type32] «C:Program FilesMicrosoft IntelliType Protype32.exe»
O4 — HKLM..Run: [IntelliPoint] «C:Program FilesMicrosoft IntelliPointpoint32.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime -Delay
O4 — HKLM..Run: [Samsung PanelMgr] C:WINDOWSSamsungPanelMgrssmmgr.exe /autorun
O4 — HKLM..Run: [DLA] C:WINDOWSSystem32DLADLACTRLW.EXE
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [DrWebScheduler] «C:Program FilesDrWebDRWEBSCD.EXE»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspidernt.exe /agent
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [services] C:WINDOWSservices.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~4OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Найти в интернете — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Найти в словарях — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~4OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1216304992906
O16 — DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) — http://my.foto.mail.ru/ImageUploader4.cab
O23 — Service: Adobe LM Service — Unknown owner — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Autodesk Licensing Service — Autodesk — C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: SmartLinkService (SLService) — Smart Link — C:WINDOWSSYSTEM32slserv.exe
O23 — Service: SpIDer Guard for Windows NT (spidernt) — Doctor Web, Ltd. — C:PROGRA~1DrWebSpiderNT.exe

—
End of file — 7456 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess — C:WINDOWSSystem32DLADLASHX_W.DLL [2006-06-13 110652]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6D7B211A-88EA-490c-BAB9-3600D8D7C503}]
ConnectionServices Class — C:Program FilesConnectionServicesConnectionServices.dll [2008-04-15 462336]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-10-25 667336]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{92860A02-4D69-48c1-82D7-EF6B2C609502}]
BitAccelerator Class — C:Program FilesBitAcceleratorBitAccelerator.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-07-01 2427968]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2008-10-13 737776]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-10-25 667336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-07-01 2427968]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«ehTray»=C:WINDOWSehomeehtray.exe [2005-08-05 64512]
«NVMixerTray»=C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe [2004-10-07 131072]
«type32″=C:Program FilesMicrosoft IntelliType Protype32.exe [2005-06-10 196608]
«IntelliPoint»=C:Program FilesMicrosoft IntelliPointpoint32.exe [2005-06-10 217088]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2005-12-10 7311360]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2005-12-10 86016]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2005-11-10 15473664]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-04 69632]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-11-11 90112]
«ATICCC»=C:Program FilesATI TechnologiesATI.ACEcli.exe [2006-01-02 45056]
«Samsung PanelMgr»=C:WINDOWSSamsungPanelMgrssmmgr.exe [2005-10-31 503808]
«DLA»=C:WINDOWSSystem32DLADLACTRLW.EXE [2006-06-13 127036]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2006-10-23 161792]
«DrWebScheduler»=C:Program FilesDrWebDRWEBSCD.EXE [2006-05-10 125440]
«SpIDerNT»=C:PROGRA~1DrWebspidernt.exe [2006-05-02 118784]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-10-25 4412920]
«services»=C:WINDOWSservices.exe []

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-10-13 68856]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMAgent]
C:Program FilesMail.RuAgentMAgent.exe [2008-10-25 4412920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:PROGRA~1COMMON~1AdobeCALIBR~1ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk]
C:PROGRA~1COMMON~1AUTODE~1ACSTAR~1.EXE [2005-03-05 10872]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:Program FilesMicrosoft OfficeOffice10OSA.EXE -b -l []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~1.0ReaderREADER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^OEM^Start Menu^Programs^Startup^Инструмент проверки носителя Picture Motion Browser.lnk]
C:PROGRA~1SonySONYPI~1VOLUME~1SPUVOL~1.EXE [2006-12-28 344064]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSSYSTEM32Ati2evxx.dll [2006-06-08 61440]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
C:WINDOWSSYSTEM32WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«InstallVisualStyle»=C:WINDOWSResourcesThemesRoyaleRoyale.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesRoyale.theme

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesMail.RuAgentMagent.exe»=»C:Program FilesMail.RuAgentMagent.exe:*:Enabled:Mail.Ru Agent»
«C:Program FilesActivisionCall of Duty 4 — Modern Warfareiw3mp.exe»=»C:Program FilesActivisionCall of Duty 4 — Modern Warfareiw3mp.exe:*:Enabled:Call of Duty(R) 4 — Modern Warfare(TM)»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2514b64f-7093-11da-ba55-806d6172696f}]
shellAutoRuncommand — D:d_setup.exe

======File associations======

.scr — open — «c:WINDOWSsystem32notepad.exe» «%1»
.scr — install —
.scr — config —

======List of files/folders created in the last 1 months======

2008-12-07 20:07:02 —-D—- C:rsit
2008-12-07 19:57:07 —-D—- C:_OTMoveIt
2008-12-04 11:08:38 —-D—- C:Program FilesTrend Micro
2008-11-16 22:56:15 —-A—- C:WINDOWSsystem32MRT.INI
2008-11-16 22:54:46 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2008-11-16 22:54:07 —-HDC—- C:WINDOWS$NtUninstallKB954459$
2008-11-16 22:53:26 —-HDC—- C:WINDOWS$NtUninstallKB955069$

======List of files/folders modified in the last 1 months======

2008-12-07 20:03:54 —-D—- C:Program FilesDrWeb
2008-12-07 20:02:04 —-D—- C:WINDOWS
2008-12-07 20:02:02 —-D—- C:WINDOWSTemp
2008-12-07 20:01:53 —-D—- C:WINDOWSRegistration
2008-12-07 20:00:33 —-A—- C:WINDOWSSchedLgU.Txt
2008-12-07 19:57:51 —-D—- C:WINDOWSsystem32
2008-12-05 16:00:41 —-HD—- C:WINDOWSinf
2008-12-05 16:00:38 —-D—- C:WINDOWSsystem32CatRoot2
2008-12-04 21:09:42 —-D—- C:WINDOWSMinidump
2008-12-04 18:55:11 —-A—- C:WINDOWSNeroDigital.ini
2008-12-04 11:08:38 —-RD—- C:Program Files
2008-12-03 20:21:10 —-D—- C:WINDOWSnetwork diagnostic
2008-11-30 19:17:02 —-D—- C:Documents and SettingsOEMApplication DataMra
2008-11-27 12:42:06 —-A—- C:WINDOWSIE4 Error Log.txt
2008-11-26 15:20:33 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-11-25 16:11:27 —-D—- C:WINDOWSHelp
2008-11-16 22:54:49 —-D—- C:WINDOWSsystem32drivers
2008-11-16 22:54:46 —-HD—- C:WINDOWS$hf_mig$
2008-11-16 22:54:12 —-A—- C:WINDOWSimsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Драйвер AMD процессора; C:WINDOWSsystem32DRIVERSAmdK8.sys [2005-03-09 43008]
R1 DLACDBHM;DLACDBHM; C:WINDOWSSystem32DriversDLACDBHM.SYS [2006-03-17 5660]
R1 DLARTL_N;DLARTL_N; C:WINDOWSSystem32DriversDLARTL_N.SYS [2006-03-17 22684]
R1 drwebnet;SpIDer Guard boot hook driver for Windows NT; C:WINDOWSsystem32driversdrwebnet.sys [2005-10-17 5856]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2004-08-10 12032]
R2 DgiVecp;Team MFP Comm Driver; C:WINDOWSSystem32DriversDgiVecp.sys [2005-08-17 41984]
R2 DLABOIOM;DLABOIOM; C:WINDOWSSystem32DLADLABOIOM.SYS [2006-06-13 25724]
R2 DLADResN;DLADResN; C:WINDOWSSystem32DLADLADResN.SYS [2006-06-13 2528]
R2 DLAIFS_M;DLAIFS_M; C:WINDOWSSystem32DLADLAIFS_M.SYS [2006-06-13 86844]
R2 DLAOPIOM;DLAOPIOM; C:WINDOWSSystem32DLADLAOPIOM.SYS [2006-06-13 14716]
R2 DLAPoolM;DLAPoolM; C:WINDOWSSystem32DLADLAPoolM.SYS [2006-06-13 6364]
R2 DLAUDF_M;DLAUDF_M; C:WINDOWSSystem32DLADLAUDF_M.SYS [2006-06-13 88476]
R2 DLAUDFAM;DLAUDFAM; C:WINDOWSSystem32DLADLAUDFAM.SYS [2006-06-13 94460]
R2 DRVNDDM;DRVNDDM; C:WINDOWSSystem32DriversDRVNDDM.SYS [2006-03-17 40544]
R2 irda;IrDA Protocol; C:WINDOWSsystem32DRIVERSirda.sys [2008-04-13 88192]
R2 SPIDER;SpIDer FS Monitor for Windows NT; ??C:PROGRA~1DrWebspider.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-11-22 3804416]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2006-06-08 1580544]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-13 10368]
R3 irsir;Microsoft Serial Infrared Driver; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-17 18688]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-02-18 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-02-18 13056]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:WINDOWSsystem32DRIVERSpoint32.sys [2005-06-10 21760]
R3 Rasirda;WAN Miniport (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-17 19584]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
S1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-13 14592]
S3 Arp1394;1394 ARP Client Protocol; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-13 60800]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2005-11-10 4064256]
S3 MHNDRV;MHN driver; C:WINDOWSsystem32DRIVERSmhndrv.sys [2004-08-10 11008]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
S3 Mtlmnt5;Mtlmnt5; C:WINDOWSsystem32DRIVERSMtlmnt5.sys [2004-08-03 126686]
S3 Mtlstrm;Mtlstrm; C:WINDOWSsystem32DRIVERSMtlstrm.sys [2004-08-03 1309184]
S3 NIC1394;1394 Net Driver; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-13 61824]
S3 NtMtlFax;NtMtlFax; C:WINDOWSsystem32DRIVERSNtMtlFax.sys [2004-08-03 180360]
S3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2005-12-10 3536768]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:WINDOWSsystem32driversnvax.sys [2004-10-22 53376]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:WINDOWSsystem32driversnvapu.sys [2004-10-22 413824]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2005-09-30 78720]
S3 Slnt7554;USB Soft Modem Driver; C:WINDOWSsystem32DRIVERSslnt7554.sys [2004-08-03 129535]
S3 SlNtHal;SlNtHal; C:WINDOWSsystem32DRIVERSSlnthal.sys [2004-08-03 95424]
S3 SlWdmSup;SlWdmSup; C:WINDOWSsystem32DRIVERSSlWdmSup.sys [2004-08-03 13240]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2001-08-17 7552]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2006-06-08 409600]
R2 ehRecvr;Служба ресивера Media Center; C:WINDOWSeHomeehRecvr.exe [2005-10-11 237568]
R2 Irmon;Infrared Monitor; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 McrdSvc;Media Center Extender Service; C:WINDOWSehomemcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2003-06-19 322120]
R2 SLService;SmartLinkService; C:WINDOWSSYSTEM32slserv.exe [2008-04-14 73796]
R2 spidernt;SpIDer Guard for Windows NT; C:PROGRA~1DrWebSpiderNT.exe [2006-05-02 118784]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2006-06-07 520192]
S2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2005-12-10 131139]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2007-04-10 68096]
S3 aspnet_state;Служба состояний ASP.NET; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2007-04-10 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-07-01 138168]
S3 MHN;MHN; C:WINDOWSSystem32svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-08-03 38912]

---

EOF

---

И ИНФО.:

info.txt logfile of random’s system information tool 1.04 2008-12-07 20:07:13

======Uninstall list======

—>C:Program FilesDivXDivXConverterUninstall.exe /CONVERTER
—>C:WINDOWSsystem32\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
—>MsiExec /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{28B97CAB-828F-49D8-A30A-675476F9BA92}setup.exe» -l0x19 /cont -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{4E7DC12A-3597-4A94-9429-F6C6987361B1}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6813C983-427E-4511-8456-E98FCAA1A125}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7DADB304-AF20-48C3-A780-4B4133A08817}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9225EABF-4457-403B-A82B-91614C9DDDF7}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{ACE66099-E18E-4037-83C8-9D182E5B9FA8}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B34B6E67-FCDD-4E03-8742-B5701427FAFB}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C9EFF51A-C925-4F1A-9DEB-DB5F970DE983}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E9CCEA28-3608-4078-8A07-997646E1A357}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FD7FF74D-0AB5-48D6-929C-7E93A5162521}setup.exe» -l0x19 -removeonly
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
1000NET—>C:WINDOWSIsUninst.exe -fC:GAMESTRIADA1000NETUninst.isu
Adobe Flash Player 9 ActiveX—>C:WINDOWSsystem32MacromedFlashFlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Photoshop CS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EFB21DE7-8C19-4A88-BB28-A766E16493BC}setup.exe» -l0x9
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
AGEIA PhysX v7.07.24—>MsiExec.exe /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
Amethyst CADconvert 2004—>MsiExec.exe /I{4CB7D8E7-B0DF-4122-9DA5-5880876761B0}
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>MsiExec.exe /I{12452C5A-32E2-40C6-808D-DA4FB6DC35A5}
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AutoCAD 2006 — English—>MsiExec.exe /I{5783F2D7-4001-0409-0002-0060B0CE6BBA}
Autodesk DWF Viewer—>C:PROGRA~1AutodeskAUTODE~1Setup.exe /remove
BitAccelerator—>»C:Program FilesBitAcceleratorUninstall.exe»
Call of Duty — United Offensive—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{A662E280-64A8-4CF5-8407-13D0808602B3}
Call of Duty 2—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{A1BEEC49-4F66-4DCC-8F35-EB6F76C8BC96}
Call of Duty(R) 4 — Modern Warfare(TM)—>C:Program FilesInstallShield Installation Information{E48469CC-635E-4FD5-A122-1497C286D217}setup.exe -runfromtemp -l0x0419
Call of Duty—>C:PROGRA~1CALLOF~1UninstallUnwise.exe /u C:PROGRA~1CALLOF~1UninstallInstall.log
Canon i560—>C:WINDOWSsystem32CNMCP58.exe «-PRINTERNAMECanon i560» «-HELPERDLLC:BJPrinterCNMWINDOWSCanon i560 InstallerInst2cnmis.dll» «-RCDLLC:BJPrinterCNMWINDOWSCanon i560 InstallerInst2cnmi0419.dll»
ConnectionServices—>»C:Program FilesConnectionServicesUninstall.exe»
DivX Codec—>C:Program FilesDivXDivXCodecUninstall.exe /CODEC
DivX Converter—>C:Program FilesDivXDivXConverterUninstall.exe /CONVERTER
DivX Player—>C:Program FilesDivXDivXPlayerUninstall.exe /PLAYER
DivX Web Player—>C:Program FilesDivXDivXWebPlayerUninstall.exe /PLUGIN
Dr.Web—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BBE2F69C-4338-11D7-8F0C-00A0244F4E2D}setup.exe» -l0x19 -removeonly
Enclave—>»C:Program FilesEnclaveunins000.exe»
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
Google Планета Земля—>MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
GTA Vice City — Deluxe—>»C:GamesGTA Vice City — Deluxeunins000.exe»
Hellgate—>»C:Program FilesHellgateunins000.exe»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
Hitman 2. Бесшумный убийца—>C:Program FilesInstallShield Installation Information{AC131755-CF45-4A77-861A-D3BBC96D94A6}setup.exe -runfromtemp -l0x0019 -removeonly
Hitman Blood Money—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}setup.exe» -l0x9 -removeonly
Hotfix for Windows Media Player 10 (KB903157)—>»C:WINDOWS$NtUninstallKB903157$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
IGI—>C:WINDOWSIsUn0419.exe -f»C:Program FilesEidos InteractiveIGIUninst.isu»
Judge Dredd — Dredd vs Death—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8FC8A1FB-F49B-4C2A-9A90-F229250A1AF6}setup.exe»
Localization Pack for Microsoft Windows XP Media Center Edition—>MsiExec.exe /I{9A4684EF-34A4-4E38-BD46-7667A48AC498}
Mail.Ru Агент 5.2 (сборка 2405, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Mail.Ru Спутник 2.0.1.31—>C:Program FilesMail.RuSputnikSputnikInstaller.exe -uninstall
Marine SharpShooter 2—>»C:Program FilesMS2unins000.exe»
Max Payne 2—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BFA82616-6804-4526-87E0-E685AB20645A}setup.exe» -l0x19
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack — RUS—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0 Language Pack — RUSinstall.exe
Microsoft .NET Framework 2.0 Service Pack 1—>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 (KB927978)—>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Need for Speed 5 — Porsche Unleashed—>C:WINDOWSIsUninst.exe -f»C:GAMESTRIADANeed for Speed 5 — Porsche UnleashedUninst.isu»
Need for Speed Carbon—>»C:Program FilesNeed for Speed Carbonunins000.exe»
Need for Speed Most Wanted — Black Edition—>»C:Program FilesNeed for Speed Most Wanted — Black Editionunins000.exe»
Nero 6 Ultra Edition—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
NVIDIA Drivers—>C:WINDOWSsystem32nvunrm.exe UninstallGUI
NvMixer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D7A6C517-11F2-419F-B5BB-27772B939698}Setup.exe» -uninstall
QUAKE4—>C:GAMESQUAKE4UNWISE.EXE C:GAMESQUAKE4INSTALL.LOG
Readiris Pro 10—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}setup.exe» -l0x9
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» -l0x19 -removeonly
Realtek High Definition Audio Driver—>RtlUpd.exe -r -m
Samsung SCX-4200 Series—>C:Program FilesSamsungSamsung SCX-4200 SeriesInstallSetup.exe /R
Security Update for Step By Step Interactive Training (KB898458)—>»C:WINDOWS$NtUninstallKB898458$spuninstspuninst.exe»
Security Update for Windows Media Player 10 (KB911565)—>»C:WINDOWS$NtUninstallKB911565$spuninstspuninst.exe»
Security Update for Windows Media Player 10 (KB917734)—>»C:WINDOWS$NtUninstallKB917734_WMP10$spuninstspuninst.exe»
Security Update for Windows Media Player 10 (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP10$spuninstspuninst.exe»
Security Update for Windows XP (KB923789)—>C:WINDOWSsystem32MacroMedFlashgenuinst.exe C:WINDOWSsystem32MacroMedFlashKB923789.inf
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB950759)—>»C:WINDOWS$NtUninstallKB950759$spuninstspuninst.exe»
Security Update for Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376)—>»C:WINDOWS$NtUninstallKB951376$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953838)—>»C:WINDOWS$NtUninstallKB953838$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Security Update for Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Security Update for Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Security Update for Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Security Update for Windows XP (KB956390)—>»C:WINDOWS$NtUninstallKB956390$spuninstspuninst.exe»
Security Update for Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Security Update for Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Security Update for Windows XP (KB957095)—>»C:WINDOWS$NtUninstallKB957095$spuninstspuninst.exe»
Security Update for Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Security Update for Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
SmarThru 4—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{90F1943D-EA4A-4460-B59F-30023F3BA69A}Setup.exe» -l0x19 uninstall -l0019
Sonic Encoders—>MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic UDF Reader—>MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sony Picture Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D5068583-D569-468B-9755-5FBF5848F46F}setup.exe» -l0x19 /removeonly uninstall -removeonly
Sony USB Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}setup.exe» -l0x19 UNINSTALL -removeonly
Spore—>»C:Program FilesSporeunins000.exe»
SWAT 4—>»C:Program FilesSWAT 4unins000.exe»
Syberia 2—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesMicroidsSyberia 2Uninstallsetup.exe» -l0x19
Update for Windows Media Player 10 (KB913800)—>»C:WINDOWS$NtUninstallKB913800$spuninstspuninst.exe»
Update for Windows Media Player 10 (KB926251)—>»C:WINDOWS$NtUninstallKB926251$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Update for Windows XP (KB951978)—>»C:WINDOWS$NtUninstallKB951978$spuninstspuninst.exe»
Update Rollup 2 for Windows XP Media Center Edition 2005—>C:WINDOWS$NtUninstallKB900325$spuninstspuninst.exe
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows XP Media Center Edition 2005 KB908250—>»C:WINDOWS$NtUninstallKB908250$spuninstspuninst.exe»
Windows XP Service Pack 3—>»C:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe»
WinSolit V2.81—>C:WINDOWSIsUninst.exe -f»C:GAMESTRIADAWinSolit V2.81Uninst.isu»
Архиватор WinRAR (только удаление)—>C:Program FilesWinRARuninstall.exe
Древо Жизни—>»C:Program FilesGenery SoftwareDrevouninstall.exe»
Засранцы против ГАИ 2—>C:PROGRA~1MSRipsMM2RUSUNWISE.EXE C:PROGRA~1MSRipsMM2RUSINSTALL.LOG
Красная Акула—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8AE7D258-08DA-469F-A777-9D8F4D33B0D8}Setup.exe»
Нэнси Дрю. Проклятье поместья Блэкмур—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{DE5DF484-7BFC-48AF-AD7B-9EBF4184027D}setup.exe» -l0x19
Танки Второй Мировой: Т-34 против Тигра—>»C:Program FilesIDDKT34vsTigerunins000.exe»
Танчики—>C:Program FilesBukaTanksUnins000.exe

=====HijackThis Backups=====

O4 — HKLM..Run: [services] C:WINDOWSservices.exe
O2 — BHO: usulibP — {007F52D6-FD27-47E9-A170-4AEBD13B04BA} — C:WINDOWSsystem32usulib.dll
O4 — HKLM..Run: [acrrbrjj] %systemroot%acrrbrjj.exe
O4 — HKLM..Run: [lsass driver] C:WINDOWSmsauc.exe
O2 — BHO: pnblibP — {C32DE957-4182-4D6F-80ED-FC8F89A9424C} — C:WINDOWSsystem32pnblib.dll

======Security center information======

AV: Doctor Web Anti-Virus

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SYSTEMROOT%SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%SYSTEM32WBEM;C:PROGRAM FILESATI TECHNOLOGIESATI.ACE;C:Program FilesCommon FilesAutodesk Shared
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
«PROCESSOR_REVISION»=2f02
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[1980]

Добрый день!

Спасибо за помощь. Удалила указаные вами строки, информер не появился больше, надеюсь, что и не появится.
А какие еще у меня на компьютере вирусы?
Запустила программу, вставляю логи:

LOG:
Logfile of random’s system information tool 1.04 (written by random/random)
Run by OEM at 2008-12-05 14:05:45
Microsoft Windows XP Professional Service Pack 3
System drive C: has 24 GB (15%) free of 153 GB
Total RAM: 1022 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:05:55, on 05.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSYSTEM32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32slserv.exe
C:PROGRA~1DrWebSpiderNT.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32dllhost.exe
C:WINDOWSehomeehtray.exe
C:Program FilesMicrosoft IntelliType Protype32.exe
C:Program FilesMicrosoft IntelliPointpoint32.exe
C:WINDOWSeHomeehmsas.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSSamsungPanelMgrssmmgr.exe
C:WINDOWSSystem32DLADLACTRLW.EXE
C:Program FilesDrWebspiderml.exe
C:Program FilesDrWebDRWEBSCD.EXE
C:PROGRA~1DrWebspidernt.exe
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSservices.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:WINDOWSsystem32cmd.exe
C:WINDOWSservices.exe
C:WINDOWSsystem32cmd.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSservices.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsOEMLocal SettingsTemporary Internet FilesContent.IE5L12LMN67RSIT[1].exe
C:Program FilesTrend MicroHijackThisOEM.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
R1 — HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: DriveLetterAccess — {5CA3D70E-1895-11CF-8E15-001234567890} — C:WINDOWSSystem32DLADLASHX_W.DLL
O2 — BHO: ConnectionServices module — {6D7B211A-88EA-490c-BAB9-3600D8D7C503} — C:Program FilesConnectionServicesConnectionServices.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: BitAccelerator module — {92860A02-4D69-48c1-82D7-EF6B2C609502} — C:Program FilesBitAcceleratorBitAccelerator.dll (file missing)
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O4 — HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 — HKLM..Run: [NVMixerTray] «C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe»
O4 — HKLM..Run: [type32] «C:Program FilesMicrosoft IntelliType Protype32.exe»
O4 — HKLM..Run: [IntelliPoint] «C:Program FilesMicrosoft IntelliPointpoint32.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime -Delay
O4 — HKLM..Run: [Samsung PanelMgr] C:WINDOWSSamsungPanelMgrssmmgr.exe /autorun
O4 — HKLM..Run: [DLA] C:WINDOWSSystem32DLADLACTRLW.EXE
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [DrWebScheduler] «C:Program FilesDrWebDRWEBSCD.EXE»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspidernt.exe /agent
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [services] C:WINDOWSservices.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~4OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Найти в интернете — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Найти в словарях — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~4OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1216304992906
O16 — DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) — http://my.foto.mail.ru/ImageUploader4.cab
O23 — Service: Adobe LM Service — Unknown owner — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Autodesk Licensing Service — Autodesk — C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: SmartLinkService (SLService) — Smart Link — C:WINDOWSSYSTEM32slserv.exe
O23 — Service: SpIDer Guard for Windows NT (spidernt) — Doctor Web, Ltd. — C:PROGRA~1DrWebSpiderNT.exe

—
End of file — 7565 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess — C:WINDOWSSystem32DLADLASHX_W.DLL [2006-06-13 110652]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6D7B211A-88EA-490c-BAB9-3600D8D7C503}]
ConnectionServices Class — C:Program FilesConnectionServicesConnectionServices.dll [2008-04-15 462336]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-10-25 667336]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{92860A02-4D69-48c1-82D7-EF6B2C609502}]
BitAccelerator Class — C:Program FilesBitAcceleratorBitAccelerator.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-07-01 2427968]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2008-10-13 737776]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-10-25 667336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-07-01 2427968]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«ehTray»=C:WINDOWSehomeehtray.exe [2005-08-05 64512]
«NVMixerTray»=C:Program FilesNVIDIA CorporationNvMixerNVMixerTray.exe [2004-10-07 131072]
«type32″=C:Program FilesMicrosoft IntelliType Protype32.exe [2005-06-10 196608]
«IntelliPoint»=C:Program FilesMicrosoft IntelliPointpoint32.exe [2005-06-10 217088]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2005-12-10 7311360]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2005-12-10 86016]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2005-11-10 15473664]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-04 69632]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-11-11 90112]
«ATICCC»=C:Program FilesATI TechnologiesATI.ACEcli.exe [2006-01-02 45056]
«Samsung PanelMgr»=C:WINDOWSSamsungPanelMgrssmmgr.exe [2005-10-31 503808]
«DLA»=C:WINDOWSSystem32DLADLACTRLW.EXE [2006-06-13 127036]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2006-10-23 161792]
«DrWebScheduler»=C:Program FilesDrWebDRWEBSCD.EXE [2006-05-10 125440]
«SpIDerNT»=C:PROGRA~1DrWebspidernt.exe [2006-05-02 118784]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-10-25 4412920]
«services»=C:WINDOWSservices.exe [2008-10-27 44544]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-10-13 68856]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMAgent]
C:Program FilesMail.RuAgentMAgent.exe [2008-10-25 4412920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:PROGRA~1COMMON~1AdobeCALIBR~1ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk]
C:PROGRA~1COMMON~1AUTODE~1ACSTAR~1.EXE [2005-03-05 10872]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:Program FilesMicrosoft OfficeOffice10OSA.EXE -b -l []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~1.0ReaderREADER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^OEM^Start Menu^Programs^Startup^Инструмент проверки носителя Picture Motion Browser.lnk]
C:PROGRA~1SonySONYPI~1VOLUME~1SPUVOL~1.EXE [2006-12-28 344064]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSSYSTEM32Ati2evxx.dll [2006-06-08 61440]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
C:WINDOWSSYSTEM32WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati2alxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati2alxx.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«InstallVisualStyle»=C:WINDOWSResourcesThemesRoyaleRoyale.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesRoyale.theme

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesMail.RuAgentMagent.exe»=»C:Program FilesMail.RuAgentMagent.exe:*:Enabled:Mail.Ru Agent»
«C:Program FilesActivisionCall of Duty 4 — Modern Warfareiw3mp.exe»=»C:Program FilesActivisionCall of Duty 4 — Modern Warfareiw3mp.exe:*:Enabled:Call of Duty(R) 4 — Modern Warfare(TM)»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2514b64f-7093-11da-ba55-806d6172696f}]
shellAutoRuncommand — D:d_setup.exe

======File associations======

.scr — open — «c:WINDOWSsystem32notepad.exe» «%1»
.scr — install —
.scr — config —

======List of files/folders created in the last 1 months======

2008-12-05 14:05:45 —-D—- C:rsit
2008-12-04 11:08:38 —-D—- C:Program FilesTrend Micro
2008-12-03 14:51:04 —-A—- C:WINDOWSsystem32usulib.dll
2008-12-03 14:50:00 —-A—- C:WINDOWSsystem32pnblib.dll
2008-11-16 22:56:15 —-A—- C:WINDOWSsystem32MRT.INI
2008-11-16 22:54:46 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2008-11-16 22:54:07 —-HDC—- C:WINDOWS$NtUninstallKB954459$
2008-11-16 22:53:26 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2008-11-06 11:08:30 —-D—- C:Program FilesBlack and White 2 — Battle of the Gods

======List of files/folders modified in the last 1 months======

2008-12-05 14:02:28 —-D—- C:Program FilesDrWeb
2008-12-05 14:00:42 —-D—- C:WINDOWS
2008-12-05 14:00:35 —-D—- C:WINDOWSTemp
2008-12-05 14:00:26 —-D—- C:WINDOWSRegistration
2008-12-05 13:59:06 —-A—- C:WINDOWSSchedLgU.Txt
2008-12-05 13:55:56 —-HD—- C:WINDOWSinf
2008-12-05 13:55:53 —-D—- C:WINDOWSsystem32CatRoot2
2008-12-04 21:09:42 —-D—- C:WINDOWSMinidump
2008-12-04 18:55:11 —-A—- C:WINDOWSNeroDigital.ini
2008-12-04 11:08:38 —-RD—- C:Program Files
2008-12-03 20:21:10 —-D—- C:WINDOWSnetwork diagnostic
2008-12-03 14:51:04 —-D—- C:WINDOWSsystem32
2008-11-30 19:17:02 —-D—- C:Documents and SettingsOEMApplication DataMra
2008-11-27 12:42:06 —-A—- C:WINDOWSIE4 Error Log.txt
2008-11-26 15:20:33 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-11-25 16:11:27 —-D—- C:WINDOWSHelp
2008-11-16 22:54:49 —-D—- C:WINDOWSsystem32drivers
2008-11-16 22:54:46 —-HD—- C:WINDOWS$hf_mig$
2008-11-16 22:54:12 —-A—- C:WINDOWSimsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Драйвер AMD процессора; C:WINDOWSsystem32DRIVERSAmdK8.sys [2005-03-09 43008]
R1 DLACDBHM;DLACDBHM; C:WINDOWSSystem32DriversDLACDBHM.SYS [2006-03-17 5660]
R1 DLARTL_N;DLARTL_N; C:WINDOWSSystem32DriversDLARTL_N.SYS [2006-03-17 22684]
R1 drwebnet;SpIDer Guard boot hook driver for Windows NT; C:WINDOWSsystem32driversdrwebnet.sys [2005-10-17 5856]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2004-08-10 12032]
R2 DgiVecp;Team MFP Comm Driver; C:WINDOWSSystem32DriversDgiVecp.sys [2005-08-17 41984]
R2 DLABOIOM;DLABOIOM; C:WINDOWSSystem32DLADLABOIOM.SYS [2006-06-13 25724]
R2 DLADResN;DLADResN; C:WINDOWSSystem32DLADLADResN.SYS [2006-06-13 2528]
R2 DLAIFS_M;DLAIFS_M; C:WINDOWSSystem32DLADLAIFS_M.SYS [2006-06-13 86844]
R2 DLAOPIOM;DLAOPIOM; C:WINDOWSSystem32DLADLAOPIOM.SYS [2006-06-13 14716]
R2 DLAPoolM;DLAPoolM; C:WINDOWSSystem32DLADLAPoolM.SYS [2006-06-13 6364]
R2 DLAUDF_M;DLAUDF_M; C:WINDOWSSystem32DLADLAUDF_M.SYS [2006-06-13 88476]
R2 DLAUDFAM;DLAUDFAM; C:WINDOWSSystem32DLADLAUDFAM.SYS [2006-06-13 94460]
R2 DRVNDDM;DRVNDDM; C:WINDOWSSystem32DriversDRVNDDM.SYS [2006-03-17 40544]
R2 irda;IrDA Protocol; C:WINDOWSsystem32DRIVERSirda.sys [2008-04-13 88192]
R2 SPIDER;SpIDer FS Monitor for Windows NT; ??C:PROGRA~1DrWebspider.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-11-22 3804416]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2006-06-08 1580544]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-13 10368]
R3 irsir;Microsoft Serial Infrared Driver; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-17 18688]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-02-18 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-02-18 13056]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:WINDOWSsystem32DRIVERSpoint32.sys [2005-06-10 21760]
R3 Rasirda;WAN Miniport (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-17 19584]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-13 14592]
S3 Arp1394;1394 ARP Client Protocol; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-13 60800]
S3 bfastfao;bfastfao; ??C:DOCUME~1OEMLOCALS~1Tempbfastfao.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2005-11-10 4064256]
S3 MHNDRV;MHN driver; C:WINDOWSsystem32DRIVERSmhndrv.sys [2004-08-10 11008]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
S3 Mtlmnt5;Mtlmnt5; C:WINDOWSsystem32DRIVERSMtlmnt5.sys [2004-08-03 126686]
S3 Mtlstrm;Mtlstrm; C:WINDOWSsystem32DRIVERSMtlstrm.sys [2004-08-03 1309184]
S3 NIC1394;1394 Net Driver; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-13 61824]
S3 NtMtlFax;NtMtlFax; C:WINDOWSsystem32DRIVERSNtMtlFax.sys [2004-08-03 180360]
S3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2005-12-10 3536768]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:WINDOWSsystem32driversnvax.sys [2004-10-22 53376]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:WINDOWSsystem32driversnvapu.sys [2004-10-22 413824]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2005-09-30 78720]
S3 Slnt7554;USB Soft Modem Driver; C:WINDOWSsystem32DRIVERSslnt7554.sys [2004-08-03 129535]
S3 SlNtHal;SlNtHal; C:WINDOWSsystem32DRIVERSSlnthal.sys [2004-08-03 95424]
S3 SlWdmSup;SlWdmSup; C:WINDOWSsystem32DRIVERSSlWdmSup.sys [2004-08-03 13240]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2001-08-17 7552]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2006-06-08 409600]
R2 ehRecvr;Служба ресивера Media Center; C:WINDOWSeHomeehRecvr.exe [2005-10-11 237568]
R2 Irmon;Infrared Monitor; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 McrdSvc;Media Center Extender Service; C:WINDOWSehomemcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2003-06-19 322120]
R2 SLService;SmartLinkService; C:WINDOWSSYSTEM32slserv.exe [2008-04-14 73796]
R2 spidernt;SpIDer Guard for Windows NT; C:PROGRA~1DrWebSpiderNT.exe [2006-05-02 118784]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2006-06-07 520192]
S2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2005-12-10 131139]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2007-04-10 68096]
S3 aspnet_state;Служба состояний ASP.NET; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2007-04-10 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-07-01 138168]
S3 MHN;MHN; C:WINDOWSSystem32svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-08-03 38912]

---

EOF

---

И INFO:

info.txt logfile of random’s system information tool 1.04 2008-12-05 14:05:58

======Uninstall list======

—>C:Program FilesDivXDivXConverterUninstall.exe /CONVERTER
—>C:WINDOWSsystem32\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
—>MsiExec /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{28B97CAB-828F-49D8-A30A-675476F9BA92}setup.exe» -l0x19 /cont -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{4E7DC12A-3597-4A94-9429-F6C6987361B1}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6813C983-427E-4511-8456-E98FCAA1A125}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7DADB304-AF20-48C3-A780-4B4133A08817}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9225EABF-4457-403B-A82B-91614C9DDDF7}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{ACE66099-E18E-4037-83C8-9D182E5B9FA8}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B34B6E67-FCDD-4E03-8742-B5701427FAFB}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C9EFF51A-C925-4F1A-9DEB-DB5F970DE983}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E9CCEA28-3608-4078-8A07-997646E1A357}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}setup.exe» -l0x19 -removeonly
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FD7FF74D-0AB5-48D6-929C-7E93A5162521}setup.exe» -l0x19 -removeonly
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
1000NET—>C:WINDOWSIsUninst.exe -fC:GAMESTRIADA1000NETUninst.isu
Adobe Flash Player 9 ActiveX—>C:WINDOWSsystem32MacromedFlashFlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Photoshop CS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EFB21DE7-8C19-4A88-BB28-A766E16493BC}setup.exe» -l0x9
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
AGEIA PhysX v7.07.24—>MsiExec.exe /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
Amethyst CADconvert 2004—>MsiExec.exe /I{4CB7D8E7-B0DF-4122-9DA5-5880876761B0}
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>MsiExec.exe /I{12452C5A-32E2-40C6-808D-DA4FB6DC35A5}
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AutoCAD 2006 — English—>MsiExec.exe /I{5783F2D7-4001-0409-0002-0060B0CE6BBA}
Autodesk DWF Viewer—>C:PROGRA~1AutodeskAUTODE~1Setup.exe /remove
BitAccelerator—>»C:Program FilesBitAcceleratorUninstall.exe»
Call of Duty — United Offensive—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{A662E280-64A8-4CF5-8407-13D0808602B3}
Call of Duty 2—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{A1BEEC49-4F66-4DCC-8F35-EB6F76C8BC96}
Call of Duty(R) 4 — Modern Warfare(TM)—>C:Program FilesInstallShield Installation Information{E48469CC-635E-4FD5-A122-1497C286D217}setup.exe -runfromtemp -l0x0419
Call of Duty—>C:PROGRA~1CALLOF~1UninstallUnwise.exe /u C:PROGRA~1CALLOF~1UninstallInstall.log
Canon i560—>C:WINDOWSsystem32CNMCP58.exe «-PRINTERNAMECanon i560» «-HELPERDLLC:BJPrinterCNMWINDOWSCanon i560 InstallerInst2cnmis.dll» «-RCDLLC:BJPrinterCNMWINDOWSCanon i560 InstallerInst2cnmi0419.dll»
ConnectionServices—>»C:Program FilesConnectionServicesUninstall.exe»
DivX Codec—>C:Program FilesDivXDivXCodecUninstall.exe /CODEC
DivX Converter—>C:Program FilesDivXDivXConverterUninstall.exe /CONVERTER
DivX Player—>C:Program FilesDivXDivXPlayerUninstall.exe /PLAYER
DivX Web Player—>C:Program FilesDivXDivXWebPlayerUninstall.exe /PLUGIN
Dr.Web—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BBE2F69C-4338-11D7-8F0C-00A0244F4E2D}setup.exe» -l0x19 -removeonly
Enclave—>»C:Program FilesEnclaveunins000.exe»
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
Google Планета Земля—>MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
GTA Vice City — Deluxe—>»C:GamesGTA Vice City — Deluxeunins000.exe»
Hellgate—>»C:Program FilesHellgateunins000.exe»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
Hitman 2. Бесшумный убийца—>C:Program FilesInstallShield Installation Information{AC131755-CF45-4A77-861A-D3BBC96D94A6}setup.exe -runfromtemp -l0x0019 -removeonly
Hitman Blood Money—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}setup.exe» -l0x9 -removeonly
Hotfix for Windows Media Player 10 (KB903157)—>»C:WINDOWS$NtUninstallKB903157$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
IGI—>C:WINDOWSIsUn0419.exe -f»C:Program FilesEidos InteractiveIGIUninst.isu»
Judge Dredd — Dredd vs Death—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8FC8A1FB-F49B-4C2A-9A90-F229250A1AF6}setup.exe»
Localization Pack for Microsoft Windows XP Media Center Edition—>MsiExec.exe /I{9A4684EF-34A4-4E38-BD46-7667A48AC498}
Mail.Ru Агент 5.2 (сборка 2405, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Mail.Ru Спутник 2.0.1.31—>C:Program FilesMail.RuSputnikSputnikInstaller.exe -uninstall
Marine SharpShooter 2—>»C:Program FilesMS2unins000.exe»
Max Payne 2—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BFA82616-6804-4526-87E0-E685AB20645A}setup.exe» -l0x19
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack — RUS—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0 Language Pack — RUSinstall.exe
Microsoft .NET Framework 2.0 Service Pack 1—>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 (KB927978)—>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Need for Speed 5 — Porsche Unleashed—>C:WINDOWSIsUninst.exe -f»C:GAMESTRIADANeed for Speed 5 — Porsche UnleashedUninst.isu»
Need for Speed Carbon—>»C:Program FilesNeed for Speed Carbonunins000.exe»
Need for Speed Most Wanted — Black Edition—>»C:Program FilesNeed for Speed Most Wanted — Black Editionunins000.exe»
Nero 6 Ultra Edition—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
NVIDIA Drivers—>C:WINDOWSsystem32nvunrm.exe UninstallGUI
NvMixer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D7A6C517-11F2-419F-B5BB-27772B939698}Setup.exe» -uninstall
QUAKE4—>C:GAMESQUAKE4UNWISE.EXE C:GAMESQUAKE4INSTALL.LOG
Readiris Pro 10—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}setup.exe» -l0x9
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» -l0x19 -removeonly
Realtek High Definition Audio Driver—>RtlUpd.exe -r -m
Samsung SCX-4200 Series—>C:Program FilesSamsungSamsung SCX-4200 SeriesInstallSetup.exe /R
Security Update for Step By Step Interactive Training (KB898458)—>»C:WINDOWS$NtUninstallKB898458$spuninstspuninst.exe»
Security Update for Windows Media Player 10 (KB911565)—>»C:WINDOWS$NtUninstallKB911565$spuninstspuninst.exe»
Security Update for Windows Media Player 10 (KB917734)—>»C:WINDOWS$NtUninstallKB917734_WMP10$spuninstspuninst.exe»
Security Update for Windows Media Player 10 (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP10$spuninstspuninst.exe»
Security Update for Windows XP (KB923789)—>C:WINDOWSsystem32MacroMedFlashgenuinst.exe C:WINDOWSsystem32MacroMedFlashKB923789.inf
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB950759)—>»C:WINDOWS$NtUninstallKB950759$spuninstspuninst.exe»
Security Update for Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376)—>»C:WINDOWS$NtUninstallKB951376$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953838)—>»C:WINDOWS$NtUninstallKB953838$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Security Update for Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Security Update for Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Security Update for Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Security Update for Windows XP (KB956390)—>»C:WINDOWS$NtUninstallKB956390$spuninstspuninst.exe»
Security Update for Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Security Update for Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Security Update for Windows XP (KB957095)—>»C:WINDOWS$NtUninstallKB957095$spuninstspuninst.exe»
Security Update for Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Security Update for Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
SmarThru 4—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{90F1943D-EA4A-4460-B59F-30023F3BA69A}Setup.exe» -l0x19 uninstall -l0019
Sonic Encoders—>MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic UDF Reader—>MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sony Picture Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D5068583-D569-468B-9755-5FBF5848F46F}setup.exe» -l0x19 /removeonly uninstall -removeonly
Sony USB Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}setup.exe» -l0x19 UNINSTALL -removeonly
Spore—>»C:Program FilesSporeunins000.exe»
SWAT 4—>»C:Program FilesSWAT 4unins000.exe»
Syberia 2—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesMicroidsSyberia 2Uninstallsetup.exe» -l0x19
Update for Windows Media Player 10 (KB913800)—>»C:WINDOWS$NtUninstallKB913800$spuninstspuninst.exe»
Update for Windows Media Player 10 (KB926251)—>»C:WINDOWS$NtUninstallKB926251$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Update for Windows XP (KB951978)—>»C:WINDOWS$NtUninstallKB951978$spuninstspuninst.exe»
Update Rollup 2 for Windows XP Media Center Edition 2005—>C:WINDOWS$NtUninstallKB900325$spuninstspuninst.exe
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows XP Media Center Edition 2005 KB908250—>»C:WINDOWS$NtUninstallKB908250$spuninstspuninst.exe»
Windows XP Service Pack 3—>»C:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe»
WinSolit V2.81—>C:WINDOWSIsUninst.exe -f»C:GAMESTRIADAWinSolit V2.81Uninst.isu»
Архиватор WinRAR (только удаление)—>C:Program FilesWinRARuninstall.exe
Древо Жизни—>»C:Program FilesGenery SoftwareDrevouninstall.exe»
Засранцы против ГАИ 2—>C:PROGRA~1MSRipsMM2RUSUNWISE.EXE C:PROGRA~1MSRipsMM2RUSINSTALL.LOG
Красная Акула—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8AE7D258-08DA-469F-A777-9D8F4D33B0D8}Setup.exe»
Нэнси Дрю. Проклятье поместья Блэкмур—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{DE5DF484-7BFC-48AF-AD7B-9EBF4184027D}setup.exe» -l0x19
Танки Второй Мировой: Т-34 против Тигра—>»C:Program FilesIDDKT34vsTigerunins000.exe»
Танчики—>C:Program FilesBukaTanksUnins000.exe

=====HijackThis Backups=====

O4 — HKLM..Run: [services] C:WINDOWSservices.exe
O2 — BHO: usulibP — {007F52D6-FD27-47E9-A170-4AEBD13B04BA} — C:WINDOWSsystem32usulib.dll
O4 — HKLM..Run: [acrrbrjj] %systemroot%acrrbrjj.exe
O4 — HKLM..Run: [lsass driver] C:WINDOWSmsauc.exe
O2 — BHO: pnblibP — {C32DE957-4182-4D6F-80ED-FC8F89A9424C} — C:WINDOWSsystem32pnblib.dll

======Security center information======

AV: Doctor Web Anti-Virus

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SYSTEMROOT%SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%SYSTEM32WBEM;C:PROGRAM FILESATI TECHNOLOGIESATI.ACE;C:Program FilesCommon FilesAutodesk Shared
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
«PROCESSOR_REVISION»=2f02
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[Автор]

Сообщения