Созданные ответы форума
-
Сообщения
-
сделал как сказано,только вместо Папка пользовательских файлов JavaScrypt,было JavaScript,но информер исчез.вот лог
DDS (Ver_09-03-16.01) — NTFSx86
Run by Admin at 22:03:38,00 on 05.03.2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.511.146 [GMT 4:00]AV: Kaspersky Internet Security *On-access scanning enabled* (Updated)
FW: Kaspersky Internet Security *enabled*============== Running Processes ===============
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost -k DcomLaunch
svchost.exe
C:WINDOWSSystem32svchost.exe -k netsvcs
C:WINDOWSsystem32Ati2evxx.exe
svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
C:WINDOWSsystem32rserver30RServer3.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
C:WINDOWSsystem32rserver30FamItrfc.Exe
C:WINDOWSsystem32svchost.exe -k imgsvc
C:WINDOWSSOUNDMAN.EXE
C:Program FilesAmlMapleAmlMaple.exe
C:Program FilesMultimedia Combo SetMouseDrv.exe
C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe
C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
C:Program FilesQuickTimeqttask.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FileslouderitLouderIt.exe
C:Program FilesLClocklclock.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesCursorXPCursorXP.exe
C:PROGRA~1MICROS~4rapimgr.exe
C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
C:Program FilesMail.RuAgentmagent.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsAdminРабочий столdds.scr============== Pseudo HJT Report ===============
uStart Page = hxxp://www.mail.ru
uLocal Page = c:windowspchealthhelpctrsystempanelsblank.htm
uInternet Connection Wizard,ShellNext = hxxp://dt-updates.com/activate?query=vk3ri0r6XEm4%2br%2bs57aUe3AFWbBanIIIGCqccKypmXAluGD4n8tHqVvfEn6WiiozWf3ieLX8OO%2bsKEPJPIzgKM%2bCPCIaPbluJ1Ly4pYGnP%2fRECT7NtaBidtdp8JQA8Qao63kIsFOQ6fU3ZrdjmlbgNOzgtJ%2fU64ti8f5l94swsqjL7vIRNgFDeFEZrDwQrno8XHTI4XzhAfG4U5mkV7iDGByD45vXFgxNZGC1U1Qv2WRNb0NdcTJ5edrB1gOlowhTzCGkq6l6bEtJPmXmZbsYRcT23y07bxDCp28TCp2HQk%3d
uURLSearchHooks: {83821c2b-32a8-4dd7-b6d4-44309a78e668} — c:program filesmail.ruagentmradllnewmrasearch.dll
uURLSearchHooks: Спутник@Mail.Ru: {09900de8-1dca-443f-9243-26ff581438af} — c:program filesmail.rusputnikMailRuSputnik.dll
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} — c:program filestechsmithsnagit 8SnagItBHO.dll
BHO: Open LI Toolbar: {067c5591-c9fb-4dcc-835f-6cb5dc169d44} — c:progra~1litool~1LIToolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} — c:program filescommon filesadobeacrobatactivexAcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} — c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} — c:program fileskaspersky labkaspersky internet security 2009ievkbd.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} — c:program filesjavajre1.6.0_07binssv.dll
BHO: MailRuBHO Class: {8984b388-a5bb-4df7-b274-77b879e179db} — c:program filesmail.rusputnikMailRuSputnik.dll
BHO: IE 4.x-6.x BHO for Download Master: {9961627e-4059-41b4-8e0e-a7d6b3854adf} — c:progra~1downlo~1dmiehlp.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} — c:program filestechsmithsnagit 8SnagItIEAddin.dll
TB: Спутник@Mail.Ru: {09900de8-1dca-443f-9243-26ff581438af} — c:program filesmail.rusputnikMailRuSputnik.dll
TB: LI Toolbar: {067c5591-c9fb-4dcc-835f-6cb5dc169d41} — c:progra~1litool~1LIToolbar.dll
EB: Настройки СОКРАТ Интернет 3.0: {6810c254-fb30-4f46-84dc-4584f5f1ffae} — c:program filesarsenal companysocrat internetSocratInternetT.dll
uRun: [CTFMON.EXE] c:windowssystem32ctfmon.exe
uRun: [louderit.exe] c:program fileslouderitLouderIt.exe
uRun: [LClock] c:program fileslclocklclock.exe
uRun: [KillCopy] «c:windowssystem32killcopy.exe» /kcresume /startup
uRun: [H/PC Connection Agent] «c:program filesmicrosoft activesyncwcescomm.exe»
uRun: [AlcoholAutomount] «c:program filesalcohol softalcohol 120axcmd.exe» /automount
uRun: [CursorXP] c:program filescursorxpCursorXP.exe
uRun: [ByteOMeter] «c:program filesbyteometerByteOMeter.exe»
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AmlMaple] c:program filesamlmapleAmlMaple.exe
mRun: [NeroFilterCheck] c:windowssystem32NeroCheck.exe
mRun: [WireLessMouse ] c:program filesmultimedia combo setMouseDrv.exe
mRun: [WireLessKeyboard ] c:program filesmultimedia combo setPS2USBKbdDrv.exe
mRun: [RemoteControl8] «c:program filescyberlinkpowerdvd8PDVD8Serv.exe»
mRun: [PDVD8LanguageShortcut] «c:program filescyberlinkpowerdvd8languageLanguage.exe»
mRun: [AVP] «c:program fileskaspersky labkaspersky internet security 2009avp.exe»
mRun: [Adobe Reader Speed Launcher] «c:program filesadobereader 9.0readerReader_sl.exe»
mRun: [MAgent] c:program filesmail.ruagentMAgent.exe -LM
mRun: [VIPv3_Auto_Update] c:windowsvipv3CheckForUpdates.exe
mRun: [QuickTime Task] «c:program filesquicktimeqttask.exe» -atboottime
dRun: [CTFMON.EXE] c:windowssystem32CTFMON.EXE
dRunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection c:windowsinfcustom.inf,NewUserFirstLogonInstall,0
dRunOnce: [IE7_011] regsvr32 /s /n /i:u shell32
dRunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N
StartupFolder: c:docume~1alluse~15d29~14a66~160c2~1adobeg~1.lnk — c:program filescommon filesadobecalibrationAdobe Gamma Loader.exe
StartupFolder: c:docume~1alluse~15d29~14a66~160c2~1blueso~1.lnk — c:program filesivt corporationbluesoleilBlueSoleil.exe
StartupFolder: c:docume~1alluse~15d29~14a66~160c2~1nikonm~1.lnk — c:program filescommon filesnikonmonitorNkMonitor.exe
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
uPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
uPolicies-explorer: HideClock = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-explorer: NoCommonGroups = 0 (0x0)
uPolicies-explorer: NoPrinters = 0 (0x0)
uPolicies-explorer: NoRecentDocsNetHood = 0 (0x0)
uPolicies-explorer: NoChangeAnimation = 0 (0x0)
uPolicies-explorer: NoThemesTab = 0 (0x0)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: &Перевести — c:program filesarsenal companysocrat internethtmlWSocrat.js
IE: &Экспорт в Microsoft Excel — c:progra~1micros~2office12EXCEL.EXE/3000
IE: Добавить в Анти-Баннер — c:program fileskaspersky labkaspersky internet security 2009ie_banner_deny.htm
IE: Закачать ВСЕ при помощи Download Master — c:program filesdownload masterdmieall.htm
IE: Закачать при помощи Download Master — c:program filesdownload masterdmie.htm
IE: Запостить в LiveInternet-дневник — c:progra~1litool~1LIToolbar.dll/IECONTEXT.DLL.HTM
IE: Запостить картинку в LiveInternet-дневник — c:progra~1litool~1LIToolbar.dll/IECONTEXT_IMG.DLL.HTM
IE: Поиск@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/282
IE: Словари@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/283
IE: {7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesmail.ruagentmagent.exe
IE: {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — c:program filesdownload masterdmaster.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} — %windir%Network Diagnosticxpnetdiag.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} — c:program filesjavajre1.6.0_07binssv.dll
IE: {17FA5CD6-5737-45c2-B194-74C8A4A7F7E7} — {7E1F0737-53A5-4EDC-8734-DD94B50AAF83} — c:program filesarsenal companysocrat internetSocratInternet.dll
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — {85E0B171-04FA-11D1-B7DA-00A0C90348D6} — c:program fileskaspersky labkaspersky internet security 2009SCIEPlgn.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} — c:progra~1micros~4INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} — c:progra~1micros~4INetRepl.dll
IE: {71F65890-5ED6-11d4-9665-00E02962D81A} — {6810C254-FB30-4f46-84DC-4584F5F1FFAE} — c:program filesarsenal companysocrat internetSocratInternetT.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} — {FF059E31-CC5A-4E2E-BF3B-96E929D65503} — c:progra~1micros~2office12REFIEBAR.DLL
IE: {DFDC8970-FD66-4385-B8C0-835A4AA1DA00} — {A3400175-12F9-4220-83BF-A7210CA4003E} — c:program filesarsenal companysocrat internetSocratInternet.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: {82F5A454-B68B-481C-9D52-D3FB1EC251D3} = 62.213.0.12 62.213.2.1
Notify: AtiExtEvent — Ati2evxx.dll
Notify: klogon — c:windowssystem32klogon.dll
AppInit_DLLs: c:progra~1kasper~1kasper~1mzvkbd.dll,c:progra~1kasper~1kasper~1mzvkbd3.dll,c:progra~1kasper~1kasper~1adialhk.dll,c:progra~1kasper~1kasper~1kloehk.dll
SSODL: WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — c:windowssystem32wpdshserviceobj.dll================= FIREFOX ===================
FF — ProfilePath — c:docume~1adminapplic~1mozillafirefoxprofilesmevysotl.default
FF — prefs.js: browser.startup.homepage — hxxp://www.mail.ru
FF — prefs.js: browser.search.selectedEngine — РџРѕРёСЃРє@mail.ru
FF — prefs.js: network.proxy.type — 2
FF — plugin: c:program filesgoogleupdate1.2.141.5npGoogleOneClick7.dll
FF — plugin: c:program filesk-lite codec packrealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesk-lite codec packrealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesoperaprogrampluginsnp-mswmp.dll
FF — plugin: c:program filesoperaprogrampluginsnp-mswmp.dll
FF — plugin: c:program filesoperaprogrampluginsNP32DSW.DLL
FF — plugin: c:program filesoperaprogrampluginsnpdevalvr.dll
FF — plugin: c:program filesoperaprogrampluginsnpdevalvr.dll
FF — plugin: c:program filesoperaprogrampluginsnpdivx32.dll
FF — plugin: c:program filesoperaprogrampluginsnpdivx32.dll
FF — plugin: c:program filesoperaprogrampluginsnpindeo.dll
FF — plugin: c:program filesoperaprogrampluginsnpindeo.dll
FF — plugin: c:program filesoperaprogrampluginsnppl3260.dll
FF — plugin: c:program filesoperaprogrampluginsnprhapengine.dll
FF — plugin: c:program filesoperaprogrampluginsnprhapengine.dll
FF — plugin: c:program filesoperaprogrampluginsnprjplug.dll
FF — plugin: c:program filesoperaprogrampluginsnprjplug.dll
FF — plugin: c:program filesoperaprogrampluginsnprpjplug.dll
FF — plugin: c:program filesoperaprogrampluginsnprpjplug.dll============= SERVICES / DRIVERS ===============
R0 AFPAnsi;Alfa File Protector Ansi;c:windowssystem32driversAFPAnsi.sys [2009-1-10 43936]
R0 hotcore3;hotcore3;c:windowssystem32drivershotcore3.sys [2009-1-10 39472]
R0 kl1;Kl1;c:windowssystem32driverskl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:windowssystem32driversklbg.sys [2008-1-29 33808]
R1 KLIF;Kaspersky Lab Driver;c:windowssystem32driversklif.sys [2009-1-10 213520]
R1 raddrvv3;raddrvv3;c:windowssystem32rserver30raddrvv3.sys [2008-4-24 45848]
R1 VBoxDrv;VirtualBox Service;c:windowssystem32driversVBoxDrv.sys [2009-1-10 55424]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:windowssystem32driversVBoxUSBMon.sys [2009-1-10 42048]
R2 AVP;Kaspersky Internet Security;c:program fileskaspersky labkaspersky internet security 2009avp.exe [2008-7-29 206088]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:windowssystem32driversklfltdev.sys [2008-3-13 26640]
R3 mirrorv3;mirrorv3;c:windowssystem32driversrminiv3.sys [2006-11-1 3328]
S2 gupdate1c989fe9dfec3ec;Google Update Service (gupdate1c989fe9dfec3ec);c:program filesgoogleupdateGoogleUpdate.exe [2009-2-8 133104]
S2 OMSCAN;OMSCAN;Syst —> Syst [?]=============== Created Last 30 ================
2009-02-25 20:30 43,528
c:windowssystem32driversPxHelp20.sys
2009-02-25 20:25 —d
c:program filesDivX
2009-02-25 19:45 87,608 a
c:docume~1adminapplic~1inst.exe
2009-02-25 19:45 47,360 a
c:windowssystem32driverspcouffin.sys
2009-02-25 19:45 47,360 a
c:docume~1adminapplic~1pcouffin.sys
2009-02-25 19:44 217,127 a
c:windowssystem32drv43260.dll
2009-02-25 19:44 208,935 a
c:windowssystem32drv33260.dll
2009-02-25 19:44 102,439 a
c:windowssystem32sipr3260.dll
2009-02-25 19:44 1,184,984 a
c:windowssystem32wvc1dmod.dll
2009-02-25 19:44 626,688 a
c:windowssystem32vp7vfw.dll
2009-02-25 19:44 176,165 a
c:windowssystem32drv23260.dll
2009-02-25 19:44 65,602 a
c:windowssystem32cook3260.dll
2009-02-25 19:44 —d
c:program filesVSO
2009-02-24 18:21 —d
c:docume~1adminapplic~1ByteOMeter
2009-02-24 18:21 —d
c:program filesByteOMeter
2009-02-19 00:22 —d
c:program filescommon filesmuvee Technologies
2009-02-19 00:19 —d
c:docume~1alluse~1applic~1Font Book
2009-02-16 12:49 —d
c:program filesLIToolbar
2009-02-13 14:04 —d
c:program filesУскоритель интернета
2009-02-09 17:54 —d
c:program filesЦетр новых технологий
2009-02-08 21:01 —d
c:windowssystem32appmgmt
2009-02-08 20:17 131 a
C:initemp.dat
2009-02-08 18:28 —d
c:program filesSatelliteTVforPC
2009-02-08 18:17 —d
c:windowsuninstall
2009-02-08 17:56 —d
c:program filesWindows Media Components
2009-02-08 17:51 —d
c:program filesCorel
2009-02-08 16:00 —d
c:docume~1adminapplic~1Aston
2009-02-08 16:00 —d—r— c:program filesAston
2009-02-07 19:55 —d
c:program filesVideo Client
2009-02-06 22:16 119,798 a—-r— c:windowssystem32driversSPCA561.SYS
2009-02-06 22:16 14,336 a—-r— c:windowssystem32dshow508.ax
2009-02-06 22:16 54,272 ac
c:windowssystem32dllcachevfwwdm32.dll
2009-02-06 22:16 54,272 a
c:windowssystem32vfwwdm32.dll
2009-02-06 21:25 42 a
c:windowslifeview.ini
2009-02-06 20:14 —d
C:VideoCAM Express
2009-02-06 20:12 162,969 a
c:windowssystem32driversOMCAMVID.SYS
2009-02-06 20:12 135,168 a
c:windowsOMCAMCAP.EXE
2009-02-06 20:12 73,728 a
c:windowsOMCAMDIB.DLL
2009-02-06 20:12 28,344 a
c:windowssystem32driversLvcamd.SYS
2009-02-06 20:12 24,335 a
c:windowssystem32driversOVTCAMD.SYS
2009-02-06 20:12 22,790 a
c:windowsOMCAMUSD.DLL
2009-02-06 20:12 6,049 a
c:windowssystem32OMCAMCPL.CPL
2009-02-06 19:15 —d
c:program filescommon filesAdobe Systems Shared
2009-02-06 12:31 —d
c:program filesPSCS2Updater
2009-02-05 23:13 86,016 a
c:windowsunvise32.exe
2009-02-05 21:14 5,632 a
c:windowssystem32ptpusb.dll
2009-02-05 21:14 159,232 a
c:windowssystem32ptpusd.dll
2009-02-05 21:14 15,104 ac
c:windowssystem32dllcacheusbscan.sys
2009-02-05 21:14 15,104 a
c:windowssystem32driversusbscan.sys
2009-02-04 21:47 327,168 a
c:windowsIsUn0419.exe
2009-02-04 20:29 —d
c:docume~1adminapplic~1Yandex
2009-02-04 16:52 —d
c:docume~1adminapplic~1Avant Profiles
2009-02-04 16:52 —d
c:program filesAvant Browser
2009-02-04 12:35 1,352,704 a
c:windowssystem32Gerz Clock.exe
2009-02-04 12:35 1,352,704 a
c:windowssystem32Gerz Clock.scr
2009-02-04 12:35 —d
c:windowssystem32Gerz Clock==================== Find3M ====================
2009-03-19 23:48 724 a
c:program filesweoebwk.txt
2009-03-05 08:16 3,487,264 a—sh— c:windowssystem32driversfidbox.dat
2009-03-05 08:16 606,240 a—sh— c:windowssystem32driversfidbox2.dat
2009-03-05 08:16 29,372 a—sh— c:windowssystem32driversfidbox.idx
2009-03-05 08:16 4,200 a—sh— c:windowssystem32driversfidbox2.idx
2009-02-25 01:43 20 —-h— c:docume~1alluse~1applic~1PKP_DLdu.DAT
2009-02-19 00:19 106,496 a
c:windowssystem32ATL71.DLL
2009-02-10 19:54 33,808 a
c:windowssystem32driversklbg.sys
2009-02-04 20:31 488,014 a
c:windowssystem32perfh019.dat
2009-02-04 20:31 85,314 a
c:windowssystem32perfc019.dat
2009-02-03 21:10 101,287 a
c:windowssystem32driversklin.dat
2009-02-03 21:10 89,601 a
c:windowssystem32driversklick.dat
2009-01-19 21:58 7,176,124 a
c:windowssystem32VIPv3_EXT.dll
2009-01-11 18:55 259,584 a
c:windowssystem32xtbaksm.dll
2009-01-11 18:55 259,584 a
c:windowssystem32xtbaksm.dat
2009-01-10 18:37 86,327 a
c:windowspchealthhelpctrofflinecacheindex.dat
2009-01-10 16:33 355,584 a
c:windowssystem32TuneUpDefragService.exe
2009-01-10 14:05 418,480
c:windowssystem32wrap_oal.dll
2009-01-10 14:05 115,432
c:windowssystem32OpenAL32.dll
2009-01-09 23:44 62,813 a
c:windowssystem32Uninstall.exe
2009-01-09 23:12 717,296 a
c:windowssystem32driverssptd.sys
2009-01-09 23:00 22,564 a
c:windowssystem32emptyregdb.dat
2008-12-11 04:33 200,704 a
c:windowssystem32dtu100.dll
2008-12-11 04:33 86,016 a
c:windowssystem32dpl100.dll============= FINISH: 22:13:29,35 ===============
очень вам благодарен,уже непервый раз выручаетевот,что просили:
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.comPlatform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.Backups directory opened successfully at C:Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!Error: registry key «RegistryMachineSystemCurrentControlSetServicesak3n9edx» not found!
Deletion of driver «ak3n9edx» failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
—> the object does not existError: registry key «RegistryMachineSystemCurrentControlSetServicesanmtdai9» not found!
Deletion of driver «anmtdai9» failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
—> the object does not existError: file «C:WINDOWSsystem32driversanmtdai9.sys» not found!
Deletion of file «C:WINDOWSsystem32driversanmtdai9.sys» failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
—> the object does not existError: file «C:WINDOWSsystem32driversak3n9edx.sys» not found!
Deletion of file «C:WINDOWSsystem32driversak3n9edx.sys» failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
—> the object does not existError: file «C:Documents and SettingsAdminApplication Databpfeed.dll» not found!
Deletion of file «C:Documents and SettingsAdminApplication Databpfeed.dll» failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
—> the object does not existRegistry key «HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D64F819-9380-8473-DAB2-702FCB3D7A3E}» deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Admin at 2009-03-20 00:00:56
Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (9%) free of 38 GB
Total RAM: 511 MB (23% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:01:10, on 20.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20772)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32NOTEPAD.EXE
C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
C:WINDOWSsystem32rserver30RServer3.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
C:WINDOWSsystem32rserver30FamItrfc.Exe
C:WINDOWSsystem32svchost.exe
C:Program FilesNeoSmart TechnologiesToolTipFixerToolTipFixer.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesAmlMapleAmlMaple.exe
C:Program FilesMultimedia Combo SetMouseDrv.exe
C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe
C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
C:Program FilesAdobeReader 9.0ReaderReader_sl.exe
C:Program FilesMail.RuAgentMAgent.exe
C:Program FilesQuickTimeqttask.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FileslouderitLouderIt.exe
C:Program FilesLClocklclock.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesCursorXPCursorXP.exe
C:Program FilesByteOMeterByteOMeter.exe
C:PROGRA~1MICROS~4rapimgr.exe
C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
C:Documents and SettingsAdminРабочий столRSIT.exe
C:Program Filestrend microAdmin.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.apeha.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WINDOWSpchealthhelpctrSystempanelsblank.htm
R1 — HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://dt-updates.com/activate?query=vk3ri0r6XEm4%2br%2bs57aUe3AFWbBanIIIGCqccKypmXAluGD4n8tHqVvfEn6WiiozWf3ieLX8OO%2bsKEPJPIzgKM%2bCPCIaPbluJ1Ly4pYGnP%2fRECT7NtaBidtdp8JQA8Qao63kIsFOQ6fU3ZrdjmlbgNOzgtJ%2fU64ti8f5l94swsqjL7vIRNgFDeFEZrDwQrno8XHTI4XzhAfG4U5mkV7iDGByD45vXFgxNZGC1U1Qv2WRNb0NdcTJ5edrB1gOlowhTzCGkq6l6bEtJPmXmZbsYRcT23y07bxDCp28TCp2HQk%3d
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: SnagIt Toolbar Loader — {00C6482D-C502-44C8-8409-FCE54AD9C208} — C:Program FilesTechSmithSnagIt 8SnagItBHO.dll
O2 — BHO: Open LI Toolbar — {067C5591-C9FB-4dcc-835F-6CB5DC169D44} — C:PROGRA~1LITOOL~1LIToolbar.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_07binssv.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O3 — Toolbar: SnagIt — {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — C:Program FilesTechSmithSnagIt 8SnagItIEAddin.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: LI Toolbar — {067C5591-C9FB-4dcc-835F-6CB5DC169D41} — C:PROGRA~1LITOOL~1LIToolbar.dll
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [AmlMaple] C:Program FilesAmlMapleAmlMaple.exe
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [WireLessMouse ] C:Program FilesMultimedia Combo SetMouseDrv.exe
O4 — HKLM..Run: [WireLessKeyboard ] C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe
O4 — HKLM..Run: [RemoteControl8] «C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe»
O4 — HKLM..Run: [PDVD8LanguageShortcut] «C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe»
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [VIPv3_Auto_Update] C:WINDOWSVIPv3CheckForUpdates.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [louderit.exe] C:Program FileslouderitLouderIt.exe
O4 — HKCU..Run: [LClock] C:Program FilesLClocklclock.exe
O4 — HKCU..Run: [KillCopy] «C:WINDOWSsystem32killcopy.exe» /kcresume /startup
O4 — HKCU..Run: [H/PC Connection Agent] «C:Program FilesMicrosoft ActiveSyncwcescomm.exe»
O4 — HKCU..Run: [AlcoholAutomount] «C:Program FilesAlcohol SoftAlcohol 120axcmd.exe» /automount
O4 — HKCU..Run: [CursorXP] C:Program FilesCursorXPCursorXP.exe
O4 — HKCU..Run: [ByteOMeter] «C:Program FilesByteOMeterByteOMeter.exe»
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,OnceFirstLogonInstall,0 (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,OnceFirstLogonInstall,0 (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘Default user’)
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: BlueSoleil.lnk = ?
O4 — Global Startup: Nikon Monitor.lnk = C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
O8 — Extra context menu item: &Перевести — C:Program FilesArsenal CompanySOCRAT InternetHTMLWSocrat.js
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Internet Security 2009ie_banner_deny.htm
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Запостить в LiveInternet-дневник — res://C:PROGRA~1LITOOL~1LIToolbar.dll/IECONTEXT.DLL.HTM
O8 — Extra context menu item: Запостить картинку в LiveInternet-дневник — res://C:PROGRA~1LITOOL~1LIToolbar.dll/IECONTEXT_IMG.DLL.HTM
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Словари@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: (no name) — DctMapping — (no file)
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra button: СОКРАТ Интернет 3.0 — {17FA5CD6-5737-45c2-B194-74C8A4A7F7E7} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternet.dll
O9 — Extra button: Cтатистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Internet Security 2009SCIEPlgn.dll
O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~4INetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~4INetRepl.dll
O9 — Extra ‘Tools’ menuitem: Добавить в избранное мобильного устройства… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~4INetRepl.dll
O9 — Extra button: Настройки СОКРАТ Интернет 3.0 — {71F65890-5ED6-11d4-9665-00E02962D81A} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternetT.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: Перевести страницу — {DFDC8970-FD66-4385-B8C0-835A4AA1DA00} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternet.dll
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Open LI Toolbar — {067C5591-C9FB-4dcc-835F-6CB5DC169D43} — C:PROGRA~1LITOOL~1LIToolbar.dll (HKCU)
O9 — Extra ‘Tools’ menuitem: Open LI Toolbar — {067C5591-C9FB-4dcc-835F-6CB5DC169D43} — C:PROGRA~1LITOOL~1LIToolbar.dll (HKCU)
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O17 — HKLMSystemCCSServicesTcpip..{82F5A454-B68B-481C-9D52-D3FB1EC251D3}: NameServer = 62.213.0.12 62.213.2.1
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll
O23 — Service: Adobe LM Service — Unknown owner — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: Kaspersky Internet Security (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Google Update Service (gupdate1c989fe9dfec3ec) (gupdate1c989fe9dfec3ec) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Radmin Server V3 (RServer3) — Famatech International Corp. — C:WINDOWSsystem32rserver30RServer3.exe
O23 — Service: SiSoftware Deployment Agent Service (SandraAgentSrv) — SiSoftware — C:Program FilesSiSoftwareSiSoftware Sandra Pro Business 2009RpcAgentSrv.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: NST ToolTipFixer (TTFixerService) — NeoSmart Technologies — C:Program FilesNeoSmart TechnologiesToolTipFixerToolTipFixer.exe
O23 — Service: TuneUp Drive Defrag Service (TuneUp.Defrag) — TuneUp Software GmbH — C:WINDOWSSystem32TuneUpDefragService.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 14643 bytes======Scheduled tasks folder======
C:WINDOWStasks1-Click Maintenance.job
C:WINDOWStasksGoogleUpdateTaskMachine.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader — C:Program FilesTechSmithSnagIt 8SnagItBHO.dll [2007-05-01 63048][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{067C5591-C9FB-4dcc-835F-6CB5DC169D44}]
Open LI Toolbar — C:PROGRA~1LITOOL~1LIToolbar.dll [2008-06-11 1626112][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2008-06-11 61816][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll [2008-07-29 62728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_07binssv.dll [2008-06-10 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-01-23 676704][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2007-07-20 152064][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — SnagIt — C:Program FilesTechSmithSnagIt 8SnagItIEAddin.dll [2007-05-01 161352]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-01-23 676704]
{067C5591-C9FB-4dcc-835F-6CB5DC169D41} — LI Toolbar — C:PROGRA~1LITOOL~1LIToolbar.dll [2008-06-11 1626112][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-17 577536]
«AmlMaple»=C:Program FilesAmlMapleAmlMaple.exe [2008-04-25 91648]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2006-01-12 155648]
«WireLessMouse «=C:Program FilesMultimedia Combo SetMouseDrv.exe [2004-06-27 503808]
«WireLessKeyboard «=C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe [2005-08-02 217088]
«RemoteControl8″=C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe [2008-03-20 83240]
«PDVD8LanguageShortcut»=C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe [2007-12-14 50472]
«AVP»=C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-02-10 206088]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-01-23 5603000]
«VIPv3_Auto_Update»=C:WINDOWSVIPv3CheckForUpdates.exe [2006-09-08 23723]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2007-04-27 282624][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-05-20 30208]
«louderit.exe»=C:Program FileslouderitLouderIt.exe [2008-02-19 41472]
«LClock»=C:Program FilesLClocklclock.exe [2007-12-14 86016]
«KillCopy»=C:WINDOWSsystem32killcopy.exe [2006-10-29 1185792]
«H/PC Connection Agent»=C:Program FilesMicrosoft ActiveSyncwcescomm.exe [2006-11-13 1289000]
«AlcoholAutomount»=C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2008-03-20 217544]
«CursorXP»=C:Program FilesCursorXPCursorXP.exe [2003-03-01 125440]
«ByteOMeter»=C:Program FilesByteOMeterByteOMeter.exe [2006-09-28 413696]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
Nikon Monitor.lnk — C:Program FilesCommon FilesNikonMonitorNkMonitor.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2008-02-26 126976][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-07-29 218376][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2008-03-02 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoSharedDocuments»=1
«NoSMConfigurePrograms»=1
«EnableShellExecuteHooks»=1
«NoDesktop»=0
«NoActiveDesktop»=0
«HideClock»=0
«NoStartMenuPinnedList»=0
«NoStartMenuMFUprogramsList»=0
«NoUserNameInStartMenu»=0
«StartmenuLogoff»=0
«NoStartMenuSubFolders»=0
«NoCommonGroups»=0
«NoPrinterTabs»=0
«NoDeletePrinter»=0
«NoAddPrinter»=0
«NoPrinters»=0
«NoFavoritesMenu»=0
«NoRun»=0
«NoFind»=0
«NoClose»=0
«NoSetFolders»=0
«NoViewContextMenu»=0
«NoDrives»=0
«NoToolbarCustomize»=0
«NoRecentDocsNetHood»=0
«NoChangeAnimation»=0
«NoChangeKeyboardNavigationIndicators»=0
«NoThemesTab»=0[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»======File associations======
.js — edit — «C:Program FilesMacromediaDreamweaver 8dreamweaver.exe» «%1»
======List of files/folders created in the last 1 months======
2009-03-19 23:55:39 —-D—- C:Avenger
2009-03-19 23:55:38 —-A—- C:avenger.txt
2009-03-19 23:51:47 —-A—- C:WINDOWSbomfl.txt
2009-03-19 23:48:51 —-A—- C:Program Filesweoebwk.txt
2009-03-16 23:42:11 —-D—- C:Program Filestrend micro
2009-03-16 23:42:07 —-D—- C:rsit
2009-03-06 18:04:05 —-D—- C:Program FilesHidden and Dangerous 2 Sabre Squadron
2009-03-06 16:08:34 —-A—- C:WINDOWSsystem32vp31vfw.dll
2009-03-06 16:08:33 —-A—- C:WINDOWSsystem32MACDec.dll
2009-03-06 16:08:33 —-A—- C:WINDOWSsystem32huffyuv.dll
2009-03-06 16:08:32 —-A—- C:WINDOWSsystem32mpg4c32.dll
2009-03-06 16:08:31 —-A—- C:WINDOWSsystem32OpenQuicktimeLib.dll
2009-03-06 16:08:31 —-A—- C:WINDOWSsystem323ivxVfWCodec.dll
2009-03-06 16:08:31 —-A—- C:WINDOWSsystem323ivx.dll
2009-03-06 16:07:37 —-A—- C:WINDOWSsystem32WMV9VCM.dll
2009-03-06 16:07:36 —-A—- C:WINDOWSsystem32WMV8DMOD.DLL
2009-03-06 16:07:35 —-A—- C:WINDOWSsystem32divx.dll
2009-03-06 16:07:31 —-A—- C:WINDOWSsystem32unicows.dll
2009-03-06 16:07:31 —-A—- C:WINDOWSsystem32cpuinf32.dll
2009-03-06 15:44:45 —-D—- C:Program FilesAirborne Troops
2009-02-25 20:29:08 —-N—- C:WINDOWSsystem32pxinsi64.exe
2009-02-25 20:29:08 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-02-25 20:29:08 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-02-25 20:29:08 —-N—- C:WINDOWSsystem32pxcpyi64.exe
2009-02-25 20:29:08 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-02-25 20:29:07 —-N—- C:WINDOWSsystem32vxblock.dll
2009-02-25 20:29:07 —-N—- C:WINDOWSsystem32pxwave.dll
2009-02-25 20:29:07 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-02-25 20:29:07 —-N—- C:WINDOWSsystem32pxmas.dll
2009-02-25 20:29:07 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-02-25 20:29:07 —-N—- C:WINDOWSsystem32pxafs.dll
2009-02-25 20:25:00 —-D—- C:Program FilesDivX
2009-02-25 19:45:14 —-D—- C:Documents and SettingsAdminApplication DataVso
2009-02-25 19:45:14 —-A—- C:Documents and SettingsAdminApplication Datainst.exe
2009-02-25 19:44:43 —-A—- C:WINDOWSsystem32sipr3260.dll
2009-02-25 19:44:43 —-A—- C:WINDOWSsystem32drv43260.dll
2009-02-25 19:44:43 —-A—- C:WINDOWSsystem32drv33260.dll
2009-02-25 19:44:42 —-A—- C:WINDOWSsystem32wvc1dmod.dll
2009-02-25 19:44:42 —-A—- C:WINDOWSsystem32vp7vfw.dll
2009-02-25 19:44:42 —-A—- C:WINDOWSsystem32drv23260.dll
2009-02-25 19:44:42 —-A—- C:WINDOWSsystem32cook3260.dll
2009-02-25 19:44:37 —-D—- C:Program FilesVSO
2009-02-24 18:21:51 —-D—- C:Documents and SettingsAdminApplication DataByteOMeter
2009-02-24 18:21:34 —-D—- C:Program FilesByteOMeter======List of files/folders modified in the last 1 months======
2009-03-20 00:00:20 —-D—- C:WINDOWSTemp
2009-03-19 23:58:53 —-D—- C:WINDOWSsystem32ias
2009-03-19 23:58:37 —-A—- C:WINDOWSModemLog_Bluetooth LAP Modem.txt
2009-03-19 23:58:35 —-A—- C:WINDOWSModemLog_Bluetooth LAP Modem #2.txt
2009-03-19 23:58:03 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-03-19 23:55:39 —-D—- C:WINDOWSsystem32drivers
2009-03-19 23:54:06 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-19 23:54:01 —-D—- C:WINDOWS
2009-03-19 23:48:51 —-RD—- C:Program Files
2009-03-19 23:15:46 —-D—- C:Program FilesMozilla Firefox
2009-03-18 00:21:35 —-A—- C:WINDOWSNeroDigital.ini
2009-03-17 23:01:38 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-17 15:57:22 —-D—- C:Documents and SettingsAdminApplication DatauTorrent
2009-03-13 10:49:15 —-HD—- C:WINDOWSinf
2009-03-13 10:32:14 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-13 10:32:09 —-D—- C:WINDOWSsystem32
2009-03-13 09:00:58 —-D—- C:Games
2009-03-13 08:48:05 —-D—- C:WINDOWSsystem32DirectX
2009-03-13 08:47:37 —-RSD—- C:WINDOWSassembly
2009-03-06 21:30:33 —-D—- C:Program FilesuTorrent 1.7.5 для J-Torrent.ru
2009-03-06 16:08:32 —-D—- C:Program FilesK-Lite Codec Pack
2009-03-03 15:04:53 —-SHD—- C:WINDOWSInstaller
2009-03-03 15:04:26 —-D—- C:Program FilesOpera
2009-02-25 20:52:12 —-D—- C:WINDOWSWinSxS
2009-02-22 23:11:20 —-SD—- C:Documents and SettingsAdminApplication DataMicrosoft======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-05-20 14720]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-02-10 213520]
R1 raddrvv3;raddrvv3; ??C:WINDOWSsystem32rserver30raddrvv3.sys []
R1 VBoxDrv;VirtualBox Service; C:WINDOWSsystem32DRIVERSVBoxDrv.sys [2008-04-30 55424]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:WINDOWSsystem32DRIVERSVBoxUSBMon.sys [2008-04-30 42048]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-01-25 4127488]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-05-20 60800]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2008-02-26 2863616]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2004-10-19 20096]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2005-01-17 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:WINDOWSsystem32DRIVERSvbtenum.sys [2005-01-13 12500]
R3 CA561;VideoCAM Express V2; C:WINDOWSSystem32DriversSPCA561.SYS [2002-09-30 119798]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:WINDOWSsystem32DRIVERSklfltdev.sys [2008-03-13 26640]
R3 mirrorv3;mirrorv3; C:WINDOWSsystem32DRIVERSrminiv3.sys [2006-11-01 3328]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-05-20 61824]
R3 nvmpu401;Service for NVIDIA(R) nForce(TM) MIDI UART; C:WINDOWSsystem32driversnvmpu401.sys [2006-02-26 10240]
R3 pcouffin;VSO Software pcouffin; C:WINDOWSSystem32Driverspcouffin.sys [2009-02-25 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2008-04-15 5888]
R3 RTL8023;D-Link DGE-528T Gigabit Ethernet Adapter NDIS Driver; C:WINDOWSsystem32DRIVERSDLKRTGB.SYS [2003-09-19 65280]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-05-20 32384]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-05-20 30336]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2004-11-05 82148]
S3 aj78zrgi;aj78zrgi; C:WINDOWSsystem32driversaj78zrgi.sys []
S3 ane2f679;ane2f679; C:WINDOWSsystem32driversane2f679.sys []
S3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2004-09-21 10804]
S3 BTNetFilter;Bluetooth Network Filter; ??C:WINDOWSsystem32driversBTNetFilter.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-05-20 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-05-20 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-05-20 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-05-20 10880]
S3 SANDRA;SANDRA; ??C:Program FilesSiSoftwareSiSoftware Sandra Pro Business 2009WNt500x86Sandra.sys []
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-05-20 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-05-20 15232]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-05-20 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-05-20 26368]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-05-20 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2008-03-02 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-03-02 82944]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2008-02-26 520192]
R2 AVP;Kaspersky Internet Security; C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-02-10 206088]
R2 RServer3;Radmin Server V3; C:WINDOWSsystem32rserver30RServer3.exe [2008-04-24 1238344]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 TTFixerService;NST ToolTipFixer; C:Program FilesNeoSmart TechnologiesToolTipFixerToolTipFixer.exe [2007-06-27 10240]
R2 UxTuneUp;TuneUp Theme Extension; C:WINDOWSSystem32svchost.exe [2008-04-15 14336]
S02000000 OMSCAN;OMSCAN; Sys []
S2 gupdate1c989fe9dfec3ec;Google Update Service (gupdate1c989fe9dfec3ec); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-02-08 133104]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2009-02-06 68096]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-01-09 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2007-10-11 864256]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:Program FilesSiSoftwareSiSoftware Sandra Pro Business 2009RpcAgentSrv.exe [2008-09-01 98488]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:WINDOWSSystem32TuneUpDefragService.exe [2009-01-10 355584]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2007-10-11 122880]
EOF
примного благодарен все удолось ,скажите обязательно ли удалять программы скаченные с вашего сайта(HijackThis,RSIT,ComboFix)работают ли они сами по себе или без вашего кантроля они просто занемают место
нет каталоги не удолял незнаю как это делается.удалял только из(установка удаление программ)обьясните как удолять каталоги
реклама появляеца только вOpera_962_ru_Setup,но сначала появилась в Mozilla Firefox потом переползла в оперу.Из Mozilla Firefox убрал путем удаления программы и переустоновкой,в опере таким путем не получаеца ComboFix 08-12-09.02 — Admin 2008-12-10 10:01:24.6 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.1.1049.18.239 [GMT 4:00]
Running from: c:documents and settingsAdminРабочий столComboFix.exeWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.((((((((((((((((((((((((( Files Created from 2008-11-10 to 2008-12-10 )))))))))))))))))))))))))))))))
.2008-12-09 10:55 . 2008-12-09 10:55
d—-c— C:rsit
2008-12-08 20:03 . 2008-12-08 20:03d—-c— c:program filesTrend Micro
2008-12-07 09:55 . 2008-12-08 11:38 7 —a—c— c:windowssystem32BMXCtrlState009.rmf
2008-12-06 22:19 . 2008-08-19 20:23 19,968 —a—c— c:windowssystem32MSVCR32.DLL
2008-11-29 22:29 . 2008-11-29 22:29d—-c— c:documents and settingsAdminApplication DataCyberLink
2008-11-24 21:02 . 2008-11-24 21:02d—-c— c:documents and settingsAdminApplication DataReal Desktop
2008-11-24 21:02 . 2008-11-24 21:02d—-c— c:documents and settingsAdminApplication DataAD ON Multimedia
2008-11-24 13:52 . 2008-11-24 13:52d—-c— c:program filesXemiComputers
2008-11-24 13:52 . 2008-11-24 13:52d—-c— c:documents and settingsAdminApplication DataXemiComputers
2008-11-24 09:22 . 2008-11-29 11:28d—-c— c:program filesAura
2008-11-23 17:29 . 2008-11-23 17:30 185 —a—c— C:tmp.dat
2008-11-23 14:59 . 2008-11-23 14:59 332 —a—c— c:windowsdesctemp.dat
2008-11-23 01:07 . 2008-11-23 01:07d—-c— c:program filesCommon FilesAdobe
2008-11-23 01:07 . 2008-11-23 01:07d—-c— c:documents and settingsAdminApplication DataAdobeUM
2008-11-23 00:20 . 2008-11-23 00:26d—-c— c:documents and settingsAll UsersApplication DataBluetooth
2008-11-23 00:17 . 2004-09-21 18:18 148,830 —a—c— c:windowssystem32driversbcbthub.sys
2008-11-23 00:17 . 2004-09-21 18:18 116,021 —a—c— c:windowssystem32driversfw203x.sys
2008-11-23 00:17 . 2004-11-05 11:39 82,148 —a—c— c:windowssystem32driversVcommMgr.sys
2008-11-23 00:17 . 2004-10-19 13:37 61,312 —a—c— c:windowssystem32driversVComm.sys
2008-11-23 00:17 . 2004-10-19 13:40 28,207 —a—c— c:windowssystem32driversBTHidMgr.sys
2008-11-23 00:17 . 2005-01-17 14:48 23,000 —a—c— c:windowssystem32driversbtcusb.sys
2008-11-23 00:17 . 2004-10-19 11:39 20,096 —a—c— c:windowssystem32driversblueletaudio.sys
2008-11-23 00:17 . 2004-12-16 16:32 13,304 —a—c— c:windowssystem32driversBTNetFilter.sys
2008-11-23 00:17 . 2004-09-22 18:08 12,504 —a—c— c:windowssystem32driversVHIDMini.sys
2008-11-23 00:17 . 2005-01-13 15:20 12,500 —a—c— c:windowssystem32driversvbtenum.sys
2008-11-23 00:17 . 2004-09-21 18:15 10,804 —a—c— c:windowssystem32driversBtNetDrv.sys
2008-11-23 00:17 . 2004-09-21 18:18 7,680 —a—c— c:windowssystem32btinstall.dll
2008-11-22 23:14 . 2008-11-22 23:14d—-c— c:windowsCache
2008-11-22 23:13 . 2006-07-11 15:13 11,003
c— c:windowssystem32driversdiag69xp.sys
2008-11-22 23:12 . 2008-11-22 23:12d—-c— c:windowsOPTIONS
2008-11-22 23:12 . 2008-11-22 23:12d—-c— c:program filesD-Link
2008-11-22 23:12 . 2006-06-14 22:24 53,248 —a—c— c:windowssystem32RTLVLAN_NB.DLL
2008-11-22 23:12 . 2006-06-01 19:21 16,384 —a—c— c:windowssystem32driversRTLVLAN.SYS
2008-11-22 23:12 . 2006-07-18 02:40 8,399 —a—c— c:windowssystem32driversLANPkt.sys
2008-11-22 22:57 . 2008-11-22 22:57d—-c— c:windowssystem32configsystemprofileApplication DataATI
2008-11-22 22:57 . 2008-11-22 22:57 4,096 —a—c— c:windowssystem32crash
2008-11-22 22:47 . 2007-01-24 11:40 70,144 -ra—c— c:windowssystem32driversDLKRT32.sys
2008-11-19 00:01 . 2008-11-21 14:11d—-c— c:program filesLavasoft
2008-11-18 23:23 . 2008-11-21 14:11d—-c— c:documents and settingsAdminApplication DataLavasoft
2008-11-18 12:30 . 2008-11-18 12:30d—-c— c:documents and settingsAdminApplication DataUniblue
2008-11-17 22:57 . 2008-11-17 22:57 0 —a—c— c:windowsnsreg.dat
2008-11-17 16:50 . 2008-11-17 16:50d—-c— c:windowsuscripts
2008-11-12 22:48 . 2008-08-19 20:15 26,368 —a—c— c:windowssystem32dllcacheusbstor.sys
2008-11-12 18:23 . 2008-11-12 18:23d—-c— c:program filesDAEMON Tools SearchBar
2008-11-12 18:23 . 2008-11-12 18:23d—-c— c:program filesCommon FilesWhenU
2008-11-12 18:20 . 2008-11-12 18:24d—-c— c:program filesDAEMON Tools
2008-11-12 11:41 . 2008-11-12 11:41d—-c— c:program filesCommon FilesNSV
2008-11-10 22:15 . 2008-11-10 22:15 518 —a—c— c:windowssystem32wul.cfg.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-10 05:32
dc—-w c:documents and settingsAdminApplication DatauTorrent
2008-12-07 18:27
dc—-w c:program filesOpera
2008-11-24 13:20
dc—-w c:documents and settingsAdminApplication DataXnView
2008-11-22 20:17
dc-h—w c:program filesInstallShield Installation Information
2008-11-21 17:45
dc—-w c:program filesQIP
2008-11-21 08:38
dc—-w c:program filesCommon FilesWise Installation Wizard
2008-11-09 17:13
dc—-w c:program files1C
2008-11-09 17:10
dc—-w c:program filesCommon FilesInstallShield
2008-11-09 13:09
dc—-w c:program filesRussobit-M
2008-11-09 11:03
dc—-w c:program filesyuPlay
2008-11-09 10:21
dc—-w c:program filesAGEIA Technologies
2008-11-09 10:01
dc—-w c:documents and settingsAdminApplication DatayuPlay
2001-11-23 08:08 712,704 -c—a-r c:windowsinfOTHERAUDIO3D.DLL
2001-01-07 21:07 16,384 -csha-w c:windowssystem32configsystemprofileCookiesindex.dat
2001-01-07 21:07 32,768 -csha-w c:windowssystem32configsystemprofileLocal SettingsHistoryHistory.IE5index.dat
2001-01-07 21:07 32,768 -csha-w c:windowssystem32configsystemprofileLocal SettingsHistoryHistory.IE5MSHist012001010820010109index.dat
2001-01-07 21:07 32,768 -csha-w c:windowssystem32configsystemprofileLocal SettingsTemporary Internet FilesContent.IE5index.dat
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-08-19 30208]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«DAEMON Tools»=»c:program filesDAEMON Toolsdaemon.exe» [2007-08-16 167368]
«Active Desktop Calendar»=»c:program filesXemiComputersActive Desktop CalendarADC.exe» [2008-10-20 4904448][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«8169Diag»=»c:program filesD-LinkDiagnostics Utility8169Diag» [X]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2006-11-10 90112]
«avast!»=»c:progra~1ALWILS~1Avast4ashDisp.exe» [2008-11-26 81000]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2006-01-12 155648]
«WinampAgent»=»c:program filesWinampwinampa.exe» [2008-08-04 36352]
«SoundMan»=»SOUNDMAN.EXE» [2007-04-16 c:windowssoundman.exe][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-08-19 30208]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«ZZZZ2_FirstLogonSetting»=»advpack.dll» [2008-08-19 c:windowssystem32advpack.dll]
«IE7_012″=»advpack.dll» [2008-08-19 c:windowssystem32advpack.dll]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
BlueSoleil.lnk — c:program filesIVT CorporationBlueSoleilBlueSoleil.exe [2008-11-23 1048576][HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMConfigurePrograms»= 1 (0x1)[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMConfigurePrograms»= 1 (0x1)[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«msacm.l3codec»= l3codecp.acm[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«FirewallOverride»=dword:00000001
«UpdatesDisableNotify»=dword:00000001
«UpdatesOverride»=dword:00000001
«AntiVirusDisableNotify»=dword:00000001
«AntiVirusOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe»=
«c:\Program Files\uTorrent\utorrent.exe»=R1 aswSP;avast! Self Protection;c:windowssystem32driversaswSP.sys [2001-01-08 111184]
R2 aswFsBlk;aswFsBlk;c:windowssystem32DRIVERSaswFsBlk.sys [2001-01-08 20560]
R2 LANPkt;Realtek LANPkt Protocol Driver;c:windowssystem32DRIVERSLANPkt.sys [2008-11-22 8399]
S3 Diag69xp;Diag69xp;c:windowssystem32DriversDiag69xp.sys [2008-11-22 11003]
S3 EthDriver;D-Link DGE-528T Vista 32-bit Driver;c:windowssystem32DRIVERSDLKRT32.sys [2008-11-22 70144]
S3 RTLVLAN;D-Link VLAN Intermediate Driver;c:windowssystem32DRIVERSRTLVLAN.SYS [2008-11-22 16384]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.apeha.ru
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~1OFFICE11EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — c:program filesDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — c:program filesDownload Masterdmie.htm
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — c:program filesDownload Masterdmaster.exe
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — c:program filesDownload Masterdmaster.exe —
FireFox -: Profile — c:documents and settingsAdminApplication DataMozillaFirefoxProfilesqeoczvnl.default
FF -: plugin — c:program filesAdobeAcrobat 6.0Readerbrowsernppdf32.dll
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 10:03:15
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(832)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(892)
c:windowssystem32SETUPAPI.dll
.
Completion time: 2008-12-10 10:04:54
ComboFix-quarantined-files.txt 2008-12-10 06:04:12
ComboFix2.txt 2008-12-10 05:59:01
ComboFix3.txt 2008-12-10 05:26:14Pre-Run: 12 217 364 480 байт свободно
Post-Run: 12,205,367,296 байт свободно166
Logfile of random’s system information tool 1.04 (written by random/random)
Run by Admin at 2008-12-09 10:55:39
Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (31%) free of 38 GB
Total RAM: 511 MB (41% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:53, on 09.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.EXE
C:Program FilesWinampwinampa.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesD-LinkDiagnostics Utility8169Diag.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesVistaDriveIconVistaDrv.exe
C:Program FilesDAEMON Toolsdaemon.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesXemiComputersActive Desktop CalendarADC.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesATI TechnologiesATI.ACECore-Staticccc.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsAdminРабочий столRSIT.exe
C:Program FilesTrend MicroHijackThisAdmin.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.apeha.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_07binssv.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O4 — HKLM..Run: [StartCCC] C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [8169Diag] C:Program FilesD-LinkDiagnostics Utility8169Diag /hw
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [DAEMON Tools] «C:Program FilesDAEMON Toolsdaemon.exe» -lang 1033
O4 — HKCU..Run: [Active Desktop Calendar] C:Program FilesXemiComputersActive Desktop CalendarADC.exe
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘Default user’)
O4 — Global Startup: BlueSoleil.lnk = ?
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O17 — HKLMSystemCCSServicesTcpip..{B3941E98-0E38-4675-BBB0-AA30D93DCB63}: NameServer = 62.213.0.12 62.213.2.1
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: BlueSoleil Hid Service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6926 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll [2003-11-03 54248][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_07binssv.dll [2008-06-10 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2007-07-20 152064][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2006-11-10 90112]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2008-11-26 81000]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2006-01-12 155648]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2008-08-04 36352]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«8169Diag»=C:Program FilesD-LinkDiagnostics Utility8169Diag /hw [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-08-19 30208]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-01-02 132096]
«DAEMON Tools»=C:Program FilesDAEMON Toolsdaemon.exe [2007-08-16 167368]
«Active Desktop Calendar»=C:Program FilesXemiComputersActive Desktop CalendarADC.exe [2008-10-20 4904448]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2007-06-13 118784][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2008-03-02 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoSharedDocuments»=1
«NoSMConfigurePrograms»=1
«NoDrives»=0
«NoDriveAutoRun»=67108863[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDrives»=
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe»=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe:*:Enabled:BlueSoleil»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2008-12-09 10:55:39 —-DC—- C:rsit
2008-12-08 20:04:17 —-SHDC—- C:RECYCLER
2008-12-08 20:03:31 —-DC—- C:Program FilesTrend Micro
2008-12-08 12:24:36 —-AC—- C:ComboFix.txt
2008-12-08 11:22:50 —-DC—- C:WINDOWSERDNT
2008-12-08 10:39:11 —-AC—- C:logit.txt
2008-12-06 22:19:23 —-AC—- C:WINDOWSsystem32MSVCR32.DLL
2008-11-29 22:29:25 —-DC—- C:Documents and SettingsAdminApplication DataCyberLink
2008-11-24 21:02:30 —-DC—- C:Documents and SettingsAdminApplication DataReal Desktop
2008-11-24 21:02:22 —-DC—- C:Documents and SettingsAdminApplication DataAD ON Multimedia
2008-11-24 13:52:39 —-DC—- C:Documents and SettingsAdminApplication DataXemiComputers
2008-11-24 13:52:06 —-DC—- C:Program FilesXemiComputers
2008-11-24 09:22:53 —-DC—- C:Program FilesAura
2008-11-23 01:07:52 —-DC—- C:Documents and SettingsAdminApplication DataAdobeUM
2008-11-23 01:07:15 —-DC—- C:Program FilesCommon FilesAdobe
2008-11-23 00:20:29 —-DC—- C:Documents and SettingsAll UsersApplication DataBluetooth
2008-11-23 00:17:20 —-AC—- C:WINDOWSsystem32btinstall.dll
2008-11-22 23:16:08 —-DC—- C:Documents and SettingsAll UsersApplication DataAdobe
2008-11-22 23:16:03 —-DC—- C:Program FilesAdobe
2008-11-22 23:14:10 —-DC—- C:WINDOWSCache
2008-11-22 23:12:50 —-AC—- C:WINDOWSsystem32InstallLog.txt
2008-11-22 23:12:49 —-DC—- C:WINDOWSOPTIONS
2008-11-22 23:12:47 —-AC—- C:WINDOWSsystem32RTLVLAN_NB.DLL
2008-11-22 23:12:45 —-DC—- C:Program FilesD-Link
2008-11-22 19:35:14 —-AC—- C:WINDOWSsystem32pixomatic.dll
2008-11-22 19:35:13 —-AC—- C:WINDOWSsystem32fmod.dll
2008-11-22 19:35:12 —-AC—- C:WINDOWSsystem32eax.dll
2008-11-22 19:35:12 —-AC—- C:WINDOWSsystem32borlndmm.dll
2008-11-22 19:35:07 —-AC—- C:WINDOWSsystem32vp6vfw.dll
2008-11-20 22:53:22 —-DC—- C:WINDOWSsystem32appmgmt
2008-11-19 00:01:10 —-DC—- C:Program FilesLavasoft
2008-11-18 23:23:38 —-DC—- C:Documents and SettingsAdminApplication DataLavasoft
2008-11-18 22:52:00 —-DC—- C:Documents and SettingsAdminApplication DataSun
2008-11-18 12:30:18 —-DC—- C:Documents and SettingsAdminApplication DataUniblue
2008-11-17 16:50:38 —-DC—- C:WINDOWSuscripts
2008-11-12 18:23:26 —-DC—- C:Program FilesCommon FilesWhenU
2008-11-12 18:23:04 —-DC—- C:Program FilesDAEMON Tools SearchBar
2008-11-12 18:20:31 —-DC—- C:Program FilesDAEMON Tools
2008-11-12 11:41:30 —-DC—- C:Program FilesCommon FilesNSV======List of files/folders modified in the last 1 months======
2008-12-09 09:04:15 —-DC—- C:Program FilesMozilla Firefox
2008-12-09 08:54:12 —-DC—- C:WINDOWSTemp
2008-12-08 23:16:24 —-AC—- C:WINDOWSNeroDigital.ini
2008-12-08 20:07:55 —-AC—- C:WINDOWSsystem32akelpad.ini
2008-12-08 20:03:31 —-ADC—- C:Program Files
2008-12-08 15:23:20 —-DC—- C:WINDOWS
2008-12-08 15:23:13 —-ADC—- C:WINDOWSsystem32
2008-12-08 15:23:06 —-SHDC—- C:System Volume Information
2008-12-08 15:23:06 —-DC—- C:WINDOWSsystem32Restore
2008-12-08 15:18:30 —-AC—- C:WINDOWSSchedLgU.Txt
2008-12-08 12:22:58 —-AC—- C:WINDOWSsystem.ini
2008-12-08 12:22:07 —-DC—- C:WINDOWSsystem32drivers
2008-12-08 12:22:07 —-DC—- C:WINDOWSAppPatch
2008-12-08 12:22:07 —-ADC—- C:Program FilesCommon Files
2008-12-08 11:35:43 —-AC—- C:WINDOWSsystem32PerfStringBackup.INI
2008-12-08 11:32:32 —-DC—- C:WINDOWSSoftwareDistribution
2008-12-08 11:28:10 —-DC—- C:Documents and SettingsAdminApplication DatauTorrent
2008-12-08 11:27:54 —-DC—- C:WINDOWSsystem32config
2008-12-07 22:27:47 —-SHDC—- C:WINDOWSInstaller
2008-12-07 22:27:46 —-HDC—- C:Config.Msi
2008-12-07 22:27:43 —-DC—- C:Program FilesOpera
2008-12-07 11:14:33 —-DC—- C:WINDOWSsystem32wbem
2008-12-07 11:14:33 —-DC—- C:WINDOWSRegistration
2008-12-03 22:14:35 —-DC—- C:WINDOWSHelp
2008-11-29 10:57:41 —-AC—- C:WINDOWSimsins.BAK
2008-11-29 10:57:34 —-DC—- C:WINDOWSsystem32CatRoot2
2008-11-26 21:21:30 —-AC—- C:WINDOWSsystem32aswBoot.exe
2008-11-24 23:52:43 —-SDC—- C:Documents and SettingsAdminApplication DataMicrosoft
2008-11-24 17:58:09 —-AC—- C:moduleName.txt
2008-11-24 17:20:19 —-DC—- C:Documents and SettingsAdminApplication DataXnView
2008-11-23 01:07:21 —-DC—- C:Documents and SettingsAdminApplication DataAdobe
2008-11-23 00:25:56 —-HDC—- C:WINDOWSinf
2008-11-23 00:19:21 —-DC—- C:WINDOWSsystem32dllcache
2008-11-23 00:17:12 —-HDC—- C:Program FilesInstallShield Installation Information
2008-11-22 20:07:37 —-DC—- C:Games
2008-11-21 21:45:15 —-DC—- C:Program FilesQIP
2008-11-21 14:11:57 —-SDC—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2008-11-21 12:38:29 —-DC—- C:Program FilesCommon FilesWise Installation Wizard
2008-11-17 22:57:58 —-DC—- C:Documents and SettingsAdminApplication DataMozilla
2008-11-17 17:11:49 —-DC—- C:WINDOWSCursors======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2008-11-26 50864]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2008-11-26 94032]
R2 LANPkt;Realtek LANPkt Protocol Driver; C:WINDOWSsystem32DRIVERSLANPkt.sys [2006-07-18 8399]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-07-08 62848]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2007-04-25 4030144]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-08-19 60800]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2008-11-26 23152]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2007-06-13 2155520]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2004-10-19 20096]
R3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2004-09-21 10804]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2005-01-17 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:WINDOWSsystem32DRIVERSvbtenum.sys [2005-01-13 12500]
R3 Diag69xp;Diag69xp; C:WINDOWSSystem32DriversDiag69xp.sys [2006-07-11 11003]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-08-19 61824]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2008-04-15 5888]
R3 RTL8023xp;D-Link DGE-528T Gigabit Ethernet Adapter NDIS XP Driver; C:WINDOWSsystem32DRIVERSDLKRTXP.SYS [2006-07-31 83456]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2004-11-05 82148]
S3 ac97intc;Intel(r) 82801 служба установки аудиодрайвера (WDM); C:WINDOWSsystem32driversac97intc.sys [2001-08-18 96256]
S3 al5b3bda;al5b3bda; C:WINDOWSsystem32driversal5b3bda.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-08-19 17024]
S3 cmuda;C-Media WDM Audio Interface; C:WINDOWSsystem32driverscmuda.sys [2004-04-23 818496]
S3 EthDriver;D-Link DGE-528T Vista 32-bit Driver; C:WINDOWSsystem32DRIVERSDLKRT32.sys [2007-01-24 70144]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-08-19 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-08-19 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-08-19 10880]
S3 RTLVLAN;D-Link VLAN Intermediate Driver; C:WINDOWSsystem32DRIVERSRTLVLAN.SYS [2006-06-01 16384]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-08-19 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-08-19 15232]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-08-19 26368]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-08-19 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2008-03-02 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-03-02 82944]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2008-11-26 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2007-06-13 483328]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2008-11-26 155160]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:Program FilesIVT CorporationBlueSoleilBTNtService.exe [2005-01-27 106496]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2008-11-26 352920]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2007-06-13 520192]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
EOF
info.txt logfile of random’s system information tool 1.04 2008-12-09 10:55:59======Uninstall list======
“1С Мобильные игры” (Только Удаление)—>»C:Program Files1C1C Wirelessunins000.exe»
—>MsiExec /X{82D8304F-73D7-4EE6-8472-D0684BAA2865}
—>MsiExec.exe /X{69495273-FCDC-4A86-BCB7-49B504D3FB0E}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
Active Desktop Calendar 7.64—>»C:Program FilesXemiComputersActive Desktop Calendarunins000.exe»
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 6.0.1—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
AGEIA PhysX v7.05.06—>MsiExec.exe /X{82D8304F-73D7-4EE6-8472-D0684BAA2865}
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime�9�1Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x0
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus—>C:Program FilesAlwil SoftwareAvast4aswRunDll.exe «C:Program FilesAlwil SoftwareAvast4Setupsetiface.dll»,RunSetup
BlueSoleil—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}setup.exe» -l0x9
C-Media WDM Audio Driver—>C:WINDOWSsystem32cmirmdrv.exe
Diagnostics Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7236672F-6430-439E-9B27-27EDEAF1D676}Setup.exe» -l0x9
Download Master 5.5.5.1135—>»C:Program FilesDownload Masterunins000.exe»
Everest—>C:Program FilesEverestUninstall.exe
FastStone Image Viewer 3.5—>»C:Program FilesFSImgViewerunins000.exe»
Flash Player Pro—>C:Program FilesFlash Player ProUninstall.exe
Foxit Reader—>C:Program FilesFoxit ReaderUninstall.exe
HijackThis 2.0.2—>»C:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
Java(TM) 6 Update 7—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Mega Codec Pack 4.1.7—>»C:Program FilesK-Lite Codec Packunins000.exe»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1—>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (3.0.4)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 (KB941833)—>MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Nero 6—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
Opera 9.62—>MsiExec.exe /X{8318FEFD-F467-44D6-82B8-129374BFE9B1}
Paint.NET v3.35—>rundll32.exe advpack.dll,LaunchINFSection PaintDN.inf,Uninstall
QIP—>C:Program FilesQIPUninstall.exe
QuickTime Alternative 2.6.0—>»C:Program FilesQuickTime Alternativeunins000.exe»
Real Alternative 1.8.2—>»C:Program FilesReal Alternativeunins000.exe»
Realtek AC’97 Audio—>Alcrmv.exe -r -m
The KMPlayer 1432 R2—>»C:Program FilesThe KMPlayerunins000.exe»
uTorrent—>C:Program FilesuTorrentUninstall.exe
Vista Drive Icon—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVistaDrv.inf,Uninstall
VLC—>C:Program FilesVLCUninstall.exe
Winamp 5.541—>C:Program FilesWinampUninstall.exe
WinDjView 0.5—>»C:Program FilesWinDjViewunins000.exe»
XnView 1.94.1—>»C:Program FilesXnViewunins000.exe»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe======Security center information======
AV: avast! antivirus 4.8.1296 [VPS 081208-0]
======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%systemroot%system32;%systemroot%;%systemroot%system32wbem;C:Program FilesATI TechnologiesATI.ACECore-Static
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 1 Stepping 2, GenuineIntel
«PROCESSOR_REVISION»=0102
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
