ComboFix.txt 1/2:
Код:
ComboFix 10-05-23.06 - Admin 24.05.2010 13:24:49.2.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3039.2550 [GMT 4:00]
Running from: d:\documents and settings\Admin\Рабочий стол\ComboFix.exe
Command switches used :: d:\documents and settings\Admin\Рабочий стол\CFScript.txt
FILE ::
"d:\documents and settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\taskmgr.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\documents and settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\taskmgr.exe
.
((((((((((((((((((((((((( Files Created from 2010-04-24 to 2010-05-24 )))))))))))))))))))))))))))))))
.
2010-05-23 18:14 . 2010-05-23 18:14 7840 ----a-w- D:\ComboFix.zip
2010-05-23 12:31 . 2010-05-23 12:31 -------- d-----w- D:\rsit
2010-05-23 12:31 . 2010-05-23 12:31 -------- d-----w- d:\program files\trend micro
2010-05-23 12:24 . 2010-05-23 12:24 579072 -c--a-w- d:\windows\system32\dllcache\user32.dll
2010-05-23 12:23 . 2010-05-23 12:23 -------- d-----w- d:\windows\ERUNT
2010-05-23 12:14 . 2010-05-23 12:28 -------- d-----w- D:\SDFix
2010-05-22 15:04 . 2010-05-22 15:04 11264 ----a-w- d:\windows\system32\drivers\uzcynze0.sys
2010-05-18 19:35 . 2005-08-16 07:38 17516 ----a-w- d:\windows\system32\drivers\frmupgr.sys
2010-05-18 19:35 . 2005-08-16 07:34 44163 ----a-w- d:\windows\system32\drivers\btwhid.sys
2010-05-18 16:58 . 2010-05-18 16:58 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\WMTools Downloaded Files
2010-05-17 20:34 . 2010-05-17 20:34 -------- d-----w- d:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-05-17 20:29 . 2010-05-17 20:29 -------- d-----w- d:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-05-17 20:28 . 2010-05-17 20:28 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\Google
2010-05-17 20:28 . 2010-05-17 20:29 -------- d-----w- d:\program files\Google
2010-05-17 20:16 . 2006-01-30 07:32 5632 ----a-w- d:\windows\system32\pxc25pm.dll
2010-05-17 20:16 . 2004-12-07 05:11 258352 ----a-w- d:\windows\system32\unicows.dll
2010-05-17 20:16 . 2010-05-17 20:19 -------- d-----w- d:\program files\ABBYY PDF Transformer 2.0
2010-05-17 19:43 . 2010-05-17 19:43 -------- d-----w- d:\documents and settings\Admin\Application Data\ABBYY
2010-05-17 18:11 . 2010-05-17 19:43 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\ABBYY
2010-05-17 17:07 . 2010-05-17 17:07 -------- d-----w- d:\windows\Sun
2010-05-17 16:13 . 2010-05-17 16:13 -------- d-----w- d:\program files\Tracker Software
2010-05-17 14:58 . 2009-12-17 20:14 30536 ----a-w- d:\windows\system32\TURegOpt.exe
2010-05-17 14:58 . 2009-12-17 20:08 30024 ----a-w- d:\windows\system32\uxtuneup.dll
2010-05-17 14:58 . 2010-05-17 14:58 -------- d-----w- d:\documents and settings\Admin\Application Data\TuneUp Software
2010-05-17 14:58 . 2010-05-17 14:58 -------- d-----w- d:\program files\TuneUp Utilities 2010
2010-05-17 14:55 . 2010-05-17 14:58 -------- d-----w- d:\documents and settings\All Users\Application Data\TuneUp Software
2010-05-17 14:55 . 2010-05-17 14:55 -------- d-sh--w- d:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-05-16 18:06 . 2010-05-16 18:06 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\Cyberlink
2010-05-16 18:05 . 2010-05-16 18:05 -------- d-----w- d:\program files\Common Files\CyberLink
2010-05-16 18:05 . 2010-05-16 18:05 -------- d-----w- d:\program files\CyberLink
2010-05-16 18:04 . 2010-05-16 18:04 29480 ----a-w- d:\windows\system32\msxml3a.dll
2010-05-16 18:04 . 2010-05-16 18:04 53319 ----a-w- d:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-05-16 17:42 . 2010-05-16 17:42 -------- d-----w- d:\documents and settings\Admin\Application Data\CyberLink
2010-05-16 17:40 . 2010-05-16 17:40 -------- d-----w- d:\documents and settings\All Users\Application Data\CyberLink
2010-05-16 16:51 . 2010-05-18 16:11 -------- d---a-w- d:\documents and settings\All Users\Application Data\TEMP
2010-05-16 16:51 . 2010-05-16 16:52 -------- d-----w- d:\program files\AoA Audio Extractor
2010-05-16 13:04 . 2010-05-16 13:09 -------- d-----w- d:\program files\Runtime Software
2010-05-15 20:17 . 2010-05-15 20:17 -------- d-----w- d:\program files\PC Inspector File Recovery
2010-05-15 16:44 . 2010-05-15 16:47 -------- d-----w- d:\program files\Unlocker
2010-05-15 16:29 . 2010-05-15 16:29 -------- d-----w- d:\documents and settings\Admin\Application Data\Yandex
2010-05-15 16:28 . 2010-05-15 16:28 0 ----a-w- d:\windows\nsreg.dat
2010-05-15 16:28 . 2010-05-15 16:28 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\Mozilla
2010-05-15 15:50 . 2010-05-16 17:30 -------- d-----w- d:\documents and settings\Admin\Application Data\petromap
2010-05-15 15:49 . 2010-05-16 17:30 -------- d-----w- d:\program files\Карта Петрозаводска
2010-05-13 17:20 . 2010-05-13 17:20 -------- d-----w- d:\program files\MediaInfo
2010-05-13 16:59 . 2010-05-13 16:59 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\ACD Systems
2010-05-13 16:59 . 2010-05-13 16:59 -------- d-----w- d:\documents and settings\Admin\Application Data\ACD Systems
2010-05-13 16:58 . 2010-05-13 16:58 -------- d-----w- d:\documents and settings\All Users\Application Data\ACD Systems
2010-05-13 16:58 . 2010-05-13 16:58 -------- d-----w- d:\program files\Common Files\ACD Systems
2010-05-13 16:58 . 2010-05-13 16:58 -------- d-----w- d:\program files\ACD Systems
2010-05-12 19:06 . 2005-09-01 07:03 5888 ------w- d:\windows\system32\drivers\imagedrv.sys
2010-05-12 19:06 . 2005-09-01 07:03 127488 ------w- d:\windows\system32\drivers\imagesrv.sys
2010-05-12 19:06 . 2006-01-12 11:40 155648 ----a-w- d:\windows\system32\NeroCheck.exe
2010-05-12 19:06 . 2000-06-26 06:45 106496 ----a-w- d:\windows\system32\TwnLib20.dll
2010-05-12 19:06 . 2010-05-12 19:06 -------- d-----w- d:\program files\Ahead
2010-05-12 19:06 . 2010-05-12 19:06 -------- d-----w- d:\program files\Common Files\Ahead
2010-05-12 17:56 . 2010-05-12 17:56 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\Ahead
2010-05-11 17:55 . 2010-05-11 17:55 -------- d-----w- d:\documents and settings\All Users\Application Data\LightScribe
2010-05-11 17:55 . 2010-05-11 18:04 -------- d-----w- d:\documents and settings\Admin\Application Data\Nero
2010-05-11 17:09 . 2010-05-11 18:51 -------- d-----w- d:\program files\Common Files\Nero
2010-05-11 17:09 . 2010-05-11 18:51 -------- d-----w- d:\documents and settings\All Users\Application Data\Nero
2010-05-10 17:58 . 2010-05-10 17:58 56 ---ha-w- d:\windows\system32\ezsidmv.dat
2010-05-10 17:58 . 2010-05-10 17:58 -------- d-----w- d:\documents and settings\Admin\Application Data\skypePM
2010-05-10 14:23 . 2010-05-10 18:01 -------- d-----w- d:\documents and settings\Admin\Application Data\Skype
2010-05-10 14:23 . 2010-05-10 14:23 -------- d-----w- d:\program files\Common Files\Skype
2010-05-10 14:23 . 2010-05-10 14:23 -------- d-----r- d:\program files\Skype
2010-05-10 14:23 . 2010-05-10 14:23 -------- d-----w- d:\documents and settings\All Users\Application Data\Skype
2010-05-10 13:53 . 2010-05-15 15:35 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\Paint.NET
2010-05-10 13:49 . 2010-05-10 13:49 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\Opera
2010-05-10 13:49 . 2010-05-10 13:49 -------- d-----w- d:\program files\Opera
2010-05-10 13:02 . 2010-05-10 13:02 223128 ----a-w- d:\windows\system32\drivers\vaxscsi.sys
2010-05-10 13:02 . 2010-05-10 13:02 -------- d-----w- d:\program files\Alcohol Soft
2010-05-10 12:51 . 2010-05-17 18:12 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\Adobe
2010-05-10 12:50 . 2010-05-17 18:12 -------- d-----w- d:\program files\Common Files\Adobe
2010-05-10 12:40 . 2008-09-26 14:01 621056 ----a-r- d:\windows\system32\drivers\mod7700.sys
2010-05-10 12:40 . 2008-09-26 14:01 113664 ----a-r- d:\windows\system32\drivers\ewusbnet.sys
2010-05-10 12:40 . 2008-09-26 14:01 101376 ----a-r- d:\windows\system32\drivers\ewusbmdm.sys
2010-05-10 12:40 . 2008-09-26 14:00 24448 ----a-r- d:\windows\system32\drivers\ewdcsc.sys
2010-05-10 12:39 . 2010-05-10 12:41 -------- d-----w- d:\program files\MegaFon Internet
2010-05-10 12:04 . 2010-05-10 12:14 -------- d-----w- d:\documents and settings\Admin\Application Data\Download Master
2010-05-10 12:04 . 2007-12-18 10:56 1412608 ----a-w- d:\documents and settings\Admin\Application Data\Download Master\temp\skin.dll
2010-05-10 12:04 . 2010-05-10 12:04 -------- d-----w- d:\program files\Download Master
2010-05-10 11:50 . 2010-05-10 12:00 891 ----a-w- d:\windows\system32\secushr.dat
2010-05-10 11:49 . 2010-05-10 11:49 -------- d-----w- d:\documents and settings\Admin\Application Data\FlashGet
2010-05-10 11:19 . 2010-05-10 11:19 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\Help
2010-05-10 11:19 . 2010-05-10 11:38 -------- d-----w- d:\program files\GoldWave
2010-05-10 11:07 . 2010-05-15 15:54 -------- d-----w- d:\program files\Контур Петрозаводск
2010-05-10 11:00 . 2010-05-10 11:00 -------- d-----w- d:\program files\LizardTech
2010-05-10 10:54 . 2010-05-10 10:55 -------- d-----w- d:\windows\ShellNew
2010-05-10 10:32 . 2010-05-10 10:32 -------- d--h--w- d:\documents and settings\All Users\Application Data\CanonIJScan
2010-05-10 10:30 . 2010-05-10 10:32 -------- d-----w- d:\documents and settings\Admin\Application Data\Canon
2010-05-10 08:24 . 2009-04-28 11:41 303104 ----a-w- d:\windows\system32\CNC640L.dll
2010-05-10 08:24 . 2009-04-03 12:00 1310720 ----a-w- d:\windows\system32\CNC640C.dll
2010-05-10 08:24 . 2009-04-03 11:59 110592 ----a-w- d:\windows\system32\CNC640I.dll
2010-05-10 08:24 . 2009-04-03 11:57 106496 ----a-w- d:\windows\system32\CNC640U.dll
2010-05-10 08:24 . 2008-08-25 14:02 15872 ----a-w- d:\windows\system32\CNHMCA.dll
2010-05-10 08:24 . 2008-04-13 20:15 15104 -c--a-w- d:\windows\system32\dllcache\usbscan.sys
2010-05-10 08:24 . 2008-04-13 20:15 15104 ----a-w- d:\windows\system32\drivers\usbscan.sys
2010-05-10 08:24 . 2010-05-10 08:44 -------- d-----w- d:\documents and settings\Admin\Application Data\Canon Easy-WebPrint EX
2010-05-10 08:24 . 2010-05-10 08:24 -------- d-----w- d:\program files\Common Files\CANON
2010-05-10 08:22 . 2010-05-10 08:22 -------- d--h--w- d:\documents and settings\All Users\Application Data\CanonBJ
2010-05-10 08:22 . 2010-05-10 08:22 -------- d--h--w- d:\windows\system32\CanonIJ Uninstaller Information
2010-05-10 08:22 . 2009-05-26 01:00 70656 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\CNMPPA2.DLL
2010-05-10 08:22 . 2009-05-26 01:00 27648 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\CNMPDA2.DLL
2010-05-10 08:22 . 2009-05-26 01:00 272384 ----a-w- d:\windows\system32\CNMLMA2.DLL
2010-05-10 08:22 . 2009-03-18 00:09 178176 ----a-w- d:\windows\system32\CNMIUA2.DLL
2010-05-10 08:22 . 2009-02-04 04:17 90112 ----a-w- d:\windows\system32\CNC640O.dll
2010-05-10 08:22 . 2010-05-10 08:22 -------- d--h--w- d:\program files\CanonBJ
2010-05-10 08:22 . 2010-05-10 08:22 -------- d-----w- d:\windows\system32\STRING
2010-05-10 08:22 . 2010-05-10 08:22 -------- d-----w- d:\windows\system32\CHM
2010-05-10 08:22 . 2009-04-03 07:51 137216 ----a-w- d:\windows\system32\CNMNPUI.DLL
2010-05-10 08:22 . 2009-04-03 07:51 353792 ----a-w- d:\windows\system32\CNMNPPM.DLL
2010-05-10 08:20 . 2010-05-10 08:24 -------- d-----w- d:\program files\Canon
2010-05-10 08:17 . 2008-04-13 20:17 25856 -c--a-w- d:\windows\system32\dllcache\usbprint.sys
2010-05-10 08:17 . 2008-04-13 20:17 25856 ----a-w- d:\windows\system32\drivers\usbprint.sys
2010-05-08 20:20 . 2010-05-08 20:20 -------- d-----w- d:\documents and settings\Admin\Application Data\Media Player Classic
2010-05-08 19:59 . 2010-05-08 19:59 -------- d-----w- d:\windows\system32\LogFiles
2010-05-08 19:58 . 2008-04-13 20:15 26112 -c--a-w- d:\windows\system32\dllcache\usbser.sys
2010-05-08 19:58 . 2008-04-13 20:15 26112 ----a-w- d:\windows\system32\drivers\usbser.sys
2010-05-08 19:56 . 2008-03-21 09:57 14640 ------w- d:\windows\system32\spmsgXP_2k3.dll
2010-05-08 19:56 . 2010-05-08 19:56 -------- d-----w- d:\documents and settings\Admin\Application Data\Nokia
2010-05-08 19:56 . 2010-05-08 19:59 -------- d-----w- d:\documents and settings\Admin\Application Data\PC Suite
2010-05-08 19:56 . 2010-05-08 19:59 -------- d-----w- d:\documents and settings\All Users\Application Data\PC Suite
2010-05-08 19:54 . 2010-05-08 19:54 95232 ----a-w- d:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2010-05-08 19:54 . 2010-05-08 19:54 8192 ----a-w- d:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-24 09:24 . 2008-04-15 13:00 77078 ----a-w- d:\windows\system32\perfc019.dat
2010-05-24 09:24 . 2008-04-15 13:00 448934 ----a-w- d:\windows\system32\perfh019.dat
2010-05-08 20:23 . 2010-05-08 20:23 -------- d-----w- d:\program files\K-Lite Codec Pack
2010-05-08 19:59 . 2010-05-08 19:59 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-05-08 19:59 . 2010-05-08 19:59 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-05-08 19:56 . 2010-05-08 19:56 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-05-08 19:56 . 2010-05-08 19:56 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-05-08 19:55 . 2010-05-08 19:55 -------- d-----w- d:\program files\Common Files\PCSuite
2010-05-08 19:55 . 2010-05-08 19:55 -------- d-----w- d:\program files\Common Files\Nokia
2010-05-08 19:55 . 2010-05-08 19:55 -------- d-----w- d:\program files\Nokia
2010-05-08 19:55 . 2010-05-08 19:55 -------- d-----w- d:\program files\DIFX
2010-05-08 19:55 . 2010-05-08 19:55 -------- d-----w- d:\program files\PC Connectivity Solution
2010-05-07 15:01 . 2010-05-04 21:55 86327 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-05 16:10 . 2010-05-05 16:10 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2010-05-05 14:50 . 2010-05-05 14:50 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_enecir_01005.Wdf
2010-05-05 14:50 . 2010-05-05 14:50 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-05-05 01:50 . 2010-05-05 01:50 -------- d-----w- d:\program files\IDT
2010-05-04 22:09 . 2010-05-04 22:09 552 ----a-w- d:\windows\system32\d3d8caps.dat
2010-05-04 21:59 . 2010-05-04 21:59 -------- d-----w- d:\program files\VistaDriveIcon
2010-05-04 21:59 . 2010-05-04 21:59 722416 ----a-w- d:\windows\system32\drivers\sptd.sys
2010-05-04 21:59 . 2010-05-04 21:59 -------- d---a-w- d:\program files\Paint.NET
2010-05-04 21:58 . 2010-05-04 21:59 411368 ----a-w- d:\windows\system32\deploytk.dll
2010-05-04 21:58 . 2010-05-04 21:58 -------- d-----w- d:\program files\Java
2010-05-04 21:53 . 2010-05-04 21:53 22564 ----a-w- d:\windows\system32\emptyregdb.dat
2010-05-04 21:53 . 2010-05-04 21:53 -------- d-----w- d:\program files\Windows Media Connect 2
2010-04-21 19:27 . 2010-05-08 19:55 34001264 ----a-w- d:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_rus_web.exe
2010-03-09 07:01 . 2010-04-29 17:27 130672 ----a-w- d:\windows\system32\drivers\jmcr.sys
.
------- Sigcheck -------
[-] 2009-09-13 . 6A104BA98D99D53AB0C91825CE659FC6 . 361600 . . [5.1.2600.5625] . . d:\windows\system32\drivers\tcpip.sys
[-] 2009-09-13 . 85315C6F61092584BCD96A1EF8A02B4C . 78360 . . [7.2.6001.788] . . d:\windows\system32\wuauclt.exe
[-] 2010-05-23 . 23B7D3F3F5EC8FEEA75EC381C71CBD5E . 579072 . . [5.1.2600.5512] . . d:\windows\system32\dllcache\user32.dll
[-] 2009-09-13 . 23B7D3F3F5EC8FEEA75EC381C71CBD5E . 579072 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
[-] 2009-09-13 . 7BF5762CE65A58B7C15B78673F3C3DD3 . 1040384 . . [8.00.6001.22896] . . d:\windows\system32\wininet.dll
[-] 2009-09-13 . B8D3A575A3C0E1A4B724E2BD05394E60 . 1721344 . . [6.00.2900.5512] . . d:\windows\explorer.exe
[-] 2009-09-13 . AB778E794E8F39D0D387A440AD356944 . 1571840 . . [5.1.2600.5512] . . d:\windows\system32\sfcfiles.dll
[-] 2009-09-13 . C4C2628D119D2FF1B7723E084F4B181E . 30208 . . [5.1.2600.5512] . . d:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-05-23_18.03.22 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-15 13:00 . 2010-05-23 12:30 63862 d:\windows\system32\perfc009.dat
+ 2008-04-15 13:00 . 2010-05-24 09:24 63862 d:\windows\system32\perfc009.dat
+ 2008-04-15 13:00 . 2010-05-24 09:24 406662 d:\windows\system32\perfh009.dat
- 2008-04-15 13:00 . 2010-05-23 12:30 406662 d:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaIcon"="d:\program files\VistaDriveIcon\VistaDrv.exe" [2008-01-02 132096]
"Download Master"="d:\program files\Download Master\dmaster.exe" [2010-04-30 3791360]
"PC Suite Tray"="d:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-17 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="d:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652]
"HP Software Update"="d:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="d:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-09-01 499768]
"QlbCtrl.exe"="d:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"CanonMyPrinter"="d:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-23 1983816]
"CanonSolutionMenu"="d:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312]
"NeroFilterCheck"="d:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"UnlockerAssistant"="d:\program files\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872]
"RemoteControl9"="d:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-11-29 87336]
"BDRegion"="d:\program files\Cyberlink\Shared Files\brs.exe" [2009-11-19 75048]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2009-09-13 30208]
"VistaIcon"="d:\program files\VistaDriveIcon\VistaDrv.exe" [2008-01-02 132096]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IE8_01"="shell32" [X]
"ZZZZ2_FirstLogonSetting"="advpack.dll" [2009-09-13 128512]
"IE8_02"="advpack.dll" [2009-09-13 128512]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
"MaxRecentDocs"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="d:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"MSMSGS"="d:\program files\Messenger\msmsgs.exe" /background
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20548:TCP"= 20548:TCP
R1 uzcynze0;AVZ-RK Kernel Driver;d:\windows\system32\drivers\uzcynze0.sys [22.05.2010 19:04 11264]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/05/16 22:05];d:\program files\CyberLink\PowerDVD9\NavFilter\000.fcl [29.11.2009 18:41 87536]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 0:12 1044808]
R3 AESTAud;AE Audio Service;d:\windows\system32\drivers\AESTAud.sys [05.05.2010 5:45 113664]
R3 Com4QLBEx;Com4QLBEx;d:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [05.05.2010 20:10 228408]
R3 enecir;ENE CIR Receiver;d:\windows\system32\drivers\enecir.sys [29.04.2010 21:27 54784]
R3 enecirhid;ENE CIR HID Receiver;d:\windows\system32\drivers\enecirhid.sys [29.04.2010 21:27 11264]
R3 enecirhidma;ENE CIR HIDmini Filter;d:\windows\system32\drivers\enecirhidma.sys [29.04.2010 21:27 5632]
R3 JMCR;JMCR;d:\windows\system32\drivers\jmcr.sys [29.04.2010 21:27 130672]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [05.05.2010 1:59 722416]
S2 gupdate;Служба Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [18.05.2010 0:29 136176]
S3 vaxscsi;vaxscsi;d:\windows\system32\drivers\vaxscsi.sys [10.05.2010 17:02 223128]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2010-05-19 d:\windows\Tasks\Automatic troubleshooting.job
- d:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 20:18]
2010-05-18 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2010-05-17 20:29]
2010-05-18 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2010-05-17 20:29]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Экспорт в Microsoft Excel - d:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000
IE: Google ВикиКомментарии... - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: Закачать ВСЕ при помощи Download Master - d:\program files\Download Master\dmieall.htm
IE: Закачать при помощи Download Master - d:\program files\Download Master\dmie.htm
IE: Отправить через &Bluetooth - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Передать на удаленную закачку DM - d:\program files\Download Master\remdown.htm
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - d:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: kuaiche.com\software
FF - ProfilePath - d:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\wuievqru.default\
FF - plugin: d:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: d:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: d:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: d:\program files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -
Toolbar-ITBar7Position - (no file)
