SPYWARE-RU.COM

Созданные ответы форума

Просмотр 2 сообщений - с 1 по 2 (из 2 всего)

Автор

Сообщения
23 декабря, 2008 в 8:16 пп в ответ на: FREE PORNO VIDEO извёл в Осле, но не могу убрать из Оперы #20560
Dude
Participant
- Темы:1
- Сообщений:3
Извините за беспокойство, уже переустановил систему.
21 декабря, 2008 в 1:30 пп в ответ на: FREE PORNO VIDEO извёл в Осле, но не могу убрать из Оперы #20558
Dude
Participant
- Темы:1
- Сообщений:3
RSIT:
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Юрий at 2008-12-21 16:29:31
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 79 GB (54%) free of 146 GB
Total RAM: 2046 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:29:35, on 21.12.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesApoint2KApoint.exe
C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program FilesHPQuickPlayQPService.exe
C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe
C:Program FilesApoint2KApMsgFwd.exe
C:Program FilesApoint2KApntex.exe
C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:WINDOWSSystem32rundll32.exe
C:WINDOWSSystem32rundll32.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:Program FilesABBYY Lingvo 12LvAgent.exe
C:Program FilesAdobeAcrobat 9.0Acrobatacrotray.exe
C:Program FilesWebMoney Agentwmagent.exe
C:Program FilesDNAbtdna.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesICQLiteICQ.exe
C:WINDOWSehomeehtray.exe
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
C:Program FilesTotal CommanderTotalcmd.exe
C:Windowsehomeehmsas.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:Program FilesHewlett-PackardSharedHpqToaster.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesOperaopera.exe
C:Program FilesABBYY Lingvo 12Lingvo.exe
C:UsersЮрийDesktopRSIT.exe
C:Program FilesTrend MicroHijackThisЮрий.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 — Hosts: ::1 localhost
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: flashget2 urlcatch — {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} — (no file)
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: Adobe PDF Conversion Toolbar Helper — {AE7CD045-E861-484f-8273-0445EE161910} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O2 — BHO: TBSB03223 — {B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10} — C:Program FilesWebMoney Advisorwmadvisor.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: SmartSelect — {F4971EE7-DAA0-4053-9964-665D8EE6A077} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O3 — Toolbar: Adobe PDF — {47833539-D0C5-4125-9FA8-0819E2EAAC93} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O3 — Toolbar: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisorwmadvisor.dll
O4 — HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 — HKLM..Run: [IAAnotif] C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe
O4 — HKLM..Run: [QPService] «C:Program FilesHPQuickPlayQPService.exe»
O4 — HKLM..Run: [QlbCtrl] %ProgramFiles%Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
O4 — HKLM..Run: [HP Health Check Scheduler] C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
O4 — HKLM..Run: [hpWirelessAssistant] %ProgramFiles%Hewlett-PackardHP Wireless AssistantHPWAMain.exe
O4 — HKLM..Run: [WAWifiMessage] %ProgramFiles%Hewlett-PackardHP Wireless AssistantWiFiMsg.exe
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [Symantec PIF AlertEng] «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe» /a /m «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll»
O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [Lingvo Launcher] «C:Program FilesABBYY Lingvo 12Lvagent.exe» /STARTUP
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [Adobe Acrobat Speed Launcher] «C:Program FilesAdobeAcrobat 9.0AcrobatAcrobat_sl.exe»
O4 — HKLM..Run: [Acrobat Assistant 8.0] «C:Program FilesAdobeAcrobat 9.0AcrobatAcrotray.exe»
O4 — HKLM..Run: [wmagent.exe] «C:Program FilesWebMoney Agentwmagent.exe»
O4 — HKLM..RunOnce: [Launcher] %WINDIR%SMINSTlauncher.exe
O4 — HKCU..Run: [BitTorrent DNA] «C:Program FilesDNAbtdna.exe»
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [ICQ] «C:Program FilesICQLiteICQ.exe» silent
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — Global Startup: BTTray.lnk = ?
O4 — Global Startup: Total Commander.lnk = C:Program FilesTotal CommanderTotalcmd.exe
O8 — Extra context menu item: &Перевести с помощью ABBYY Lingvo… — res://C:Program FilesABBYY Lingvo 12Lingvo.exe/3000
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 — Extra context menu item: Append Link Target to Existing PDF — res://C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 — Extra context menu item: Append to Existing PDF — res://C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert Link Target to Adobe PDF — res://C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 — Extra context menu item: Convert to Adobe PDF — res://C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Отправить изображение на &устройство Bluetooth… — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O8 — Extra context menu item: Отправить страницу на &устройство Bluetooth… — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 — Extra button: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisorwmadvisor.dll
O9 — Extra ‘Tools’ menuitem: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisorwmadvisor.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 — Extra button: @btrez.dll,-4015 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 — Extra ‘Tools’ menuitem: @btrez.dll,-12650 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 — Extra button: ICQ Lite — {E59EB121-F339-4851-A3BA-FE49C35617C2} — ICQ.exe (file missing)
O9 — Extra ‘Tools’ menuitem: ICQ Lite — {E59EB121-F339-4851-A3BA-FE49C35617C2} — ICQ.exe (file missing)
O13 — Gopher Prefix:
O16 — DPF: {103F3DA0-690B-4687-85DC-DB824FA72BB4} (DemoForge Player Control 2.0) — http://www.demoforge.com/download/dfctrl.cab
O16 — DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) — https://w3s.webmoney.ru/WMAcceptor.dll
O17 — HKLMSystemCCSServicesTcpip..{AF3EB997-8159-4925-A009-0CE0136DBC2A}: NameServer = 195.34.32.116 212.188.4.10
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) — Unknown owner — C:Program FilesHPQuickPlayKernelTVCLCapSvc.exe
O23 — Service: CyberLink Task Scheduler (CTS) (CLSched) — Unknown owner — C:Program FilesHPQuickPlayKernelTVCLSched.exe
O23 — Service: Com4Qlb — Hewlett-Packard Development Company, L.P. — C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4Qlb.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: HP Health Check Service — Hewlett-Packard — C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
O23 — Service: hpqwmiex — Hewlett-Packard Development Company, L.P. — C:Program FilesHewlett-PackardSharedhpqwmiex.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) — Unknown owner — c:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)
O23 — Service: LiveUpdate Notice Service — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
O23 — Service: RoxMediaDB9 — Sonic Solutions — C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
O23 — Service: Remote Procedure Call (RPC) Net (rpcnet) — Absolute Software Corp. — C:Windowssystem32rpcnet.exe
O23 — Service: stllssvr — MicroVision Development, Inc. — C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
O23 — Service: XAudioService — Conexant Systems, Inc. — C:Windowssystem32DRIVERSxaudio.exe

—
End of file — 12047 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2008-06-11 61816]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper — C:Program FilesJavajre6binssv.dll [2008-12-09 320920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10}]
TBSB03223 Class — C:Program FilesWebMoney Advisorwmadvisor.dll [2008-09-05 2409472]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2008-12-09 34816]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} — Adobe PDF — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll [2008-06-11 345480]
{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — WebMoney Advisor — C:Program FilesWebMoney Advisorwmadvisor.dll [2008-09-05 2409472]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Apoint»=C:Program FilesApoint2KApoint.exe [2007-03-11 159744]
«IAAnotif»=C:Program FilesIntelIntel Matrix Storage Manageriaanotif.exe [2007-02-12 174872]
«QPService»=C:Program FilesHPQuickPlayQPService.exe [2007-04-23 176128]
«QlbCtrl»=C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe [2007-02-13 159744]
«HP Health Check Scheduler»=C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe [2007-03-12 50696]
«hpWirelessAssistant»=C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe [2007-03-01 472776]
«WAWifiMessage»=C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe [2007-01-10 317128]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2008-12-09 136600]
«Symantec PIF AlertEng»=C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
«GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
«NvSvc»=C:Windowssystem32nvsvc.dll [2007-04-29 86016]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2007-04-29 8429568]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2007-04-29 81920]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2008-06-10 1447168]
«Lingvo Launcher»=C:Program FilesABBYY Lingvo 12Lvagent.exe [2006-12-14 258048]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-01-11 39792]
«Adobe Acrobat Speed Launcher»=C:Program FilesAdobeAcrobat 9.0AcrobatAcrobat_sl.exe [2008-06-12 37232]
«Acrobat Assistant 8.0″=C:Program FilesAdobeAcrobat 9.0AcrobatAcrotray.exe [2008-06-11 640376]
«wmagent.exe»=C:Program FilesWebMoney Agentwmagent.exe [2008-10-01 209376]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
«Launcher»=C:WindowsSMINSTlauncher.exe [2006-11-07 44128]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«BitTorrent DNA»=C:Program FilesDNAbtdna.exe [2008-12-16 342848]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2008-11-07 21633320]
«ICQ»=C:Program FilesICQLiteICQ.exe [2008-11-23 153848]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
BTTray.lnk — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
Total Commander.lnk — C:Program FilesTotal CommanderTotalcmd.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDrives»=0
«NoDriveAutoRun»=FFFFFFFF
«NoDriveTypeAutoRun»=36

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDrives»=
«NoDriveTypeAutoRun»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:Program FilesBitTorrentbittorrent.exe»=»C:Program FilesBitTorrentbittorrent.exe:*:Enabled:BitTorrent»
«C:Program FilesFlashGet NetworkFlashGet universalFlashGet.exe»=»C:Program FilesFlashGet NetworkFlashGet universalFlashGet.exe:*:Enabled:Flashget2»
«C:Program FilesFlashGet NetworkFlashGet universalLiveUpdate.exe»=»C:Program FilesFlashGet NetworkFlashGet universalLiveUpdate.exe:*:Enabled:FGLiveUpdate»
«C:Program FilesFlashGet NetworkFlashGet universalLiveUpdateEx.exe»=»C:Program FilesFlashGet NetworkFlashGet universalLiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======List of files/folders created in the last 1 months======

2008-12-21 15:04:14 —-A—- C:Windowssystem32prgiso.dll
2008-12-21 15:04:10 —-A—- C:Windowssystem32wnaspi32.dll
2008-12-21 15:04:10 —-A—- C:Windowssystem32qtp-mt334.dll
2008-12-21 15:03:27 —-D—- C:Program FilesParagon Software
2008-12-21 14:41:00 —-D—- C:Program FilesTotal Commander
2008-12-21 13:10:13 —-D—- C:UsersЮрийAppDataRoamingMalwarebytes
2008-12-21 13:10:06 —-D—- C:ProgramDataMalwarebytes
2008-12-21 13:10:06 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2008-12-21 06:29:45 —-D—- C:rsit
2008-12-21 05:54:47 —-RASHD—- C:autorun.inf
2008-12-21 05:47:16 —-D—- C:Program FilesTrend Micro
2008-12-21 05:25:49 —-A—- C:Windowssystem32CF16535.exe
2008-12-21 05:17:09 —-D—- C:Windowstemp
2008-12-21 05:09:31 —-D—- C:WindowsERDNT
2008-12-21 01:09:10 —-D—- C:ProgramDataTechSmith
2008-12-21 01:08:59 —-D—- C:Program FilesTechSmith
2008-12-21 01:06:42 —-D—- C:WindowsADDD69853A2844D0A1BAFDD19A820491.TMP
2008-12-21 01:01:31 —-A—- C:UsersЮрийAppDataRoamingbpdata.dll
2008-12-21 00:53:21 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2008-12-21 00:45:42 —-D—- C:Program FilesCamStudio
2008-12-19 18:18:31 —-A—- C:Windowssystem32mshtml.dll
2008-12-17 17:11:45 —-A—- C:Windowssystem32libssl32.dll
2008-12-17 17:11:40 —-D—- C:OpenSSL
2008-12-13 03:05:15 —-A—- C:Windowssystem32tzres.dll
2008-12-13 02:31:08 —-D—- C:Program FilesHoroscop for Windows 7.4
2008-12-13 00:09:41 —-D—- C:Program FilesCommon FilesICQ
2008-12-13 00:09:32 —-D—- C:UsersЮрийAppDataRoamingICQ
2008-12-13 00:09:20 —-D—- C:Program FilesICQLite
2008-12-12 11:38:13 —-A—- C:Windowssystem32gdi32.dll
2008-12-12 11:38:07 —-A—- C:Windowssystem32GameUXLegacyGDFs.dll
2008-12-12 11:38:07 —-A—- C:Windowssystem32Apphlpdm.dll
2008-12-12 11:37:58 —-A—- C:Windowssystem32shell32.dll
2008-12-12 11:37:50 —-A—- C:Windowsexplorer.exe
2008-12-12 11:37:44 —-A—- C:Windowssystem32urlmon.dll
2008-12-12 11:37:44 —-A—- C:Windowssystem32ieframe.dll
2008-12-12 11:37:43 —-A—- C:Windowssystem32wininet.dll
2008-12-12 11:37:43 —-A—- C:Windowssystem32mstime.dll
2008-12-12 11:37:42 —-A—- C:Windowssystem32jsproxy.dll
2008-12-12 11:37:42 —-A—- C:Windowssystem32iertutil.dll
2008-12-12 11:37:40 —-A—- C:Windowssystem32mf.dll
2008-12-12 11:37:39 —-A—- C:Windowssystem32WMVCORE.DLL
2008-12-12 11:37:39 —-A—- C:Windowssystem32WMNetMgr.dll
2008-12-12 11:37:39 —-A—- C:Windowssystem32logagent.exe
2008-12-10 18:35:23 —-D—- C:UsersЮрийAppDataRoamingWebMoney
2008-12-10 18:29:39 —-D—- C:Program FilesWebMoney Advisor
2008-12-10 18:29:16 —-D—- C:Program FilesWebMoney Agent
2008-12-10 18:29:11 —-AD—- C:ProgramDataTEMP
2008-12-10 18:28:50 —-D—- C:Program FilesWebMoney
2008-12-10 17:00:43 —-D—- C:Program FilesMetatrader — FXstart
2008-12-09 00:29:40 —-A—- C:Windowssystem32javaws.exe
2008-12-09 00:29:40 —-A—- C:Windowssystem32javaw.exe
2008-12-09 00:29:40 —-A—- C:Windowssystem32java.exe
2008-12-09 00:29:40 —-A—- C:Windowssystem32deploytk.dll
2008-12-03 14:24:12 —-A—- C:Windowssystem32wups2.dll
2008-12-03 14:24:12 —-A—- C:Windowssystem32wucltux.dll
2008-12-03 14:24:12 —-A—- C:Windowssystem32wuaueng.dll
2008-12-03 14:24:12 —-A—- C:Windowssystem32wuauclt.exe
2008-12-03 14:23:45 —-A—- C:Windowssystem32wups.dll
2008-12-03 14:23:45 —-A—- C:Windowssystem32wudriver.dll
2008-12-03 14:23:45 —-A—- C:Windowssystem32wuapi.dll
2008-12-03 14:23:37 —-A—- C:Windowssystem32wuwebv.dll
2008-12-03 14:23:37 —-A—- C:Windowssystem32wuapp.exe
2008-11-30 15:39:42 —-A—- C:Windowsuninst.exe
2008-11-30 15:12:22 —-A—- C:WindowsDjVuPro.INI
2008-11-30 15:11:48 —-D—- C:Program FilesLizardTech
2008-11-28 11:43:36 —-D—- C:UsersЮрийAppDataRoamingSaxo Bank
2008-11-28 11:15:31 —-D—- C:Program FilesSaxo Bank
2008-11-26 12:18:10 —-A—- C:Windowssystem32WindowsCodecsExt.dll
2008-11-26 12:18:10 —-A—- C:Windowssystem32WindowsCodecs.dll
2008-11-26 12:18:10 —-A—- C:Windowssystem32PhotoMetadataHandler.dll
2008-11-26 12:18:09 —-A—- C:Windowssystem32PortableDeviceApi.dll
2008-11-26 12:18:08 —-A—- C:Windowssystem32connect.dll
2008-11-25 13:00:46 —-A—- C:Windowssystem32rpcnet.dll
2008-11-25 12:59:50 —-A—- C:Windowssystem32rpcnet.exe
2008-11-22 12:15:34 —-A—- C:Windowssystem32rpcnetp.dll
2008-11-22 12:14:29 —-A—- C:Windowssystem32rpcnetp.exe

======List of files/folders modified in the last 1 months======

2008-12-21 16:27:37 —-D—- C:UsersЮрийAppDataRoamingDNA
2008-12-21 16:08:06 —-D—- C:UsersЮрийAppDataRoamingskypePM
2008-12-21 16:04:00 —-D—- C:WindowsPrefetch
2008-12-21 16:03:51 —-D—- C:UsersЮрийAppDataRoamingSkype
2008-12-21 15:51:27 —-D—- C:Program FilesMozilla Firefox
2008-12-21 15:47:31 —-D—- C:Program FilesDNA
2008-12-21 15:47:20 —-D—- C:WindowsSMINST
2008-12-21 15:43:27 —-D—- C:WINDOWS
2008-12-21 15:38:43 —-SHD—- C:System Volume Information
2008-12-21 15:21:09 —-RD—- C:Program Files
2008-12-21 15:08:50 —-D—- C:Windowssystem32drivers
2008-12-21 15:08:49 —-D—- C:Windowssystem32catroot
2008-12-21 15:08:48 —-D—- C:Windowsinf
2008-12-21 15:07:55 —-D—- C:Windowssystem32catroot2
2008-12-21 15:06:56 —-D—- C:WindowsSystem32
2008-12-21 15:06:08 —-HD—- C:Program FilesInstallShield Installation Information
2008-12-21 13:10:06 —-HD—- C:ProgramData
2008-12-21 05:26:22 —-D—- C:Windowssystem32ru-RU
2008-12-21 05:15:49 —-A—- C:Windowssystem.ini
2008-12-21 05:13:31 —-D—- C:WindowsAppPatch
2008-12-21 05:13:31 —-D—- C:Program FilesCommon Files
2008-12-21 04:35:16 —-D—- C:ProgramDataSymantec
2008-12-21 04:34:11 —-D—- C:Windowssystem32wbem
2008-12-21 04:33:18 —-D—- C:Windowssystem32config
2008-12-21 04:32:57 —-D—- C:WindowsTasks
2008-12-21 04:32:57 —-D—- C:Windowssystem32Tasks
2008-12-21 04:32:57 —-D—- C:Windowssystem32spool
2008-12-21 04:32:56 —-SHD—- C:WindowsInstaller
2008-12-21 04:32:49 —-D—- C:ProgramDataFLEXnet
2008-12-21 04:32:48 —-D—- C:Program FilesWinamp
2008-12-21 04:32:48 —-D—- C:Program FilesCommon FilesSymantec Shared
2008-12-21 04:32:47 —-D—- C:Windowsregistration
2008-12-21 02:49:19 —-D—- C:WindowsMinidump
2008-12-21 00:03:27 —-SD—- C:UsersЮрийAppDataRoamingMicrosoft
2008-12-21 00:02:13 —-D—- C:Program FilesMetaTrader — Alpari
2008-12-19 18:19:01 —-D—- C:Windowswinsxs
2008-12-16 04:28:54 —-D—- C:UsersЮрийAppDataRoamingBitTorrent
2008-12-15 12:55:40 —-A—- C:Windowssystem32PerfStringBackup.INI
2008-12-13 13:16:31 —-D—- C:Windowsrescache
2008-12-13 03:26:20 —-D—- C:Program FilesWindows Mail
2008-12-13 03:10:44 —-D—- C:ProgramDataMicrosoft Help
2008-12-10 19:09:07 —-SD—- C:WindowsDownloaded Program Files
2008-12-10 17:59:17 —-D—- C:Софт
2008-12-10 02:24:37 —-A—- C:Windowssystem32mrt.exe
2008-12-09 13:47:23 —-D—- C:WindowsModemLogs
2008-12-09 03:13:46 —-D—- C:ProgramDataCyberLink
2008-12-09 00:29:20 —-D—- C:Program FilesJava
2008-12-07 16:41:29 —-D—- C:Downloads
2008-12-01 11:59:37 —-SHD—- C:$RECYCLE.BIN
2008-12-01 11:47:58 —-D—- C:Windowssystem32LogFiles
2008-11-25 15:10:56 —-D—- C:ProgramDataRoxio
2008-11-24 18:14:22 —-D—- C:Program FilesSkype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eabfiltr;eabfiltr; C:Windowssystem32DRIVERSeabfiltr.sys [2006-11-30 8192]
R1 easdrv;easdrv; C:Windowssystem32DRIVERSeasdrv.sys [2008-06-10 53256]
R1 epfwtdir;epfwtdir; C:Windowssystem32DRIVERSepfwtdir.sys [2008-06-10 34312]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:WindowsSystem32DriversUim_IM.sys [2007-11-06 131672]
R1 UimBus;Universal Image Mounter Controller; C:Windowssystem32DRIVERSUimBus.sys [2007-11-06 32080]
R2 eamon;EAMON; C:Windowssystem32DRIVERSeamon.sys [2008-06-10 39944]
R2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:Windowssystem32DRIVERSrimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:Windowssystem32DRIVERSrimsptsk.sys [2006-11-15 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:Windowssystem32DRIVERSrixdptsk.sys [2006-11-15 37376]
R2 XAudio;XAudio; C:Windowssystem32DRIVERSxaudio.sys [2006-11-28 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:Windowssystem32DRIVERSApfiltr.sys [2006-11-17 143872]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:Windowssystem32DRIVERSATSwpDrv.sys [2007-03-28 140424]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversCHDRT32.sys [2008-03-04 188416]
R3 HBtnKey;HBtnKey; C:Windowssystem32DRIVERScpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSHSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:Windowssystem32DRIVERSHSXHWAZL.sys [2006-12-07 207360]
R3 NETw4v32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2007-03-01 2216448]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2007-04-29 7496256]
R3 pfc;Padus ASPI Shell; C:Windowssystem32driverspfc.sys [2008-08-29 10368]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2008-01-19 88576]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:Windowssystem32DRIVERSHSX_CNXT.sys [2006-12-07 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32DRIVERSwmiacpi.sys [2008-01-19 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:Windowssystem32DRIVERSyk60x86.sys [2007-02-07 196096]
S3 BCM43XV;Драйвер сетевого адаптера Broadcom Extensible 802.11; C:Windowssystem32DRIVERSbcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Служба перечислителя Bluetooth; C:Windowssystem32DRIVERSBthEnum.sys [2008-08-16 19456]
S3 BthPan;Устройства Bluetooth (личной сети); C:Windowssystem32DRIVERSbthpan.sys [2008-01-19 92160]
S3 BTHPORT;Драйвер порта Bluetooth; C:WindowsSystem32DriversBTHport.sys [2008-08-16 220160]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WindowsSystem32DriversBTHUSB.sys [2008-08-16 29184]
S3 btwaudio;Аудиоустройство Bluetooth; C:Windowssystem32driversbtwaudio.sys [2007-01-02 78128]
S3 btwavdt;Bluetooth AVDT; C:Windowssystem32driversbtwavdt.sys [2007-01-02 80688]
S3 btwrchid;btwrchid; C:Windowssystem32DRIVERSbtwrchid.sys [2007-01-02 16560]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 E100B;Intel PRO адаптер, драйвер; C:Windowssystem32DRIVERSe100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversCHDART.sys [2007-02-22 159232]
S3 HSFHWAZL;HSFHWAZL; C:Windowssystem32DRIVERSVSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:Windowssystem32DRIVERSigdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:Windowssystem32DRIVERSrfcomm.sys [2008-01-19 49664]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 UIUSys;Conexant Setup API; C:Windowssystem32DRIVERSUIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:Program FilesHPQuickPlayKernelTVCLCapSvc.exe [2007-04-23 262243]
R2 CLSched;CyberLink Task Scheduler (CTS); C:Program FilesHPQuickPlayKernelTVCLSched.exe [2007-04-23 106593]
R2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2008-10-11 468224]
R2 HP Health Check Service;HP Health Check Service; C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe [2007-03-14 62984]
R2 hpqwmiex;hpqwmiex; C:Program FilesHewlett-PackardSharedhpqwmiex.exe [2006-05-02 135168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program FilesIntelIntel Matrix Storage ManagerIAANTMon.exe [2007-02-12 355096]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-12-14 61440]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:Windowssystem32rpcnet.exe [2008-11-25 47104]
R2 XAudioService;XAudioService; C:Windowssystem32DRIVERSxaudio.exe [2006-11-28 386560]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:Program FilesCommon FilesSymantec SharedccSvcHst.exe /h ccCommon []
S3 Com4Qlb;Com4Qlb; C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4Qlb.exe [2007-01-09 110592]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-06-10 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2008-09-21 651720]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:Program FilesCommon FilesSureThing Sharedstllssvr.exe [2007-02-17 74656]

EOF
Автор

Сообщения