Созданные ответы форума
-
Сообщения
-
Присоединяюсь к поздравлениям!!!! Всего-всего Вам самого наилучшего!!!Спасибо, что Вы есть!!! 😀 😀 😀
Здравствуйте!!! 😛 Компьютер работает хорошо. Видео в интернете проигрывается. Огромное, огромное спасибо!!!!! 😀 😀 😀
Здравствуйте! 😀 Проделала все указанные действия, указанные Вами в предыдущем сообщении.
Вот ответные логи.
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service winsecguard stopped successfully.
Service winsecguard deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{016AD32D-F3F2-4299-BF3D-77BC4BE13D8D}\ not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C190C4B1-4117-4A31-A7BB-6D7BA65E6548}\ not found.
========== FILES ==========
File/Folder C:Documents and SettingsAll UsersApplication Datamrllib.dll not found.
File/Folder C:Documents and SettingsAll UsersApplication Datasrflib.dll not found.
File/Folder C:WINDOWSMicrosoft.NETzpx2.exe not found.
========== COMMANDS ==========
File delete failed. C:DOCUME~1123LOCALS~1Tempetilqs_QEdn5bbapYOwHi2ZnMYj scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1123LOCALS~1Temp~DFEA02.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
File delete failed. C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaultCache_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaultCache_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaultCache_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaultCache_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaulturlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 03072009_094306
Files moved on Reboot…
File C:DOCUME~1123LOCALS~1Tempetilqs_QEdn5bbapYOwHi2ZnMYj not found!
C:DOCUME~1123LOCALS~1Temp~DFEA02.tmp moved successfully.
File move failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be moved on reboot.
C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaultCache_CACHE_001_ moved successfully.
C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaultCache_CACHE_002_ moved successfully.
C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaultCache_CACHE_003_ moved successfully.
C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaultCache_CACHE_MAP_ moved successfully.
C:Documents and Settings123Local SettingsApplication DataMozillaFirefoxProfilesrokjtjks.defaulturlclassifier3.sqlite moved successfully.Logfile of random’s system information tool 1.05 (written by random/random)
Run by 123 at 2009-03-07 09:54:44
Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (77%) free of 35 GB
Total RAM: 2047 MB (77% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:54:46, on 07.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinampwinampa.exe
C:Program FilesAdobeReader 8.0ReaderReader_sl.exe
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIE.EXE
C:Program FilesPunto Switcherpunto.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesCanonCALCALMAIN.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and Settings123Рабочий столRSIT.exe
C:Program Filestrend micro123.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = start.qip.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll
O2 — BHO: EpsonToolBandKicker Class — {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
O3 — Toolbar: EPSON Web-To-Page — {EE5D279F-081B-4404-994D-C6B60AAEBA6D} — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe»
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [EPSON Stylus Photo R220 Series] C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIE.EXE /P30 «EPSON Stylus Photo R220 Series» /O6 «USB001» /M «Stylus Photo R220»
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Internet Security 2009ie_banner_deny.htm
O9 — Extra button: Статистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Internet Security 2009SCIEPlgn.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{75B262C7-970E-46F9-9B16-DFF90B60C0FF}: NameServer = 83.234.218.17,83.234.208.10
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Kaspersky Internet Security (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
O23 — Service: Canon Camera Access Library 8 (CCALib8) — Canon Inc. — C:Program FilesCanonCALCALMAIN.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6969 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll [2008-11-11 62728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll [2005-02-21 368640][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} — EPSON Web-To-Page — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll [2005-02-21 368640][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«AVP»=C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-02-26 206088]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2006-11-21 35328]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2007-05-11 40048]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-02-28 5598392]
«EPSON Stylus Photo R220 Series»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIE.EXE [2005-03-09 98304][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregATICCC]
C:Program FilesATI TechnologiesATI.ACECLIStart.exe [2006-05-10 90112][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHDAudDeck]
C:Program FilesVIAVIAudioiHDADeckHDeck.exe [2008-02-26 29757440][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2006-08-03 86016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-11-11 218376][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesEA GAMESMedal of Honor Pacific Assault(tm)mohpa.exe»=»C:Program FilesEA GAMESMedal of Honor Pacific Assault(tm)mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-03-06 22:22:47 —-D—- C:Documents and Settings123Application DataCyberLink
2009-03-06 22:22:12 —-D—- C:Program FilesCommon FilesCyberLink
2009-03-06 22:21:29 —-D—- C:Documents and SettingsAll UsersApplication DataTemp
2009-03-06 21:22:48 —-D—- C:Documents and SettingsAll UsersApplication DataCyberLink
2009-03-06 21:17:52 —-A—- C:WINDOWSsystem32msxml3a.dll
2009-03-06 21:17:18 —-A—- C:WINDOWSsystem32msvcp71.dll
2009-03-06 20:18:21 —-D—- C:Documents and Settings123Application DataQIP
2009-03-05 18:33:15 —-D—- C:Program FilesOpenAL
2009-03-05 18:33:15 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-03-05 18:33:11 —-RA—- C:WINDOWSsystem32tmp81.tmp
2009-03-05 18:33:11 —-RA—- C:WINDOWSsystem32tmp80.tmp
2009-03-05 18:33:11 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-03-05 18:32:21 —-A—- C:WINDOWSsystem32XAudio2_3.dll
2009-03-05 18:32:21 —-A—- C:WINDOWSsystem32XAPOFX1_2.dll
2009-03-05 18:32:21 —-A—- C:WINDOWSsystem32D3DX9_40.dll
2009-03-05 18:32:21 —-A—- C:WINDOWSsystem32d3dx10_40.dll
2009-03-05 18:32:21 —-A—- C:WINDOWSsystem32D3DCompiler_40.dll
2009-03-05 18:32:20 —-A—- C:WINDOWSsystem32XAudio2_2.dll
2009-03-05 18:32:20 —-A—- C:WINDOWSsystem32XAPOFX1_1.dll
2009-03-05 18:32:20 —-A—- C:WINDOWSsystem32xactengine3_3.dll
2009-03-05 18:32:20 —-A—- C:WINDOWSsystem32xactengine3_2.dll
2009-03-05 18:32:20 —-A—- C:WINDOWSsystem32X3DAudio1_5.dll
2009-03-05 18:32:19 —-A—- C:WINDOWSsystem32D3DX9_39.dll
2009-03-05 18:32:19 —-A—- C:WINDOWSsystem32d3dx10_39.dll
2009-03-05 18:32:19 —-A—- C:WINDOWSsystem32D3DCompiler_39.dll
2009-03-05 18:32:18 —-A—- C:WINDOWSsystem32XAudio2_1.dll
2009-03-05 18:32:18 —-A—- C:WINDOWSsystem32XAPOFX1_0.dll
2009-03-05 18:32:18 —-A—- C:WINDOWSsystem32xactengine3_1.dll
2009-03-05 18:32:18 —-A—- C:WINDOWSsystem32X3DAudio1_4.dll
2009-03-05 18:32:18 —-A—- C:WINDOWSsystem32d3dx10_38.dll
2009-03-05 18:32:18 —-A—- C:WINDOWSsystem32D3DCompiler_38.dll
2009-03-05 18:32:17 —-A—- C:WINDOWSsystem32XAudio2_0.dll
2009-03-05 18:32:17 —-A—- C:WINDOWSsystem32xactengine3_0.dll
2009-03-05 18:32:17 —-A—- C:WINDOWSsystem32X3DAudio1_3.dll
2009-03-05 18:32:17 —-A—- C:WINDOWSsystem32D3DX9_38.dll
2009-03-05 18:32:16 —-A—- C:WINDOWSsystem32D3DX9_37.dll
2009-03-05 18:32:16 —-A—- C:WINDOWSsystem32d3dx10_37.dll
2009-03-05 18:32:16 —-A—- C:WINDOWSsystem32D3DCompiler_37.dll
2009-03-05 18:32:15 —-A—- C:WINDOWSsystem32xactengine2_10.dll
2009-03-05 18:32:15 —-A—- C:WINDOWSsystem32d3dx9_36.dll
2009-03-05 18:32:15 —-A—- C:WINDOWSsystem32d3dx10_36.dll
2009-03-05 18:32:15 —-A—- C:WINDOWSsystem32D3DCompiler_36.dll
2009-03-05 18:32:14 —-A—- C:WINDOWSsystem32xactengine2_9.dll
2009-03-05 18:32:14 —-A—- C:WINDOWSsystem32d3dx10_35.dll
2009-03-05 18:32:14 —-A—- C:WINDOWSsystem32D3DCompiler_35.dll
2009-03-05 18:32:13 —-A—- C:WINDOWSsystem32xactengine2_8.dll
2009-03-05 18:32:13 —-A—- C:WINDOWSsystem32X3DAudio1_2.dll
2009-03-05 18:32:13 —-A—- C:WINDOWSsystem32d3dx9_35.dll
2009-03-05 18:32:13 —-A—- C:WINDOWSsystem32d3dx10_34.dll
2009-03-05 18:32:13 —-A—- C:WINDOWSsystem32D3DCompiler_34.dll
2009-03-05 18:32:12 —-A—- C:WINDOWSsystem32xinput1_3.dll
2009-03-05 18:32:12 —-A—- C:WINDOWSsystem32d3dx9_34.dll
2009-03-05 18:32:11 —-A—- C:WINDOWSsystem32xactengine2_7.dll
2009-03-05 18:32:11 —-A—- C:WINDOWSsystem32d3dx10_33.dll
2009-03-05 18:32:11 —-A—- C:WINDOWSsystem32D3DCompiler_33.dll
2009-03-05 18:32:09 —-A—- C:WINDOWSsystem32d3dx9_33.dll
2009-03-05 18:32:08 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2009-03-05 18:32:08 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-03-05 18:32:08 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-03-05 18:32:07 —-A—- C:WINDOWSsystem32xinput1_2.dll
2009-03-05 18:32:07 —-A—- C:WINDOWSsystem32xactengine2_4.dll
2009-03-05 18:32:07 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2009-03-05 18:32:07 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2009-03-05 18:32:07 —-A—- C:WINDOWSsystem32x3daudio1_1.dll
2009-03-05 18:32:07 —-A—- C:WINDOWSsystem32d3dx9_31.dll
2009-03-05 18:32:06 —-A—- C:WINDOWSsystem32xinput1_1.dll
2009-03-05 18:32:06 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2009-03-05 18:32:02 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-03-05 18:32:01 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2009-03-05 18:32:01 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2009-03-05 18:32:01 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2009-03-05 18:32:01 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-03-05 18:32:00 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2009-03-05 18:32:00 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2009-03-05 18:32:00 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2009-03-05 18:31:59 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2009-03-05 18:31:58 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2009-03-05 18:31:20 —-D—- C:WINDOWSLogs
2009-03-03 21:58:22 —-D—- C:Documents and Settings123Application DataHelp
2009-03-03 21:32:18 —-A—- C:WINDOWSsystem32PCDLIB32.DLL
2009-03-03 21:32:17 —-D—- C:Program FilesPCStitch 7
2009-03-03 21:31:18 —-D—- C:WINDOWSsystem32appmgmt
2009-03-03 21:26:04 —-A—- C:WINDOWSCrypkey.ini
2009-03-03 21:25:50 —-D—- C:Program FilesHobbyWare
2009-03-03 21:25:04 —-D—- C:WINDOWSDownloaded Installations
2009-03-03 17:52:56 —-D—- C:Program FilesCanon
2009-03-03 17:52:53 —-D—- C:Program FilesCommon FilesCanon
2009-03-03 17:42:13 —-D—- C:Program FilesEPSON Print CD
2009-03-03 17:41:34 —-D—- C:Documents and SettingsAll UsersApplication DataUDL
2009-03-03 17:41:18 —-A—- C:WINDOWSsystem32PICSDK.ini
2009-03-03 17:41:18 —-A—- C:WINDOWSsystem32PICSDK.dll
2009-03-03 17:41:18 —-A—- C:WINDOWSsystem32EpPicPrt.dll
2009-03-03 17:41:18 —-A—- C:WINDOWSsystem32EPPicMgr.dll
2009-03-03 17:40:18 —-A—- C:WINDOWSsystem32E_FLMAIE.DLL
2009-03-03 17:40:18 —-A—- C:WINDOWSsystem32E_FBCHAIE.DLL
2009-03-03 17:40:18 —-A—- C:WINDOWSsystem32E_FBCBAIE.DLL
2009-03-03 17:40:18 —-A—- C:WINDOWSsystem32E_DCINST.DLL
2009-03-03 17:39:43 —-D—- C:Program FilesEPSON
2009-03-03 17:39:35 —-A—- C:WINDOWSEPSTPLOG.TXT
2009-03-03 17:39:35 —-A—- C:WINDOWSEPSMTL32.TXT
2009-03-03 17:36:53 —-A—- C:WINDOWSCDER220.ini
2009-03-03 17:36:35 —-A—- C:WINDOWSepsswt_log.txt
2009-03-03 17:03:16 —-D—- C:Program FilesФотоСАЛОН
2009-03-02 12:12:20 —-D—- C:Program FilesReg Organizer
2009-03-02 12:09:39 —-D—- C:Documents and Settings123Application DataMozilla
2009-03-02 12:09:28 —-D—- C:Program FilesMozilla Firefox
2009-03-01 14:31:27 —-D—- C:_OTMoveIt
2009-02-28 10:15:19 —-D—- C:Documents and Settings123Application DataMra
2009-02-28 10:15:18 —-D—- C:Program FilesMail.Ru
2009-02-27 18:45:07 —-D—- C:Program Filestrend micro
2009-02-27 18:45:06 —-D—- C:rsit
2009-02-27 17:47:18 —-RASHD—- C:autorun.inf
2009-02-27 13:13:22 —-D—- C:Documents and SettingsAll UsersApplication DataВеселаяФерма2
2009-02-27 11:26:56 —-A—- C:install_flash_player-5.exe
2009-02-27 11:21:17 —-A—- C:install_flash_player-3.exe
2009-02-27 11:10:50 —-D—- C:Documents and SettingsAll UsersApplication DataВеселаяФерма-ПечемПиццу
2009-02-27 11:10:43 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-02-27 11:10:29 —-D—- C:Program FilesGames.Mail.Ru
2009-02-27 10:53:33 —-A—- C:WINDOWSsystem32unrar.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32yv12vfw.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32xvidvfw.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32xvidcore.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32qt-dx331.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32dpl100.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32divx.dll
2009-02-27 10:53:30 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2009-02-27 10:53:30 —-A—- C:WINDOWSsystem32ff_vfw.dll
2009-02-27 10:53:29 —-D—- C:Program FilesK-Lite Codec Pack
2009-02-27 10:53:29 —-A—- C:WINDOWSsystem32pthreadGC2.dll
2009-02-27 10:52:54 —-D—- C:Documents and Settings123Application DataMedia Player Classic
2009-02-27 10:50:44 —-A—- C:klcodec470f.exe
2009-02-27 10:37:12 —-A—- C:install_flash_player-2.exe
2009-02-27 10:25:05 —-A—- C:install_flash_player.exe
2009-02-27 10:22:52 —-A—- C:flashplayer10_win.exe
2009-02-27 10:16:27 —-D—- C:Documents and Settings123Application DataAdobe
2009-02-26 22:19:27 —-D—- C:Program FilesGameSpy Arcade
2009-02-26 19:46:55 —-D—- C:Documents and Settings123Application DataOpera
2009-02-26 19:46:48 —-D—- C:Program FilesOpera
2009-02-26 18:26:19 —-A—- C:Firefox Setup 3.0.6.exe
2009-02-26 17:18:33 —-D—- C:WINDOWSpss
2009-02-26 16:59:25 —-D—- C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}
2009-02-26 16:59:17 —-SHD—- C:RECYCLER
2009-02-26 16:43:32 —-D—- C:Documents and Settings123Application DataMacromedia
2009-02-26 16:05:58 —-A—- C:WINDOWSsystem32h323log.txt
2009-02-26 16:02:17 —-A—- C:WINDOWSsystem32usbui.dll
2009-02-26 16:01:12 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-02-26 16:01:11 —-SHD—- C:WINDOWSInstaller
2009-02-26 16:01:11 —-D—- C:Program FilesCommon FilesODBC
2009-02-26 16:01:11 —-A—- C:WINDOWSODBCINST.INI
2009-02-26 16:01:08 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-02-26 16:01:07 —-RD—- C:Program Files
2009-02-26 16:01:07 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-02-26 16:01:07 —-D—- C:Program FilesCommon Files
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-02-26 16:00:59 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdur.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32irclass.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-02-26 16:00:52 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-02-26 16:00:52 —-A—- C:WINDOWSTASKMAN.EXE
2009-02-26 16:00:51 —-A—- C:WINDOWSsystem32batt.dll
2009-02-26 16:00:51 —-A—- C:WINDOWSNOTEPAD.EXE
2009-02-26 16:00:46 —-A—- C:WINDOWSsystem32storprop.dll
2009-02-26 16:00:39 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-02-26 15:58:58 —-RA—- C:WINDOWSSET8.tmp
2009-02-26 15:58:54 —-RA—- C:WINDOWSSET4.tmp
2009-02-26 15:58:51 —-RA—- C:WINDOWSSET3.tmp
2009-02-26 15:58:46 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-26 15:58:46 —-D—- C:WINDOWSsystem32CatRoot
2009-02-26 15:58:40 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-02-26 15:57:36 —-A—- C:WINDOWSsetuplog.txt
2009-02-26 15:57:33 —-SHD—- C:System Volume Information
2009-02-26 15:57:33 —-D—- C:Documents and Settings
2009-02-26 15:56:40 —-SH—- C:boot.ini
2009-02-26 15:51:11 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-02-26 15:51:11 —-RSD—- C:WINDOWSFonts
2009-02-26 15:51:11 —-RD—- C:WINDOWSWeb
2009-02-26 15:51:11 —-HD—- C:WINDOWSinf
2009-02-26 15:51:11 —-D—- C:WINDOWSWinSxS
2009-02-26 15:51:11 —-D—- C:WINDOWStwain_32
2009-02-26 15:51:11 —-D—- C:WINDOWSTemp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32wins
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32wbem
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32usmt
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32spool
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ShellExt
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32Setup
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ru-ru
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ru
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ras
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32oobe
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32npp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32mui
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32inetsrv
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32IME
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32icsxml
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ias
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32export
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32drivers
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32dhcp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32config
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem323com_dmi
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem323076
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem322052
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321054
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321049
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321042
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321041
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321037
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321033
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321031
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321028
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321025
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem
2009-02-26 15:51:11 —-D—- C:WINDOWSsecurity
2009-02-26 15:51:11 —-D—- C:WINDOWSResources
2009-02-26 15:51:11 —-D—- C:WINDOWSrepair
2009-02-26 15:51:11 —-D—- C:WINDOWSProvisioning
2009-02-26 15:51:11 —-D—- C:WINDOWSPeerNet
2009-02-26 15:51:11 —-D—- C:WINDOWSpchealth
2009-02-26 15:51:11 —-D—- C:WINDOWSNetwork Diagnostic
2009-02-26 15:51:11 —-D—- C:WINDOWSmui
2009-02-26 15:51:11 —-D—- C:WINDOWSmsapps
2009-02-26 15:51:11 —-D—- C:WINDOWSmsagent
2009-02-26 15:51:11 —-D—- C:WINDOWSMedia
2009-02-26 15:51:11 —-D—- C:WINDOWSL2Schemas
2009-02-26 15:51:11 —-D—- C:WINDOWSjava
2009-02-26 15:51:11 —-D—- C:WINDOWSime
2009-02-26 15:51:11 —-D—- C:WINDOWSHelp
2009-02-26 15:51:11 —-D—- C:WINDOWSehome
2009-02-26 15:51:11 —-D—- C:WINDOWSDriver Cache
2009-02-26 15:51:11 —-D—- C:WINDOWSDebug
2009-02-26 15:51:11 —-D—- C:WINDOWSCursors
2009-02-26 15:51:11 —-D—- C:WINDOWSConnection Wizard
2009-02-26 15:51:11 —-D—- C:WINDOWSConfig
2009-02-26 15:51:11 —-D—- C:WINDOWSAppPatch
2009-02-26 15:51:11 —-D—- C:WINDOWSaddins
2009-02-26 15:51:11 —-D—- C:WINDOWS
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32vxblock.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxwave.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxmas.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxinsi64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxafs.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32px.dll
2009-02-26 13:48:56 —-D—- C:Program FilesWinamp
2009-02-26 13:45:46 —-D—- C:Documents and Settings123Application DataATI
2009-02-26 13:43:18 —-D—- C:Program FilesKaspersky Lab
2009-02-26 13:43:17 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-02-26 13:42:33 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-02-26 13:41:19 —-A—- C:WINDOWSODBC.INI
2009-02-26 13:41:13 —-A—- C:WINDOWSsystem32mdimon.dll
2009-02-26 13:39:56 —-D—- C:Program FilesCommon FilesDESIGNER
2009-02-26 13:39:52 —-D—- C:Program FilesMicrosoft Works
2009-02-26 13:39:46 —-D—- C:Program FilesMicrosoft Visual Studio
2009-02-26 13:39:39 —-D—- C:WINDOWSSHELLNEW
2009-02-26 13:39:35 —-D—- C:Program FilesMicrosoft.NET
2009-02-26 13:39:34 —-D—- C:Program FilesMicrosoft Office
2009-02-26 13:39:19 —-D—- C:Program FilesCommon FilesATI Technologies
2009-02-26 13:38:54 —-RHD—- C:MSOCache
2009-02-26 13:37:20 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-02-26 13:37:14 —-D—- C:Program FilesCommon FilesAdobe
2009-02-26 13:37:14 —-D—- C:Program FilesAdobe
2009-02-26 13:37:04 —-D—- C:WINDOWSRegisteredPackages
2009-02-26 13:36:52 —-A—- C:WINDOWSsystem32psisdecd.dll
2009-02-26 13:36:50 —-A—- C:WINDOWSsystem32dxdllreg.exe
2009-02-26 13:35:18 —-RSD—- C:WINDOWSassembly
2009-02-26 13:35:01 —-D—- C:WINDOWSMicrosoft.NET
2009-02-26 13:34:55 —-D—- C:Program FilesWinRAR
2009-02-26 13:34:24 —-N—- C:WINDOWSsystem32ati2sgag.exe
2009-02-26 13:34:21 —-A—- C:WINDOWSsystem32msvcr71.dll
2009-02-26 13:34:19 —-RA—- C:WINDOWSsystem32atiiiexx.dll
2009-02-26 13:33:44 —-D—- C:Program FilesATI Technologies
2009-02-26 13:33:01 —-D—- C:Program FilesPunto Switcher
2009-02-26 13:33:01 —-D—- C:Documents and Settings123Application DataYandex
2009-02-26 13:30:44 —-D—- C:WINDOWSsystem32Atheros_L1e
2009-02-26 13:29:26 —-D—- C:WINDOWSASUSInstAll
2009-02-26 13:29:24 —-HD—- C:Program FilesInstallShield Installation Information
2009-02-26 13:28:50 —-A—- C:WINDOWSsystem32ksuser.dll
2009-02-26 13:28:42 —-N—- C:WINDOWSsystem32difxapi.dll
2009-02-26 13:28:42 —-D—- C:Program FilesVIA
2009-02-26 13:28:35 —-D—- C:Program FilesCommon FilesInstallShield
2009-02-26 13:26:48 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-02-26 13:26:47 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-02-26 13:26:46 —-D—- C:Program FilesIntel
2009-02-26 13:26:34 —-D—- C:Intel
2009-02-26 13:26:08 —-A—- C:WINDOWSAscd_log.ini
2009-02-26 13:25:53 —-A—- C:WINDOWSAscd_tmp.ini
2009-02-26 13:23:50 —-D—- C:Documents and Settings123Application DataIdentities
2009-02-26 13:23:48 —-HD—- C:Program FilesUninstall Information
2009-02-26 13:23:33 —-SD—- C:Documents and Settings123Application DataMicrosoft
2009-02-26 13:23:33 —-ASH—- C:Documents and Settings123Application Datadesktop.ini
2009-02-26 13:19:26 —-D—- C:WINDOWSSoftwareDistribution
2009-02-26 13:19:24 —-SD—- C:WINDOWSsystem32Microsoft
2009-02-26 13:19:24 —-D—- C:WINDOWSPrefetch
2009-02-26 13:19:24 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-26 13:14:47 —-D—- C:WINDOWSsystem32xircom
2009-02-26 13:14:47 —-D—- C:Program Filesxerox
2009-02-26 13:14:47 —-D—- C:Program Filesmicrosoft frontpage
2009-02-26 13:14:25 —-A—- C:WINDOWScontrol.ini
2009-02-26 13:14:25 —-A—- C:AUTOEXEC.BAT
2009-02-26 13:14:17 —-A—- C:WINDOWSOEWABLog.txt
2009-02-26 13:14:13 —-A—- C:WINDOWSsystem32mapi32.dll
2009-02-26 13:13:28 —-SD—- C:WINDOWSDownloaded Program Files
2009-02-26 13:13:28 —-RD—- C:WINDOWSOffline Web Pages
2009-02-26 13:13:28 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-02-26 13:13:24 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-02-26 13:13:20 —-HD—- C:Program FilesWindowsUpdate
2009-02-26 13:13:17 —-D—- C:Program FilesOnline Services
2009-02-26 13:13:03 —-D—- C:WINDOWSsystem32DirectX
2009-02-26 13:12:58 —-A—- C:WINDOWSsystem32atrace.dll
2009-02-26 13:12:55 —-A—- C:WINDOWSsystem32desktop.ini
2009-02-26 13:12:55 —-A—- C:WINDOWSdesktop.ini
2009-02-26 13:12:49 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-02-26 13:12:48 —-A—- C:WINDOWSsystem32acctres.dll
2009-02-26 13:12:47 —-D—- C:Program FilesCommon FilesServices
2009-02-26 13:12:45 —-SD—- C:WINDOWSTasks
2009-02-26 13:12:45 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-02-26 13:12:44 —-D—- C:Program FilesCommon FilesMSSoap
2009-02-26 13:12:41 —-D—- C:WINDOWSsystem32Macromed
2009-02-26 13:12:41 —-D—- C:WINDOWSsrchasst
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuweb.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wups.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wucltui.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32wuapi.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32qmgr.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx4.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-02-26 13:12:34 —-D—- C:Program FilesMovie Maker
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrslv.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrdm.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-02-26 13:12:14 —-D—- C:WINDOWSsystem32Restore
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srsvc.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srrstr.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srclient.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32fltMc.exe
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32fltlib.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32ils.dll
2009-02-26 13:12:12 —-A—- C:WINDOWSsystem32msconf.dll
2009-02-26 13:12:10 —-D—- C:Program FilesNetMeeting
2009-02-26 13:12:10 —-A—- C:WINDOWSsystem32msoert2.dll
2009-02-26 13:12:10 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-02-26 13:12:09 —-A—- C:WINDOWSsystem32inetres.dll
2009-02-26 13:12:09 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-02-26 13:12:08 —-D—- C:Program FilesOutlook Express
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32mstinit.exe
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32mstask.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32isign32.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32icwdial.dll
2009-02-26 13:12:02 —-D—- C:Program FilesCommon FilesSystem
2009-02-26 13:11:57 —-D—- C:Program FilesInternet Explorer
2009-02-26 13:11:24 —-D—- C:Program FilesComPlus Applications
2009-02-26 13:11:22 —-A—- C:WINDOWSvbaddin.ini
2009-02-26 13:11:22 —-A—- C:WINDOWSvb.ini
2009-02-26 13:11:18 —-D—- C:WINDOWSRegistration
2009-02-26 13:11:12 —-D—- C:Program FilesWindows Media Player
2009-02-26 13:11:05 —-D—- C:Program FilesMessenger
2009-02-26 13:11:02 —-D—- C:Program FilesMSN Gaming Zone
2009-02-26 13:11:02 —-A—- C:WINDOWSsystem32write.exe
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32hticons.dll
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32avwav.dll
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32avmeter.dll
2009-02-26 13:10:52 —-A—- C:WINDOWSsystem32winchat.exe
2009-02-26 13:10:52 —-A—- C:WINDOWSsystem32avtapi.dll
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32getuname.dll
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32charmap.exe
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32calc.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32winmine.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32sol.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32reset.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32mshearts.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32freecell.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tslabels.ini
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tskill.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tscon.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32shadow.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32regini.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32msg.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32logoff.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-02-26 13:10:43 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-02-26 13:10:38 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32mplay32.exe
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32accwiz.exe
2009-02-26 13:10:36 —-D—- C:Program FilesWindows NT
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32spider.exe
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32mspaint.exe
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32tsgqec.dll
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32rhttpaa.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32remotepg.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32mstscax.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32mstsc.exe
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32aaclient.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32termsrv.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdshost.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdchost.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32qprocess.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32icaapi.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-02-26 13:10:32 —-D—- C:WINDOWSsystem32MsDtc
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtc.exe
2009-02-26 13:10:31 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-02-26 13:10:30 —-D—- C:WINDOWSsystem32Com
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxex.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32comrepl.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32comaddin.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32colbact.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32stclient.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrv.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32comuid.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32comsnap.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-02-26 13:10:23 —-A—- C:WINDOWSsystem32servdeps.dll
2009-02-26 13:10:23 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-02-26 13:10:22 —-A—- C:WINDOWSsystem32licwmi.dll
2009-02-26 13:10:22 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-02-26 22:46:45 —-A—- C:WINDOWSwin.ini
2009-02-26 22:46:45 —-A—- C:WINDOWSsystem.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-02-26 226832]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2006-08-03 1681920]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:WINDOWSsystem32DRIVERSklfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-04-30 24592]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet Controller; C:WINDOWSsystem32DRIVERSl1e51x86.sys [2008-02-02 36864]
R3 monfilt;monfilt; C:WINDOWSsystem32driversmonfilt.sys [2008-02-14 1389056]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:WINDOWSsystem32driversviahduaa.sys [2008-02-14 222976]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2006-08-03 401408]
R2 AVP;Kaspersky Internet Security; C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-02-26 206088]
R2 CCALib8;Canon Camera Access Library 8; C:Program FilesCanonCALCALMAIN.exe [2005-09-30 96341]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-19 322120]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2006-08-02 520192]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Здравствуйте! Скачала OTMovelt3 by OldTimer, запустила. Скопировала текст в окно, подписанное желтым. Во вставленном скрипте слева перед директивами были пробелы, которые я удалила. Далее кликнула по Movelt. После этого появилось сообщение, что троянская программа будет удалена после перезагрузки компьютера. После перезагрузки ни Explorer, ни Опера, ни Мазила не работали. Упоминали прокси-сервер. Мазилу переустанавливала, но никаких изменений не было. Пришлось вызвать сотрудника службы, подключившей интернет. Он поколдовал, установил заново Мазилу, анти-спам. Я не решилась далее продолжать выполнение указанных Вами рекомендаций, не посоветовавшись. Оставляю новый RSIT. В этот раз получился один лог.
Logfile of random’s system information tool 1.05 (written by random/random)
Run by 123 at 2009-03-02 21:19:40
Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (74%) free of 35 GB
Total RAM: 2047 MB (76% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:19:43, on 02.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinampwinampa.exe
C:Program FilesMail.RuAgentMAgent.exe
C:Program FilesPunto Switcherpunto.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and Settings123Рабочий столRSIT.exe
C:Program Filestrend micro123.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://yandex.ru/
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:8600
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe»
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Internet Security 2009ie_banner_deny.htm
O9 — Extra button: Статистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Internet Security 2009SCIEPlgn.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{75B262C7-970E-46F9-9B16-DFF90B60C0FF}: NameServer = 83.234.218.17,83.234.208.10
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Kaspersky Internet Security (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Windows Security Guard (winsecguard) — Unknown owner — C:WINDOWSMicrosoft.NETzpx2.exe (file missing)
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 5781 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll [2008-11-11 62728][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«AVP»=C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-02-26 206088]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2006-11-21 35328]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2007-05-11 40048]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-02-28 5598392][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregATICCC]
C:Program FilesATI TechnologiesATI.ACECLIStart.exe [2006-05-10 90112][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHDAudDeck]
C:Program FilesVIAVIAudioiHDADeckHDeck.exe [2008-02-26 29757440][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2006-08-03 86016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-11-11 218376][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesEA GAMESMedal of Honor Pacific Assault(tm)mohpa.exe»=»C:Program FilesEA GAMESMedal of Honor Pacific Assault(tm)mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-03-02 12:12:20 —-D—- C:Program FilesReg Organizer
2009-03-02 12:09:39 —-D—- C:Documents and Settings123Application DataMozilla
2009-03-02 12:09:28 —-D—- C:Program FilesMozilla Firefox
2009-03-01 14:31:27 —-D—- C:_OTMoveIt
2009-02-28 10:15:19 —-D—- C:Documents and Settings123Application DataMra
2009-02-28 10:15:18 —-D—- C:Program FilesMail.Ru
2009-02-27 18:45:07 —-D—- C:Program Filestrend micro
2009-02-27 18:45:06 —-D—- C:rsit
2009-02-27 17:47:18 —-RASHD—- C:autorun.inf
2009-02-27 13:13:22 —-D—- C:Documents and SettingsAll UsersApplication DataВеселаяФерма2
2009-02-27 11:26:56 —-A—- C:install_flash_player-5.exe
2009-02-27 11:21:17 —-A—- C:install_flash_player-3.exe
2009-02-27 11:10:50 —-D—- C:Documents and SettingsAll UsersApplication DataВеселаяФерма-ПечемПиццу
2009-02-27 11:10:43 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-02-27 11:10:29 —-D—- C:Program FilesGames.Mail.Ru
2009-02-27 10:53:33 —-A—- C:WINDOWSsystem32unrar.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32yv12vfw.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32xvidvfw.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32xvidcore.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32qt-dx331.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32dpl100.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32divx.dll
2009-02-27 10:53:30 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2009-02-27 10:53:30 —-A—- C:WINDOWSsystem32ff_vfw.dll
2009-02-27 10:53:29 —-D—- C:Program FilesK-Lite Codec Pack
2009-02-27 10:53:29 —-A—- C:WINDOWSsystem32pthreadGC2.dll
2009-02-27 10:52:54 —-D—- C:Documents and Settings123Application DataMedia Player Classic
2009-02-27 10:50:44 —-A—- C:klcodec470f.exe
2009-02-27 10:37:12 —-A—- C:install_flash_player-2.exe
2009-02-27 10:25:05 —-A—- C:install_flash_player.exe
2009-02-27 10:22:52 —-A—- C:flashplayer10_win.exe
2009-02-27 10:16:27 —-D—- C:Documents and Settings123Application DataAdobe
2009-02-26 22:19:27 —-D—- C:Program FilesGameSpy Arcade
2009-02-26 21:47:39 —-D—- C:Program FilesEA GAMES
2009-02-26 19:46:55 —-D—- C:Documents and Settings123Application DataOpera
2009-02-26 19:46:48 —-D—- C:Program FilesOpera
2009-02-26 18:26:19 —-A—- C:Firefox Setup 3.0.6.exe
2009-02-26 17:18:33 —-D—- C:WINDOWSpss
2009-02-26 16:59:25 —-D—- C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}
2009-02-26 16:59:17 —-SHD—- C:RECYCLER
2009-02-26 16:43:32 —-D—- C:Documents and Settings123Application DataMacromedia
2009-02-26 16:05:58 —-A—- C:WINDOWSsystem32h323log.txt
2009-02-26 16:02:17 —-A—- C:WINDOWSsystem32usbui.dll
2009-02-26 16:01:12 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-02-26 16:01:11 —-SHD—- C:WINDOWSInstaller
2009-02-26 16:01:11 —-D—- C:Program FilesCommon FilesODBC
2009-02-26 16:01:11 —-A—- C:WINDOWSODBCINST.INI
2009-02-26 16:01:08 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-02-26 16:01:07 —-RD—- C:Program Files
2009-02-26 16:01:07 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-02-26 16:01:07 —-D—- C:Program FilesCommon Files
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-02-26 16:00:59 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdur.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32irclass.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-02-26 16:00:52 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-02-26 16:00:52 —-A—- C:WINDOWSTASKMAN.EXE
2009-02-26 16:00:51 —-A—- C:WINDOWSsystem32batt.dll
2009-02-26 16:00:51 —-A—- C:WINDOWSNOTEPAD.EXE
2009-02-26 16:00:46 —-A—- C:WINDOWSsystem32storprop.dll
2009-02-26 16:00:39 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-02-26 15:58:58 —-RA—- C:WINDOWSSET8.tmp
2009-02-26 15:58:54 —-RA—- C:WINDOWSSET4.tmp
2009-02-26 15:58:51 —-RA—- C:WINDOWSSET3.tmp
2009-02-26 15:58:46 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-26 15:58:46 —-D—- C:WINDOWSsystem32CatRoot
2009-02-26 15:58:40 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-02-26 15:57:36 —-A—- C:WINDOWSsetuplog.txt
2009-02-26 15:57:33 —-SHD—- C:System Volume Information
2009-02-26 15:57:33 —-D—- C:Documents and Settings
2009-02-26 15:56:40 —-SH—- C:boot.ini
2009-02-26 15:51:11 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-02-26 15:51:11 —-RSD—- C:WINDOWSFonts
2009-02-26 15:51:11 —-RD—- C:WINDOWSWeb
2009-02-26 15:51:11 —-HD—- C:WINDOWSinf
2009-02-26 15:51:11 —-D—- C:WINDOWSWinSxS
2009-02-26 15:51:11 —-D—- C:WINDOWStwain_32
2009-02-26 15:51:11 —-D—- C:WINDOWSTemp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32wins
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32wbem
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32usmt
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32spool
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ShellExt
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32Setup
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ru-ru
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ru
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ras
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32oobe
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32npp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32mui
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32inetsrv
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32IME
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32icsxml
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ias
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32export
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32drivers
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32dhcp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32config
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem323com_dmi
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem323076
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem322052
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321054
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321049
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321042
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321041
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321037
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321033
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321031
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321028
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321025
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem
2009-02-26 15:51:11 —-D—- C:WINDOWSsecurity
2009-02-26 15:51:11 —-D—- C:WINDOWSResources
2009-02-26 15:51:11 —-D—- C:WINDOWSrepair
2009-02-26 15:51:11 —-D—- C:WINDOWSProvisioning
2009-02-26 15:51:11 —-D—- C:WINDOWSPeerNet
2009-02-26 15:51:11 —-D—- C:WINDOWSpchealth
2009-02-26 15:51:11 —-D—- C:WINDOWSNetwork Diagnostic
2009-02-26 15:51:11 —-D—- C:WINDOWSmui
2009-02-26 15:51:11 —-D—- C:WINDOWSmsapps
2009-02-26 15:51:11 —-D—- C:WINDOWSmsagent
2009-02-26 15:51:11 —-D—- C:WINDOWSMedia
2009-02-26 15:51:11 —-D—- C:WINDOWSL2Schemas
2009-02-26 15:51:11 —-D—- C:WINDOWSjava
2009-02-26 15:51:11 —-D—- C:WINDOWSime
2009-02-26 15:51:11 —-D—- C:WINDOWSHelp
2009-02-26 15:51:11 —-D—- C:WINDOWSehome
2009-02-26 15:51:11 —-D—- C:WINDOWSDriver Cache
2009-02-26 15:51:11 —-D—- C:WINDOWSDebug
2009-02-26 15:51:11 —-D—- C:WINDOWSCursors
2009-02-26 15:51:11 —-D—- C:WINDOWSConnection Wizard
2009-02-26 15:51:11 —-D—- C:WINDOWSConfig
2009-02-26 15:51:11 —-D—- C:WINDOWSAppPatch
2009-02-26 15:51:11 —-D—- C:WINDOWSaddins
2009-02-26 15:51:11 —-D—- C:WINDOWS
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32vxblock.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxwave.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxmas.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxinsi64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxafs.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32px.dll
2009-02-26 13:48:56 —-D—- C:Program FilesWinamp
2009-02-26 13:45:46 —-D—- C:Documents and Settings123Application DataATI
2009-02-26 13:43:18 —-D—- C:Program FilesKaspersky Lab
2009-02-26 13:43:17 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-02-26 13:42:33 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-02-26 13:41:19 —-A—- C:WINDOWSODBC.INI
2009-02-26 13:41:13 —-A—- C:WINDOWSsystem32mdimon.dll
2009-02-26 13:39:56 —-D—- C:Program FilesCommon FilesDESIGNER
2009-02-26 13:39:52 —-D—- C:Program FilesMicrosoft Works
2009-02-26 13:39:46 —-D—- C:Program FilesMicrosoft Visual Studio
2009-02-26 13:39:39 —-D—- C:WINDOWSSHELLNEW
2009-02-26 13:39:35 —-D—- C:Program FilesMicrosoft.NET
2009-02-26 13:39:34 —-D—- C:Program FilesMicrosoft Office
2009-02-26 13:39:19 —-D—- C:Program FilesCommon FilesATI Technologies
2009-02-26 13:38:54 —-RHD—- C:MSOCache
2009-02-26 13:37:20 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-02-26 13:37:14 —-D—- C:Program FilesCommon FilesAdobe
2009-02-26 13:37:14 —-D—- C:Program FilesAdobe
2009-02-26 13:37:04 —-D—- C:WINDOWSRegisteredPackages
2009-02-26 13:36:52 —-A—- C:WINDOWSsystem32psisdecd.dll
2009-02-26 13:36:50 —-A—- C:WINDOWSsystem32dxdllreg.exe
2009-02-26 13:35:18 —-RSD—- C:WINDOWSassembly
2009-02-26 13:35:01 —-D—- C:WINDOWSMicrosoft.NET
2009-02-26 13:34:55 —-D—- C:Program FilesWinRAR
2009-02-26 13:34:24 —-N—- C:WINDOWSsystem32ati2sgag.exe
2009-02-26 13:34:21 —-A—- C:WINDOWSsystem32msvcr71.dll
2009-02-26 13:34:19 —-RA—- C:WINDOWSsystem32atiiiexx.dll
2009-02-26 13:33:44 —-D—- C:Program FilesATI Technologies
2009-02-26 13:33:01 —-D—- C:Program FilesPunto Switcher
2009-02-26 13:33:01 —-D—- C:Documents and Settings123Application DataYandex
2009-02-26 13:30:44 —-D—- C:WINDOWSsystem32Atheros_L1e
2009-02-26 13:29:26 —-D—- C:WINDOWSASUSInstAll
2009-02-26 13:29:24 —-HD—- C:Program FilesInstallShield Installation Information
2009-02-26 13:28:50 —-A—- C:WINDOWSsystem32ksuser.dll
2009-02-26 13:28:42 —-N—- C:WINDOWSsystem32difxapi.dll
2009-02-26 13:28:42 —-D—- C:Program FilesVIA
2009-02-26 13:28:35 —-D—- C:Program FilesCommon FilesInstallShield
2009-02-26 13:26:48 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-02-26 13:26:47 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-02-26 13:26:46 —-D—- C:Program FilesIntel
2009-02-26 13:26:34 —-D—- C:Intel
2009-02-26 13:26:08 —-A—- C:WINDOWSAscd_log.ini
2009-02-26 13:25:53 —-A—- C:WINDOWSAscd_tmp.ini
2009-02-26 13:23:50 —-D—- C:Documents and Settings123Application DataIdentities
2009-02-26 13:23:48 —-HD—- C:Program FilesUninstall Information
2009-02-26 13:23:33 —-SD—- C:Documents and Settings123Application DataMicrosoft
2009-02-26 13:23:33 —-ASH—- C:Documents and Settings123Application Datadesktop.ini
2009-02-26 13:19:26 —-D—- C:WINDOWSSoftwareDistribution
2009-02-26 13:19:24 —-SD—- C:WINDOWSsystem32Microsoft
2009-02-26 13:19:24 —-D—- C:WINDOWSPrefetch
2009-02-26 13:19:24 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-26 13:14:47 —-D—- C:WINDOWSsystem32xircom
2009-02-26 13:14:47 —-D—- C:Program Filesxerox
2009-02-26 13:14:47 —-D—- C:Program Filesmicrosoft frontpage
2009-02-26 13:14:25 —-A—- C:WINDOWScontrol.ini
2009-02-26 13:14:25 —-A—- C:AUTOEXEC.BAT
2009-02-26 13:14:17 —-A—- C:WINDOWSOEWABLog.txt
2009-02-26 13:14:13 —-A—- C:WINDOWSsystem32mapi32.dll
2009-02-26 13:13:28 —-SD—- C:WINDOWSDownloaded Program Files
2009-02-26 13:13:28 —-RD—- C:WINDOWSOffline Web Pages
2009-02-26 13:13:28 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-02-26 13:13:24 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-02-26 13:13:20 —-HD—- C:Program FilesWindowsUpdate
2009-02-26 13:13:17 —-D—- C:Program FilesOnline Services
2009-02-26 13:13:03 —-D—- C:WINDOWSsystem32DirectX
2009-02-26 13:12:58 —-A—- C:WINDOWSsystem32atrace.dll
2009-02-26 13:12:55 —-A—- C:WINDOWSsystem32desktop.ini
2009-02-26 13:12:55 —-A—- C:WINDOWSdesktop.ini
2009-02-26 13:12:49 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-02-26 13:12:48 —-A—- C:WINDOWSsystem32acctres.dll
2009-02-26 13:12:47 —-D—- C:Program FilesCommon FilesServices
2009-02-26 13:12:45 —-SD—- C:WINDOWSTasks
2009-02-26 13:12:45 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-02-26 13:12:44 —-D—- C:Program FilesCommon FilesMSSoap
2009-02-26 13:12:41 —-D—- C:WINDOWSsystem32Macromed
2009-02-26 13:12:41 —-D—- C:WINDOWSsrchasst
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuweb.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wups.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wucltui.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32wuapi.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32qmgr.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx4.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-02-26 13:12:34 —-D—- C:Program FilesMovie Maker
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrslv.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrdm.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-02-26 13:12:14 —-D—- C:WINDOWSsystem32Restore
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srsvc.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srrstr.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srclient.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32fltMc.exe
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32fltlib.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32ils.dll
2009-02-26 13:12:12 —-A—- C:WINDOWSsystem32msconf.dll
2009-02-26 13:12:10 —-D—- C:Program FilesNetMeeting
2009-02-26 13:12:10 —-A—- C:WINDOWSsystem32msoert2.dll
2009-02-26 13:12:10 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-02-26 13:12:09 —-A—- C:WINDOWSsystem32inetres.dll
2009-02-26 13:12:09 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-02-26 13:12:08 —-D—- C:Program FilesOutlook Express
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32mstinit.exe
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32mstask.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32isign32.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32icwdial.dll
2009-02-26 13:12:02 —-D—- C:Program FilesCommon FilesSystem
2009-02-26 13:11:57 —-D—- C:Program FilesInternet Explorer
2009-02-26 13:11:24 —-D—- C:Program FilesComPlus Applications
2009-02-26 13:11:22 —-A—- C:WINDOWSvbaddin.ini
2009-02-26 13:11:22 —-A—- C:WINDOWSvb.ini
2009-02-26 13:11:18 —-D—- C:WINDOWSRegistration
2009-02-26 13:11:12 —-D—- C:Program FilesWindows Media Player
2009-02-26 13:11:05 —-D—- C:Program FilesMessenger
2009-02-26 13:11:02 —-D—- C:Program FilesMSN Gaming Zone
2009-02-26 13:11:02 —-A—- C:WINDOWSsystem32write.exe
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32hticons.dll
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32avwav.dll
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32avmeter.dll
2009-02-26 13:10:52 —-A—- C:WINDOWSsystem32winchat.exe
2009-02-26 13:10:52 —-A—- C:WINDOWSsystem32avtapi.dll
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32getuname.dll
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32charmap.exe
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32calc.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32winmine.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32sol.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32reset.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32mshearts.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32freecell.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tslabels.ini
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tskill.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tscon.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32shadow.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32regini.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32msg.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32logoff.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-02-26 13:10:43 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-02-26 13:10:38 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32mplay32.exe
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32accwiz.exe
2009-02-26 13:10:36 —-D—- C:Program FilesWindows NT
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32spider.exe
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32mspaint.exe
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32tsgqec.dll
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32rhttpaa.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32remotepg.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32mstscax.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32mstsc.exe
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32aaclient.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32termsrv.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdshost.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdchost.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32qprocess.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32icaapi.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-02-26 13:10:32 —-D—- C:WINDOWSsystem32MsDtc
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtc.exe
2009-02-26 13:10:31 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-02-26 13:10:30 —-D—- C:WINDOWSsystem32Com
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxex.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32comrepl.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32comaddin.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32colbact.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32stclient.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrv.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32comuid.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32comsnap.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-02-26 13:10:23 —-A—- C:WINDOWSsystem32servdeps.dll
2009-02-26 13:10:23 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-02-26 13:10:22 —-A—- C:WINDOWSsystem32licwmi.dll
2009-02-26 13:10:22 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-02-26 22:46:45 —-A—- C:WINDOWSwin.ini
2009-02-26 22:46:45 —-A—- C:WINDOWSsystem.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-02-26 226832]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2006-08-03 1681920]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:WINDOWSsystem32DRIVERSklfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-04-30 24592]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet Controller; C:WINDOWSsystem32DRIVERSl1e51x86.sys [2008-02-02 36864]
R3 monfilt;monfilt; C:WINDOWSsystem32driversmonfilt.sys [2008-02-14 1389056]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:WINDOWSsystem32driversviahduaa.sys [2008-02-14 222976]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2006-08-03 401408]
R2 AVP;Kaspersky Internet Security; C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-02-26 206088]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-19 322120]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2006-08-02 520192]
S2 winsecguard;Windows Security Guard; C:WINDOWSMicrosoft.NETzpx2.exe winsecguard C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}components []
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
info.txt logfile of random’s system information tool 1.05 2009-02-27 18:45:47
======Uninstall list======
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 8.1.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Atheros Communications Inc.(R) AR8121/AR8113 Gigabit/Fast Ethernet Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime11�0Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{3108C217-BE83-42E4-AE9E-A56A2A92E549}Setup.exe» -l0x9 -removeonly
ATI — Утилита деинсталляции—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>MsiExec.exe /I{86B0D0EF-3F69-4EC0-9B1D-B36918DF5AA3}
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder—>MsiExec.exe /I{9862B19F-4CAD-4EED-920F-2F378D84393F}
GameSpy Arcade—>C:PROGRA~1GAMESP~1UNWISE.EXE C:PROGRA~1GAMESP~1INSTALL.LOG
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Kaspersky Internet Security 2009—>MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Kaspersky Internet Security 2009—>MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
K-Lite Codec Pack 4.7.0 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
Medal of Honor Pacific Assault(tm)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime10�0Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}Setup.exe» -l0x19 -removeonly
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (3.0.6)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
Opera 9.21—>MsiExec.exe /X{39619863-8A11-4B60-A166-E6747C986EBE}
Punto Switcher 3.0—>C:Program FilesPunto Switcheruninstall.exe
VIA Диспетчер устройств платформы—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Архиватор WinRAR (только удаление)—>C:Program FilesWinRARuninstall.exe
Веселая ферма 2—>C:Program FilesGames.Mail.RuВеселая ферма 2Uninstall.exe
Веселая ферма. Печем пиццу—>C:Program FilesGames.Mail.RuВеселая ферма. Печем пиццуUninstall.exe======Security center information======
AV: Kaspersky Internet Security
FW: Kaspersky Internet SecuritySystem event log
Computer Name: MACHINENAME
Event Code: 7
Message: Неверный блок на устройстве DeviceCdRom0.Record Number: 5
Source Name: Cdrom
Time Written: 20090226155815.000000+180
Event Type: ошибка
User:Computer Name: MACHINENAME
Event Code: 7
Message: Неверный блок на устройстве DeviceCdRom0.Record Number: 4
Source Name: Cdrom
Time Written: 20090226155808.000000+180
Event Type: ошибка
User:Computer Name: MACHINENAME
Event Code: 2
Message: При проверке, что DeviceSerial0 является последовательным портом, обнаружена и будет использоваться прямая очередь.Record Number: 3
Source Name: Serial
Time Written: 20090226155756.000000+180
Event Type: информация
User:Computer Name: MACHINENAME
Event Code: 6005
Message: Запущена служба журнала событий.Record Number: 2
Source Name: EventLog
Time Written: 20090226155739.000000+180
Event Type: информация
User:Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.Record Number: 1
Source Name: EventLog
Time Written: 20090226155739.000000+180
Event Type: информация
User:Application event log
Computer Name: 123-DBA045FA15A
Event Code: 1000
Message: Счетчики производительности для службы MSDTC (MSDTC) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 5
Source Name: LoadPerf
Time Written: 20090226131115.000000+180
Event Type: информация
User:Computer Name: 123-DBA045FA15A
Event Code: 1000
Message: Счетчики производительности для службы TermService (Службы терминалов) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 4
Source Name: LoadPerf
Time Written: 20090226131112.000000+180
Event Type: информация
User:Computer Name: 123-DBA045FA15A
Event Code: 1000
Message: Счетчики производительности для службы RemoteAccess (Маршрутизация и удаленный доступ) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 3
Source Name: LoadPerf
Time Written: 20090226131013.000000+180
Event Type: информация
User:Computer Name: 123-DBA045FA15A
Event Code: 1000
Message: Счетчики производительности для службы PSched (PSched) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 2
Source Name: LoadPerf
Time Written: 20090226130948.000000+180
Event Type: информация
User:Computer Name: 123-DBA045FA15A
Event Code: 1000
Message: Счетчики производительности для службы RSVP (QoS RSVP) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 1
Source Name: LoadPerf
Time Written: 20090226130947.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesATI TechnologiesATI.ACE
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 13, GenuineIntel
«PROCESSOR_REVISION»=0f0d
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.05 (written by random/random)
Run by 123 at 2009-02-27 18:45:06
Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (75%) free of 35 GB
Total RAM: 2047 MB (78% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:45:45, on 27.02.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinampwinampa.exe
C:Program FilesPunto Switcherpunto.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSMicrosoft.NETzpx2.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and Settings123Рабочий столRSIT.exe
C:Program Filestrend micro123.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:8600
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: srflibP — {016AD32D-F3F2-4299-BF3D-77BC4BE13D8D} — C:Documents and SettingsAll UsersApplication Datasrflib.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll
O2 — BHO: mrllibP — {C190C4B1-4117-4A31-A7BB-6D7BA65E6548} — C:Documents and SettingsAll UsersApplication Datamrllib.dll
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe»
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Internet Security 2009ie_banner_deny.htm
O9 — Extra button: Статистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Internet Security 2009SCIEPlgn.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{75B262C7-970E-46F9-9B16-DFF90B60C0FF}: NameServer = 83.234.218.17,83.234.208.10
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Kaspersky Internet Security (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Windows Security Guard (winsecguard) — Unknown owner — C:WINDOWSMicrosoft.NETzpx2.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 5555 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{016AD32D-F3F2-4299-BF3D-77BC4BE13D8D}]
WV Media Provider — C:Documents and SettingsAll UsersApplication Datasrflib.dll [2009-02-26 509952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll [2008-11-11 62728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C190C4B1-4117-4A31-A7BB-6D7BA65E6548}]
FLAC Media Helper — C:Documents and SettingsAll UsersApplication Datamrllib.dll [2009-02-26 513536][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«AVP»=C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-02-26 206088]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2006-11-21 35328]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2007-05-11 40048][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregATICCC]
C:Program FilesATI TechnologiesATI.ACECLIStart.exe [2006-05-10 90112][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHDAudDeck]
C:Program FilesVIAVIAudioiHDADeckHDeck.exe [2008-02-26 29757440][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2006-08-03 86016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-11-11 218376][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesEA GAMESMedal of Honor Pacific Assault(tm)mohpa.exe»=»C:Program FilesEA GAMESMedal of Honor Pacific Assault(tm)mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-02-27 18:45:07 —-D—- C:Program Filestrend micro
2009-02-27 18:45:06 —-D—- C:rsit
2009-02-27 17:47:18 —-RASHD—- C:autorun.inf
2009-02-27 13:13:22 —-D—- C:Documents and SettingsAll UsersApplication DataВеселаяФерма2
2009-02-27 11:40:58 —-D—- C:Documents and Settings123Application DataMozilla
2009-02-27 11:40:52 —-D—- C:Program FilesMozilla Firefox
2009-02-27 11:26:56 —-A—- C:install_flash_player-5.exe
2009-02-27 11:21:17 —-A—- C:install_flash_player-3.exe
2009-02-27 11:10:50 —-D—- C:Documents and SettingsAll UsersApplication DataВеселаяФерма-ПечемПиццу
2009-02-27 11:10:43 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-02-27 11:10:29 —-D—- C:Program FilesGames.Mail.Ru
2009-02-27 10:53:33 —-A—- C:WINDOWSsystem32unrar.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32yv12vfw.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32xvidvfw.dll
2009-02-27 10:53:32 —-A—- C:WINDOWSsystem32xvidcore.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32qt-dx331.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32dpl100.dll
2009-02-27 10:53:31 —-A—- C:WINDOWSsystem32divx.dll
2009-02-27 10:53:30 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2009-02-27 10:53:30 —-A—- C:WINDOWSsystem32ff_vfw.dll
2009-02-27 10:53:29 —-D—- C:Program FilesK-Lite Codec Pack
2009-02-27 10:53:29 —-A—- C:WINDOWSsystem32pthreadGC2.dll
2009-02-27 10:52:54 —-D—- C:Documents and Settings123Application DataMedia Player Classic
2009-02-27 10:50:44 —-A—- C:klcodec470f.exe
2009-02-27 10:37:12 —-A—- C:install_flash_player-2.exe
2009-02-27 10:25:05 —-A—- C:install_flash_player.exe
2009-02-27 10:22:52 —-A—- C:flashplayer10_win.exe
2009-02-27 10:16:27 —-D—- C:Documents and Settings123Application DataAdobe
2009-02-26 22:19:27 —-D—- C:Program FilesGameSpy Arcade
2009-02-26 21:47:39 —-D—- C:Program FilesEA GAMES
2009-02-26 19:46:55 —-D—- C:Documents and Settings123Application DataOpera
2009-02-26 19:46:48 —-D—- C:Program FilesOpera
2009-02-26 18:26:19 —-A—- C:Firefox Setup 3.0.6.exe
2009-02-26 17:18:33 —-D—- C:WINDOWSpss
2009-02-26 16:59:25 —-D—- C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}
2009-02-26 16:59:17 —-SHD—- C:RECYCLER
2009-02-26 16:55:13 —-A—- C:Documents and SettingsAll UsersApplication Datasrflib.dll
2009-02-26 16:55:13 —-A—- C:Documents and SettingsAll UsersApplication Datamrllib.dll
2009-02-26 16:43:32 —-D—- C:Documents and Settings123Application DataMacromedia
2009-02-26 16:05:58 —-A—- C:WINDOWSsystem32h323log.txt
2009-02-26 16:02:17 —-A—- C:WINDOWSsystem32usbui.dll
2009-02-26 16:01:12 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-02-26 16:01:11 —-SHD—- C:WINDOWSInstaller
2009-02-26 16:01:11 —-D—- C:Program FilesCommon FilesODBC
2009-02-26 16:01:11 —-A—- C:WINDOWSODBCINST.INI
2009-02-26 16:01:08 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-02-26 16:01:07 —-RD—- C:Program Files
2009-02-26 16:01:07 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-02-26 16:01:07 —-D—- C:Program FilesCommon Files
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-02-26 16:01:04 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-02-26 16:01:03 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-02-26 16:01:01 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-02-26 16:01:00 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-02-26 16:00:59 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-02-26 16:00:56 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdur.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-02-26 16:00:55 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32irclass.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-02-26 16:00:54 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-02-26 16:00:52 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-02-26 16:00:52 —-A—- C:WINDOWSTASKMAN.EXE
2009-02-26 16:00:51 —-A—- C:WINDOWSsystem32batt.dll
2009-02-26 16:00:51 —-A—- C:WINDOWSNOTEPAD.EXE
2009-02-26 16:00:46 —-A—- C:WINDOWSsystem32storprop.dll
2009-02-26 16:00:39 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-02-26 15:58:58 —-RA—- C:WINDOWSSET8.tmp
2009-02-26 15:58:54 —-RA—- C:WINDOWSSET4.tmp
2009-02-26 15:58:51 —-RA—- C:WINDOWSSET3.tmp
2009-02-26 15:58:46 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-26 15:58:46 —-D—- C:WINDOWSsystem32CatRoot
2009-02-26 15:58:40 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-02-26 15:57:36 —-A—- C:WINDOWSsetuplog.txt
2009-02-26 15:57:33 —-SHD—- C:System Volume Information
2009-02-26 15:57:33 —-D—- C:Documents and Settings
2009-02-26 15:56:40 —-SH—- C:boot.ini
2009-02-26 15:51:11 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-02-26 15:51:11 —-RSD—- C:WINDOWSFonts
2009-02-26 15:51:11 —-RD—- C:WINDOWSWeb
2009-02-26 15:51:11 —-HD—- C:WINDOWSinf
2009-02-26 15:51:11 —-D—- C:WINDOWSWinSxS
2009-02-26 15:51:11 —-D—- C:WINDOWStwain_32
2009-02-26 15:51:11 —-D—- C:WINDOWSTemp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32wins
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32wbem
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32usmt
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32spool
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ShellExt
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32Setup
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ru-ru
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ru
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ras
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32oobe
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32npp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32mui
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32inetsrv
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32IME
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32icsxml
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32ias
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32export
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32drivers
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32dhcp
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32config
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem323com_dmi
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem323076
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem322052
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321054
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321049
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321042
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321041
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321037
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321033
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321031
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321028
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem321025
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem32
2009-02-26 15:51:11 —-D—- C:WINDOWSsystem
2009-02-26 15:51:11 —-D—- C:WINDOWSsecurity
2009-02-26 15:51:11 —-D—- C:WINDOWSResources
2009-02-26 15:51:11 —-D—- C:WINDOWSrepair
2009-02-26 15:51:11 —-D—- C:WINDOWSProvisioning
2009-02-26 15:51:11 —-D—- C:WINDOWSPeerNet
2009-02-26 15:51:11 —-D—- C:WINDOWSpchealth
2009-02-26 15:51:11 —-D—- C:WINDOWSNetwork Diagnostic
2009-02-26 15:51:11 —-D—- C:WINDOWSmui
2009-02-26 15:51:11 —-D—- C:WINDOWSmsapps
2009-02-26 15:51:11 —-D—- C:WINDOWSmsagent
2009-02-26 15:51:11 —-D—- C:WINDOWSMedia
2009-02-26 15:51:11 —-D—- C:WINDOWSL2Schemas
2009-02-26 15:51:11 —-D—- C:WINDOWSjava
2009-02-26 15:51:11 —-D—- C:WINDOWSime
2009-02-26 15:51:11 —-D—- C:WINDOWSHelp
2009-02-26 15:51:11 —-D—- C:WINDOWSehome
2009-02-26 15:51:11 —-D—- C:WINDOWSDriver Cache
2009-02-26 15:51:11 —-D—- C:WINDOWSDebug
2009-02-26 15:51:11 —-D—- C:WINDOWSCursors
2009-02-26 15:51:11 —-D—- C:WINDOWSConnection Wizard
2009-02-26 15:51:11 —-D—- C:WINDOWSConfig
2009-02-26 15:51:11 —-D—- C:WINDOWSAppPatch
2009-02-26 15:51:11 —-D—- C:WINDOWSaddins
2009-02-26 15:51:11 —-D—- C:WINDOWS
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32vxblock.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxwave.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxmas.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxinsi64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32pxafs.dll
2009-02-26 13:49:00 —-N—- C:WINDOWSsystem32px.dll
2009-02-26 13:48:56 —-D—- C:Program FilesWinamp
2009-02-26 13:45:46 —-D—- C:Documents and Settings123Application DataATI
2009-02-26 13:43:18 —-D—- C:Program FilesKaspersky Lab
2009-02-26 13:43:17 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-02-26 13:42:33 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-02-26 13:41:19 —-A—- C:WINDOWSODBC.INI
2009-02-26 13:41:13 —-A—- C:WINDOWSsystem32mdimon.dll
2009-02-26 13:39:56 —-D—- C:Program FilesCommon FilesDESIGNER
2009-02-26 13:39:52 —-D—- C:Program FilesMicrosoft Works
2009-02-26 13:39:46 —-D—- C:Program FilesMicrosoft Visual Studio
2009-02-26 13:39:39 —-D—- C:WINDOWSSHELLNEW
2009-02-26 13:39:35 —-D—- C:Program FilesMicrosoft.NET
2009-02-26 13:39:34 —-D—- C:Program FilesMicrosoft Office
2009-02-26 13:39:19 —-D—- C:Program FilesCommon FilesATI Technologies
2009-02-26 13:38:54 —-RHD—- C:MSOCache
2009-02-26 13:37:20 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-02-26 13:37:14 —-D—- C:Program FilesCommon FilesAdobe
2009-02-26 13:37:14 —-D—- C:Program FilesAdobe
2009-02-26 13:37:04 —-D—- C:WINDOWSRegisteredPackages
2009-02-26 13:36:52 —-A—- C:WINDOWSsystem32psisdecd.dll
2009-02-26 13:36:50 —-A—- C:WINDOWSsystem32dxdllreg.exe
2009-02-26 13:35:18 —-RSD—- C:WINDOWSassembly
2009-02-26 13:35:01 —-D—- C:WINDOWSMicrosoft.NET
2009-02-26 13:34:55 —-D—- C:Program FilesWinRAR
2009-02-26 13:34:24 —-N—- C:WINDOWSsystem32ati2sgag.exe
2009-02-26 13:34:21 —-A—- C:WINDOWSsystem32msvcr71.dll
2009-02-26 13:34:19 —-RA—- C:WINDOWSsystem32atiiiexx.dll
2009-02-26 13:33:44 —-D—- C:Program FilesATI Technologies
2009-02-26 13:33:01 —-D—- C:Program FilesPunto Switcher
2009-02-26 13:33:01 —-D—- C:Documents and Settings123Application DataYandex
2009-02-26 13:30:44 —-D—- C:WINDOWSsystem32Atheros_L1e
2009-02-26 13:29:26 —-D—- C:WINDOWSASUSInstAll
2009-02-26 13:29:24 —-HD—- C:Program FilesInstallShield Installation Information
2009-02-26 13:28:50 —-A—- C:WINDOWSsystem32ksuser.dll
2009-02-26 13:28:42 —-N—- C:WINDOWSsystem32difxapi.dll
2009-02-26 13:28:42 —-D—- C:Program FilesVIA
2009-02-26 13:28:35 —-D—- C:Program FilesCommon FilesInstallShield
2009-02-26 13:26:48 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-02-26 13:26:47 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-02-26 13:26:46 —-D—- C:Program FilesIntel
2009-02-26 13:26:34 —-D—- C:Intel
2009-02-26 13:26:08 —-A—- C:WINDOWSAscd_log.ini
2009-02-26 13:25:53 —-A—- C:WINDOWSAscd_tmp.ini
2009-02-26 13:23:50 —-D—- C:Documents and Settings123Application DataIdentities
2009-02-26 13:23:48 —-HD—- C:Program FilesUninstall Information
2009-02-26 13:23:33 —-SD—- C:Documents and Settings123Application DataMicrosoft
2009-02-26 13:23:33 —-ASH—- C:Documents and Settings123Application Datadesktop.ini
2009-02-26 13:19:26 —-D—- C:WINDOWSSoftwareDistribution
2009-02-26 13:19:24 —-SD—- C:WINDOWSsystem32Microsoft
2009-02-26 13:19:24 —-D—- C:WINDOWSPrefetch
2009-02-26 13:19:24 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-26 13:14:47 —-D—- C:WINDOWSsystem32xircom
2009-02-26 13:14:47 —-D—- C:Program Filesxerox
2009-02-26 13:14:47 —-D—- C:Program Filesmicrosoft frontpage
2009-02-26 13:14:25 —-A—- C:WINDOWScontrol.ini
2009-02-26 13:14:25 —-A—- C:AUTOEXEC.BAT
2009-02-26 13:14:17 —-A—- C:WINDOWSOEWABLog.txt
2009-02-26 13:14:13 —-A—- C:WINDOWSsystem32mapi32.dll
2009-02-26 13:13:28 —-SD—- C:WINDOWSDownloaded Program Files
2009-02-26 13:13:28 —-RD—- C:WINDOWSOffline Web Pages
2009-02-26 13:13:28 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-02-26 13:13:24 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-02-26 13:13:20 —-HD—- C:Program FilesWindowsUpdate
2009-02-26 13:13:17 —-D—- C:Program FilesOnline Services
2009-02-26 13:13:03 —-D—- C:WINDOWSsystem32DirectX
2009-02-26 13:12:58 —-A—- C:WINDOWSsystem32atrace.dll
2009-02-26 13:12:55 —-A—- C:WINDOWSsystem32desktop.ini
2009-02-26 13:12:55 —-A—- C:WINDOWSdesktop.ini
2009-02-26 13:12:49 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-02-26 13:12:48 —-A—- C:WINDOWSsystem32acctres.dll
2009-02-26 13:12:47 —-D—- C:Program FilesCommon FilesServices
2009-02-26 13:12:45 —-SD—- C:WINDOWSTasks
2009-02-26 13:12:45 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-02-26 13:12:44 —-D—- C:Program FilesCommon FilesMSSoap
2009-02-26 13:12:41 —-D—- C:WINDOWSsystem32Macromed
2009-02-26 13:12:41 —-D—- C:WINDOWSsrchasst
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuweb.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wups.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wucltui.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-02-26 13:12:38 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32wuapi.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32qmgr.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx4.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-02-26 13:12:37 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-02-26 13:12:34 —-D—- C:Program FilesMovie Maker
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrslv.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrdm.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-02-26 13:12:17 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-02-26 13:12:14 —-D—- C:WINDOWSsystem32Restore
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srsvc.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srrstr.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32srclient.dll
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32fltMc.exe
2009-02-26 13:12:14 —-A—- C:WINDOWSsystem32fltlib.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-02-26 13:12:13 —-A—- C:WINDOWSsystem32ils.dll
2009-02-26 13:12:12 —-A—- C:WINDOWSsystem32msconf.dll
2009-02-26 13:12:10 —-D—- C:Program FilesNetMeeting
2009-02-26 13:12:10 —-A—- C:WINDOWSsystem32msoert2.dll
2009-02-26 13:12:10 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-02-26 13:12:09 —-A—- C:WINDOWSsystem32inetres.dll
2009-02-26 13:12:09 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-02-26 13:12:08 —-D—- C:Program FilesOutlook Express
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32mstinit.exe
2009-02-26 13:12:08 —-A—- C:WINDOWSsystem32mstask.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32isign32.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-02-26 13:12:07 —-A—- C:WINDOWSsystem32icwdial.dll
2009-02-26 13:12:02 —-D—- C:Program FilesCommon FilesSystem
2009-02-26 13:11:57 —-D—- C:Program FilesInternet Explorer
2009-02-26 13:11:24 —-D—- C:Program FilesComPlus Applications
2009-02-26 13:11:22 —-A—- C:WINDOWSvbaddin.ini
2009-02-26 13:11:22 —-A—- C:WINDOWSvb.ini
2009-02-26 13:11:18 —-D—- C:WINDOWSRegistration
2009-02-26 13:11:12 —-D—- C:Program FilesWindows Media Player
2009-02-26 13:11:05 —-D—- C:Program FilesMessenger
2009-02-26 13:11:02 —-D—- C:Program FilesMSN Gaming Zone
2009-02-26 13:11:02 —-A—- C:WINDOWSsystem32write.exe
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32hticons.dll
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32avwav.dll
2009-02-26 13:10:53 —-A—- C:WINDOWSsystem32avmeter.dll
2009-02-26 13:10:52 —-A—- C:WINDOWSsystem32winchat.exe
2009-02-26 13:10:52 —-A—- C:WINDOWSsystem32avtapi.dll
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32getuname.dll
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32charmap.exe
2009-02-26 13:10:46 —-A—- C:WINDOWSsystem32calc.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32winmine.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32sol.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32reset.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32mshearts.exe
2009-02-26 13:10:45 —-A—- C:WINDOWSsystem32freecell.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tslabels.ini
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tskill.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32tscon.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32shadow.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32regini.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32msg.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32logoff.exe
2009-02-26 13:10:44 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-02-26 13:10:43 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-02-26 13:10:38 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32mplay32.exe
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-02-26 13:10:37 —-A—- C:WINDOWSsystem32accwiz.exe
2009-02-26 13:10:36 —-D—- C:Program FilesWindows NT
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32spider.exe
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32mspaint.exe
2009-02-26 13:10:36 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32tsgqec.dll
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-02-26 13:10:35 —-A—- C:WINDOWSsystem32rhttpaa.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32remotepg.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32mstscax.dll
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32mstsc.exe
2009-02-26 13:10:34 —-A—- C:WINDOWSsystem32aaclient.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32termsrv.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdshost.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32rdchost.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32qprocess.exe
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32icaapi.dll
2009-02-26 13:10:33 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-02-26 13:10:32 —-D—- C:WINDOWSsystem32MsDtc
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-02-26 13:10:32 —-A—- C:WINDOWSsystem32msdtc.exe
2009-02-26 13:10:31 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-02-26 13:10:30 —-D—- C:WINDOWSsystem32Com
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxex.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32comrepl.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32comaddin.dll
2009-02-26 13:10:30 —-A—- C:WINDOWSsystem32colbact.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32stclient.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-02-26 13:10:29 —-A—- C:WINDOWSsystem32catsrv.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32comuid.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32comsnap.dll
2009-02-26 13:10:28 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-02-26 13:10:23 —-A—- C:WINDOWSsystem32servdeps.dll
2009-02-26 13:10:23 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-02-26 13:10:22 —-A—- C:WINDOWSsystem32licwmi.dll
2009-02-26 13:10:22 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-02-26 22:46:45 —-A—- C:WINDOWSwin.ini
2009-02-26 22:46:45 —-A—- C:WINDOWSsystem.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-02-26 226832]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2006-08-03 1681920]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:WINDOWSsystem32DRIVERSklfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-04-30 24592]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet Controller; C:WINDOWSsystem32DRIVERSl1e51x86.sys [2008-02-02 36864]
R3 monfilt;monfilt; C:WINDOWSsystem32driversmonfilt.sys [2008-02-14 1389056]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:WINDOWSsystem32driversviahduaa.sys [2008-02-14 222976]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2006-08-03 401408]
R2 AVP;Kaspersky Internet Security; C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-02-26 206088]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-19 322120]
R2 winsecguard;Windows Security Guard; C:WINDOWSMicrosoft.NETzpx2.exe [2009-02-26 330752]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2006-08-02 520192]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
