Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Администратор at 2011-09-27 09:20:08
Microsoft Windows 7 Ultimate  
Системный раздел C: размер 6 GB (32%) Свободно 20 GB
Total RAM: 1919 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:20:11, on 27.09.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\ctfmon.exe
C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
C:\Program Files\Портативные программы\Запись дисков\Alcohol 120\Plugins\Helper\AlSrvN.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\Mail.Ru\Sputnik\SputnikHelper.exe
C:\Program Files\Mail.Ru\Sputnik\SputnikFlashPlayer.exe
C:\Program Files\WINRAR\WinRAR.exe
C:\Windows\hh.exe
C:\Users\Администратор\Desktop\RSIT.exe
C:\Program Files\trend micro\Администратор.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yandex.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/8305
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yandex.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://vkontakte.ru/demosfen_1608
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\apppatch\xskows.exe,
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
O4 - HKLM\..\Run: [RunUSBGuard] C:\Program Files\Портативные программы\Система\Блокировка AUTORUN USB_CD_DVD\RunUSBGuard.exe
O4 - HKLM\..\Run: [ctfmon] C:\Windows\System32\ctfmon.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [VKSaver] C:\ProgramData\VKSaver\VKSaver.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe" /gui
O4 - HKCU\..\Run: [AlSrvN] C:\Program Files\Портативные программы\Запись дисков\Alcohol 120\Plugins\Helper\AlSrvN.exe
O4 - HKCU\..\Run: [Skype] "C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ярлыки\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AlSrvN] C:\Program Files\Портативные программы\Запись дисков\Alcohol 120\Plugins\Helper\AlSrvN.exe (User 'система')
O4 - HKUS\.DEFAULT\..\Run: [AlSrvN] C:\Program Files\Портативные программы\Запись дисков\Alcohol 120\Plugins\Helper\AlSrvN.exe (User 'Default user')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: &Виртуальная клавиатура - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Microsoft Knowledge Base - {8B2D996F-B7D1-4961-A929-414D9CF5BA7B} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra 'Tools' menuitem: Microsoft Knowledge Base - {8B2D996F-B7D1-4961-A929-414D9CF5BA7B} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Проверка ссы&лок - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\VKSaver\vksaver3.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe

--
End of file - 6305 bytes

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-05-25 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll [2011-09-26 1556176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2011-09-15 264720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} - Спутник@Mail.Ru - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll [2011-09-26 1556176]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RunUSBGuard"=C:\Program Files\Портативные программы\Система\Блокировка AUTORUN USB_CD_DVD\RunUSBGuard.exe [2010-11-09 1192864]
"ctfmon"=C:\Windows\System32\ctfmon.exe [2009-07-14 8704]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2011-09-15 311680]
"VKSaver"=C:\ProgramData\VKSaver\VKSaver.exe [2011-09-15 224768]
"Guard.Mail.ru.gui"=C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe [2011-09-27 1482960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlSrvN"=C:\Program Files\Портативные программы\Запись дисков\Alcohol 120\Plugins\Helper\AlSrvN.exe [2009-04-17 53248]
"Skype"=C:\Users\Администратор\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ярлыки\Skype.exe [2010-10-11 14940040]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]


SA.DAT
SCHEDLGU.TXT


SA.DAT
SCHEDLGU.TXT

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\VKSaver\vksaver3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\Windows\system32\Ati2evxx.dll [2007-07-04 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-05-25 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceClassicControlPanel"=1
"NoSMConfigurePrograms"=1
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 3 месяца======

2011-09-27 09:20:08 ----D---- C:\rsit
2011-09-27 00:58:13 ----D---- C:\Program Files\trend micro
2011-09-27 00:20:14 ----RD---- C:\Users\Администратор\AppData\Roaming\4C32E8B0
2011-09-27 00:01:23 ----D---- C:\Users\Администратор\AppData\Roaming\Opera
2011-09-27 00:01:17 ----D---- C:\Program Files\Opera
2011-09-26 23:59:53 ----D---- C:\Users\Администратор\AppData\Roaming\Mail.Ru
2011-09-26 23:59:08 ----A---- C:\Windows\system32\out.txt
2011-09-26 23:58:47 ----D---- C:\Program Files\Mail.Ru
2011-09-22 21:44:26 ----D---- C:\Users\Администратор\AppData\Roaming\BookOffice
2011-09-21 13:48:03 ----D---- C:\Users\Администратор\AppData\Roaming\PlayFirst
2011-09-21 13:48:03 ----D---- C:\ProgramData\PlayFirst
2011-09-21 13:47:31 ----D---- C:\ProgramData\Egoset
2011-09-21 13:47:31 ----D---- C:\ProgramData\AlawarWrapper
2011-09-21 13:46:56 ----D---- C:\Program Files\Alawar.ru
2011-09-19 20:54:47 ----D---- C:\Program Files\The KMPlayer
2011-09-19 09:10:34 ----D---- C:\Users\Администратор\AppData\Roaming\IP-TV Player
2011-09-17 17:02:22 ----SHD---- C:\Windows\ftpcache
2011-09-17 17:01:32 ----A---- C:\sound32.dll
2011-09-17 17:01:26 ----A---- C:\Windows\starflight.ini
2011-09-15 17:04:05 ----D---- C:\Windows\SHELLNEW
2011-09-15 16:46:53 ----D---- C:\Program Files\Microsoft Works
2011-09-15 16:46:39 ----D---- C:\Program Files\Common Files\DESIGNER
2011-09-15 16:46:20 ----D---- C:\Windows\PCHEALTH
2011-09-15 16:46:20 ----D---- C:\Program Files\Microsoft.NET
2011-09-15 16:44:50 ----D---- C:\Program Files\Microsoft Office
2011-09-15 16:44:49 ----D---- C:\ProgramData\Microsoft Help
2011-09-15 16:44:28 ----RHD---- C:\MSOCache
2011-09-15 16:34:47 ----D---- C:\Windows\Sun
2011-09-15 15:28:03 ----A---- C:\Windows\system32\operaprefs_fixed.ini
2011-09-15 15:27:58 ----D---- C:\ProgramData\VKSaver
2011-09-15 15:13:39 ----A---- C:\Windows\matlab.ini
2011-09-15 15:13:12 ----D---- C:\Users\Администратор\AppData\Roaming\MathWorks
2011-09-15 15:12:19 ----AD---- C:\MATLAB6p1
2011-09-15 15:08:04 ----A---- C:\Windows\system32\jit.dll
2011-09-15 15:08:04 ----A---- C:\Windows\system32\javaee.dll
2011-09-15 15:08:04 ----A---- C:\Windows\system32\dx3j.dll
2011-09-15 15:08:04 ----A---- C:\Windows\setdebug.exe
2011-09-15 15:08:04 ----A---- C:\Windows\jautoexp.dat
2011-09-15 15:07:58 ----D---- C:\Windows\Java
2011-09-15 15:07:56 ----A---- C:\Windows\system32\wjview.exe
2011-09-15 15:07:56 ----A---- C:\Windows\system32\vmhelper.dll
2011-09-15 15:07:56 ----A---- C:\Windows\system32\msjdbc10.dll
2011-09-15 15:07:55 ----A---- C:\Windows\system32\msjava.dll
2011-09-15 15:07:55 ----A---- C:\Windows\system32\msawt.dll
2011-09-15 15:07:55 ----A---- C:\Windows\system32\jview.exe
2011-09-15 15:07:55 ----A---- C:\Windows\system32\jdbgmgr.exe
2011-09-15 15:07:55 ----A---- C:\Windows\system32\javart.dll
2011-09-15 15:07:55 ----A---- C:\Windows\system32\javaprxy.dll
2011-09-15 15:07:55 ----A---- C:\Windows\system32\javacypt.dll
2011-09-15 15:07:54 ----A---- C:\Windows\system32\clspack.exe
2011-09-15 15:05:44 ----D---- C:\Users\Администратор\AppData\Roaming\Mathsoft
2011-09-15 14:58:55 ----D---- C:\Program Files\MathCAD 11
2011-09-15 14:30:37 ----A---- C:\Windows\system32\drivers\hardlock.sys
2011-09-15 14:30:28 ----A---- C:\Windows\system32\haspvdd.dll
2011-09-15 14:30:28 ----A---- C:\Windows\system32\haspdos.sys
2011-09-15 14:30:28 ----A---- C:\Windows\system32\drivers\Haspnt.sys
2011-09-15 14:30:07 ----D---- C:\Program Files\1cv82
2011-09-15 14:28:02 ----D---- C:\Program Files\Notepad++
2011-09-15 14:24:32 ----D---- C:\Users\Администратор\AppData\Roaming\Softplicity
2011-09-15 14:24:23 ----D---- C:\Program Files\TotalAudioConverter
2011-09-15 14:21:32 ----D---- C:\Users\Администратор\AppData\Roaming\1C
2011-09-15 14:14:13 ----ASH---- C:\Windows\system32\drivers\ISwift3.dat
2011-09-15 14:12:32 ----A---- C:\Windows\system32\drivers\klin.dat
2011-09-15 14:12:32 ----A---- C:\Windows\system32\drivers\klick.dat
2011-09-15 14:12:11 ----D---- C:\ProgramData\Kaspersky Lab
2011-09-15 14:12:11 ----D---- C:\Program Files\Kaspersky Lab
2011-09-15 14:12:06 ----A---- C:\Windows\system32\drivers\klif.sys
2011-09-15 14:11:42 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2011-09-15 14:11:29 ----D---- C:\Program Files\Unlocker
2011-09-15 14:10:51 ----AH---- C:\Windows\system32\ezsidmv.dat
2011-09-15 14:10:47 ----D---- C:\Users\Администратор\AppData\Roaming\skypePM
2011-09-15 14:09:03 ----RD---- C:\Program Files\Skype
2011-09-15 14:09:03 ----D---- C:\Program Files\Common Files\Skype
2011-09-15 14:09:02 ----D---- C:\Users\Администратор\AppData\Roaming\Skype
2011-09-15 14:09:01 ----D---- C:\ProgramData\Skype
2011-09-15 14:08:03 ----D---- C:\Users\Администратор\AppData\Roaming\Yandex
2011-09-15 14:08:03 ----D---- C:\ProgramData\Yandex
2011-09-15 14:07:39 ----D---- C:\ProgramData\IP-TV Player
2011-09-15 14:07:39 ----D---- C:\Program Files\IP-TV Player
2011-09-15 14:06:18 ----D---- C:\Users\Администратор\AppData\Roaming\WinRAR
2011-09-15 14:03:30 ----D---- C:\Program Files\QIP Infium
2011-09-15 14:02:04 ----A---- C:\moduleName.txt
2011-09-15 14:02:03 ----D---- C:\Users\Администратор\AppData\Roaming\Google
2011-09-15 14:01:45 ----D---- C:\Program Files\Google
2011-09-15 13:58:12 ----A---- C:\Windows\boxworld.ini
2011-09-15 13:58:09 ----RASH---- C:\MSDOS.SYS
2011-09-15 13:58:09 ----RASH---- C:\IO.SYS
2011-09-15 13:56:31 ----D---- C:\Program Files\uTorrent
2011-09-15 13:56:17 ----D---- C:\Program Files\STDU Viewer
2011-09-15 13:56:17 ----D---- C:\Program Files\Common Files\STDUtility
2011-09-15 13:55:07 ----D---- C:\Program Files\FastStone
2011-09-15 07:30:37 ----RA---- C:\Windows\system32\atiiiexx.dll
2011-09-15 07:30:36 ----RA---- C:\Windows\system32\ATIDEMGX.dll
2011-09-15 07:30:35 ----RA---- C:\Windows\system32\ativva6x.dat
2011-09-15 07:30:34 ----RA---- C:\Windows\system32\ativva5x.dat
2011-09-15 07:30:33 ----RA---- C:\Windows\system32\ativvaxx.dat
2011-09-15 07:30:33 ----RA---- C:\Windows\system32\atiicdxx.dat
2011-09-15 07:30:30 ----D---- C:\Windows\system32\ReinstallBackups
2011-09-15 07:15:23 ----HD---- C:\Program Files\InstallShield Installation Information
2011-09-15 07:14:34 ----D---- C:\Program Files\Common Files\InstallShield
2011-09-14 22:35:06 ----D---- C:\Users\Администратор\AppData\Roaming\Macromedia
2011-09-14 22:34:12 ----D---- C:\Users\Администратор\AppData\Roaming\Adobe
2011-09-14 21:29:48 ----D---- C:\Users\Администратор\AppData\Roaming\Zbshareware Lab
2011-09-14 21:29:47 ----D---- C:\ProgramData\Zbshareware Lab
2011-09-14 21:27:51 ----D---- C:\Users\Администратор\AppData\Roaming\Identities
2011-09-14 21:27:29 ----A---- C:\Windows\system32\HashTab32.dll
2011-09-14 21:27:22 ----SD---- C:\Users\Администратор\AppData\Roaming\Microsoft
2011-09-14 21:27:22 ----D---- C:\Users\Администратор\AppData\Roaming\Winamp
2011-09-14 21:27:22 ----D---- C:\Users\Администратор\AppData\Roaming\uTorrent
2011-09-14 21:27:22 ----D---- C:\Users\Администратор\AppData\Roaming\Mozilla
2011-09-14 21:27:22 ----D---- C:\Users\Администратор\AppData\Roaming\InfraRecorder
2011-09-14 21:27:22 ----D---- C:\Users\Администратор\AppData\Roaming\FastStone
2011-09-14 21:27:22 ----D---- C:\Users\Администратор\AppData\Roaming\Browzar
2011-09-14 21:27:22 ----D---- C:\Users\Администратор\AppData\Roaming\AIMP
2011-09-14 21:27:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-14 21:24:46 ----A---- C:\Windows\system32\MRT.exe
2011-09-14 21:24:20 ----A---- C:\Windows\system32\drivers\sptd.sys
2011-09-14 21:23:42 ----D---- C:\Program Files\Microsoft Silverlight
2011-09-14 21:23:34 ----D---- C:\Windows\system32\Macromed
2011-09-14 21:23:28 ----A---- C:\Windows\system32\javaws.exe
2011-09-14 21:23:28 ----A---- C:\Windows\system32\javaw.exe
2011-09-14 21:23:28 ----A---- C:\Windows\system32\java.exe
2011-09-14 21:23:28 ----A---- C:\Windows\system32\deployJava1.dll
2011-09-14 21:23:18 ----D---- C:\Program Files\Java
2011-09-14 21:22:56 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-09-14 21:22:56 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-09-14 21:22:56 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-09-14 21:22:56 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-09-14 21:22:55 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-09-14 21:22:55 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-09-14 21:22:55 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-09-14 21:22:54 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-09-14 21:22:54 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-09-14 21:22:54 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-09-14 21:22:54 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-09-14 21:22:54 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-09-14 21:22:54 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-09-14 21:22:53 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-09-14 21:22:53 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-09-14 21:22:53 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-09-14 21:22:52 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-09-14 21:22:52 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-09-14 21:22:52 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-09-14 21:22:52 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-09-14 21:22:52 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-09-14 21:22:52 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-09-14 21:22:52 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-09-14 21:22:51 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-09-14 21:22:50 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-09-14 21:22:50 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-09-14 21:22:50 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-09-14 21:22:50 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-09-14 21:22:50 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-09-14 21:22:50 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-09-14 21:22:49 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-09-14 21:22:48 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-09-14 21:22:48 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-09-14 21:22:48 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-09-14 21:22:48 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-09-14 21:22:47 ----A---- C:\Windows\system32\xinput1_3.dll
2011-09-14 21:22:47 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-09-14 21:22:47 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-09-14 21:22:47 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-09-14 21:22:47 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-09-14 21:22:47 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-09-14 21:22:46 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-09-14 21:22:46 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-09-14 21:22:46 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-09-14 21:22:46 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-09-14 21:22:46 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-09-14 21:22:45 ----A---- C:\Windows\system32\xinput1_2.dll
2011-09-14 21:22:45 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-09-14 21:22:45 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-09-14 21:22:45 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-09-14 21:22:45 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-09-14 21:22:45 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-09-14 21:22:45 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-09-14 21:22:45 ----A---- C:\Windows\system32\d3dx10.dll
2011-09-14 21:22:44 ----A---- C:\Windows\system32\xinput1_1.dll
2011-09-14 21:22:44 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-09-14 21:22:43 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-09-14 21:22:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-09-14 21:22:39 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-09-14 21:22:39 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-09-14 21:22:39 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-09-14 21:22:39 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-09-14 21:22:39 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-09-14 21:22:39 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-09-14 21:22:38 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-09-14 21:22:37 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-09-14 21:20:51 ----SHD---- C:\Windows\Installer
2011-09-14 21:20:47 ----A---- C:\Windows\system32\zlib1.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\wrap_oal.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\Vbrun300.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\vbrun200.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\vbrun100.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\Vb40032.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\Vb40016.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\ssleay32.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\OpenAL32.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\msvcrt10.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\msvcr71.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\msvcr70.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\msvcp71.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\MSVCP70.DLL
2011-09-14 21:20:47 ----A---- C:\Windows\system32\msvci70.dll
2011-09-14 21:20:47 ----A---- C:\Windows\system32\MSSTKPRP.DLL
2011-09-14 21:20:47 ----A---- C:\Windows\system32\msstdfmt.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71u.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71KOR.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71JPN.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71ITA.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71FRA.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71ESP.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71ENU.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71DEU.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71CHT.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71CHS.DLL
2011-09-14 21:20:46 ----A---- C:\Windows\system32\MFC71.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70u.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70kor.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70jpn.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70ita.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70fra.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70esp.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70enu.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70deu.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70cht.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70chs.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\mfc70.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\libeay32.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\atl71.dll
2011-09-14 21:20:46 ----A---- C:\Windows\system32\atl70.dll
2011-09-14 21:20:44 ----D---- C:\Windows\system32\CPLDAPU
2011-09-14 21:20:33 ----SHD---- C:\Recovery
2011-09-14 21:20:33 ----SHD---- C:\ProgramData\Шаблоны
2011-09-14 21:20:33 ----SHD---- C:\ProgramData\Рабочий стол
2011-09-14 21:20:33 ----SHD---- C:\ProgramData\Избранное
2011-09-14 21:20:33 ----SHD---- C:\ProgramData\Документы
2011-09-14 21:20:33 ----SHD---- C:\ProgramData\Главное меню
2011-09-14 21:13:21 ----D---- C:\Windows\Panther
2011-09-14 20:17:46 ----D---- C:\Windows\SoftwareDistribution
2011-09-14 20:14:33 ----ASH---- C:\pagefile.sys
2011-09-14 20:14:29 ----D---- C:\Windows\Prefetch
2011-09-14 20:14:28 ----SHD---- C:\System Volume Information
2011-09-14 14:37:14 ----D---- C:\установки

======Список файлов и папок, измененных за последние 3 месяца======

2011-09-27 09:19:24 ----D---- C:\Windows\system32\drivers
2011-09-27 09:02:00 ----D---- C:\Windows\inf
2011-09-27 09:02:00 ----AD---- C:\Windows\System32
2011-09-27 08:57:24 ----D---- C:\Windows\Temp
2011-09-27 08:19:53 ----D---- C:\Windows\AppPatch
2011-09-27 00:58:13 ----RD---- C:\Program Files
2011-09-26 14:37:01 ----RHD---- C:\ProgramData
2011-09-23 03:09:02 ----D---- C:\Windows
2011-09-19 16:33:25 ----A---- C:\Windows\system32\Akelpad.ini
2011-09-16 15:05:12 ----D---- C:\Windows\system32\wdi
2011-09-16 08:08:36 ----RD---- C:\Закакчки uTorrent
2011-09-15 17:32:08 ----D---- C:\Windows\system32\Tasks
2011-09-15 17:27:00 ----D---- C:\Windows\Logs
2011-09-15 17:23:40 ----D---- C:\Windows\system32\config
2011-09-15 17:23:36 ----D---- C:\Windows\winsxs
2011-09-15 17:21:19 ----D---- C:\Windows\system32\catroot2
2011-09-15 17:13:28 ----RSD---- C:\Windows\assembly
2011-09-15 17:11:46 ----RSD---- C:\Windows\Fonts
2011-09-15 17:00:33 ----D---- C:\Windows\system32\catroot
2011-09-15 16:49:11 ----D---- C:\Program Files\Common Files\microsoft shared
2011-09-15 16:46:39 ----D---- C:\Program Files\Common Files
2011-09-15 16:46:20 ----SD---- C:\ProgramData\Microsoft
2011-09-15 15:58:42 ----D---- C:\Windows\system32\da-DK
2011-09-15 14:30:49 ----D---- C:\Windows\system32\DriverStore
2011-09-15 14:30:36 ----D---- C:\Windows\system32\Setup
2011-09-15 09:40:00 ----D---- C:\Windows\system32\drivers\UMDF
2011-09-14 21:27:57 ----D---- C:\Windows\Microsoft.NET
2011-09-14 21:27:48 ----SHD---- C:\$Recycle.Bin
2011-09-14 21:27:22 ----RD---- C:\Users
2011-09-14 21:26:29 ----RD---- C:\Program Files\WINRAR
2011-09-14 21:26:13 ----D---- C:\Windows\system32\wbem
2011-09-14 21:24:49 ----D---- C:\Windows\debug
2011-09-14 21:23:50 ----D---- C:\Windows\system32\CodeIntegrity
2011-09-14 21:23:02 ----D---- C:\Windows\rescache
2011-09-14 21:22:14 ----D---- C:\Windows\system32\restore
2011-09-14 21:20:40 ----D---- C:\Windows\Cursors
2011-09-14 21:20:33 ----D---- C:\Program Files\Windows NT
2011-09-14 21:13:06 ----D---- C:\Windows\system32\ru-RU
2011-09-14 21:13:06 ----D---- C:\Windows\system32\en-US
2011-09-14 20:17:40 ----D---- C:\Windows\system32\sysprep
2011-09-14 20:15:20 ----D---- C:\Windows\CSC

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 klbg;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\drivers\klbg.sys [2008-12-15 33808]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-09-14 697328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2011-09-15 128016]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-09-15 280592]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-05-15 21008]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Hardlock;Hardlock; C:\Windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [2011-09-15 47616]
R3 athr;Расширяемый драйвер устройств беспроводной сети Atheros; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 ati2mtag;ati2mtag; C:\Windows\system32\DRIVERS\ati2mtag.sys [2007-07-04 2304000]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 драйвер; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\Windows\system32\Ati2evxx.exe [2007-07-04 483328]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe [2011-09-27 1482960]
S2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2011-09-15 311680]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------