Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Huaynaputina at 2012-03-23 22:41:35
Microsoft Windows XP Professional Service Pack 3
Системный раздел C: размер 9 GB (30%) Свободно 30 GB
Total RAM: 2046 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:41:37, on 23.03.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Temp\RSIT.exe
C:\Program Files\trend micro\Huaynaputina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.local/advanced.pl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
R3 - URLSearchHook: (no name) - {83821C2B-32A8-4DD7-B6D4-44309A78E668} - C:\Program Files\Mail.Ru\Agent\Mra\dll\newmrasearch.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AlterGeo Magic Scanner - {9BFBA68E-E21B-458E-AE12-FE85E903D2C1} - C:\Program Files\AlterGeo\AlterGeo Magic Scanner\3.3.2.779\AlterGeo.BrowserPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Punto Switcher] C:\Program Files\Punto Switcher\ps.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra 'Tools' menuitem: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Предзагрузчик Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Демон кэша категорий компонентов - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Корпорация Майкрософт - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) - Корпорация Майкрософт - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe

--
End of file - 5201 bytes

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C1}]
AlterGeoBHO Class - C:\Program Files\AlterGeo\AlterGeo Magic Scanner\3.3.2.779\AlterGeo.BrowserPlugin.dll [2011-06-08 282656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-12 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-12 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2006-03-30 471040]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"USB Antivirus"=C:\Program Files\USB Disk Security\USBGuard.exe [2010-01-12 819200]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-01-13 460872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Punto Switcher"=C:\Program Files\Punto Switcher\ps.exe [2007-11-14 201728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2006-03-16 88204]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
C:\WINDOWS\ALCWZRD.EXE [2006-02-20 2809856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-22 26112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files\GameSpy\Comrade\Comrade.exe [2007-05-27 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp]
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-11-28 569413]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe /gui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-11-28 602182]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-11-28 667718]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MAgent]
C:\Program Files\Mail.Ru\Agent\magent.exe [2012-01-18 14900288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-02-27 16005120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2006-02-20 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\games\Steam\Steam.exe [2010-11-20 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Huaynaputina^Главное меню^Программы^Автозагрузка^waabxsdouble.lnk]
C:\WINDOWS\system32\cmd.exe [2008-04-15 396288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wscsvc"=2
"Guard.Mail.ru"=2
"Ati HotKey Poller"=2
"S24EventMonitor"=3
"RegSrvc"=3
"EvtEng"=3
"JavaQuickStarterService"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-22 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Huaynaputina\Local Settings\Application Data\Mail.Ru\GameDownloader\MailRuDownloader.exe"="C:\Documents and Settings\Huaynaputina\Local Settings\Application Data\Mail.Ru\GameDownloader\MailRuDownloader.exe:*:Enabled:Загрузчик Игр@Mail.Ru"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Games\Steam\Steam.exe"="D:\Games\Steam\Steam.exe:*:Enabled:Steam"
"D:\Games\Steam\steamapps\Huaynaputina\team fortress 2\hl2.exe"="D:\Games\Steam\steamapps\Huaynaputina\team fortress 2\hl2.exe:*:Enabled:hl2"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Games\Civilization IV\Civilization4.exe"="D:\Games\Civilization IV\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"D:\Games\Civilization IV\Beyond the Sword\Civ4BeyondSword.exe"="D:\Games\Civilization IV\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"D:\Games\Civilization IV\Beyond the Sword\Civ4BeyondSword_PitBoss.exe"="D:\Games\Civilization IV\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\IP-TV Player\UdpProxy.exe"="C:\Program Files\IP-TV Player\UdpProxy.exe:*:Enabled:UDP-to-HTTP Proxy"
"C:\Program Files\IP-TV Player\IpTvPlayer.exe"="C:\Program Files\IP-TV Player\IpTvPlayer.exe:*:Enabled:IP-TV Player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======Список файлов и папок, созданных за последние 3 месяца======

2012-03-23 22:41:35 ----D---- C:\rsit
2012-03-23 21:03:36 ----A---- C:\WINDOWS\resetlog.txt
2012-03-23 02:56:11 ----D---- C:\WINDOWS\Minidump
2012-03-23 01:32:51 ----D---- C:\Program Files\trend micro
2012-03-22 19:21:22 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\Malwarebytes
2012-03-22 19:21:02 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2012-03-22 19:20:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-03-22 19:20:59 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-03-22 18:56:09 ----D---- C:\Program Files\avz4
2012-03-22 04:35:13 ----HD---- C:\WINDOWS\system32\GroupPolicy
2012-03-22 04:10:13 ----D---- C:\Program Files\Alwil Software
2012-03-14 14:10:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-03-14 14:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2012-03-14 14:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$
2012-03-14 09:27:14 ----A---- C:\WINDOWS\system32\ptpusb.dll
2012-03-14 09:27:13 ----A---- C:\WINDOWS\system32\ptpusd.dll
2012-03-07 23:19:53 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\VST3 Presets
2012-03-07 23:17:13 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\Steinberg
2012-03-07 23:17:12 ----D---- C:\Program Files\Steinberg
2012-03-07 23:16:26 ----D---- C:\Documents and Settings\All Users\Application Data\Syncrosoft
2012-03-07 23:16:26 ----A---- C:\WINDOWS\system32\audcon.sys
2012-03-07 23:15:32 ----D---- C:\Program Files\Common Files\Steinberg
2012-03-07 23:15:32 ----D---- C:\Documents and Settings\All Users\Application Data\Steinberg
2012-03-07 23:13:13 ----D---- C:\Program Files\Syncrosoft
2012-03-07 23:13:13 ----D---- C:\Program Files\eLicenser
2012-03-07 23:13:13 ----D---- C:\Documents and Settings\All Users\Application Data\eLicenser
2012-03-07 23:13:08 ----A---- C:\WINDOWS\system32\SYNSOACC.dll
2012-03-07 23:13:07 ----A---- C:\WINDOWS\system32\SYNSOPOS.exe
2012-02-18 02:30:26 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\Canon
2012-02-15 18:16:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-02-15 18:16:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2647516$
2012-02-15 18:16:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-02-15 18:10:46 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-02-06 21:09:03 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\Sony Creative Software
2012-01-27 16:28:43 ----D---- C:\Program Files\Lizardtech
2012-01-21 20:07:17 ----D---- C:\WINDOWS\system32\Adobe
2012-01-18 18:40:16 ----D---- C:\Program Files\AlterGeo
2012-01-18 14:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-13 22:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-13 22:46:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-13 22:38:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-13 22:32:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-13 22:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-06 15:08:44 ----A---- C:\WINDOWS\IsUninst.exe

======Список файлов и папок, измененных за последние 3 месяца======

2012-03-23 22:40:30 ----D---- C:\WINDOWS\Prefetch
2012-03-23 22:39:53 ----D---- C:\WINDOWS\system32\drivers
2012-03-23 22:38:29 ----D---- C:\WINDOWS\system32\CatRoot2
2012-03-23 22:36:31 ----D---- C:\WINDOWS\Temp
2012-03-23 22:36:18 ----D---- C:\Temp
2012-03-23 22:32:27 ----SHD---- C:\WINDOWS\CSC
2012-03-23 22:22:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-03-23 21:24:30 ----RASH---- C:\boot.ini
2012-03-23 21:03:38 ----D---- C:\WINDOWS\system32\drivers\etc
2012-03-23 21:03:36 ----D---- C:\WINDOWS
2012-03-23 01:32:51 ----RD---- C:\Program Files
2012-03-23 01:10:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2012-03-23 01:10:07 ----D---- C:\WINDOWS\security
2012-03-22 21:23:30 ----A---- C:\WINDOWS\NeroDigital.ini
2012-03-22 10:22:02 ----D---- C:\WINDOWS\pss
2012-03-22 06:20:42 ----SHD---- C:\System Volume Information
2012-03-22 06:20:42 ----D---- C:\WINDOWS\system32\Restore
2012-03-22 04:50:11 ----D---- C:\WINDOWS\system32
2012-03-22 04:16:21 ----D---- C:\WINDOWS\system32\config
2012-03-22 03:06:53 ----A---- C:\WINDOWS\win.ini
2012-03-22 03:06:53 ----A---- C:\WINDOWS\system.ini
2012-03-21 07:35:03 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\uTorrent
2012-03-21 05:03:31 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\Skype
2012-03-14 14:10:58 ----HD---- C:\WINDOWS\inf
2012-03-14 14:10:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-03-14 14:10:52 ----HD---- C:\WINDOWS\$hf_mig$
2012-03-14 14:07:18 ----A---- C:\WINDOWS\system32\MRT.exe
2012-03-14 14:07:09 ----A---- C:\WINDOWS\imsins.BAK
2012-03-07 23:18:27 ----SHD---- C:\WINDOWS\Installer
2012-03-07 23:18:27 ----SHD---- C:\Config.Msi
2012-03-07 23:15:36 ----SD---- C:\Documents and Settings\Huaynaputina\Application Data\Microsoft
2012-03-07 23:15:32 ----D---- C:\Program Files\Common Files
2012-03-07 23:13:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-02-25 03:11:50 ----D---- C:\Program Files\uTorrent
2012-02-18 01:33:48 ----D---- C:\Program Files\Vuescan
2012-02-17 17:33:53 ----D---- C:\WINDOWS\Media
2012-02-17 17:33:45 ----D---- C:\WINDOWS\twain_32
2012-02-15 23:40:32 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-15 23:40:28 ----RSD---- C:\WINDOWS\assembly
2012-02-15 18:25:04 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-02-15 18:23:33 ----D---- C:\WINDOWS\WinSxS
2012-02-05 06:05:50 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\vlc
2012-01-22 00:13:06 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\IP-TV Player
2012-01-21 20:09:23 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\Adobe
2012-01-18 18:44:27 ----D---- C:\Documents and Settings\Huaynaputina\Application Data\Mra
2012-01-01 23:11:27 ----AC---- C:\WINDOWS\Wwp.INI

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-17 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-03-07 431672]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 intelppm;Драйвер Intel процессора; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40704]
R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-11-07 21275]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 s24trans;Транспорт беспроводной сети; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-16 1124097]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-22 1505792]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-27 4241920]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Драйвер мыши HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S3 antr4qsd;antr4qsd; C:\WINDOWS\system32\drivers\antr4qsd.sys []
S3 usbaudio;Аудио драйвер USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Драйвер USB-сканера; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S3 aspnet_state;Служба состояний ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-22 405504]
S4 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-06-12 153376]
S4 NetTcpPortSharing;Служба общего доступа к портам Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
S4 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]

-----------------EOF-----------------