Созданные ответы форума
-
Сообщения
-
После удаления комбофикса это проходит
Да, до использования комбофикс этих проблем не было.
c:windowssystem32dllcachehttp.sys
Можно на вирустотале проверить, вроде чистый, но мало ли.Завтра проверю, сегодня я на работе.
P.S. Файл проверил, проблем не обнаружил. Чистый. Язык и всё прочее с ним решено.
Вроде пока других проблем нет, комп работает нормально.После комбофикса, пропал значок в трее выбот языка, и некоторые буквы вроде как глючат на клаве, не с первого раза вводятся. А так вроде ничего. Значок в трее не восстанавливается, но думаю это не такая уж и заморочка.
Лог от КОМБОФИКС:
ComboFix 10-08-12.03 — CERBER 14.08.2010 20:35:15.1.1 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1033.18.1023.776 [GMT 2:00]
Running from: c:documents and settingsCERBERDesktopComboFix.exe
Command switches used :: c:documents and settingsCERBERDesktopWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat
BITS: Possible infected sites
hxxp://soft.export.yandex.ru
.
((((((((((((((((((((((((( Files Created from 2010-07-14 to 2010-08-14 )))))))))))))))))))))))))))))))
.2010-08-14 18:03 . 2010-08-14 18:04
d
w- c:program filestrend micro
2010-08-14 18:03 . 2010-08-14 18:04
d
w- C:rsit
2010-08-14 13:22 . 2010-08-14 13:22
d
w- c:windowsnvidia icons
2010-08-14 13:21 . 2010-08-14 13:26
d
w- c:windowsnview
2010-08-14 13:21 . 2008-05-16 12:01 446464 —-a-w- c:windowssystem32nvudisp.exe
2010-08-14 13:21 . 2010-08-14 13:21
d
w- C:NVIDIA
2010-08-14 13:05 . 2010-08-14 13:07
d
w- c:program filesuTorrent
2010-08-14 13:04 . 2010-08-14 13:11
d
w- c:documents and settingsCERBERApplication DatauTorrent
2010-08-14 12:54 . 2010-08-14 12:54
d
w- c:program filesSystemRequirementsLab
2010-08-14 12:33 . 2010-08-14 12:55
d
w- c:documents and settingsCERBERApplication DataDownload Master
2010-08-14 12:33 . 2007-12-18 11:56 1412608 —-a-w- c:documents and settingsCERBERApplication DataDownload Mastertempskin.dll
2010-08-14 12:33 . 2010-08-14 12:41
d
w- c:program filesDownload Master
2010-08-14 11:41 . 2009-10-21 05:38 75776
w- c:windowssystem32dllcachestrmfilt.dll
2010-08-14 11:41 . 2009-10-21 05:38 25088
w- c:windowssystem32dllcachehttpapi.dll
2010-08-14 11:41 . 2009-10-20 16:20 265728
w- c:windowssystem32dllcachehttp.sys
2010-08-14 11:20 . 2010-08-14 11:20
d-sh—w- c:documents and settingsCERBERIECompatCache
2010-08-14 11:20 . 2010-08-14 11:20
d-sh—w- c:documents and settingsCERBERPrivacIE
2010-08-14 11:15 . 2010-08-14 11:15
d
w- C:8aad46a3627a0f7d6c2344
2010-08-14 10:34 . 2010-08-14 10:34
d
w- c:program filesMSXML 4.0
2010-08-13 20:56 . 2005-05-26 13:34 2297552 —-a-w- c:windowssystem32d3dx9_26.dll
2010-08-13 20:50 . 2010-08-13 20:50
d
w- c:program filesNival Interactive
2010-08-13 20:49 . 2010-08-13 20:49 1 —-a-w- c:windowssystem32SI.bin
2010-08-13 20:42 . 2010-08-13 20:42 691696 —-a-w- c:windowssystem32driverssptd.sys
2010-08-13 20:42 . 2010-08-13 20:42
d
w- c:program filesDAEMON Tools Lite
2010-08-13 20:41 . 2010-08-13 20:48
d
w- c:documents and settingsCERBERApplication DataDAEMON Tools Lite
2010-08-13 20:41 . 2010-08-13 20:42
d
w- c:documents and settingsAll UsersApplication DataDAEMON Tools Lite
2010-08-13 20:35 . 2010-08-13 20:35
d
w- c:documents and settingsCERBERApplication DataDAEMON Tools Pro
2010-08-13 20:35 . 2010-08-13 20:35
d
w- c:documents and settingsAll UsersApplication DataDAEMON Tools Pro
2010-08-13 13:40 . 2010-08-13 13:40
d
w- c:documents and settingsAdministratorDoctorWeb
2010-08-13 07:37 . 2010-08-13 07:37
d
w- c:documents and settingsAll UsersUniblue
2010-08-13 07:36 . 2010-08-13 07:36
d
w- c:documents and settingsCERBERApplication DataUniblue
2010-08-12 21:21 . 2010-08-12 21:21
d
w- c:documents and settingsCERBERSaved Games
2010-08-12 21:20 . 2010-08-12 21:20
d
w- c:documents and settingsCERBERApplication DataiWin
2010-08-12 21:19 . 2010-08-12 21:22
d
w- c:program filesJewel Quest 2.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-14 13:21 . 2010-08-12 11:55
d
w- c:documents and settingsCERBERApplication DataMxBoost
2010-08-13 20:50 . 2010-08-12 14:34
d—h—w- c:program filesInstallShield Installation Information
2010-08-13 20:49 . 2010-08-12 12:11
d
w- c:program filesCommon FilesInstallShield
2010-08-13 17:44 . 2010-08-12 12:05 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-08-13 13:20 . 2010-08-12 15:57
d
w- c:documents and settingsCERBERApplication DataAhead
2010-08-13 11:45 . 2010-08-12 13:32
d
w- c:program filesOpera AC 3.6
2010-08-12 18:18 . 2010-08-12 18:18
d
w- c:documents and settingsCERBERApplication DataMalwarebytes
2010-08-12 18:18 . 2010-08-12 18:18
d
w- c:program filesMalwarebytes’ Anti-Malware
2010-08-12 18:18 . 2010-08-12 18:18
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2010-08-12 15:57 . 2010-08-12 15:57
d
w- c:documents and settingsAll UsersApplication DataAhead
2010-08-12 15:56 . 2010-08-12 15:55
d
w- c:program filesCommon FilesAhead
2010-08-12 15:55 . 2010-08-12 15:55
d
w- c:program filesNero
2010-08-12 15:55 . 2010-08-12 15:55
d
w- c:documents and settingsAll UsersApplication DataNero
2010-08-12 15:30 . 2010-08-12 15:30
d
w- c:program filesAC3Filter
2010-08-12 15:29 . 2010-08-12 15:29
d
w- c:program filesK-Lite Codec Pack
2010-08-12 15:20 . 2010-08-12 15:18
d
w- c:program filesCanon
2010-08-12 15:13 . 2010-08-12 15:13
d
w- c:program filesCommon FilesAdobe
2010-08-12 14:53 . 2010-08-12 14:53
d
w- c:program filesCommon FilesPAC207
2010-08-12 14:53 . 2010-08-12 14:53
d
w- c:program filesTrust
2010-08-12 14:43 . 2010-08-12 14:43
d
w- c:program filesRealtek AC97
2010-08-12 14:35 . 2010-08-12 14:35
d
w- c:documents and settingsCERBERApplication DataCOWON
2010-08-12 14:35 . 2010-08-12 14:34
d
w- c:program filesJetAudio
2010-08-12 14:34 . 2010-08-12 14:34
d
w- c:program filesCommon FilesCOWON
2010-08-12 14:33 . 2010-08-12 14:33
d
w- c:documents and settingsCERBERApplication DataInstallShield
2010-08-12 14:31 . 2010-08-12 14:31
d
w- c:program filesFreeTime
2010-08-12 12:49 . 2010-08-12 12:49
d
w- c:program filesOpera
2010-08-12 12:46 . 2010-08-12 12:45
d
w- c:program filesCCleaner
2010-08-12 12:42 . 2010-08-12 12:42
d
w- c:documents and settingsCERBERApplication DataYandex
2010-08-12 12:42 . 2010-08-12 12:42
d
w- c:program filesYandex
2010-08-12 12:42 . 2010-08-12 12:42
d
w- c:documents and settingsAll UsersApplication DataYandex
2010-08-12 12:32 . 2010-08-12 12:32 0 —-a-w- c:windowssystem32cid_store.dat
2010-06-24 12:22 . 2008-12-20 22:15 916480 —-a-w- c:windowssystem32wininet.dll
2010-06-24 02:14 . 2009-01-08 19:14 1861120 —-a-w- c:windowssystem32win32k.sys
2010-06-21 14:18 . 2009-01-08 19:12 354304 —-a-w- c:windowssystem32driverssrv.sys
2010-06-17 14:03 . 2008-04-14 04:41 80384 —-a-w- c:windowssystem32iccvid.dll
2010-06-14 14:31 . 2010-08-12 12:03 744448 —-a-w- c:windowspchealthhelpctrbinarieshelpsvc.exe
2010-06-14 07:39 . 2009-01-08 19:09 1172480 —-a-w- c:windowssystem32msxml3.dll
.
Sigcheck
[-] 2009-01-08 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:windowssystem32driverstcpip.sys[-] 2009-01-08 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2010-05-25 10335560][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2010-05-25 10335560][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesAheadLibNMBgMonitor.exe» [2008-01-22 152872]
«ccleaner»=»c:program filesCCleanerccleaner.exe» [2010-07-23 1755960]
«DAEMON Tools Lite»=»c:program filesDAEMON Tools LiteDTLite.exe» [2010-04-01 357696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NVRaidService»=»c:windowssystem32nvraidservice.exe» [2004-06-11 83968]
«avast5″=»c:progra~1ALWILS~1Avast5avastUI.exe» [2010-06-28 2837864]
«SoundMan»=»SOUNDMAN.EXE» [2007-04-16 577536]
«NeroFilterCheck»=»c:program filesCommon FilesAheadLibNeroCheck.exe» [2008-05-28 570664]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2008-05-16 13529088]
«nwiz»=»nwiz.exe» [2008-05-16 1630208]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2008-05-16 86016][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-14 15360][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«_nltide_2″=»shell32» [X][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe ARM]
2010-06-09 08:06 976832 —-a-r- c:program filesCommon FilesAdobeARM1.0AdobeARM.exe[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]
2010-06-20 02:04 35760 —-a-w- c:program filesAdobeReader 9.0Readerreader_sl.exe[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\OperaAC_3.7\opera.exe»=
«c:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe»=
«c:\Program Files\Opera\opera.exe»=
«c:\WINDOWS\system32\CNAB4RPK.EXE»=
«c:\Program Files\uTorrent\uTorrent.exe»=R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [12.08.2010 14:18 165456]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [12.08.2010 14:18 17744]
S4 sptd;sptd;c:windowssystem32driverssptd.sys [13.08.2010 22:42 691696]
.
Contents of the ‘Scheduled Tasks’ folder2010-08-14 c:windowsTasksUser_Feed_Synchronization-{A96EAD67-8EAC-4A86-8F36-56C3A894F767}.job
— c:windowssystem32msfeedssync.exe [2009-01-08 02:31]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=44290
IE: Закачать ВСЕ при помощи Download Master — c:program filesDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — c:program filesDownload Masterdmie.htm
IE: Передать на удаленную закачку DM — c:program filesDownload Masterremdown.htm
FF — ProfilePath — c:documents and settingsCERBERApplication DataMozillaFirefoxProfileseozgxgi4.default
FF — prefs.js: browser.startup.homepage — http://www.one.lv
FF — plugin: c:operaac_3.7programpluginsnpdsplay.dll
FF — plugin: c:operaac_3.7programpluginsnpmeadax.dll
FF — plugin: c:operaac_3.7programpluginsnppl3260.dll
FF — plugin: c:operaac_3.7programpluginsnprpjplug.dll
FF — plugin: c:operaac_3.7programpluginsNPSWF32.dll
FF — plugin: c:operaac_3.7programpluginsnpwmsdrm.dll
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-14 20:38
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
Completion time: 2010-08-14 20:39:35
ComboFix-quarantined-files.txt 2010-08-14 18:39Pre-Run: 30 028 361 728 bytes free
Post-Run: 30 077 440 000 bytes freeWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional» /noexecute=optin /fastdetect— — End Of File — — 77E1324A05586CB4D78D2BBC209DD08B
Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Не совсем понятно что у вас случилось.
Вы не можете запустить компьютер?
Вы не можете войти в интернет?
Вы приобрели антивирус в магазине, или скачали с варезного сайта?Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Сделайте для начала, сканирование вашего компьютера, как и что надо делать, прочтите в этой теме:
Как вылечить компьютер, первые шаги.info.txt logfile of random’s system information tool 1.08 2010-08-14 20:04:08
======Uninstall list======
—>C:Program FilesNeroNero 7\nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
AC3Filter (remove only)—>C:Program FilesAC3Filteruninstall.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashFlashUtil10i_Plugin.exe -maintain plugin
Adobe Reader 9.3.3—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
avast! Free Antivirus—>C:Program FilesAlwil SoftwareAvast5aswRunDll.exe «C:Program FilesAlwil SoftwareAvast5Setupsetiface.dll» RunSetup
Canon LBP2900—>C:Program FilesCanonPrnUninstallCanon LBP2900CNAB4UN.EXE
CCleaner—>»C:Program FilesCCleaneruninst.exe»
Download Master version 5.7.3.1221—>»C:Program FilesDownload Masterunins000.exe»
FormatFactory 2.45—>C:Program FilesFreeTimeFormatFactoryuninst.exe
Heroes of Might and Magic V—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{CB9A636A-AF2D-4B03-AE8B-8FE99AC197E8}setup.exe» -l0x19
jetAudio Plus VX—>C:Program FilesInstallShield Installation Information{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}setup.exe -runfromtemp -l0x0019 -removeonly
K-Lite Codec Pack 5.4.4 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
Malwarebytes’ Anti-Malware—>»C:Program FilesMalwarebytes’ Anti-Malwareunins000.exe»
Maxthon2—>C:Program FilesMaxthon2Mx2Uninstall.exe
Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.4148—>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.0.9)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 (KB973688)—>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MUI Help Package — RUS—>C:WINDOWS$NtUninstallKB841625_RUS$spuninstspuninst.exe
Nero 7 Ultra Edition—>MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711049}
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers—>C:WINDOWSsystem32nvuninst.exe UninstallGUI
Opera 10.61—>MsiExec.exe /X{6D482078-8D15-4FD3-B838-C7B49174650F}
Opera AC—>»C:OperaAC_3.7MiscMultiAC.exe» /OAC_Uninstall
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» -l0x19 -removeonly
Security Update for Windows Internet Explorer 8 (KB2183461)—>»C:WINDOWSie8updatesKB2183461-IE8spuninstspuninst.exe»
Security Update for Windows Internet Explorer 8 (KB971961)—>»C:WINDOWSie8updatesKB971961-IE8spuninstspuninst.exe»
Security Update for Windows Internet Explorer 8 (KB981332)—>»C:WINDOWSie8updatesKB981332-IE8spuninstspuninst.exe»
Security Update for Windows Internet Explorer 8 (KB982381)—>»C:WINDOWSie8updatesKB982381-IE8spuninstspuninst.exe»
System Requirements Lab—>C:Program FilesSystemRequirementsLabUninstall.exe
Trust WB-1400T Webcam—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{30837A37-8F9F-4817-8B52-C501B67DC3BE} /l1033
Update for Windows Internet Explorer 8 (KB976662)—>»C:WINDOWSie8updatesKB976662-IE8spuninstspuninst.exe»
Update for Windows Internet Explorer 8 (KB982632)—>»C:WINDOWSie8updatesKB982632-IE8spuninstspuninst.exe»
Update for Windows Internet Explorer 8 (KB982664)—>»C:WINDOWSie8updatesKB982664-IE8spuninstspuninst.exe»
Windows Internet Explorer 8—>»C:WINDOWSie8spuninstspuninst.exe»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Яндекс.Бар 5.0 для Internet Explorer—>MsiExec.exe /X{B1D8E65E-B8A2-48E4-90CF-34151C37EB45}======Security center information======
AV: avast! Antivirus (disabled)
======System event log======
Computer Name: CERBER-9FB90C63
Event Code: 107
Message:
Record Number: 86
Source Name: nv
Time Written: 20100812142037.000000+120
Event Type: warning
User:Computer Name: CERBER-9FB90C63
Event Code: 107
Message:
Record Number: 44
Source Name: nv
Time Written: 20100812141039.000000+120
Event Type: warning
User:Computer Name: CERBER-9FB90C63
Event Code: 107
Message:
Record Number: 43
Source Name: nv
Time Written: 20100812141039.000000+120
Event Type: warning
User:Computer Name: CERBER-9FB90C63
Event Code: 107
Message:
Record Number: 18
Source Name: nv
Time Written: 20100812140858.000000+120
Event Type: warning
User:Computer Name: CERBER-9FB90C63
Event Code: 107
Message:
Record Number: 17
Source Name: nv
Time Written: 20100812140858.000000+120
Event Type: warning
User:=====Application event log=====
Computer Name: CERBER-9FB90C63
Event Code: 5603
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, rootRSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.Record Number: 15
Source Name: WinMgmt
Time Written: 20100812140329.000000+120
Event Type: warning
User: NT AUTHORITYSYSTEMComputer Name: CERBER-9FB90C63
Event Code: 5603
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, rootRSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.Record Number: 14
Source Name: WinMgmt
Time Written: 20100812140329.000000+120
Event Type: warning
User: NT AUTHORITYSYSTEMComputer Name: CERBER-9FB90C63
Event Code: 63
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Rootcimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.Record Number: 13
Source Name: WinMgmt
Time Written: 20100812140329.000000+120
Event Type: warning
User: NT AUTHORITYSYSTEMComputer Name: CERBER-9FB90C63
Event Code: 63
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Rootcimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.Record Number: 12
Source Name: WinMgmt
Time Written: 20100812140329.000000+120
Event Type: warning
User: NT AUTHORITYSYSTEMComputer Name: CERBER-9FB90C63
Event Code: 63
Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, RootWMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.Record Number: 11
Source Name: WinMgmt
Time Written: 20100812140327.000000+120
Event Type: warning
User: NT AUTHORITYSYSTEM======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 28 Stepping 0, AuthenticAMD
«PROCESSOR_REVISION»=1c00
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Машину запустить получилось, предложила выбрать конторольную точку, сделал. Сразу после этого сделал лог от ХайДжек и логи РСИТ. Гляньте своим глазом, может что найдёте.
Logfile of random’s system information tool 1.08 (written by random/random)
Run by CERBER at 2010-08-14 20:03:56
Microsoft Windows XP Professional Service Pack 3
System drive C: has 29 GB (73%) free of 39 GB
Total RAM: 1023 MB (62% free)Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:05, on 14.08.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32IoctlSvc.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32nvraidservice.exe
C:PROGRA~1ALWILS~1Avast5avastUI.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesCommon FilesAheadLibNMIndexingService.exe
C:WINDOWSsystem32wbemunsecapp.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:WINDOWSsystem32CNAB4RPK.EXE
C:OperaAC_3.7opera.exe
D:D_MПрограммыRSIT.exe
C:Program Filestrend microCERBER.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=44290
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Windows Internet Explorer provided by Yandex
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O4 — HKLM..Run: [NVRaidService] C:WINDOWSsystem32nvraidservice.exe
O4 — HKLM..Run: [avast5] C:PROGRA~1ALWILS~1Avast5avastUI.exe /nogui
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [ccleaner] «C:Program FilesCCleanerccleaner.exe» /AUTO
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools LiteDTLite.exe» -autorun
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘Default user’)
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program FilesDownload Masterremdown.htm
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) — http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O22 — SharedTaskScheduler: Browseui preloader — {438755C2-A8BA-11D1-B96B-00A0C90312E1} — C:WINDOWSsystem32browseui.dll
O22 — SharedTaskScheduler: Component Categories cache daemon — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:WINDOWSsystem32browseui.dll
O23 — Service: avast! Antivirus — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Mail Scanner — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Web Scanner — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: PLFlash DeviceIoControl Service — Prolific Technology Inc. — C:WINDOWSsystem32IoctlSvc.exe—
End of file — 6688 bytes======Scheduled tasks folder======
C:WINDOWStasksUser_Feed_Synchronization-{A96EAD67-8EAC-4A86-8F36-56C3A894F767}.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2010-06-19 75200][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2010-07-27 165184][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2010-05-25 10335560]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2010-06-03 185664][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NVRaidService»=C:WINDOWSsystem32nvraidservice.exe [2004-06-11 83968]
«avast5″=C:PROGRA~1ALWILS~1Avast5avastUI.exe [2010-06-28 2837864]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2008-05-28 570664]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-05-16 13529088]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2008-05-16 86016][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2008-01-22 152872]
«ccleaner»=C:Program FilesCCleanerccleaner.exe [2010-07-23 1755960]
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools LiteDTLite.exe [2010-04-01 357696][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe ARM]
C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2010-06-09 976832][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]
C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2010-06-20 35760][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
C:WINDOWSsystem32WgaLogon.dll [2010-02-22 190976][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2009-01-08 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:OperaAC_3.7opera.exe»=»C:OperaAC_3.7opera.exe:*:Enabled:Opera Internet Browser»
«C:Program FilesMaxthon2ModulesMxDownloaderMxDownloadServer.exe»=»C:Program FilesMaxthon2ModulesMxDownloaderMxDownloadServer.exe:*:Disabled:MxDownloadServer»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser»
«C:WINDOWSsystem32CNAB4RPK.EXE»=»C:WINDOWSsystem32CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2010-08-14 20:03:57 —-D—- C:Program Filestrend micro
2010-08-14 20:03:56 —-D—- C:rsit
2010-08-14 15:22:11 —-D—- C:WINDOWSnvidia icons
2010-08-14 15:21:58 —-D—- C:WINDOWSnview
2010-08-14 15:21:58 —-A—- C:WINDOWSsystem32nvudisp.exe
2010-08-14 15:21:24 —-D—- C:NVIDIA
2010-08-14 15:05:02 —-D—- C:Program FilesuTorrent
2010-08-14 15:04:49 —-D—- C:Documents and SettingsCERBERApplication DatauTorrent
2010-08-14 14:54:48 —-D—- C:Program FilesSystemRequirementsLab
2010-08-14 14:33:56 —-D—- C:Documents and SettingsCERBERApplication DataDownload Master
2010-08-14 14:33:36 —-D—- C:Program FilesDownload Master
2010-08-14 13:15:15 —-D—- C:8aad46a3627a0f7d6c2344
2010-08-14 12:34:56 —-D—- C:Program FilesMSXML 4.0
2010-08-13 22:56:45 —-A—- C:WINDOWSsystem32xinput1_1.dll
2010-08-13 22:56:45 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2010-08-13 22:56:44 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2010-08-13 22:56:44 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2010-08-13 22:56:44 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2010-08-13 22:56:43 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2010-08-13 22:56:43 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2010-08-13 22:56:43 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2010-08-13 22:56:42 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2010-08-13 22:56:42 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2010-08-13 22:50:10 —-D—- C:Program FilesNival Interactive
2010-08-13 22:42:47 —-A—- C:WINDOWSsystem32driverssptd.sys
2010-08-13 22:42:32 —-D—- C:Program FilesDAEMON Tools Lite
2010-08-13 22:41:52 —-D—- C:Documents and SettingsCERBERApplication DataDAEMON Tools Lite
2010-08-13 22:41:48 —-D—- C:Documents and SettingsAll UsersApplication DataDAEMON Tools Lite
2010-08-13 22:35:19 —-D—- C:Documents and SettingsCERBERApplication DataDAEMON Tools Pro
2010-08-13 22:35:19 —-D—- C:Documents and SettingsAll UsersApplication DataDAEMON Tools Pro
2010-08-13 18:21:00 —-ASH—- C:hiberfil.sys
2010-08-13 15:17:50 —-A—- C:WINDOWSsystem32pncrt.dll
2010-08-13 09:36:54 —-D—- C:Documents and SettingsCERBERApplication DataUniblue
2010-08-12 23:20:03 —-D—- C:Documents and SettingsCERBERApplication DataiWin
2010-08-12 23:19:35 —-D—- C:Program FilesJewel Quest 2
2010-08-12 21:00:23 —-A—- C:WINDOWSsystem32h323log.txt
2010-08-12 20:55:46 —-A—- C:WINDOWSsystem32driversaudstub.sys
2010-08-12 20:54:44 —-A—- C:WINDOWSsystem32driversredbook.sys
2010-08-12 20:54:30 —-A—- C:WINDOWSsystem32driversgameenum.sys
2010-08-12 20:54:03 —-A—- C:WINDOWSsystem32nv4_disp.dll
2010-08-12 20:54:03 —-A—- C:WINDOWSsystem32driversnv4_mini.sys
2010-08-12 20:53:46 —-A—- C:WINDOWSsystem32usbui.dll
2010-08-12 20:52:44 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-08-12 20:52:43 —-SHD—- C:WINDOWSInstaller
2010-08-12 20:52:43 —-D—- C:Program FilesCommon FilesODBC
2010-08-12 20:52:43 —-A—- C:WINDOWSODBCINST.INI
2010-08-12 20:52:40 —-RD—- C:Program Files
2010-08-12 20:52:40 —-D—- C:Program FilesCommon FilesSpeechEngines
2010-08-12 20:52:40 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2010-08-12 20:52:40 —-D—- C:Program FilesCommon Files
2010-08-12 20:52:32 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2010-08-12 20:52:32 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2010-08-12 20:52:32 —-RA—- C:WINDOWSsystem32kbdazel.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdycc.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbduzb.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdur.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdtat.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdru1.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdru.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdmon.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdkyr.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdkaz.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdbu.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdblr.dll
2010-08-12 20:52:30 —-RA—- C:WINDOWSsystem32kbdaze.dll
2010-08-12 20:52:29 —-RA—- C:WINDOWSsystem32kbdhept.dll
2010-08-12 20:52:29 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2010-08-12 20:52:29 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2010-08-12 20:52:29 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2010-08-12 20:52:29 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2010-08-12 20:52:29 —-RA—- C:WINDOWSsystem32kbdhe.dll
2010-08-12 20:52:29 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2010-08-12 20:52:28 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2010-08-12 20:52:28 —-RA—- C:WINDOWSsystem32kbdlv.dll
2010-08-12 20:52:28 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2010-08-12 20:52:28 —-RA—- C:WINDOWSsystem32kbdlt.dll
2010-08-12 20:52:28 —-RA—- C:WINDOWSsystem32kbdest.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdycl.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdsl.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdro.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdpl.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdhu.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdcz.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32kbdcr.dll
2010-08-12 20:52:26 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2010-08-12 20:52:22 —-A—- C:WINDOWSsystem32spxcoins.dll
2010-08-12 20:52:22 —-A—- C:WINDOWSsystem32irclass.dll
2010-08-12 20:52:22 —-A—- C:WINDOWSsystem32dgsetup.dll
2010-08-12 20:52:22 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2010-08-12 20:52:21 —-A—- C:WINDOWSsystem32EqnClass.Dll
2010-08-12 20:52:20 —-N—- C:WINDOWSsystem32CONFIG.TMP
2010-08-12 20:52:20 —-A—- C:WINDOWSTASKMAN.EXE
2010-08-12 20:52:19 —-A—- C:WINDOWSsystem32storprop.dll
2010-08-12 20:52:19 —-A—- C:WINDOWSsystem32driversirenum.sys
2010-08-12 20:52:19 —-A—- C:WINDOWSsystem32batt.dll
2010-08-12 20:52:19 —-A—- C:WINDOWSNOTEPAD.EXE
2010-08-12 20:52:11 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2010-08-12 20:52:04 —-RA—- C:WINDOWSSET8.tmp
2010-08-12 20:52:02 —-RA—- C:WINDOWSSET4.tmp
2010-08-12 20:52:01 —-RA—- C:WINDOWSSET3.tmp
2010-08-12 20:51:56 —-D—- C:WINDOWSsystem32CatRoot2
2010-08-12 20:51:56 —-D—- C:WINDOWSsystem32CatRoot
2010-08-12 20:51:50 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-08-12 20:51:32 —-SHD—- C:System Volume Information
2010-08-12 20:51:32 —-D—- C:Documents and Settings
2010-08-12 20:50:26 —-SH—- C:boot.ini
2010-08-12 20:47:31 —-SD—- C:WINDOWSDownloaded Program Files
2010-08-12 20:47:31 —-RSD—- C:WINDOWSFonts
2010-08-12 20:47:31 —-RD—- C:WINDOWSWeb
2010-08-12 20:47:31 —-HD—- C:WINDOWSinf
2010-08-12 20:47:31 —-D—- C:WINDOWSWinSxS
2010-08-12 20:47:31 —-D—- C:WINDOWSWBEM
2010-08-12 20:47:31 —-D—- C:WINDOWStwain_32
2010-08-12 20:47:31 —-D—- C:WINDOWSTemp
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32wins
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32wbem
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32usmt
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32spool
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32ShellExt
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32Setup
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32scripting
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32ras
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32PreInstall
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32oobe
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32npp
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32mui
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32Macromed
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32inetsrv
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32IME
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32icsxml
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32ias
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32export
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32en-US
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32en
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32driversUMDF
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32driversetc
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32driversdisdn
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32drivers
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32dhcp
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32config
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem323com_dmi
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem323076
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem322052
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem321054
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem321042
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem321041
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem321037
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem321033
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem321031
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem321028
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem321025
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem32
2010-08-12 20:47:31 —-D—- C:WINDOWSsystem
2010-08-12 20:47:31 —-D—- C:WINDOWSSoftwareDistribution
2010-08-12 20:47:31 —-D—- C:WINDOWSsecurity
2010-08-12 20:47:31 —-D—- C:WINDOWSResources
2010-08-12 20:47:31 —-D—- C:WINDOWSrepair
2010-08-12 20:47:31 —-D—- C:WINDOWSProvisioning
2010-08-12 20:47:31 —-D—- C:WINDOWSPeerNet
2010-08-12 20:47:31 —-D—- C:WINDOWSpchealth
2010-08-12 20:47:31 —-D—- C:WINDOWSOffline Web Pages
2010-08-12 20:47:31 —-D—- C:WINDOWSNetwork Diagnostic
2010-08-12 20:47:31 —-D—- C:WINDOWSmui
2010-08-12 20:47:31 —-D—- C:WINDOWSmsapps
2010-08-12 20:47:31 —-D—- C:WINDOWSmsagent
2010-08-12 20:47:31 —-D—- C:WINDOWSMedia
2010-08-12 20:47:31 —-D—- C:WINDOWSL2Schemas
2010-08-12 20:47:31 —-D—- C:WINDOWSjava
2010-08-12 20:47:31 —-D—- C:WINDOWSime
2010-08-12 20:47:31 —-D—- C:WINDOWSHelp
2010-08-12 20:47:31 —-D—- C:WINDOWSehome
2010-08-12 20:47:31 —-D—- C:WINDOWSDriver Cache
2010-08-12 20:47:31 —-D—- C:WINDOWSDebug
2010-08-12 20:47:31 —-D—- C:WINDOWSCursors
2010-08-12 20:47:31 —-D—- C:WINDOWSConnection Wizard
2010-08-12 20:47:31 —-D—- C:WINDOWSConfig
2010-08-12 20:47:31 —-D—- C:WINDOWSAppPatch
2010-08-12 20:47:31 —-D—- C:WINDOWSaddins
2010-08-12 20:47:31 —-D—- C:WINDOWS
2010-08-12 20:47:31 —-ASH—- C:pagefile.sys
2010-08-12 20:18:28 —-D—- C:Documents and SettingsCERBERApplication DataMalwarebytes
2010-08-12 20:18:21 —-A—- C:WINDOWSsystem32driversmbamswissarmy.sys
2010-08-12 20:18:20 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2010-08-12 20:18:20 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2010-08-12 20:18:20 —-A—- C:WINDOWSsystem32driversmbam.sys
2010-08-12 19:35:21 —-D—- C:WINDOWSMinidump
2010-08-12 17:57:15 —-D—- C:Documents and SettingsCERBERApplication DataAhead
2010-08-12 17:57:02 —-D—- C:Documents and SettingsAll UsersApplication DataAhead
2010-08-12 17:55:33 —-D—- C:Program FilesNero
2010-08-12 17:55:33 —-D—- C:Program FilesCommon FilesAhead
2010-08-12 17:55:33 —-D—- C:Documents and SettingsAll UsersApplication DataNero
2010-08-12 17:54:05 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2010-08-12 17:54:04 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2010-08-12 17:30:07 —-D—- C:Program FilesAC3Filter
2010-08-12 17:29:42 —-A—- C:WINDOWSsystem32unrar.dll
2010-08-12 17:29:41 —-A—- C:WINDOWSavisplitter.ini
2010-08-12 17:29:35 —-A—- C:WINDOWSsystem32yv12vfw.dll
2010-08-12 17:29:35 —-A—- C:WINDOWSsystem32xvidcore.dll
2010-08-12 17:29:34 —-A—- C:WINDOWSsystem32xvidvfw.dll
2010-08-12 17:29:33 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2010-08-12 17:29:33 —-A—- C:WINDOWSsystem32ff_vfw.dll
2010-08-12 17:29:31 —-D—- C:Program FilesK-Lite Codec Pack
2010-08-12 17:19:10 —-A—- C:WINDOWSsystem32CNAB4SMK.DLL
2010-08-12 17:19:10 —-A—- C:WINDOWSsystem32CNAB4RPK.EXE
2010-08-12 17:19:10 —-A—- C:WINDOWSsystem32CNAB4PTU.DLL
2010-08-12 17:19:10 —-A—- C:WINDOWSsystem32CNAB4LMK.DLL
2010-08-12 17:19:10 —-A—- C:WINDOWSsystem32CNAB4EMU.DLL
2010-08-12 17:18:37 —-D—- C:Program FilesCanon
2010-08-12 17:13:17 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2010-08-12 17:13:09 —-D—- C:Program FilesCommon FilesAdobe
2010-08-12 17:13:09 —-D—- C:Program FilesAdobe
2010-08-12 16:56:14 —-A—- C:WINDOWSsystem32driversusbprint.sys
2010-08-12 16:53:53 —-A—- C:WINDOWSsystem32Remover.ini
2010-08-12 16:53:53 —-A—- C:WINDOWSsystem32Remove.exe
2010-08-12 16:53:52 —-D—- C:WINDOWSPixArt
2010-08-12 16:53:51 —-D—- C:Program FilesTrust
2010-08-12 16:53:51 —-D—- C:Program FilesCommon FilesPAC207
2010-08-12 16:53:44 —-D—- C:WINDOWSDownloaded Installations
2010-08-12 16:43:57 —-A—- C:WINDOWSsystem32ChCfg.exe
2010-08-12 16:43:54 —-A—- C:WINDOWSsystem32driverssplitter.sys
2010-08-12 16:43:53 —-A—- C:WINDOWSsystem32driverswdmaud.sys
2010-08-12 16:43:52 —-A—- C:WINDOWSsystem32driversDMusic.sys
2010-08-12 16:43:51 —-A—- C:WINDOWSsystem32driversswmidi.sys
2010-08-12 16:43:50 —-A—- C:WINDOWSsystem32driversaec.sys
2010-08-12 16:43:49 —-A—- C:WINDOWSsystem32driverskmixer.sys
2010-08-12 16:43:48 —-A—- C:WINDOWSsystem32driverssysaudio.sys
2010-08-12 16:43:48 —-A—- C:WINDOWSsystem32driversdrmkaud.sys
2010-08-12 16:43:47 —-A—- C:WINDOWSsystem32driversMSPQM.sys
2010-08-12 16:43:47 —-A—- C:WINDOWSsystem32driversMSKSSRV.sys
2010-08-12 16:43:46 —-A—- C:WINDOWSsystem32driversMSPCLOCK.sys
2010-08-12 16:43:42 —-RA—- C:WINDOWSsystem32driversalcxwdm.sys
2010-08-12 16:43:42 —-A—- C:WINDOWSsystem32ksuser.dll
2010-08-12 16:43:42 —-A—- C:WINDOWSsystem32driversportcls.sys
2010-08-12 16:43:41 —-A—- C:WINDOWSsystem32driversdrmk.sys
2010-08-12 16:43:36 —-D—- C:Program FilesRealtek AC97
2010-08-12 16:43:36 —-A—- C:WINDOWSsystem32RTLCPL.exe
2010-08-12 16:43:35 —-A—- C:WINDOWSsystem32RtlCPAPI.dll
2010-08-12 16:43:35 —-A—- C:WINDOWSsoundman.exe
2010-08-12 16:43:34 —-A—- C:WINDOWSalcupd.exe
2010-08-12 16:43:34 —-A—- C:WINDOWSAlcrmv.exe
2010-08-12 16:39:54 —-A—- C:WINDOWSsystem32driversUSBSTOR.SYS
2010-08-12 16:35:34 —-D—- C:Documents and SettingsCERBERApplication DataCOWON
2010-08-12 16:34:04 —-D—- C:Program FilesCommon FilesCOWON
2010-08-12 16:34:02 —-HD—- C:Program FilesInstallShield Installation Information
2010-08-12 16:34:02 —-D—- C:Program FilesJetAudio
2010-08-12 16:33:41 —-D—- C:Documents and SettingsCERBERApplication DataInstallShield
2010-08-12 16:31:54 —-D—- C:Program FilesFreeTime
2010-08-12 16:04:03 —-D—- C:Documents and SettingsCERBERApplication DataMozilla
2010-08-12 16:03:56 —-D—- C:Program FilesMozilla Firefox
2010-08-12 15:32:26 —-D—- C:Program FilesOpera AC 3.6
2010-08-12 15:29:24 —-D—- C:Documents and SettingsCERBERApplication DataWinRAR
2010-08-12 14:49:53 —-D—- C:Program FilesOpera
2010-08-12 14:47:51 —-SHD—- C:RECYCLER
2010-08-12 14:45:58 —-D—- C:Program FilesCCleaner
2010-08-12 14:42:35 —-D—- C:WINDOWSie8updates
2010-08-12 14:42:18 —-D—- C:Program FilesYandex
2010-08-12 14:42:18 —-D—- C:Documents and SettingsCERBERApplication DataYandex
2010-08-12 14:42:18 —-D—- C:Documents and SettingsCERBERApplication DataOpera
2010-08-12 14:42:18 —-D—- C:Documents and SettingsAll UsersApplication DataYandex
2010-08-12 14:42:15 —-HD—- C:WINDOWSmsdownld.tmp
2010-08-12 14:41:49 —-A—- C:WINDOWSsystem32spupdsvc.exe
2010-08-12 14:41:39 —-HDC—- C:WINDOWSie8
2010-08-12 14:39:53 —-A—- C:WINDOWSsystem32MRT.exe
2010-08-12 14:32:48 —-D—- C:Documents and SettingsCERBERApplication DataMacromedia
2010-08-12 14:21:38 —-D—- C:Program FilesWinRAR
2010-08-12 14:18:45 —-A—- C:WINDOWSsystem32driversaswTdi.sys
2010-08-12 14:18:45 —-A—- C:WINDOWSsystem32driversaswSP.sys
2010-08-12 14:18:45 —-A—- C:WINDOWSsystem32driversaswRdr.sys
2010-08-12 14:18:45 —-A—- C:WINDOWSsystem32driversaswmon2.sys
2010-08-12 14:18:45 —-A—- C:WINDOWSsystem32driversaswmon.sys
2010-08-12 14:18:45 —-A—- C:WINDOWSsystem32driversaswFsBlk.sys
2010-08-12 14:18:45 —-A—- C:WINDOWSsystem32driversaavmker4.sys
2010-08-12 14:18:38 —-A—- C:WINDOWSsystem32aswBoot.exe
2010-08-12 14:18:34 —-D—- C:Program FilesAlwil Software
2010-08-12 14:18:34 —-D—- C:Documents and SettingsAll UsersApplication DataAlwil Software
2010-08-12 14:14:17 —-RA—- C:WINDOWSsystem32fdco1.dll
2010-08-12 14:14:17 —-RA—- C:WINDOWSsystem32driversNVENETFD.sys
2010-08-12 14:12:55 —-RA—- C:WINDOWSsystem32nvuide.exe
2010-08-12 14:12:54 —-RA—- C:WINDOWSsystem32NvRaidWizardEnu.dll
2010-08-12 14:12:54 —-RA—- C:WINDOWSsystem32NvRaidSvEnu.dll
2010-08-12 14:12:54 —-RA—- C:WINDOWSsystem32nvraidservice.exe
2010-08-12 14:12:54 —-RA—- C:WINDOWSsystem32NvRaidMan.exe
2010-08-12 14:12:54 —-RA—- C:WINDOWSsystem32NvRaidEnu.dll
2010-08-12 14:12:53 —-RA—- C:WINDOWSsystem32NvRaidWizard.dll
2010-08-12 14:12:45 —-RA—- C:WINDOWSsystem32driversnvraid.sys
2010-08-12 14:12:45 —-A—- C:WINDOWSsystem32nvraidco.dll
2010-08-12 14:12:36 —-RA—- C:WINDOWSsystem32idecoi.dll
2010-08-12 14:12:36 —-RA—- C:WINDOWSsystem32driversnvatabus.sys
2010-08-12 14:12:14 —-RA—- C:WINDOWSsystem32nvconrm.dll
2010-08-12 14:12:14 —-RA—- C:WINDOWSsystem32driversnvsnpu.sys
2010-08-12 14:12:14 —-RA—- C:WINDOWSsystem32driversnvnrm.sys
2010-08-12 14:12:14 —-RA—- C:WINDOWSsystem32driversnvnetbus.sys
2010-08-12 14:12:14 —-RA—- C:WINDOWSsystem32bdco1.dll
2010-08-12 14:12:14 —-A—- C:WINDOWSsystem32nvunrm.exe
2010-08-12 14:12:13 —-RA—- C:WINDOWSsystem32nvusmb.exe
2010-08-12 14:12:13 —-A—- C:WINDOWSsystem32NVUNINST.EXE
2010-08-12 14:12:11 —-A—- C:WINDOWSsystem32nvugart.exe
2010-08-12 14:12:10 —-RA—- C:WINDOWSsystem32NVCOG.DLL
2010-08-12 14:12:10 —-RA—- C:WINDOWSsystem32driversnv_agp.SYS
2010-08-12 14:12:10 —-D—- C:WINDOWSsystem32ReinstallBackups
2010-08-12 14:11:56 —-D—- C:Program FilesCommon FilesInstallShield
2010-08-12 14:11:48 —-A—- C:WINDOWSsystem32driversASUSHWIO.SYS
2010-08-12 14:11:48 —-A—- C:WINDOWSAscd_tmp.ini
2010-08-12 14:10:12 —-D—- C:Documents and SettingsCERBERApplication DataIdentities
2010-08-12 14:10:09 —-D—- C:Documents and SettingsAll UsersApplication DataWindows Genuine Advantage
2010-08-12 14:10:08 —-HD—- C:Program FilesUninstall Information
2010-08-12 14:10:05 —-ASH—- C:Documents and SettingsCERBERApplication Datadesktop.ini
2010-08-12 14:10:04 —-SD—- C:Documents and SettingsCERBERApplication DataMicrosoft
2010-08-12 14:08:53 —-D—- C:WINDOWSPrefetch
2010-08-12 14:08:52 —-SD—- C:WINDOWSsystem32Microsoft
2010-08-12 14:08:52 —-N—- C:WINDOWSSchedLgU.Txt
2010-08-12 14:06:29 —-N—- C:WINDOWSsystem32spmsg.dll
2010-08-12 14:06:28 —-HD—- C:WINDOWS$hf_mig$
2010-08-12 14:06:17 —-RASH—- C:MSDOS.SYS
2010-08-12 14:06:17 —-RASH—- C:IO.SYS
2010-08-12 14:06:17 —-A—- C:WINDOWScontrol.ini
2010-08-12 14:06:17 —-A—- C:CONFIG.SYS
2010-08-12 14:06:17 —-A—- C:AUTOEXEC.BAT
2010-08-12 14:05:59 —-D—- C:WINDOWSsystem32dllcache
2010-08-12 14:05:59 —-A—- C:WINDOWSsystem32mapi32.dll
2010-08-12 14:05:06 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2010-08-12 14:05:03 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2010-08-12 14:04:58 —-HD—- C:Program FilesWindowsUpdate
2010-08-12 14:04:39 —-D—- C:WINDOWSsystem32DirectX
2010-08-12 14:04:33 —-A—- C:WINDOWSsystem32atrace.dll
2010-08-12 14:04:32 —-A—- C:WINDOWSsystem32desktop.ini
2010-08-12 14:04:32 —-A—- C:WINDOWSdesktop.ini
2010-08-12 14:04:26 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2010-08-12 14:04:25 —-D—- C:Program FilesCommon FilesServices
2010-08-12 14:04:25 —-A—- C:WINDOWSsystem32acctres.dll
2010-08-12 14:04:23 —-SD—- C:WINDOWSTasks
2010-08-12 14:04:23 —-A—- C:WINDOWSsystem32icfgnt5.dll
2010-08-12 14:04:22 —-D—- C:Program FilesCommon FilesMSSoap
2010-08-12 14:04:19 —-D—- C:WINDOWSsrchasst
2010-08-12 14:04:17 —-A—- C:WINDOWSsystem32wuweb.dll
2010-08-12 14:04:17 —-A—- C:WINDOWSsystem32wucltui.dll
2010-08-12 14:04:17 —-A—- C:WINDOWSsystem32wuauserv.dll
2010-08-12 14:04:17 —-A—- C:WINDOWSsystem32wuaueng1.dll
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32wups.dll
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32wuaueng.dll
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32wuauclt1.exe
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32wuauclt.exe
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32wuapi.dll
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32qmgr.dll
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32bitsprx4.dll
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32bitsprx3.dll
2010-08-12 14:04:16 —-A—- C:WINDOWSsystem32bitsprx2.dll
2010-08-12 14:04:13 —-D—- C:Program FilesMovie Maker
2010-08-12 14:03:59 —-A—- C:WINDOWSsystem32safrslv.dll
2010-08-12 14:03:59 —-A—- C:WINDOWSsystem32safrdm.dll
2010-08-12 14:03:58 —-A—- C:WINDOWSsystem32safrcdlg.dll
2010-08-12 14:03:58 —-A—- C:WINDOWSsystem32racpldlg.dll
2010-08-12 14:03:55 —-D—- C:WINDOWSsystem32Restore
2010-08-12 14:03:55 —-A—- C:WINDOWSsystem32srsvc.dll
2010-08-12 14:03:55 —-A—- C:WINDOWSsystem32srrstr.dll
2010-08-12 14:03:55 —-A—- C:WINDOWSsystem32srclient.dll
2010-08-12 14:03:55 —-A—- C:WINDOWSsystem32fltMc.exe
2010-08-12 14:03:55 —-A—- C:WINDOWSsystem32fltlib.dll
2010-08-12 14:03:55 —-A—- C:WINDOWSsystem32driverssr.sys
2010-08-12 14:03:55 —-A—- C:WINDOWSsystem32driversfltMgr.sys
2010-08-12 14:03:54 —-A—- C:WINDOWSsystem32nmmkcert.dll
2010-08-12 14:03:54 —-A—- C:WINDOWSsystem32msconf.dll
2010-08-12 14:03:54 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2010-08-12 14:03:54 —-A—- C:WINDOWSsystem32mnmdd.dll
2010-08-12 14:03:54 —-A—- C:WINDOWSsystem32isrdbg32.dll
2010-08-12 14:03:54 —-A—- C:WINDOWSsystem32ils.dll
2010-08-12 14:03:52 —-D—- C:Program FilesNetMeeting
2010-08-12 14:03:52 —-A—- C:WINDOWSsystem32msoert2.dll
2010-08-12 14:03:52 —-A—- C:WINDOWSsystem32msoeacct.dll
2010-08-12 14:03:51 —-A—- C:WINDOWSsystem32inetres.dll
2010-08-12 14:03:51 —-A—- C:WINDOWSsystem32inetcomm.dll
2010-08-12 14:03:49 —-D—- C:Program FilesOutlook Express
2010-08-12 14:03:49 —-A—- C:WINDOWSsystem32schedsvc.dll
2010-08-12 14:03:49 —-A—- C:WINDOWSsystem32mstinit.exe
2010-08-12 14:03:49 —-A—- C:WINDOWSsystem32mstask.dll
2010-08-12 14:03:48 —-A—- C:WINDOWSsystem32isign32.dll
2010-08-12 14:03:48 —-A—- C:WINDOWSsystem32inetcfg.dll
2010-08-12 14:03:48 —-A—- C:WINDOWSsystem32icwphbk.dll
2010-08-12 14:03:48 —-A—- C:WINDOWSsystem32icwdial.dll
2010-08-12 14:03:44 —-D—- C:Program FilesCommon FilesSystem
2010-08-12 14:03:41 —-D—- C:Program FilesInternet Explorer
2010-08-12 14:03:02 —-D—- C:Program FilesComPlus Applications
2010-08-12 14:03:00 —-A—- C:WINDOWSvbaddin.ini
2010-08-12 14:03:00 —-A—- C:WINDOWSvb.ini
2010-08-12 14:02:56 —-D—- C:WINDOWSRegistration
2010-08-12 14:02:50 —-D—- C:Program FilesOnline Services
2010-08-12 14:02:38 —-D—- C:Program FilesWindows Media Connect 2
2010-08-12 14:02:37 —-D—- C:Program FilesWindows Media Player
2010-08-12 14:02:35 —-D—- C:Program FilesMessenger
2010-08-12 14:02:33 —-D—- C:Program FilesMSN Gaming Zone
2010-08-12 14:02:33 —-A—- C:WINDOWSsystem32write.exe
2010-08-12 14:02:25 —-A—- C:WINDOWSsystem32sndvol32.exe
2010-08-12 14:02:25 —-A—- C:WINDOWSsystem32hticons.dll
2010-08-12 14:02:25 —-A—- C:WINDOWSsystem32avwav.dll
2010-08-12 14:02:25 —-A—- C:WINDOWSsystem32avtapi.dll
2010-08-12 14:02:25 —-A—- C:WINDOWSsystem32avmeter.dll
2010-08-12 14:02:24 —-A—- C:WINDOWSsystem32winchat.exe
2010-08-12 14:02:19 —-A—- C:WINDOWSsystem32sol.exe
2010-08-12 14:02:19 —-A—- C:WINDOWSsystem32getuname.dll
2010-08-12 14:02:19 —-A—- C:WINDOWSsystem32charmap.exe
2010-08-12 14:02:19 —-A—- C:WINDOWSsystem32calc.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32winmine.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32usrlogon.cmd
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32tsshutdn.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32tslabels.ini
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32tskill.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32tsdiscon.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32tscon.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32shadow.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32reset.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32mshearts.exe
2010-08-12 14:02:18 —-A—- C:WINDOWSsystem32freecell.exe
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32rwinsta.exe
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32regini.exe
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32qwinsta.exe
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32qappsrv.exe
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32msg.exe
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32msdtcprf.ini
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32logoff.exe
2010-08-12 14:02:17 —-A—- C:WINDOWSsystem32cdmodem.dll
2010-08-12 14:02:12 —-A—- C:WINDOWSsystem32wmimgmt.msc
2010-08-12 14:02:05 —-D—- C:Program FilesMSN
2010-08-12 14:02:04 —-D—- C:Program FilesWindows NT
2010-08-12 14:02:04 —-A—- C:WINDOWSsystem32sndrec32.exe
2010-08-12 14:02:04 —-A—- C:WINDOWSsystem32mspaint.exe
2010-08-12 14:02:04 —-A—- C:WINDOWSsystem32mplay32.exe
2010-08-12 14:02:04 —-A—- C:WINDOWSsystem32hypertrm.dll
2010-08-12 14:02:04 —-A—- C:WINDOWSsystem32accwiz.exe
2010-08-12 14:02:03 —-A—- C:WINDOWSsystem32spider.exe
2010-08-12 14:02:03 —-A—- C:WINDOWSsystem32driverstdtcp.sys
2010-08-12 14:02:03 —-A—- C:WINDOWSsystem32driverstdpipe.sys
2010-08-12 14:02:03 —-A—- C:WINDOWSsystem32clipbrd.exe
2010-08-12 14:02:02 —-A—- C:WINDOWSsystem32tsgqec.dll
2010-08-12 14:02:02 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2010-08-12 14:02:02 —-A—- C:WINDOWSsystem32rhttpaa.dll
2010-08-12 14:02:02 —-A—- C:WINDOWSsystem32driversrdpwd.sys
2010-08-12 14:02:02 —-A—- C:WINDOWSsystem32aaclient.dll
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32termsrv.dll
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32sessmgr.exe
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32remotepg.dll
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32rdshost.exe
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32rdsaddin.exe
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32rdpwsx.dll
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32rdchost.dll
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32mstscax.dll
2010-08-12 14:02:01 —-A—- C:WINDOWSsystem32mstsc.exe
2010-08-12 14:02:00 —-D—- C:WINDOWSsystem32MsDtc
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32rdpsnd.dll
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32rdpclip.exe
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32qprocess.exe
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32mtxoci.dll
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32msdtctm.dll
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32msdtcprx.dll
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32icaapi.dll
2010-08-12 14:02:00 —-A—- C:WINDOWSsystem32cfgbkend.dll
2010-08-12 14:01:59 —-A—- C:WINDOWSsystem32xolehlp.dll
2010-08-12 14:01:59 —-A—- C:WINDOWSsystem32mtxlegih.dll
2010-08-12 14:01:59 —-A—- C:WINDOWSsystem32mtxex.dll
2010-08-12 14:01:59 —-A—- C:WINDOWSsystem32mtxdm.dll
2010-08-12 14:01:59 —-A—- C:WINDOWSsystem32msdtclog.dll
2010-08-12 14:01:59 —-A—- C:WINDOWSsystem32msdtc.exe
2010-08-12 14:01:59 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2010-08-12 14:01:58 —-D—- C:WINDOWSsystem32Com
2010-08-12 14:01:58 —-A—- C:WINDOWSsystem32stclient.dll
2010-08-12 14:01:58 —-A—- C:WINDOWSsystem32comrepl.dll
2010-08-12 14:01:58 —-A—- C:WINDOWSsystem32comaddin.dll
2010-08-12 14:01:58 —-A—- C:WINDOWSsystem32colbact.dll
2010-08-12 14:01:58 —-A—- C:WINDOWSsystem32clbcatex.dll
2010-08-12 14:01:58 —-A—- C:WINDOWSsystem32catsrvut.dll
2010-08-12 14:01:58 —-A—- C:WINDOWSsystem32catsrvps.dll
2010-08-12 14:01:58 —-A—- C:WINDOWSsystem32catsrv.dll
2010-08-12 14:01:57 —-A—- C:WINDOWSsystem32comuid.dll
2010-08-12 14:01:57 —-A—- C:WINDOWSsystem32comsvcs.dll
2010-08-12 14:01:57 —-A—- C:WINDOWSsystem32comsnap.dll
2010-08-12 14:01:57 —-A—- C:WINDOWSsystem32clbcatq.dll
2010-08-12 14:01:52 —-A—- C:WINDOWSsystem32servdeps.dll
2010-08-12 14:01:52 —-A—- C:WINDOWSsystem32mmfutil.dll
2010-08-12 14:01:52 —-A—- C:WINDOWSsystem32licwmi.dll
2010-08-12 14:01:52 —-A—- C:WINDOWSsystem32cmprops.dll
2010-08-12 14:01:49 —-A—- C:WINDOWSsystem32driverstermdd.sys
2010-08-12 14:01:49 —-A—- C:WINDOWSsystem32driversrdpdr.sys
2010-08-12 13:55:59 —-D—- C:Documents and SettingsCERBERApplication DataAdobe
2010-08-12 13:55:52 —-D—- C:Documents and SettingsCERBERApplication DataMxBoost
2010-08-12 13:55:40 —-D—- C:Program FilesMaxthon2
2010-08-12 13:29:41 —-D—- C:OperaAC_3.7
2010-08-12 13:28:13 —-N—- C:WINDOWSsystem32browserchoice.exe
2010-08-12 13:27:50 —-N—- C:WINDOWSsystem32xpsp4res.dll
2010-08-12 13:23:41 —-D—- C:WINDOWSsystem32SoftwareDistribution======List of files/folders modified in the last 1 months======
2010-08-12 20:58:34 —-A—- C:WINDOWSsystem.ini
2010-08-12 17:25:48 —-A—- C:WINDOWSwin.ini
2010-08-12 14:05:44 —-ASH—- C:WINDOWSfontsdesktop.ini
2010-07-27 08:28:54 —-A—- C:WINDOWSsystem32shell32.dll======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:WINDOWSsystem32DRIVERSnv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:WINDOWSsystem32DRIVERSnvatabus.sys [2004-06-03 79360]
R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:WINDOWSsystem32DRIVERSnvraid.sys [2004-06-03 68224]
R0 sptd;sptd; C:WINDOWSSystem32Driverssptd.sys [2010-08-13 691696]
R0 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2009-01-08 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:WINDOWSsystem32driversaswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2010-06-28 46672]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32driversaswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2010-06-28 100176]
R2 rspndr;Link-Layer Topology Discovery Responder; C:WINDOWSsystem32DRIVERSrspndr.sys [2009-01-08 62848]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-09-24 4122368]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2010-06-28 23376]
R3 hidusb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2009-01-08 12160]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-05-16 6557408]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2004-05-17 12928]
R3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 as8cknqu;as8cknqu; C:WINDOWSsystem32driversas8cknqu.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys [2009-01-08 38528]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2009-01-08 82944]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-06-28 40384]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-05-16 159812]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:WINDOWSsystem32IoctlSvc.exe [2006-12-19 81920]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2008-01-22 275752]
S3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-06-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-06-28 40384]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2008-04-08 800040]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-10-18 913408]
EOF
Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Сделайте сканирование вашего компьютера, как и что надо делать, прочтите в этой теме:
Как вылечить компьютер, первые шаги.Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Сделайте сканирование вашего компьютера, как и что надо делать, прочтите в этой теме:
Как вылечить компьютер, первые шаги.Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Вы регистрировали ваш антивирус?
Можно получить бесплатную лицензию на 1 год:
Зарегистрируйте Ваш avast! Free Antivirus
Если вы уже регистрировались но срок лицензии истёк, можно обновить лицензию:
повторная отправка лицензииЕсли с лицензией у вас всё в порядке, тогда выполните сканирование вашего компьютера, как написано вот в этой теме:
Как вылечить компьютер, первые шаги.Почитае и выпполните вот это:
Security Tool (Описание и удаление)Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Сделайте сканирование вашего компьютера программой RSIT,
— подробно описано как и что надо делать, в этой теме:
Как вылечить компьютер, первые шаги.Экран имеет вид рабочего стола?
Каую функцию вы выбрали?
Вы сканирование диска делали?Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Сделайте сканирование вашего компьютера программой RSIT,
— подробно описано как и что надо делать, в этой теме:
Как вылечить компьютер, первые шаги.
