Код:
1925 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\WINDOWS\SETUP.pif NOT FOUND Attributes: Error
1926 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\Documents and Settings\Admin\SETUP.pif NOT FOUND Attributes: Error
1927 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\WINDOWS\system32\SETUP.pif NOT FOUND Attributes: Error
1928 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\WINDOWS\system\SETUP.pif NOT FOUND Attributes: Error
1929 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\WINDOWS\SETUP.pif NOT FOUND Attributes: Error
1930 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\WINDOWS\system32\SETUP.pif NOT FOUND Attributes: Error
1931 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\WINDOWS\SETUP.pif NOT FOUND Attributes: Error
1932 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\WINDOWS\System32\Wbem\SETUP.pif NOT FOUND Attributes: Error
1933 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\SETUP.pif NOT FOUND Attributes: Error
1943 17:40:19 explorer.exe:1996 OPEN C:\WINDOWS\system32\ntvdm.exe.Manifest NOT FOUND Options: Open Access: 001200A9
1944 17:40:19 explorer.exe:1996 QUERY INFORMATION C:\WINDOWS\system32\ntvdm.exe BUFFER OVERFLOW FileNameInformation
2018 17:40:19 ntvdm.exe:2852 DIRECTORY C:\ NO MORE FILES FileNamesInformation
2019 17:40:19 ntvdm.exe:2852 OPEN C:\$EXTEND\ ACCESS DENIED COMPUTER-D8969F\Admin
2055 17:40:19 ntvdm.exe:2852 DIRECTORY C:\WINDOWS\ NO MORE FILES FileNamesInformation
2063 17:40:19 ntvdm.exe:2852 DIRECTORY C:\WINDOWS\SYSTEM32\ NO MORE FILES FileNamesInformation
2208 17:40:19 ntvdm.exe:2852 OPEN C:\X NOT FOUND Options: Open Access: 00000081
2392 17:40:20 ntvdm.exe:2852 QUERY INFORMATION C:\WINDOWS\system32\ntvdm.exe.Local NOT FOUND Attributes: Error
2475 17:40:20 ntvdm.exe:2852 OPEN C:\WINDOWS\system32\vksaver.dll.2.Manifest NOT FOUND Options: Open Access: 001200A9
2476 17:40:20 ntvdm.exe:2852 OPEN C:\WINDOWS\system32\vksaver.dll.2.Config NOT FOUND Options: Open Access: 001200A9
2619 17:40:20 ntvdm.exe:2852 READ C:\WINDOWS\system32\ntdos.sys END OF FILE Offset: 27900 Length: 16384
2636 17:40:20 ntvdm.exe:2852 CREATE C:\WINDOWS\Temp\scsBC.tmp ACCESS DENIED COMPUTER-D8969F\Admin
2638 17:40:20 ntvdm.exe:2852 CREATE C:\WINDOWS\scsBD.tmp ACCESS DENIED COMPUTER-D8969F\Admin
4167 17:40:24 ntvdm.exe:2852 OPEN C:\WINDOWS\SYSTEM32 ACCESS DENIED COMPUTER-D8969F\Admin
4213 17:40:24 ntvdm.exe:2852 CREATE C:\WINDOWS\Temp\scsBE.tmp ACCESS DENIED COMPUTER-D8969F\Admin
4215 17:40:24 ntvdm.exe:2852 CREATE C:\WINDOWS\scsBF.tmp ACCESS DENIED COMPUTER-D8969F\Admin
4251 17:40:24 ntvdm.exe:2852 OPEN C:\р��р�� NAME INVALID Options: OpenIf Access: 0012019F
6176 17:40:27 svchost.exe:1500 QUERY INFORMATION C:\X NOT FOUND Attributes: Error
6177 17:40:27 svchost.exe:1500 OPEN C:\X NOT FOUND Options: Open Access: 00020088
7574 17:40:31 firefox.exe:2624 READ C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\ghuyr752.default\places.sqlite-journal END OF FILE Offset: 29696 Length: 8
