Созданные ответы форума
-
Сообщения
-
И вот Extras.Txt
OTL Extras logfile created on: 04.04.2010 1:46:35 — Run 1
OTL by OldTimer — Version 3.2.1.0 Folder = C:UsersAdminDesktop
Ultimate Edition (Version = 6.1.7600) — Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files
Drive C: | 24,00 Gb Total Space | 9,89 Gb Free Space | 41,19% Space Free | Partition Type: NTFS
Drive D: | 125,05 Gb Total Space | 51,43 Gb Free Space | 41,13% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: ADMIN-ПК
Current User Name: Admin
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINESOFTWAREClasses]
.cpl [@ = cplfile] — C:WindowsSystem32control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] — C:Windowswinhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] — C:Program FilesOperaopera.exe (Opera Software)========== Shell Spawning ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
batfile [open] — «%1» %*
cmdfile [open] — «%1» %*
comfile [open] — «%1» %*
cplfile [cplopen] — %SystemRoot%System32control.exe «%1»,%* (Microsoft Corporation)
exefile [open] — «%1» %*
helpfile [open] — Reg Error: Key error.
hlpfile [open] — %SystemRoot%winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] — Reg Error: Key error.
https [open] — «C:Program FilesOperaopera.exe» (Opera Software)
jsfile [edit] — Reg Error: Key error.
piffile [open] — «%1» %*
regfile [merge] — Reg Error: Key error.
scrfile [config] — «%1»
scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] — «%1» /S
txtfile [edit] — Reg Error: Key error.
Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] — «C:Program FilesWinampwinamp.exe» /BOOKMARK «%1» File not found
Directory [Winamp.Enqueue] — «C:Program FilesWinampwinamp.exe» /ADD «%1» File not found
Directory [Winamp.Play] — «C:Program FilesWinampwinamp.exe» «%1» File not found
Folder [open] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [explore] — Reg Error: Value error.
Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«cval» = 1
«FirewallDisableNotify» = 0
«AntiVirusDisableNotify» = 0
«UpdatesDisableNotify» = 0[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
«VistaSp1» = Reg Error: Unknown registry data type — File not found
«AntiVirusOverride» = 0
«AntiSpywareOverride» = 0
«FirewallOverride» = 0[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
«DisableNotifications» = 0
«EnableFirewall» = 1[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
«DisableNotifications» = 0
«EnableFirewall» = 1[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{022F6097-A053-4B1B-BE50-3AADE4116B92}» = Opera 10.50
«{05308C4E-7285-4066-BAE3-6B50DA6ED755}» = Adobe Update Manager CS4
«{054EFA56-2AC1-48F4-A883-0AB89874B972}» = Adobe Extension Manager CS4
«{098727E1-775A-4450-B573-3F441F1CA243}» = kuler
«{098A2A49-7CF3-4F08-A38D-FB879117152A}» = Adobe Color NA Extra Settings CS4
«{0D6013AB-A0C7-41DC-973C-E93129C9A29F}» = Adobe Color JA Extra Settings CS4
«{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}» = Adobe Setup
«{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}» = Adobe Color EU Recommended Settings CS4
«{0F723FC1-7606-4867-866C-CE80AD292DAF}» = Adobe CSI CS4
«{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}» = Adobe Setup
«{1618734A-3957-4ADD-8199-F973763109A8}» = Adobe Anchor Service CS4
«{16E16F01-2E2D-4248-A42F-76261C147B6C}» = Adobe Drive CS4
«{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}» = AdobeColorCommonSetRGB
«{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}» = Adobe AIR
«{30C8AA56-4088-426F-91D1-0EDFD3A25678}» = Adobe Dreamweaver CS4
«{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}» = PDF Settings CS4
«{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}» = Adobe Media Player
«{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}» = Adobe XMP Panels CS4
«{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}» = Adobe Color — Photoshop Specific CS4
«{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}» = Adobe WinSoft Linguistics Plugin
«{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}» = Adobe Service Manager Extension
«{56C049BE-79E9-4502-BEA7-9754A3E60F9B}» = neroxml
«{63C24A08-70F3-4C8E-B9FB-9F21A903801D}» = Adobe Color Video Profiles CS CS4
«{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}» = Adobe Photoshop CS4 Support
«{67F0E67A-8E93-4C2C-B29D-47C48262738A}» = Adobe Device Central CS4
«{68243FF8-83CA-466B-B2B8-9F99DA5479C4}» = AdobeColorCommonSetCMYK
«{6869591A-7DD8-46D2-837F-57CBF7358955}» = Nokia Connectivity Cable Driver
«{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}» = MSVC80_x86_v2
«{6D9A7CEE-054A-437D-99EF-DD7C77E001FD}» = WebMoney Keeper Classic 3.9.0.1
«{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}» = PC Connectivity Solution
«{7299052b-02a4-4627-81f2-1818da5d550d}» = Microsoft Visual C++ 2005 Redistributable
«{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}» = Adobe Type Support CS4
«{837b34e3-7c30-493c-8f6a-2b0f04e2912c}» = Microsoft Visual C++ 2005 Redistributable
«{83877DB1-8B77-45BC-AB43-2BAC22E093E0}» = Adobe Bridge CS4
«{842B4B72-9E8F-4962-B3C1-1C422A5C4434}» = Suite Shared Configuration CS4
«{90120000-0016-0000-0000-0000000FF1CE}» = Microsoft Office Excel 2007
«{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C5060182-C90D-4314-9AE9-5C0DCF8FD1EF}» =
«{90120000-0016-0419-0000-0000000FF1CE}» = Microsoft Office Excel MUI (Russian) 2007
«{90120000-0016-0419-0000-0000000FF1CE}_EXCEL_{DCB382C1-7F1B-42B2-9D47-EDC4262E832F}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001B-0000-0000-0000000FF1CE}» = Microsoft Office Word 2007
«{90120000-001B-0000-0000-0000000FF1CE}_WORD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001B-0000-0000-0000000FF1CE}_WORD_{3520B304-0EF8-475D-8C52-47ABCCC75FC6}» =
«{90120000-001B-0419-0000-0000000FF1CE}» = Microsoft Office Word MUI (Russian) 2007
«{90120000-001B-0419-0000-0000000FF1CE}_WORD_{DCB382C1-7F1B-42B2-9D47-EDC4262E832F}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001F-0407-0000-0000000FF1CE}» = Microsoft Office Proof (German) 2007
«{90120000-001F-0407-0000-0000000FF1CE}_EXCEL_{A0516415-ED61-419A-981D-93596DA74165}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001F-0407-0000-0000000FF1CE}_WORD_{A0516415-ED61-419A-981D-93596DA74165}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001F-0409-0000-0000000FF1CE}» = Microsoft Office Proof (English) 2007
«{90120000-001F-0409-0000-0000000FF1CE}_EXCEL_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001F-0409-0000-0000000FF1CE}_WORD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001F-0419-0000-0000000FF1CE}» = Microsoft Office Proof (Russian) 2007
«{90120000-001F-0419-0000-0000000FF1CE}_EXCEL_{57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001F-0419-0000-0000000FF1CE}_WORD_{57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001F-0422-0000-0000000FF1CE}» = Microsoft Office Proof (Ukrainian) 2007
«{90120000-001F-0422-0000-0000000FF1CE}_EXCEL_{6F177D09-F21D-4F50-9436-353972D1D232}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-001F-0422-0000-0000000FF1CE}_WORD_{6F177D09-F21D-4F50-9436-353972D1D232}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-002C-0419-0000-0000000FF1CE}» = Microsoft Office Proofing (Russian) 2007
«{90120000-006E-0419-0000-0000000FF1CE}» = Microsoft Office Shared MUI (Russian) 2007
«{90120000-006E-0419-0000-0000000FF1CE}_EXCEL_{37317C49-30C4-412C-B0B9-D95090F330D8}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{90120000-006E-0419-0000-0000000FF1CE}_WORD_{37317C49-30C4-412C-B0B9-D95090F330D8}» = 2007 Microsoft Office Suite Service Pack 2 (SP2)
«{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}» = Nokia PC Suite
«{931AB7EA-3656-4BB7-864D-022B09E3DD67}» = Adobe Linguistics CS4
«{94D398EB-D2FD-4FD1-B8C4-592635E8A191}» = Adobe CMaps CS4
«{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}» = ImagXpress
«{B29AD377-CC12-490A-A480-1452337C618D}» = Connect
«{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}» = Adobe Photoshop CS4
«{BB4E33EC-8181-4685-96F7-8554293DEC6A}» = Adobe Output Module
«{C52E3EC1-048C-45E1-8D53-10B0C6509683}» = Adobe Default Language CS4
«{CC75AB5C-2110-4A7F-AF52-708680D22FE8}» = Photoshop Camera Raw
«{D12762D7-AE01-441E-B43A-F0CF1FAB4F51}» = ESET NOD32 Antivirus
«{E4848436-0345-47E2-B648-8B522FCDA623}» = Adobe Photoshop CS4
«{F0E64E2E-3A60-40D8-A55D-92F6831875DA}» = Adobe Search for Help
«{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}» = Adobe ExtendScript Toolkit CS4
«{F93C84A6-0DC6-42AF-89FA-776F7C377353}» = Adobe PDF Library Files CS4
«{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}» = Adobe Fonts All
«504244733D18C8F63FF584AEB290E3904E791693» = Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)
«7-Zip» = 7-Zip 4.65
«Adobe AIR» = Adobe AIR
«Adobe Flash Player ActiveX» = Adobe Flash Player 10 ActiveX
«Adobe Flash Player Plugin» = Adobe Flash Player 10 Plugin
«Adobe_acce07fd2c8fe7f9e3f26243e626578» = Adobe Dreamweaver CS4
«Adobe_faf656ef605427ee2f42989c3ad31b8» = Adobe Photoshop CS4
«AudioCS» = Creative Audio Console
«com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1» = Adobe Media Player
«Creative Software AutoUpdate» = Creative Software AutoUpdate
«EXCEL» = Microsoft Office Excel 2007
«Foxit Phantom 1.0.2.1123» = Foxit Phantom 1.0.2.1123
«Just Cause 2_is1» = Just Cause 2
«OpenAL» = OpenAL
«The KMPlayer» = The KMPlayer (remove only)
«Total Commander 7.50a» = Total Commander 7.50a
«Uninstall Tool_is1» = Uninstall Tool 2.8.1.5023
«Unlocker» = Unlocker 1.8.8
«uTorrent 1.8.5.17414» = uTorrent 1.8.5.17414
«WebMoney Agent» = WebMoney Agent
«WORD» = Microsoft Office Word 2007========== HKEY_USERS Uninstall List ==========
[HKEY_USERSS-1-5-21-4254772586-2232943448-1681883352-1000SOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«QIP 2005» = QIP 2005 8095========== Last 10 Event Log Errors ==========
[ Application Events ]
Error — 02.04.2010 1:21:51 | Computer Name = Admin-ПК | Source = MsiInstaller | ID = 10005
Description =Error — 02.04.2010 1:57:40 | Computer Name = Admin-ПК | Source = MsiInstaller | ID = 11720
Description =Error — 02.04.2010 2:03:58 | Computer Name = Admin-ПК | Source = Application Error | ID = 1000
Description = Имя сбойного приложения: egui.exe, версия: 4.0.417.0, отметка времени:
0x49c21cfa Имя сбойного модуля: SHLWAPI.dll, версия: 6.1.7600.16385, отметка времени
0x4a5bdb05 Код исключения: 0xc0000005 Смещение ошибки: 0x0001a766 Идентификатор сбойного
процесса: 0x7c0 Время запуска сбойного приложения: 0x01cad21b73253a50 Путь сбойного
приложения: C:Program FilesESETESET NOD32 Antivirusegui.exe Путь сбойного модуля:
C:Windowssystem32SHLWAPI.dll Код отчета: 86a4dfde-3e1d-11df-afce-0015f201bdError — 02.04.2010 2:53:57 | Computer Name = Admin-ПК | Source = SideBySide | ID = 16842785
Description = Ошибка при создании контекста активации для «C:Program FilesNokiaNokia
PC Suite 7TIS_Windows7PIM.dll». Не найдена зависимая сборка «Microsoft.VC80.DebugCRT,processorArchitecture=»x86″,publicKeyToken=»1fc8b3b9a1e18e3b»,type=»win32″,version=»8.0.50608.0″».
Используйте
sxstrace.exe для подробной диагностики.Error — 02.04.2010 2:54:30 | Computer Name = Admin-ПК | Source = SideBySide | ID = 16842815
Description = Ошибка создания контекста архивации для «C:Program FilesCommon FilesAdobe
AIRVersions1.0Adobe AIR.dll». Ошибка в файле манифеста или политики «C:Program
FilesCommon FilesAdobe AIRVersions1.0Adobe AIR.dll» в строке 3. Значение «MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR»
атрибута «version» в элементе «assemblyIdentity» недопустимо.Error — 02.04.2010 11:41:17 | Computer Name = Admin-ПК | Source = MsiInstaller | ID = 10005
Description =Error — 02.04.2010 11:45:01 | Computer Name = Admin-ПК | Source = MsiInstaller | ID = 10005
Description =Error — 02.04.2010 18:44:53 | Computer Name = Admin-ПК | Source = VSS | ID = 8194
Description =Error — 03.04.2010 5:43:07 | Computer Name = Admin-ПК | Source = SideBySide | ID = 16842785
Description = Ошибка при создании контекста активации для «C:Program FilesNokiaNokia
PC Suite 7TIS_Windows7PIM.dll». Не найдена зависимая сборка «Microsoft.VC80.DebugCRT,processorArchitecture=»x86″,publicKeyToken=»1fc8b3b9a1e18e3b»,type=»win32″,version=»8.0.50608.0″».
Используйте
sxstrace.exe для подробной диагностики.Error — 03.04.2010 5:43:21 | Computer Name = Admin-ПК | Source = SideBySide | ID = 16842815
Description = Ошибка создания контекста архивации для «C:Program FilesCommon FilesAdobe
AIRVersions1.0Adobe AIR.dll». Ошибка в файле манифеста или политики «C:Program
FilesCommon FilesAdobe AIRVersions1.0Adobe AIR.dll» в строке 3. Значение «MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR»
атрибута «version» в элементе «assemblyIdentity» недопустимо.[ System Events ]
Error — 03.04.2010 15:57:05 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 16:02:45 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 16:02:50 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 16:33:29 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 16:34:04 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 16:51:57 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 16:52:03 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 16:58:42 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 16:58:54 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not activeError — 03.04.2010 17:44:55 | Computer Name = Admin-ПК | Source = atikmdag | ID = 43029
Description = Display is not active[2010.04.04 01:49:35 | 001,310,720 | -HS- | M] () — C:UsersAdminNTUSER.DAT
[2010.04.04 01:49:34 | 000,513,016 | —- | M] () — C:UsersAdminDesktopJust_Cause_2_v1.0.0.1_-_DLC___23_Trainer.exe
[2010.04.04 01:46:03 | 000,561,664 | —- | M] (OldTimer Tools) — C:UsersAdminDesktopOTL.exe
[2010.04.04 00:01:21 | 000,014,016 | -H— | M] () — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.04 00:01:21 | 000,014,016 | -H— | M] () — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.03 23:58:17 | 001,508,162 | —- | M] () — C:WindowsSystem32PerfStringBackup.INI
[2010.04.03 23:58:17 | 000,674,680 | —- | M] () — C:WindowsSystem32perfh019.dat
[2010.04.03 23:58:17 | 000,606,992 | —- | M] () — C:WindowsSystem32perfh009.dat
[2010.04.03 23:58:17 | 000,128,850 | —- | M] () — C:WindowsSystem32perfc019.dat
[2010.04.03 23:58:17 | 000,103,370 | —- | M] () — C:WindowsSystem32perfc009.dat
[2010.04.03 23:51:48 | 000,000,006 | -H— | M] () — C:WindowstasksSA.DAT
[2010.04.03 23:51:45 | 000,067,584 | —S- | M] () — C:Windowsbootstat.dat
[2010.04.03 23:51:41 | 1610,014,720 | -HS- | M] () — C:hiberfil.sys
[2010.04.03 23:38:36 | 000,307,933 | —- | M] () — C:UsersAdminDesktopjc2.plus14.tr.rar
[2010.04.03 21:11:46 | 002,524,298 | —- | M] ( ) — C:UsersAdminDesktopqip8095.exe
[2010.04.03 18:57:14 | 004,931,577 | —- | M] () — C:Windows{00000001-00000000-00000001-00001102-00000008-10211102}.CDF
[2010.04.03 18:57:14 | 004,931,577 | —- | M] () — C:Windows{00000001-00000000-00000001-00001102-00000008-10211102}.BAK
[2010.04.03 05:51:13 | 000,030,600 | —- | M] () — C:WindowsSystem32BMXStateBkp-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.03 05:51:13 | 000,030,600 | —- | M] () — C:WindowsSystem32BMXState-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.03 05:51:13 | 000,029,604 | —- | M] () — C:WindowsSystem32BMXCtrlState-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.03 05:51:13 | 000,029,604 | —- | M] () — C:WindowsSystem32BMXBkpCtrlState-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.03 05:51:13 | 000,011,564 | —- | M] () — C:WindowsSystem32DVCState-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.03 02:36:35 | 000,000,664 | —- | M] () — C:UsersAdminDesktopJust Cause 2.lnk
[2010.04.02 17:21:35 | 000,000,215 | —- | M] () — C:Windowssystem.ini
[2010.04.02 16:27:47 | 002,223,632 | —- | M] () — C:WindowsSystem32FNTCACHE.DAT
[2010.04.02 09:50:38 | 000,000,000 | -H— | M] () — C:UsersAdminDocumentsDefault.rdp
[2010.04.02 09:25:27 | 000,003,584 | —- | M] () — C:UsersAdminAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 09:11:40 | 036,172,472 | —- | M] () — C:UsersAdminDesktopa2vxvxsl.exe
[2010.04.02 08:43:50 | 000,001,095 | —- | M] () — C:UsersAdminDesktopAdobe Photoshop CS4.lnk
[2010.04.02 08:42:41 | 000,063,552 | —- | M] () — C:UsersAdminAppDataLocalGDIPFONTCACHEV1.DAT
[2010.04.02 08:33:38 | 000,001,672 | —- | M] () — C:UsersAdminDesktopDreamweaver.lnk
[2010.04.02 05:51:15 | 000,001,080 | —- | M] () — C:WindowsSystem32settingsbkup.sfm
[2010.04.02 05:51:15 | 000,001,080 | —- | M] () — C:WindowsSystem32settings.sfm
[2010.04.02 05:30:42 | 000,002,562 | —- | M] () — C:Windowsdiagwrn.xml
[2010.04.02 05:30:42 | 000,001,908 | —- | M] () — C:Windowsdiagerr.xml
[2010.04.02 05:24:05 | 000,000,803 | —- | M] () — C:UsersPublicDesktopOpera.lnk
[2010.04.02 05:22:07 | 000,000,917 | —- | M] () — C:UsersPublicDesktopWebMoney Keeper Classic 3.9.0.1.lnk
[2010.04.02 05:15:20 | 000,444,952 | —- | M] (Creative Labs) — C:WindowsSystem32wrap_oal.dll
[2010.04.02 05:15:20 | 000,109,080 | —- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) — C:WindowsSystem32OpenAL32.dll
[2010.04.02 05:15:19 | 000,000,087 | RH— | M] () — C:Windowsctfile.rfc
[2010.04.02 05:05:38 | 000,000,971 | —- | M] () — C:UsersAdminDesktopuTorrent.lnk
[2010.04.02 05:03:24 | 000,691,696 | —- | M] () — C:WindowsSystem32driverssptd.sys
[2010.04.02 04:59:40 | 000,001,020 | —- | M] () — C:UsersAdminDesktopTotal Commander.lnk
[2010.04.02 04:59:27 | 000,000,928 | —- | M] () — C:UsersAdminDesktopUninstall Tool.lnk
[2010.04.02 04:39:38 | 000,000,953 | —- | M] () — C:UsersAdminDesktopEverest.lnk
[2010.04.02 04:27:59 | 000,007,605 | —- | M] () — C:UsersAdminAppDataLocalResmon.ResmonCfg
[2010.04.02 03:19:31 | 000,524,288 | -HS- | M] () — C:UsersAdminNTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.04.02 03:19:31 | 000,524,288 | -HS- | M] () — C:UsersAdminNTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.04.02 03:19:31 | 000,065,536 | -HS- | M] () — C:UsersAdminNTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.04.02 03:18:52 | 000,383,592 | RHS- | M] () — C:gdrop
[2010.04.02 03:18:52 | 000,171,136 | RHS- | M] () — C:xeldr
[2010.04.02 03:18:52 | 000,008,192 | —- | M] () — C:bootsect.lxe.bak
[2010.04.02 03:16:23 | 000,000,020 | -HS- | M] () — C:UsersAdminntuser.ini
[2010.04.02 01:58:53 | 000,008,192 | RHS- | M] () — C:BOOTSECT.BAK
[2010.04.02 01:03:56 | 000,168,956 | —- | M] () — C:WindowsSystem32license.rtf
[2010.04.02 01:02:00 | 000,000,000 | —- | M] () — C:Windowsativpsrm.bin
[2010.03.12 18:02:38 | 000,261,632 | —- | M] () — C:WindowsPEV.exe========== Files Created — No Company Name ==========
[2010.04.03 23:38:36 | 000,307,933 | —- | C] () — C:UsersAdminDesktopjc2.plus14.tr.rar
[2010.04.03 02:36:35 | 000,000,664 | —- | C] () — C:UsersAdminDesktopJust Cause 2.lnk
[2010.04.02 16:54:31 | 000,077,312 | —- | C] () — C:WindowsMBR.exe
[2010.04.02 16:54:27 | 000,261,632 | —- | C] () — C:WindowsPEV.exe
[2010.04.02 16:54:26 | 000,068,096 | —- | C] () — C:Windowszip.exe
[2010.04.02 16:54:25 | 000,098,816 | —- | C] () — C:Windowssed.exe
[2010.04.02 16:54:25 | 000,080,412 | —- | C] () — C:Windowsgrep.exe
[2010.04.02 09:50:38 | 000,000,000 | -H— | C] () — C:UsersAdminDocumentsDefault.rdp
[2010.04.02 09:25:27 | 000,003,584 | —- | C] () — C:UsersAdminAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 09:10:53 | 036,172,472 | —- | C] () — C:UsersAdminDesktopa2vxvxsl.exe
[2010.04.02 08:43:50 | 000,001,095 | —- | C] () — C:UsersAdminDesktopAdobe Photoshop CS4.lnk
[2010.04.02 08:33:38 | 000,001,672 | —- | C] () — C:UsersAdminDesktopDreamweaver.lnk
[2010.04.02 05:52:44 | 004,931,577 | —- | C] () — C:Windows{00000001-00000000-00000001-00001102-00000008-10211102}.BAK
[2010.04.02 05:51:15 | 000,030,600 | —- | C] () — C:WindowsSystem32BMXStateBkp-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.02 05:51:15 | 000,030,600 | —- | C] () — C:WindowsSystem32BMXState-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.02 05:51:15 | 000,029,604 | —- | C] () — C:WindowsSystem32BMXCtrlState-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.02 05:51:15 | 000,029,604 | —- | C] () — C:WindowsSystem32BMXBkpCtrlState-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.02 05:51:15 | 000,011,564 | —- | C] () — C:WindowsSystem32DVCState-{00000001-00000000-00000001-00001102-00000008-10211102}.rfx
[2010.04.02 05:51:15 | 000,001,080 | —- | C] () — C:WindowsSystem32settingsbkup.sfm
[2010.04.02 05:51:15 | 000,001,080 | —- | C] () — C:WindowsSystem32settings.sfm
[2010.04.02 05:24:05 | 000,000,803 | —- | C] () — C:UsersPublicDesktopOpera.lnk
[2010.04.02 05:22:07 | 000,000,917 | —- | C] () — C:UsersPublicDesktopWebMoney Keeper Classic 3.9.0.1.lnk
[2010.04.02 05:16:26 | 000,007,062 | —- | C] () — C:WindowsSystem32audiopid.vxd
[2010.04.02 05:15:25 | 004,931,577 | —- | C] () — C:Windows{00000001-00000000-00000001-00001102-00000008-10211102}.CDF
[2010.04.02 05:05:38 | 000,000,971 | —- | C] () — C:UsersAdminDesktopuTorrent.lnk
[2010.04.02 05:03:24 | 000,691,696 | —- | C] () — C:WindowsSystem32driverssptd.sys
[2010.04.02 04:59:40 | 000,001,020 | —- | C] () — C:UsersAdminDesktopTotal Commander.lnk
[2010.04.02 04:59:27 | 000,000,928 | —- | C] () — C:UsersAdminDesktopUninstall Tool.lnk
[2010.04.02 04:44:48 | 000,148,480 | —- | C] () — C:WindowsSystem32APOMngr.DLL
[2010.04.02 04:44:48 | 000,073,728 | —- | C] () — C:WindowsSystem32CmdRtr.DLL
[2010.04.02 04:44:48 | 000,000,087 | RH— | C] () — C:Windowsctfile.rfc
[2010.04.02 04:39:38 | 000,000,953 | —- | C] () — C:UsersAdminDesktopEverest.lnk
[2010.04.02 04:27:59 | 000,007,605 | —- | C] () — C:UsersAdminAppDataLocalResmon.ResmonCfg
[2010.04.02 03:22:20 | 000,002,562 | —- | C] () — C:Windowsdiagwrn.xml
[2010.04.02 03:22:20 | 000,001,908 | —- | C] () — C:Windowsdiagerr.xml
[2010.04.02 03:18:52 | 000,383,592 | RHS- | C] () — C:gdrop
[2010.04.02 03:18:52 | 000,171,136 | RHS- | C] () — C:xeldr
[2010.04.02 03:18:52 | 000,008,192 | —- | C] () — C:bootsect.lxe.bak
[2010.04.02 03:16:23 | 001,310,720 | -HS- | C] () — C:UsersAdminNTUSER.DAT
[2010.04.02 03:16:23 | 000,524,288 | -HS- | C] () — C:UsersAdminNTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.04.02 03:16:23 | 000,524,288 | -HS- | C] () — C:UsersAdminNTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.04.02 03:16:23 | 000,262,144 | -HS- | C] () — C:UsersAdminntuser.dat.LOG1
[2010.04.02 03:16:23 | 000,065,536 | -HS- | C] () — C:UsersAdminNTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.04.02 03:16:23 | 000,000,020 | -HS- | C] () — C:UsersAdminntuser.ini
[2010.04.02 03:16:23 | 000,000,000 | -HS- | C] () — C:UsersAdminntuser.dat.LOG2
[2010.04.02 01:58:53 | 000,008,192 | RHS- | C] () — C:BOOTSECT.BAK
[2010.04.02 01:58:52 | 000,383,562 | RHS- | C] () — C:bootmgr
[2010.04.02 01:02:00 | 000,000,000 | —- | C] () — C:Windowsativpsrm.bin
[2010.04.02 00:59:58 | 1610,014,720 | -HS- | C] () — C:hiberfil.sys
[2009.07.14 03:51:43 | 000,073,728 | —- | C] () — C:WindowsSystem32BthpanContextHandler.dll
[2009.07.14 03:42:10 | 000,064,000 | —- | C] () — C:WindowsSystem32BWContextHandler.dll
[2009.06.23 12:29:50 | 000,049,719 | —- | C] () — C:WindowsSystem32instwdm.ini
[2009.06.23 12:29:48 | 000,000,054 | —- | C] () — C:WindowsSystem32ctzapxx.ini
[2009.06.23 11:51:00 | 000,043,520 | —- | C] () — C:WindowsSystem32CTBurst.dll
[2007.08.13 20:45:02 | 000,077,824 | —- | C] () — C:WindowsSystem32ctmmactl.dll
[2006.10.02 17:25:18 | 000,000,307 | —- | C] () — C:WindowsSystem32kill.ini@Valeri wrote:
Здравствуйте, добро пожаловать на Spyware-ru форум.
Скачайте сканер OTL кликнув по этой ссылке и сохраните файл на вашем рабочем столе.
* Дважды кликните по скачанному файлу.
* Поставьте галочку в пункте «Scan All Users».
* Кликните по кнопке «Run Scan».
* Когда программа закончит работу, будут показаны два лога (OTListIt.txt и Extra.txt).Вставьте оба OTL лога в ваш ответ. Каждый лог в отдельное сообщение.
С Праздничком Вас! и Спасибо что ответили. Вот OTL.Txt
OTL logfile created on: 04.04.2010 1:46:35 — Run 1
OTL by OldTimer — Version 3.2.1.0 Folder = C:UsersAdminDesktop
Ultimate Edition (Version = 6.1.7600) — Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files
Drive C: | 24,00 Gb Total Space | 9,89 Gb Free Space | 41,19% Space Free | Partition Type: NTFS
Drive D: | 125,05 Gb Total Space | 51,43 Gb Free Space | 41,13% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: ADMIN-ПК
Current User Name: Admin
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard========== Processes (SafeList) ==========
PRC — [2010.04.04 01:46:03 | 000,561,664 | —- | M] (OldTimer Tools) — C:UsersAdminDesktopOTL.exe
PRC — [2010.04.02 07:46:40 | 000,319,792 | —- | M] (BitTorrent, Inc.) — C:Program FilesuTorrentutorrent.exe
PRC — [2010.03.01 20:42:48 | 000,835,952 | —- | M] (Opera Software) — C:Program FilesOperaopera.exe
PRC — [2009.10.31 09:45:39 | 002,614,272 | —- | M] (Microsoft Corporation) — C:Windowsexplorer.exe
PRC — [2009.10.30 15:57:08 | 000,369,200 | —- | M] (DT Soft Ltd) — C:Program FilesDAEMON Tools LiteDTLite.exe
PRC — [2009.10.19 15:47:30 | 000,210,400 | —- | M] () — C:Program FilesWebMoney Agentwmagent.exe
PRC — [2009.09.23 13:38:18 | 000,935,208 | —- | M] (Nero AG) — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
PRC — [2009.08.18 02:36:36 | 000,348,160 | —- | M] (AMD) — C:WindowsSystem32atieclxx.exe
PRC — [2009.08.18 02:36:08 | 000,176,128 | —- | M] (AMD) — C:WindowsSystem32atiesrxx.exe
PRC — [2009.08.13 11:43:54 | 003,276,288 | —- | M] (The Author of QIP) — D:QIPqip.exe
PRC — [2009.07.14 05:14:42 | 000,049,152 | —- | M] (Microsoft Corporation) — C:WindowsSystem32taskhost.exe
PRC — [2009.06.23 11:48:12 | 000,019,456 | —- | M] (Creative Technology Ltd) — C:WindowsSystem32CtHelper.exe
PRC — [2009.03.19 11:44:50 | 000,731,840 | —- | M] (ESET) — C:Program FilesESETESET NOD32 Antivirusekrn.exe
PRC — [2009.03.19 11:44:28 | 002,029,640 | —- | M] (ESET) — C:Program FilesESETESET NOD32 Antivirusegui.exe
PRC — [2009.02.14 16:29:14 | 000,307,200 | —- | M] (Creative Technology Ltd) — C:Program FilesCreativeShared FilesCTAudSvc.exe========== Modules (SafeList) ==========
MOD — [2010.04.04 01:46:03 | 000,561,664 | —- | M] (OldTimer Tools) — C:UsersAdminDesktopOTL.exe
MOD — [2009.07.14 05:16:15 | 000,099,840 | —- | M] (Microsoft Corporation) — C:WindowsSystem32sspicli.dll
MOD — [2009.07.14 05:16:13 | 000,092,160 | —- | M] (Microsoft Corporation) — C:WindowsSystem32sechost.dll
MOD — [2009.07.14 05:16:13 | 000,050,688 | —- | M] (Microsoft Corporation) — C:WindowsSystem32samcli.dll
MOD — [2009.07.14 05:16:12 | 000,031,744 | —- | M] (Microsoft Corporation) — C:WindowsSystem32profapi.dll
MOD — [2009.07.14 05:16:03 | 000,022,016 | —- | M] (Microsoft Corporation) — C:WindowsSystem32netutils.dll
MOD — [2009.07.14 05:15:35 | 000,288,256 | —- | M] (Microsoft Corporation) — C:WindowsSystem32KernelBase.dll
MOD — [2009.07.14 05:15:13 | 000,067,072 | —- | M] (Microsoft Corporation) — C:WindowsSystem32dwmapi.dll
MOD — [2009.07.14 05:15:11 | 000,064,512 | —- | M] (Microsoft Corporation) — C:WindowsSystem32devobj.dll
MOD — [2009.07.14 05:15:07 | 000,036,864 | —- | M] (Microsoft Corporation) — C:WindowsSystem32cryptbase.dll
MOD — [2009.07.14 05:15:02 | 000,145,920 | —- | M] (Microsoft Corporation) — C:WindowsSystem32cfgmgr32.dll
MOD — [2009.07.14 05:03:50 | 001,680,896 | —- | M] (Microsoft Corporation) — C:Windowswinsxsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfccomctl32.dll
MOD — [2009.06.23 11:48:10 | 000,008,704 | —- | M] (Creative Technology Ltd) — C:WindowsSystem32ctagent.dll========== Win32 Services (SafeList) ==========
SRV — [2010.04.02 08:23:11 | 000,655,624 | —- | M] (Acresso Software Inc.) [On_Demand | Stopped] — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe — (FLEXnet Licensing Service)
SRV — [2010.04.02 05:16:03 | 000,079,360 | —- | M] (Creative Labs) [On_Demand | Stopped] — C:Program FilesCommon FilesCreative Labs SharedServiceCTAELicensing.exe — (Creative Audio Engine Licensing Service)
SRV — [2009.10.27 09:26:36 | 000,657,408 | —- | M] (Nokia) [On_Demand | Stopped] — C:Program FilesPC Connectivity SolutionServiceLayer.exe — (ServiceLayer)
SRV — [2009.09.23 13:38:18 | 000,935,208 | —- | M] (Nero AG) [Auto | Running] — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe — (Nero BackItUp Scheduler 4.0)
SRV — [2009.08.18 02:36:08 | 000,176,128 | —- | M] (AMD) [Auto | Running] — C:WindowsSystem32atiesrxx.exe — (AMD External Events Utility)
SRV — [2009.07.14 05:16:21 | 000,185,856 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32wwansvc.dll — (WwanSvc)
SRV — [2009.07.14 05:16:20 | 000,010,752 | —- | M] (Корпорация Майкрософт) [On_Demand | Stopped] — C:WindowsSystem32wpcsvc.dll — (WPCSvc)
SRV — [2009.07.14 05:16:17 | 000,151,552 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32wbiosrvc.dll — (WbioSrvc)
SRV — [2009.07.14 05:16:17 | 000,119,808 | —- | M] (Microsoft Corporation) [Auto | Running] — C:WindowsSystem32umpo.dll — (Power)
SRV — [2009.07.14 05:16:16 | 000,037,376 | —- | M] (Microsoft Corporation) [Auto | Running] — C:WindowsSystem32themeservice.dll — (Themes)
SRV — [2009.07.14 05:16:15 | 000,053,760 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32sppuinotify.dll — (sppuinotify)
SRV — [2009.07.14 05:16:13 | 000,043,520 | —- | M] (Microsoft Corporation) [Unknown | Running] — C:WindowsSystem32RpcEpMap.dll — (RpcEptMapper)
SRV — [2009.07.14 05:16:13 | 000,025,088 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32sensrsvc.dll — (SensrSvc)
SRV — [2009.07.14 05:16:12 | 001,004,544 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32PeerDistSvc.dll — (PeerDistSvc)
SRV — [2009.07.14 05:16:12 | 000,269,824 | —- | M] (Microsoft Corporation) [On_Demand | Running] — C:WindowsSystem32pnrpsvc.dll — (PNRPsvc)
SRV — [2009.07.14 05:16:12 | 000,269,824 | —- | M] (Microsoft Corporation) [On_Demand | Running] — C:WindowsSystem32pnrpsvc.dll — (p2pimsvc)
SRV — [2009.07.14 05:16:12 | 000,165,376 | —- | M] (Microsoft Corporation) [On_Demand | Running] — C:WindowsSystem32provsvc.dll — (HomeGroupProvider)
SRV — [2009.07.14 05:16:12 | 000,020,480 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32pnrpauto.dll — (PNRPAutoReg)
SRV — [2009.07.14 05:15:41 | 000,680,960 | —- | M] (Microsoft Corporation) [Auto | Running] — C:Program FilesWindows DefenderMpSvc.dll — (WinDefend)
SRV — [2009.07.14 05:15:36 | 000,194,560 | —- | M] (Microsoft Corporation) [On_Demand | Running] — C:WindowsSystem32ListSvc.dll — (HomeGroupListener)
SRV — [2009.07.14 05:15:21 | 000,797,696 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32FntCache.dll — (FontCache)
SRV — [2009.07.14 05:15:11 | 000,253,440 | —- | M] (Microsoft Corporation) [Auto | Running] — C:WindowsSystem32dhcpcore.dll — (Dhcp)
SRV — [2009.07.14 05:15:10 | 000,218,624 | —- | M] (Корпорация Майкрософт) [On_Demand | Stopped] — C:WindowsSystem32defragsvc.dll — (defragsvc)
SRV — [2009.07.14 05:14:59 | 000,076,800 | —- | M] (Microsoft Corporation) [Unknown | Stopped] — C:WindowsSystem32bdesvc.dll — (BDESVC)
SRV — [2009.07.14 05:14:58 | 000,088,064 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32AxInstSv.dll — (AxInstSV) Установщик ActiveX (AxInstSV)
SRV — [2009.07.14 05:14:53 | 000,027,648 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32appidsvc.dll — (AppIDSvc)
SRV — [2009.07.14 05:14:29 | 003,179,520 | —- | M] (Microsoft Corporation) [Auto | Stopped] — C:WindowsSystem32sppsvc.exe — (sppsvc)
SRV — [2009.03.19 11:48:08 | 000,020,680 | —- | M] (ESET) [On_Demand | Stopped] — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe — (EhttpSrv)
SRV — [2009.03.19 11:44:50 | 000,731,840 | —- | M] (ESET) [Auto | Running] — C:Program FilesESETESET NOD32 Antivirusekrn.exe — (ekrn)
SRV — [2009.02.14 16:29:14 | 000,307,200 | —- | M] (Creative Technology Ltd) [Auto | Running] — C:Program FilesCreativeShared FilesCTAudSvc.exe — (CTAudSvcService)========== Driver Services (SafeList) ==========
DRV — [2010.04.02 05:03:24 | 000,691,696 | —- | M] () [Kernel | Boot | Running] — C:WindowsSystem32Driverssptd.sys — (sptd)
DRV — [2009.08.18 03:48:06 | 004,994,560 | —- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] — C:WindowsSystem32driversatikmdag.sys — (atikmdag)
DRV — [2009.07.14 05:26:21 | 000,015,952 | —- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERScmdide.sys — (cmdide)
DRV — [2009.07.14 05:26:17 | 000,297,552 | —- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSadpahci.sys — (adpahci)
DRV — [2009.07.14 05:26:15 | 000,422,976 | —- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSadp94xx.sys — (adp94xx)
DRV — [2009.07.14 05:26:15 | 000,159,312 | —- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSamdsbs.sys — (amdsbs)
DRV — [2009.07.14 05:26:15 | 000,146,512 | —- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSadpu320.sys — (adpu320)
DRV — [2009.07.14 05:26:15 | 000,086,608 | —- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSarcsas.sys — (arcsas)
DRV — [2009.07.14 05:26:15 | 000,079,952 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSamdsata.sys — (amdsata)
DRV — [2009.07.14 05:26:15 | 000,076,368 | —- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSarc.sys — (arc)
DRV — [2009.07.14 05:26:15 | 000,023,616 | —- | M] (Advanced Micro Devices) [Kernel | Boot | Running] — C:Windowssystem32DRIVERSamdxata.sys — (amdxata)
DRV — [2009.07.14 05:26:15 | 000,014,400 | —- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSaliide.sys — (aliide)
DRV — [2009.07.14 05:20:44 | 000,142,416 | —- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSnvstor.sys — (nvstor)
DRV — [2009.07.14 05:20:44 | 000,117,312 | —- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSnvraid.sys — (nvraid)
DRV — [2009.07.14 05:20:44 | 000,078,416 | —- | M] (Корпорация Майкрософт) [Kernel | Boot | Running] — C:WindowsSystem32driversmountmgr.sys — (mountmgr)
DRV — [2009.07.14 05:20:44 | 000,044,624 | —- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSnfrd960.sys — (nfrd960)
DRV — [2009.07.14 05:20:37 | 000,089,168 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSlsi_sas.sys — (LSI_SAS)
DRV — [2009.07.14 05:20:36 | 000,332,352 | —- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSiaStorV.sys — (iaStorV)
DRV — [2009.07.14 05:20:36 | 000,235,584 | —- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSMegaSR.sys — (MegaSR)
DRV — [2009.07.14 05:20:36 | 000,133,200 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSystem32Driversksecpkg.sys — (KSecPkg)
DRV — [2009.07.14 05:20:36 | 000,096,848 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSlsi_scsi.sys — (LSI_SCSI)
DRV — [2009.07.14 05:20:36 | 000,095,824 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSlsi_fc.sys — (LSI_FC)
DRV — [2009.07.14 05:20:36 | 000,054,864 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSlsi_sas2.sys — (LSI_SAS2)
DRV — [2009.07.14 05:20:36 | 000,041,040 | —- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSiirsp.sys — (iirsp)
DRV — [2009.07.14 05:20:36 | 000,030,800 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSmegasas.sys — (megasas)
DRV — [2009.07.14 05:20:36 | 000,013,904 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSystem32drivershwpolicy.sys — (hwpolicy)
DRV — [2009.07.14 05:20:28 | 000,453,712 | —- | M] (Emulex) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSelxstor.sys — (elxstor)
DRV — [2009.07.14 05:20:28 | 000,070,720 | —- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSdjsvs.sys — (aic78xx)
DRV — [2009.07.14 05:20:28 | 000,067,152 | —- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSHpSAMD.sys — (HpSAMD)
DRV — [2009.07.14 05:20:28 | 000,046,160 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] — C:WindowsSystem32driversfsdepends.sys — (FsDepends)
DRV — [2009.07.14 05:19:11 | 000,297,040 | —- | M] (Корпорация Майкрософт) [Kernel | Boot | Running] — C:WindowsSystem32driversvolmgrx.sys — (volmgrx)
DRV — [2009.07.14 05:19:11 | 000,141,904 | —- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSvsmraid.sys — (vsmraid)
DRV — [2009.07.14 05:19:10 | 000,175,824 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSvmbus.sys — (vmbus)
DRV — [2009.07.14 05:19:10 | 000,159,824 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSvhdmp.sys — (vhdmp)
DRV — [2009.07.14 05:19:10 | 000,040,896 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:Windowssystem32DRIVERSvmstorfl.sys — (storflt)
DRV — [2009.07.14 05:19:10 | 000,032,832 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:Windowssystem32DRIVERSvdrvroot.sys — (vdrvroot) Драйвер перечислителя виртуальных дисков (Майкрософт)
DRV — [2009.07.14 05:19:10 | 000,028,224 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSstorvsc.sys — (storvsc)
DRV — [2009.07.14 05:19:10 | 000,019,008 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] — C:WindowsSystem32driverswimmount.sys — (WIMMount)
DRV — [2009.07.14 05:19:10 | 000,016,976 | —- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSviaide.sys — (viaide)
DRV — [2009.07.14 05:19:04 | 001,383,488 | —- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSql2300.sys — (ql2300)
DRV — [2009.07.14 05:19:04 | 000,173,648 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSystem32driversrdyboost.sys — (rdyboost)
DRV — [2009.07.14 05:19:04 | 000,106,064 | —- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSql40xx.sys — (ql40xx)
DRV — [2009.07.14 05:19:04 | 000,077,888 | —- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSsisraid4.sys — (SiSRaid4)
DRV — [2009.07.14 05:19:04 | 000,043,088 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSystem32driverspcw.sys — (pcw)
DRV — [2009.07.14 05:19:04 | 000,040,016 | —- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSSiSRaid2.sys — (SiSRaid2)
DRV — [2009.07.14 05:19:04 | 000,021,072 | —- | M] (Promise Technology) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSstexstor.sys — (stexstor)
DRV — [2009.07.14 05:17:54 | 000,369,568 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSystem32Driverscng.sys — (CNG)
DRV — [2009.07.14 04:57:25 | 000,272,128 | —- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSystem32DriversBrserid.sys — (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV — [2009.07.14 04:02:41 | 000,018,944 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSystem32driversrdpbus.sys — (rdpbus)
DRV — [2009.07.14 04:01:41 | 000,007,168 | —- | M] (Microsoft Corporation) [Kernel | System | Running] — C:WindowsSystem32driversRDPREFMP.sys — (RDPREFMP)
DRV — [2009.07.14 03:55:00 | 000,049,152 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSystem32driversagilevpn.sys — (RasAgileVpn) WAN Miniport (IKEv2)
DRV — [2009.07.14 03:53:51 | 000,009,728 | —- | M] (Microsoft Corporation) [Kernel | System | Running] — C:WindowsSystem32driverswfplwf.sys — (WfpLwf)
DRV — [2009.07.14 03:52:44 | 000,027,136 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversndiscap.sys — (NdisCap)
DRV — [2009.07.14 03:52:02 | 000,019,968 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversvwifibus.sys — (vwifibus)
DRV — [2009.07.14 03:52:00 | 000,163,328 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERS1394ohci.sys — (1394ohci)
DRV — [2009.07.14 03:51:35 | 000,008,192 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSumpass.sys — (UmPass)
DRV — [2009.07.14 03:51:08 | 000,004,096 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversmshidkmdf.sys — (mshidkmdf)
DRV — [2009.07.14 03:46:55 | 000,012,288 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSMTConfig.sys — (MTConfig)
DRV — [2009.07.14 03:45:26 | 000,031,232 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSystem32driversCompositeBus.sys — (CompositeBus)
DRV — [2009.07.14 03:36:52 | 000,050,176 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32driversappid.sys — (AppID)
DRV — [2009.07.14 03:33:50 | 000,026,624 | —- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] — C:WindowsSystem32driversscfilter.sys — (scfilter)
DRV — [2009.07.14 03:28:47 | 000,005,632 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSvms3cap.sys — (s3cap)
DRV — [2009.07.14 03:28:45 | 000,017,920 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSVMBusHID.sys — (VMBusHID)
DRV — [2009.07.14 03:24:05 | 000,032,256 | —- | M] (Microsoft Corporation) [Kernel | System | Running] — C:WindowsSystem32driversdiscache.sys — (discache)
DRV — [2009.07.14 03:19:21 | 000,021,504 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSHidBatt.sys — (HidBatt)
DRV — [2009.07.14 03:16:36 | 000,009,728 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSacpipmi.sys — (AcpiPmi)
DRV — [2009.07.14 03:11:04 | 000,052,736 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSamdppm.sys — (AmdPPM)
DRV — [2009.07.14 02:54:14 | 000,026,624 | —- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] — C:Windowssystem32drivershcw85cir.sys — (hcw85cir)
DRV — [2009.07.14 02:53:33 | 000,012,160 | —- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSystem32DriversBrUsbMdm.sys — (BrUsbMdm)
DRV — [2009.07.14 02:53:33 | 000,011,904 | —- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSystem32DriversBrUsbSer.sys — (BrUsbSer)
DRV — [2009.07.14 02:53:32 | 000,062,336 | —- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSystem32DriversBrSerWdm.sys — (BrSerWdm)
DRV — [2009.07.14 02:53:28 | 000,013,568 | —- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSBrFiltLo.sys — (BrFiltLo)
DRV — [2009.07.14 02:53:28 | 000,005,248 | —- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSBrFiltUp.sys — (BrFiltUp)
DRV — [2009.07.14 02:02:52 | 000,139,776 | —- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] — C:WindowsSystem32driversRt86win7.sys — (RTL8167)
DRV — [2009.07.14 02:02:49 | 000,229,888 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversb57nd60x.sys — (b57nd60x)
DRV — [2009.07.14 02:02:48 | 003,100,160 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSevbdx.sys — (ebdrv)
DRV — [2009.07.14 02:02:48 | 000,430,080 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] — C:Windowssystem32DRIVERSbxvbdx.sys — (b06bdrv)
DRV — [2009.06.23 13:38:26 | 000,189,464 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32drivershaP17v2k.sys — (hap17v2k)
DRV — [2009.06.23 13:38:16 | 000,162,840 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] — C:WindowsSystem32drivershaP16v2k.sys — (hap16v2k)
DRV — [2009.06.23 13:38:06 | 000,798,744 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversha10kx2k.sys — (ha10kx2k)
DRV — [2009.06.23 13:37:54 | 000,092,696 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversemupia2k.sys — (emupia)
DRV — [2009.06.23 13:37:32 | 000,157,208 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversctsfm2k.sys — (ctsfm2k)
DRV — [2009.06.23 13:37:22 | 000,014,360 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversctprxy2k.sys — (ctprxy2k)
DRV — [2009.06.23 13:37:10 | 000,127,512 | —- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] — C:WindowsSystem32driversctoss2k.sys — (ossrv)
DRV — [2009.06.23 13:36:36 | 000,347,080 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversctdvda2k.sys — (ctdvda2k)
DRV — [2009.06.23 13:36:24 | 000,528,408 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversctaud2k.sys — (ctaud2k) Creative Audio Driver (WDM)
DRV — [2009.06.23 13:36:14 | 000,511,000 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversctac32k.sys — (ctac32k)
DRV — [2009.06.23 13:35:04 | 000,100,888 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversCTERFXFX.SYS — (CTERFXFX.SYS)
DRV — [2009.06.23 13:35:04 | 000,100,888 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversCTERFXFX.sys — (CTERFXFX)
DRV — [2009.06.23 13:34:52 | 000,566,296 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversCTSBLFX.SYS — (CTSBLFX.SYS)
DRV — [2009.06.23 13:34:52 | 000,566,296 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversCTSBLFX.sys — (CTSBLFX)
DRV — [2009.06.23 13:34:40 | 000,555,032 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversCTAUDFX.SYS — (CTAUDFX.SYS)
DRV — [2009.06.23 13:34:40 | 000,555,032 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversCTAUDFX.sys — (CTAUDFX)
DRV — [2009.06.23 13:34:30 | 000,099,352 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] — C:WindowsSystem32driversCOMMONFX.SYS — (COMMONFX.SYS)
DRV — [2009.06.23 13:34:30 | 000,099,352 | —- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversCOMMONFX.sys — (COMMONFX)
DRV — [2009.03.19 11:45:40 | 000,093,312 | —- | M] (ESET) [Kernel | Auto | Running] — C:WindowsSystem32driversepfwwfpr.sys — (epfwwfpr)
DRV — [2009.03.19 11:44:34 | 000,107,256 | —- | M] (ESET) [Kernel | System | Running] — C:WindowsSystem32driversehdrv.sys — (ehdrv)
DRV — [2009.03.19 11:41:38 | 000,113,960 | —- | M] (ESET) [File_System | Auto | Running] — C:WindowsSystem32driverseamon.sys — (eamon)
DRV — [2008.08.26 09:26:12 | 000,018,816 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driverspccsmcfd.sys — (pccsmcfd)
DRV — [2008.08.14 07:57:42 | 000,074,720 | —- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] — C:WindowsSystem32driversadfs.sys — (adfs)========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE — HKUS-1-5-21-4254772586-2232943448-1681883352-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://ru.msn.com/?ocid=iehp
IE — HKUS-1-5-21-4254772586-2232943448-1681883352-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = ru
IE — HKUS-1-5-21-4254772586-2232943448-1681883352-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = D2 D1 57 78 F1 D1 CA 01 [binary data]
IE — HKUS-1-5-21-4254772586-2232943448-1681883352-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0FF — HKLMsoftwaremozillaThunderbirdExtensions\eplgTb@eset.com: C:Program FilesESETESET NOD32 AntivirusMozilla Thunderbird [2010.04.02 06:32:12 | 000,000,000 | —D | M]
[2010.04.02 05:03:54 | 000,000,000 | —D | M] — C:UsersAdminAppDataRoamingmozillaFirefoxProfilesnahd6ha2.defaultextensions
[2010.04.02 05:03:58 | 000,000,000 | —D | M] — C:UsersAdminAppDataRoamingmozillaFirefoxProfilesnahd6ha2.defaultextensionsyasearch@yandex.ru
[2010.04.02 05:03:55 | 000,000,000 | —D | M] — C:UsersAdminAppDataRoamingmozillaFirefoxProfilesnahd6ha2.defaultextensionsyasearch@yandex.ruchromeskinextensions-hacksO1 HOSTS File: ([2009.06.11 01:39:37 | 000,000,824 | —- | M]) — C:WindowsSystem32driversetchosts
O4 — HKLM..Run: [CTHelper] C:WindowsSystem32CtHelper.exe (Creative Technology Ltd)
O4 — HKLM..Run: [egui] C:Program FilesESETESET NOD32 Antivirusegui.exe (ESET)
O4 — HKLM..Run: [wmagent.exe] C:Program FilesWebMoney Agentwmagent.exe ()
O4 — HKU.DEFAULT..Run: [DevconDefaultDB] C:WindowsSystem32READREG.exe (Creative Technology Limited)
O4 — HKUS-1-5-18..Run: [DevconDefaultDB] C:WindowsSystem32READREG.exe (Creative Technology Limited)
O4 — HKUS-1-5-21-4254772586-2232943448-1681883352-1000..Run: [DAEMON Tools Lite] C:Program FilesDAEMON Tools LiteDTLite.exe (DT Soft Ltd)
O4 — HKUS-1-5-21-4254772586-2232943448-1681883352-1000..Run: [QIP2005] D:QIPqip.exe (The Author of QIP)
O6 — HKLMSoftwarePoliciesMicrosoftInternet ExplorerLow Rights present
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableLUA = 0
O7 — HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-21-4254772586-2232943448-1681883352-1000SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-21-4254772586-2232943448-1681883352-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O8 — Extra context menu item: &Экспорт в Microsoft Excel — C:Program FilesMicrosoft OfficeOffice12EXCEL.EXE (Microsoft Corporation)
O9 — Extra Button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:Program FilesMicrosoft OfficeOffice12REFIEBAR.DLL (Microsoft Corporation)
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 — HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 91.207.88.35
O18 — ProtocolHandlerms-help {314111c7-a502-11d2-bbca-00c04f8ec294} — C:Program FilesCommon Filesmicrosoft sharedHelphxds.dll (Microsoft Corporation)
O18 — ProtocolFiltertext/xml {807563E5-5146-11D5-A672-00B0D022E945} — C:Program FilesCommon Filesmicrosoft sharedOFFICE12MSOXMLMF.DLL (Microsoft Corporation)
O20 — HKLM Winlogon: Shell — (Explorer.exe) — C:Windowsexplorer.exe (Microsoft Corporation)
O20 — HKLM Winlogon: VMApplet — (SystemPropertiesPerformance.exe) — C:WindowsSystem32SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 — HKLM Winlogon: VMApplet — (/pagefile) — File not found
O28 — HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} — Reg Error: Key error. File not found
O30 — LSA: Security Packages — (pku2u) — C:WindowsSystem32pku2u.dll (Microsoft Corporation)
O32 — HKLM CDRom: AutoRun — 1
O32 — AutoRun File — [2009.06.11 01:42:20 | 000,000,024 | —- | M] () — C:autoexec.bat — [ NTFS ]
O33 — MountPoints2{5838924f-3dfa-11df-9d24-0015f201bd79}Shell — «» = AutoRun
O33 — MountPoints2{5838924f-3dfa-11df-9d24-0015f201bd79}ShellAutoRuncommand — «» = F:setup.exe — File not found
O34 — HKLM BootExecute: (autocheck autochk *) — File not found
O35 — HKLM..comfile [open] — «%1» %*
O35 — HKLM..exefile [open] — «%1» %*
O37 — HKLM…com [@ = ComFile] — «%1» %*
O37 — HKLM…exe [@ = exefile] — «%1» %*========== Files/Folders — Created Within 30 Days ==========
[2010.04.04 01:45:56 | 000,561,664 | —- | C] (OldTimer Tools) — C:UsersAdminDesktopOTL.exe
[2010.04.03 23:38:53 | 000,000,000 | —D | C] — C:UsersAdminDesktopjc2.plus14.tr
[2010.04.03 21:11:29 | 002,524,298 | —- | C] ( ) — C:UsersAdminDesktopqip8095.exe
[2010.04.02 22:31:41 | 000,000,000 | —D | C] — C:UsersAdminDocumentsSquare Enix
[2010.04.02 19:15:39 | 000,000,000 | —D | C] — C:rsit
[2010.04.02 18:03:55 | 000,000,000 | —D | C] — C:Program FilesUnlocker
[2010.04.02 17:24:46 | 000,000,000 | -HSD | C] — C:$RECYCLE.BIN
[2010.04.02 17:24:43 | 000,000,000 | —D | C] — C:Windowstemp
[2010.04.02 17:24:43 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocaltemp
[2010.04.02 17:09:50 | 000,212,480 | —- | C] (SteelWerX) — C:WindowsSWXCACLS.exe
[2010.04.02 16:54:30 | 000,031,232 | —- | C] (NirSoft) — C:WindowsNIRCMD.exe
[2010.04.02 16:54:26 | 000,161,792 | —- | C] (SteelWerX) — C:WindowsSWREG.exe
[2010.04.02 16:54:24 | 000,136,704 | —- | C] (SteelWerX) — C:WindowsSWSC.exe
[2010.04.02 16:54:14 | 000,000,000 | —D | C] — C:WindowsERDNT
[2010.04.02 16:52:29 | 000,000,000 | —D | C] — C:Qoobox
[2010.04.02 16:35:42 | 000,641,536 | —- | C] (Microsoft Corporation) — C:WindowsSystem32CPFilters.dll
[2010.04.02 16:35:41 | 000,204,288 | —- | C] (Microsoft Corporation) — C:WindowsSystem32MSNP.ax
[2010.04.02 16:35:40 | 000,417,792 | —- | C] (Microsoft Corporation) — C:WindowsSystem32msdri.dll
[2010.04.02 16:35:38 | 000,465,408 | —- | C] (Microsoft Corporation) — C:WindowsSystem32psisdecd.dll
[2010.04.02 16:33:53 | 000,000,000 | —D | C] — C:Program FilesMSXML 4.0
[2010.04.02 09:56:53 | 000,000,000 | —D | C] — C:Program FilesThe KMPlayer
[2010.04.02 09:51:41 | 000,000,000 | —D | C] — C:ProgramDataCrystalIdea Software
[2010.04.02 09:35:12 | 000,000,000 | —D | C] — C:Program FilesGRETECH
[2010.04.02 09:13:12 | 000,000,000 | —D | C] — C:UsersAdminDoctorWeb
[2010.04.02 08:54:18 | 000,000,000 | —D | C] — C:ProgramDataNero
[2010.04.02 08:54:16 | 000,000,000 | —D | C] — C:Program FilesCommon FilesNero
[2010.04.02 08:33:06 | 000,000,000 | —D | C] — C:ProgramDataFLEXnet
[2010.04.02 08:29:16 | 000,000,000 | —D | C] — C:Program FilesAdobe Media Player
[2010.04.02 08:26:38 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalAdobe
[2010.04.02 08:24:41 | 000,000,000 | —D | C] — C:Program FilesCommon FilesAdobe AIR
[2010.04.02 08:24:00 | 000,000,000 | —D | C] — C:ProgramDataAdobe
[2010.04.02 08:23:35 | 000,000,000 | —D | C] — C:Program FilesAdobe
[2010.04.02 08:23:11 | 000,000,000 | —D | C] — C:Program FilesCommon FilesMacrovision Shared
[2010.04.02 07:44:23 | 000,528,216 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAudio2_6.dll
[2010.04.02 07:44:23 | 000,515,416 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAudio2_5.dll
[2010.04.02 07:44:23 | 000,238,936 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine3_6.dll
[2010.04.02 07:44:23 | 000,238,936 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine3_5.dll
[2010.04.02 07:44:23 | 000,074,072 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAPOFX1_4.dll
[2010.04.02 07:44:23 | 000,022,360 | —- | C] (Microsoft Corporation) — C:WindowsSystem32X3DAudio1_7.dll
[2010.04.02 07:44:22 | 005,501,792 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dcsx_42.dll
[2010.04.02 07:44:22 | 001,974,616 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_42.dll
[2010.04.02 07:44:22 | 000,453,456 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_42.dll
[2010.04.02 07:44:22 | 000,235,344 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx11_42.dll
[2010.04.02 07:44:21 | 004,178,264 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DX9_41.dll
[2010.04.02 07:44:21 | 001,892,184 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DX9_42.dll
[2010.04.02 07:44:21 | 001,846,632 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_41.dll
[2010.04.02 07:44:21 | 000,453,456 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_41.dll
[2010.04.02 07:44:20 | 000,517,448 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAudio2_4.dll
[2010.04.02 07:44:20 | 000,235,352 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine3_4.dll
[2010.04.02 07:44:20 | 000,069,464 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAPOFX1_3.dll
[2010.04.02 07:44:20 | 000,022,360 | —- | C] (Microsoft Corporation) — C:WindowsSystem32X3DAudio1_6.dll
[2010.04.02 07:44:19 | 004,379,984 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DX9_40.dll
[2010.04.02 07:44:19 | 002,036,576 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_40.dll
[2010.04.02 07:44:19 | 000,514,384 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAudio2_3.dll
[2010.04.02 07:44:19 | 000,452,440 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_40.dll
[2010.04.02 07:44:19 | 000,235,856 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine3_3.dll
[2010.04.02 07:44:19 | 000,070,992 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAPOFX1_2.dll
[2010.04.02 07:44:18 | 001,493,528 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_39.dll
[2010.04.02 07:44:18 | 000,509,448 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAudio2_2.dll
[2010.04.02 07:44:18 | 000,467,984 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_39.dll
[2010.04.02 07:44:18 | 000,238,088 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine3_2.dll
[2010.04.02 07:44:18 | 000,068,616 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAPOFX1_1.dll
[2010.04.02 07:44:18 | 000,023,376 | —- | C] (Microsoft Corporation) — C:WindowsSystem32X3DAudio1_5.dll
[2010.04.02 07:44:17 | 003,851,784 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DX9_39.dll
[2010.04.02 07:44:17 | 000,507,400 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAudio2_1.dll
[2010.04.02 07:44:17 | 000,238,088 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine3_1.dll
[2010.04.02 07:44:17 | 000,065,032 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAPOFX1_0.dll
[2010.04.02 07:44:17 | 000,025,608 | —- | C] (Microsoft Corporation) — C:WindowsSystem32X3DAudio1_4.dll
[2010.04.02 07:44:16 | 003,850,760 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DX9_38.dll
[2010.04.02 07:44:16 | 001,491,992 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_38.dll
[2010.04.02 07:44:16 | 000,479,752 | —- | C] (Microsoft Corporation) — C:WindowsSystem32XAudio2_0.dll
[2010.04.02 07:44:16 | 000,467,984 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_38.dll
[2010.04.02 07:44:15 | 003,786,760 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DX9_37.dll
[2010.04.02 07:44:15 | 001,420,824 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_37.dll
[2010.04.02 07:44:15 | 000,462,864 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_37.dll
[2010.04.02 07:44:15 | 000,238,088 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine3_0.dll
[2010.04.02 07:44:15 | 000,025,608 | —- | C] (Microsoft Corporation) — C:WindowsSystem32X3DAudio1_3.dll
[2010.04.02 07:44:14 | 001,374,232 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_36.dll
[2010.04.02 07:44:14 | 000,444,776 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_36.dll
[2010.04.02 07:44:14 | 000,267,272 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_10.dll
[2010.04.02 07:44:13 | 003,734,536 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_36.dll
[2010.04.02 07:44:13 | 000,267,112 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_9.dll
[2010.04.02 07:44:12 | 003,727,720 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_35.dll
[2010.04.02 07:44:12 | 001,358,192 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_35.dll
[2010.04.02 07:44:12 | 001,124,720 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_34.dll
[2010.04.02 07:44:12 | 000,444,776 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_35.dll
[2010.04.02 07:44:12 | 000,443,752 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_34.dll
[2010.04.02 07:44:12 | 000,266,088 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_8.dll
[2010.04.02 07:44:12 | 000,017,928 | —- | C] (Microsoft Corporation) — C:WindowsSystem32X3DAudio1_2.dll
[2010.04.02 07:44:11 | 003,497,832 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_34.dll
[2010.04.02 07:44:11 | 001,123,696 | —- | C] (Microsoft Corporation) — C:WindowsSystem32D3DCompiler_33.dll
[2010.04.02 07:44:11 | 000,443,752 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10_33.dll
[2010.04.02 07:44:11 | 000,261,480 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_7.dll
[2010.04.02 07:44:11 | 000,081,768 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xinput1_3.dll
[2010.04.02 07:44:10 | 003,495,784 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_33.dll
[2010.04.02 07:44:10 | 000,255,848 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_6.dll
[2010.04.02 07:44:09 | 003,426,072 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_32.dll
[2010.04.02 07:44:09 | 002,414,360 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_31.dll
[2010.04.02 07:44:09 | 000,440,080 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx10.dll
[2010.04.02 07:44:09 | 000,251,672 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_5.dll
[2010.04.02 07:44:09 | 000,237,848 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_4.dll
[2010.04.02 07:44:09 | 000,015,128 | —- | C] (Microsoft Corporation) — C:WindowsSystem32x3daudio1_1.dll
[2010.04.02 07:44:08 | 000,236,824 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_3.dll
[2010.04.02 07:44:08 | 000,230,168 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_2.dll
[2010.04.02 07:44:08 | 000,229,584 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_1.dll
[2010.04.02 07:44:08 | 000,062,744 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xinput1_2.dll
[2010.04.02 07:44:08 | 000,062,672 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xinput1_1.dll
[2010.04.02 07:44:00 | 002,388,176 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_30.dll
[2010.04.02 07:44:00 | 000,230,096 | —- | C] (Microsoft Corporation) — C:WindowsSystem32xactengine2_0.dll
[2010.04.02 07:44:00 | 000,014,032 | —- | C] (Microsoft Corporation) — C:WindowsSystem32x3daudio1_0.dll
[2010.04.02 07:43:59 | 002,332,368 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_29.dll
[2010.04.02 07:43:59 | 002,323,664 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_28.dll
[2010.04.02 07:43:59 | 002,319,568 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_27.dll
[2010.04.02 07:43:59 | 002,297,552 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_26.dll
[2010.04.02 07:43:58 | 002,337,488 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_25.dll
[2010.04.02 07:43:58 | 002,222,800 | —- | C] (Microsoft Corporation) — C:WindowsSystem32d3dx9_24.dll
[2010.04.02 07:24:17 | 000,000,000 | —D | C] — C:UsersAdminDocumentsThe KMPlayer
[2010.04.02 07:20:29 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingWinamp
[2010.04.02 07:17:59 | 000,000,000 | —D | C] — C:ProgramDataMacromedia
[2010.04.02 07:17:08 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalESET
[2010.04.02 07:16:47 | 000,000,000 | —D | C] — C:Program FilesMacromedia
[2010.04.02 07:06:43 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalMicrosoft Games
[2010.04.02 06:32:11 | 000,000,000 | —D | C] — C:ProgramDataESET
[2010.04.02 06:32:11 | 000,000,000 | —D | C] — C:Program FilesESET
[2010.04.02 06:29:14 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalElevatedDiagnostics
[2010.04.02 05:52:56 | 000,000,000 | —D | C] — C:ProgramDataCreative
[2010.04.02 05:34:00 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalGHISLER
[2010.04.02 05:24:10 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingOpera
[2010.04.02 05:24:10 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalOpera
[2010.04.02 05:24:03 | 000,000,000 | —D | C] — C:Program FilesOpera
[2010.04.02 05:23:42 | 000,000,000 | -HSD | C] — C:WindowsInstaller
[2010.04.02 05:22:45 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingWebMoney
[2010.04.02 05:22:14 | 000,000,000 | —D | C] — C:Program FilesWebMoney Agent
[2010.04.02 05:22:04 | 000,000,000 | —D | C] — C:Program FilesWebMoney
[2010.04.02 05:20:19 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingAhead
[2010.04.02 05:16:04 | 001,060,864 | —- | C] (Microsoft Corporation) — C:WindowsSystem32mfc71.dll
[2010.04.02 05:16:04 | 001,047,552 | —- | C] (Microsoft Corporation) — C:WindowsSystem32mfc71u.dll
[2010.04.02 05:16:04 | 000,499,712 | —- | C] (Microsoft Corporation) — C:WindowsSystem32msvcp71.dll
[2010.04.02 05:16:04 | 000,348,160 | —- | C] (Microsoft Corporation) — C:WindowsSystem32msvcr71.dll
[2010.04.02 05:16:03 | 000,000,000 | —D | C] — C:Program FilesCommon FilesCreative Labs Shared
[2010.04.02 05:05:38 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoaminguTorrent
[2010.04.02 05:05:38 | 000,000,000 | —D | C] — C:Program FilesuTorrent
[2010.04.02 05:05:32 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingPC Suite
[2010.04.02 05:05:31 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingNokia
[2010.04.02 05:05:30 | 000,000,000 | —D | C] — C:ProgramDataPC Suite
[2010.04.02 05:05:19 | 000,000,000 | —D | C] — C:Program FilesCommon FilesPCSuite
[2010.04.02 05:05:19 | 000,000,000 | —D | C] — C:Program FilesCommon FilesNokia
[2010.04.02 05:04:52 | 000,000,000 | —D | C] — C:Program FilesDIFX
[2010.04.02 05:04:51 | 000,018,816 | —- | C] (Nokia) — C:WindowsSystem32driverspccsmcfd.sys
[2010.04.02 05:04:49 | 000,000,000 | —D | C] — C:WindowsSystem32DRVSTORE
[2010.04.02 05:04:46 | 000,000,000 | —D | C] — C:Program FilesPC Connectivity Solution
[2010.04.02 05:04:26 | 000,091,136 | —- | C] (Nokia) — C:WindowsSystem32nmwcdcls.dll
[2010.04.02 05:04:20 | 000,000,000 | —D | C] — C:Program FilesNokia
[2010.04.02 05:03:59 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalYandex
[2010.04.02 05:03:54 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingYandex
[2010.04.02 05:03:54 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingMozilla
[2010.04.02 05:03:09 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingDAEMON Tools Lite
[2010.04.02 05:03:08 | 000,000,000 | —D | C] — C:ProgramDataDAEMON Tools Lite
[2010.04.02 05:03:08 | 000,000,000 | —D | C] — C:Program FilesDAEMON Tools Lite
[2010.04.02 05:01:55 | 000,000,000 | —D | C] — C:Program Files7-Zip
[2010.04.02 05:01:01 | 000,000,000 | —D | C] — C:Program FilesCommon FilesAdobe
[2010.04.02 04:59:39 | 000,000,000 | —D | C] — C:Program FilesTotal Commander
[2010.04.02 04:59:27 | 000,000,000 | —D | C] — C:Program FilesUninstall Tool
[2010.04.02 04:51:44 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingFoxit Software
[2010.04.02 04:50:28 | 000,000,000 | —D | C] — C:Program FilesMicrosoft Works
[2010.04.02 04:50:21 | 000,000,000 | —D | C] — C:Program FilesCommon FilesDESIGNER
[2010.04.02 04:50:15 | 000,000,000 | —D | C] — C:WindowsPCHEALTH
[2010.04.02 04:50:15 | 000,000,000 | —D | C] — C:Program FilesMicrosoft.NET
[2010.04.02 04:49:23 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalMicrosoft Help
[2010.04.02 04:49:21 | 000,000,000 | —D | C] — C:Program FilesMicrosoft Office
[2010.04.02 04:49:21 | 000,000,000 | —D | C] — C:ProgramDataMicrosoft Help
[2010.04.02 04:49:09 | 000,000,000 | R—D | C] — C:MSOCache
[2010.04.02 04:48:09 | 000,000,000 | —D | C] — C:Program FilesFoxit Phantom
[2010.04.02 04:46:33 | 000,000,000 | —D | C] — C:WindowsMinidump
[2010.04.02 04:44:48 | 000,444,952 | —- | C] (Creative Labs) — C:WindowsSystem32wrap_oal.dll
[2010.04.02 04:44:48 | 000,109,080 | —- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) — C:WindowsSystem32OpenAL32.dll
[2010.04.02 04:44:48 | 000,000,000 | —D | C] — C:Program FilesOpenAL
[2010.04.02 04:43:52 | 000,000,000 | —D | C] — C:WindowsSystem32Data
[2010.04.02 04:43:52 | 000,000,000 | —D | C] — C:Program FilesCreative
[2010.04.02 04:43:42 | 000,000,000 | -H-D | C] — C:Program FilesInstallShield Installation Information
[2010.04.02 04:43:35 | 000,000,000 | —D | C] — C:Program FilesCommon FilesInstallShield
[2010.04.02 04:43:02 | 000,000,000 | —D | C] — C:WindowsSystem32Macromed
[2010.04.02 04:39:38 | 000,000,000 | —D | C] — C:Program FilesEverest
[2010.04.02 04:38:22 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingMacromedia
[2010.04.02 04:38:22 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingAdobe
[2010.04.02 04:26:14 | 000,181,632 | —- | C] (Microsoft Corporation) — C:WindowsSystem32MpSigStub.exe
[2010.04.02 04:25:45 | 002,614,272 | —- | C] (Microsoft Corporation) — C:Windowsexplorer.exe
[2010.04.02 04:25:45 | 000,606,208 | —- | C] (Microsoft Corporation) — C:WindowsSystem32mstime.dll
[2010.04.02 04:25:45 | 000,381,440 | —- | C] (Microsoft Corporation) — C:WindowsSystem32iedkcs32.dll
[2010.04.02 04:25:45 | 000,064,512 | —- | C] (Microsoft Corporation) — C:WindowsSystem32msfeedsbs.dll
[2010.04.02 04:25:44 | 000,293,888 | —- | C] (Adobe Systems Incorporated) — C:WindowsSystem32atmfd.dll
[2010.04.02 04:25:44 | 000,108,544 | —- | C] (Microsoft Corporation) — C:WindowsSystem32t2embed.dll
[2010.04.02 04:25:44 | 000,070,656 | —- | C] (Microsoft Corporation) — C:WindowsSystem32fontsub.dll
[2010.04.02 04:25:43 | 001,320,960 | —- | C] (Microsoft Corporation) — C:WindowsSystem32CertEnroll.dll
[2010.04.02 04:25:42 | 012,625,408 | —- | C] (Корпорация Майкрософт (Microsoft Corp.)) — C:WindowsSystem32wmploc.DLL
[2010.04.02 04:25:42 | 000,507,568 | —- | C] (Microsoft Corporation) — C:WindowsSystem32winload.exe
[2010.04.02 04:25:42 | 000,442,920 | —- | C] (Microsoft Corporation) — C:WindowsSystem32winresume.exe
[2010.04.02 04:25:41 | 003,955,288 | —- | C] (Microsoft Corporation) — C:WindowsSystem32ntkrnlpa.exe
[2010.04.02 04:25:41 | 000,716,800 | —- | C] (Корпорация Майкрософт) — C:WindowsSystem32jscript.dll
[2010.04.02 04:25:40 | 003,899,464 | —- | C] (Microsoft Corporation) — C:WindowsSystem32ntoskrnl.exe
[2010.04.02 04:25:40 | 001,328,640 | —- | C] (Microsoft Corporation) — C:WindowsSystem32quartz.dll
[2010.04.02 04:25:40 | 000,091,648 | —- | C] (Microsoft Corporation) — C:WindowsSystem32avifil32.dll
[2010.04.02 04:25:40 | 000,084,480 | —- | C] (Microsoft Corporation) — C:WindowsSystem32mciavi32.dll
[2010.04.02 04:24:49 | 000,002,048 | —- | C] (Microsoft Corporation) — C:WindowsSystem32tzres.dll
[2010.04.02 03:16:39 | 000,000,000 | R—D | C] — C:UsersAdminSearches
[2010.04.02 03:16:30 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingIdentities
[2010.04.02 03:16:29 | 000,000,000 | R—D | C] — C:UsersAdminContacts
[2010.04.02 03:16:24 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalVirtualStore
[2010.04.02 03:16:23 | 000,000,000 | —SD | C] — C:UsersAdminAppDataRoamingMicrosoft
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminVideos
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminSaved Games
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminPictures
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminMusic
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminLinks
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminFavorites
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminDownloads
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminDocuments
[2010.04.02 03:16:23 | 000,000,000 | R—D | C] — C:UsersAdminDesktop
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminШаблоны
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminDocumentsМоя музыка
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminDocumentsМои рисунки
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminМои документы
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminDocumentsМои видеозаписи
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminГлавное меню
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminAppDataLocalTemporary Internet Files
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminSendTo
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminRecent
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminPrintHood
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminNetHood
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminLocal Settings
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminAppDataLocalHistory
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminCookies
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminApplication Data
[2010.04.02 03:16:23 | 000,000,000 | -HSD | C] — C:UsersAdminAppDataLocalApplication Data
[2010.04.02 03:16:23 | 000,000,000 | -H-D | C] — C:UsersAdminAppData
[2010.04.02 03:16:23 | 000,000,000 | —D | C] — C:UsersAdminAppDataLocalMicrosoft
[2010.04.02 03:16:23 | 000,000,000 | —D | C] — C:UsersAdminAppDataRoamingMedia Center Programs
[2010.04.02 03:16:06 | 000,000,000 | -HSD | C] — C:ProgramDataШаблоны
[2010.04.02 03:16:06 | 000,000,000 | -HSD | C] — C:ProgramDataРабочий стол
[2010.04.02 03:16:06 | 000,000,000 | -HSD | C] — C:UsersPublicDocumentsМоя музыка
[2010.04.02 03:16:06 | 000,000,000 | -HSD | C] — C:UsersPublicDocumentsМои рисунки
[2010.04.02 03:16:06 | 000,000,000 | -HSD | C] — C:UsersPublicDocumentsМои видеозаписи
[2010.04.02 03:16:06 | 000,000,000 | -HSD | C] — C:ProgramDataИзбранное
[2010.04.02 03:16:06 | 000,000,000 | -HSD | C] — C:ProgramDataДокументы
[2010.04.02 03:16:06 | 000,000,000 | -HSD | C] — C:ProgramDataГлавное меню
[2010.04.02 03:16:06 | 000,000,000 | —D | C] — C:Recovery
[2010.04.02 01:59:05 | 000,000,000 | —D | C] — C:WindowsPanther
[2010.04.02 01:58:52 | 000,000,000 | —D | C] — C:Boot
[2010.04.02 01:02:52 | 000,000,000 | —D | C] — C:WindowsSoftwareDistribution
[2010.04.02 01:00:19 | 000,000,000 | —D | C] — C:WindowsPrefetch
[2010.04.02 00:59:58 | 000,000,000 | -HSD | C] — C:System Volume Information
[2009.06.23 11:49:14 | 000,010,752 | —- | C] ( ) — C:WindowsSystem32a3d.dll========== Files — Modified Within 30 Days ==========
@CERBER wrote:
Посмотрите ещё вот эту тему на сайте:
Flash_Disinfector ещё одно оружие против autorun.inf трояновК сожалению не помогло тоесть оно вообще не запускается, смотрел через диспетчер задач появляется на секунду и слитает сразу же.
И так вообщем программа выбивает ошибку и не до конца устанавливается… вот скрин
Вот log.txt а info не нашел
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:04:49, on 02.04.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: NormalRunning processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32taskhost.exe
C:WindowsExplorer.EXE
C:WindowsSystem32CtHelper.exe
C:Program FilesWebMoney Agentwmagent.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
D:QIPqip.exe
C:Program FilesDAEMON Tools LiteDTLite.exe
C:Program FilesTotal CommanderTOTALCMD.EXE
C:Program FilesOperaopera.exe
C:Windowssystem32SearchFilterHost.exe
C:Program FilesTrend MicroHijackThisHijackThis.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 — REG:system.ini: UserInit=C:WindowsSystem32userinit.exe
O4 — HKLM..Run: [CTHelper] CTHELPER.EXE
O4 — HKLM..Run: [wmagent.exe] «C:Program FilesWebMoney Agentwmagent.exe»
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKCU..Run: [QIP2005] D:QIPqip.exe
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools LiteDTLite.exe» -autorun
O4 — HKUSS-1-5-18..Run: [DevconDefaultDB] C:Windowssystem32READREG /SILENT /FAIL=1 (User ‘система’)
O4 — HKUS.DEFAULT..Run: [DevconDefaultDB] C:Windowssystem32READREG /SILENT /FAIL=1 (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 — Service: AMD External Events Utility — AMD — C:Windowssystem32atiesrxx.exe
O23 — Service: Creative Audio Engine Licensing Service — Creative Labs — C:Program FilesCommon FilesCreative Labs SharedServiceCTAELicensing.exe
O23 — Service: Creative Audio Service (CTAudSvcService) — Creative Technology Ltd — C:Program FilesCreativeShared FilesCTAudSvc.exe
O23 — Service: ESET HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: ESET Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: FLEXnet Licensing Service — Acresso Software Inc. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Nero BackItUp Scheduler 4.0 — Nero AG — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
O23 — Service: ServiceLayer — Nokia — C:Program FilesPC Connectivity SolutionServiceLayer.exe—
End of file — 3332 bytes@CERBER wrote:
Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Вы пробовали воспользоваться, программой сканирования в этой теме:
Как вылечить компьютер, первые шаги.Благодарю за ответ сейчас буду пробовать отпишу как попробую.
