Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Анна at 2011-08-20 14:43:12
Microsoft Windows XP Professional Service Pack 2
Системный раздел F: размер 34 GB (44%) Свободно 76 GB
Total RAM: 2015 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:43:27, on 20.08.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\clipsrv.exe
F:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
F:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\hkcmd.exe
F:\WINDOWS\system32\ctfmon.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\wuauclt.exe
D:\Vova\Ремонт 20 августа 2011 года\Антивирус\Скачанные программы\RSIT\RSIT.exe
F:\Program Files\trend micro\Анна.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HotKeysCmds] F:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] F:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IgfxTray] F:\WINDOWS\system32\igfxtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "F:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [AlSrvN] F:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Append to existing PDF - res://F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7BBA283-49B2-41C1-AC8F-EC33C0173678}: NameServer = 192.168.0.1
O22 - SharedTaskScheduler: Предзагрузчик Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - F:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Демон кэша категорий компонентов - {8C7461EF-2B13-11d2-BE35-3078302C2030} - F:\WINDOWS\system32\browseui.dll
O23 - Service: Autodesk Licensing Service - Autodesk - F:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - F:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - F:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - F:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - F:\WINDOWS\system32\imapi.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Корпорация Майкрософт - F:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Служба сетевого DDE (NetDDE) - Корпорация Майкрософт - F:\WINDOWS\system32\netdde.exe
O23 - Service: Диспетчер сетевого DDE (NetDDEdsdm) - Корпорация Майкрософт - F:\WINDOWS\system32\netdde.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - F:\WINDOWS\system32\services.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - F:\WINDOWS\System32\SCardSvr.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - F:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - F:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - F:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 7439 bytes

======Папка назначеных зданий======

F:\WINDOWS\tasks\AppleSoftwareUpdate.job
F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-854245398-725345543-1003Core.job
F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-854245398-725345543-1003UA.job

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - F:\Program Files\Java\jre1.6.0\bin\ssv.dll [2008-02-13 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=F:\WINDOWS\system32\hkcmd.exe [2004-06-06 118784]
"CanonSolutionMenuEx"=F:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IgfxTray"=F:\WINDOWS\system32\igfxtray.exe [2004-06-06 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=F:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"AlcoholAutomount"=F:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]
"AlSrvN"=F:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Helper\AlSrvN.exe [2009-04-17 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
F:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-22 620152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
F:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
F:\Documents and Settings\Анна\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-28 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gtwatch]
F:\WINDOWS\gtwatch.exe [2001-08-24 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
F:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
F:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
F:\Program Files\uTorrent\uTorrent.exe [2011-08-01 639864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Adobe Acrobat Speed Launcher.lnk]
F:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-03-03 295606]

F:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка
Adobe Acrobat Synchronizer.lnk - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
F:\WINDOWS\system32\igfxsrvc.dll [2004-06-06 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - F:\WINDOWS\system32\upnpui.dll [2004-08-17 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\Program Files\Graphisoft\ArchiCAD 11\ArchiCAD.exe"="F:\Program Files\Graphisoft\ArchiCAD 11\ArchiCAD.exe:*:Enabled:ArchiCAD 11.0.0 Component"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Program Files\TeamViewer\Version6\TeamViewer.exe"="F:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"F:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="F:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"F:\Program Files\uTorrent\uTorrent.exe"="F:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"F:\WINDOWS\system32\spoolsv.exe"="F:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"F:\Program Files\10-Strike LANState\LANState.exe"="F:\Program Files\10-Strike LANState\LANState.exe:*:Enabled:10-Strike_LANState"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=F:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=F:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll

======Ассоциации файлов======

.scr - open - "F:\WINDOWS\system32\notepad.exe" "%1"
.scr - install - 
.scr - config - 

======Список файлов и папок, созданных за последние 3 месяца======

2011-08-20 14:42:46 ----D---- F:\rsit
2011-08-20 14:42:46 ----D---- F:\Program Files\trend micro
2011-08-20 14:31:04 ----D---- F:\WINDOWS\LastGood
2011-08-20 13:32:09 ----A---- F:\WINDOWS\system32\drivers\tmcomm.sys
2011-08-19 16:41:29 ----A---- F:\WINDOWS\system32\drivers\uti3ndu1.sys
2011-08-19 14:16:00 ----SHD---- F:\WINDOWS\CSC
2011-08-05 15:56:22 ----D---- F:\Documents and Settings\Анна\Application Data\10-Strike
2011-08-05 15:55:23 ----D---- F:\Program Files\10-Strike LANState
2011-08-05 14:58:33 ----DC---- F:\WINDOWS\system32\DRVSTORE
2011-08-05 14:58:08 ----D---- F:\Program Files\HP
2011-08-05 14:58:01 ----A---- F:\WINDOWS\system32\drivers\usbprint.sys
2011-08-05 14:57:57 ----A---- F:\WINDOWS\system32\drivers\usbccgp.sys
2011-08-05 14:55:49 ----N---- F:\WINDOWS\hpwmdl13.dat
2011-08-05 14:55:49 ----A---- F:\WINDOWS\hpwins13.dat
2011-08-04 17:07:24 ----A---- F:\WINDOWS\PSADMIN.INI
2011-08-04 16:16:49 ----A---- F:\WINDOWS\UNINST16.EXE
2011-08-04 16:14:25 ----D---- F:\PSADMIN
2011-07-28 17:51:21 ----A---- F:\WINDOWS\system32\drivers\cpuz135_x32.sys
2011-07-28 17:51:20 ----D---- F:\Program Files\CPUID
2011-07-28 17:47:32 ----D---- F:\Documents and Settings\Анна\Application Data\Systweak
2011-07-28 17:46:55 ----A---- F:\WINDOWS\system32\roboot.exe
2011-07-28 17:46:48 ----D---- F:\Program Files\RegClean Pro
2011-07-28 17:34:17 ----A---- F:\WINDOWS\ui.INI
2011-07-28 16:38:39 ----A---- F:\WINDOWS\system32\drivers\gt681x.sys
2011-07-28 16:38:39 ----A---- F:\WINDOWS\system32\A32usd.dll
2011-07-28 16:38:39 ----A---- F:\WINDOWS\Gtwatch.exe
2011-07-28 16:38:25 ----A---- F:\WINDOWS\system32\VB5KO.DLL
2011-07-28 16:38:25 ----A---- F:\WINDOWS\system32\SpotSaver.scr
2011-07-28 16:38:25 ----A---- F:\WINDOWS\system32\PuzzSaver.scr
2011-07-28 16:38:25 ----A---- F:\WINDOWS\system32\ParaSaver.scr
2011-07-28 16:38:21 ----D---- F:\Program Files\ScanExpress A3 USB
2011-07-28 16:38:21 ----A---- F:\WINDOWS\system32\Lfwmf10n.dll
2011-07-28 16:38:21 ----A---- F:\WINDOWS\system32\Lfpct10n.dll
2011-07-28 16:38:20 ----A---- F:\WINDOWS\system32\Lfmac10n.dll
2011-07-28 16:38:20 ----A---- F:\WINDOWS\system32\Lfimg10n.dll
2011-07-28 16:38:20 ----A---- F:\WINDOWS\system32\Lfdic10n.dll
2011-07-28 16:38:20 ----A---- F:\WINDOWS\system32\Lfcal10n.dll
2011-07-28 16:38:18 ----A---- F:\WINDOWS\system32\Cp3240mt.dll
2011-07-28 16:38:17 ----A---- F:\WINDOWS\system32\Borlndmm.dll
2011-07-28 16:38:01 ----D---- F:\Program Files\Temp
2011-07-28 16:37:08 ----HD---- F:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenuEX
2011-07-28 15:32:31 ----D---- F:\Documents and Settings\All Users\Application Data\CanonIJ
2011-07-28 15:24:55 ----D---- F:\Documents and Settings\Анна\Application Data\Canon
2011-07-28 15:24:54 ----HD---- F:\Documents and Settings\All Users\Application Data\CanonIJScan
2011-07-28 15:22:25 ----A---- F:\WINDOWS\system32\CNQ4809N.DAT
2011-07-28 15:22:24 ----A---- F:\WINDOWS\system32\CNQ4809U.dll
2011-07-28 15:22:24 ----A---- F:\WINDOWS\system32\CNQ4809L.dll
2011-07-28 15:22:24 ----A---- F:\WINDOWS\system32\CNQ4809I.dll
2011-07-28 15:22:24 ----A---- F:\WINDOWS\system32\CNQ4809C.dll
2011-07-28 15:22:23 ----A---- F:\WINDOWS\system32\CNHMCA.dll
2011-07-28 15:22:19 ----A---- F:\WINDOWS\system32\drivers\usbscan.sys
2011-07-28 14:48:59 ----D---- F:\Documents and Settings\All Users\Application Data\CanonIJPLM
2011-07-28 14:47:57 ----D---- F:\Program Files\Common Files\CANON
2011-07-28 14:46:48 ----D---- F:\Documents and Settings\All Users\Application Data\CanonIJWSpt
2011-07-28 14:44:01 ----HD---- F:\WINDOWS\system32\CanonIJ Uninstaller Information
2011-07-28 14:43:58 ----A---- F:\WINDOWS\system32\CNQ4809Y.dll
2011-07-28 14:43:53 ----A---- F:\WINDOWS\system32\CNQ4809O.dll
2011-07-28 14:43:50 ----HD---- F:\Program Files\CanonBJ
2011-07-28 14:42:24 ----D---- F:\Program Files\Canon
2011-07-08 19:15:39 ----A---- F:\WINDOWS\system32\d3dx10_41.dll
2011-07-08 19:15:39 ----A---- F:\WINDOWS\system32\D3DCompiler_41.dll
2011-07-08 19:15:34 ----A---- F:\WINDOWS\system32\D3DX9_41.dll
2011-07-08 19:14:41 ----D---- F:\WINDOWS\Logs
2011-07-08 19:05:20 ----N---- F:\WINDOWS\system32\spmsg2.dll
2011-07-08 19:05:04 ----HDC---- F:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-07-08 18:59:55 ----D---- F:\WINDOWS\system32\XPSViewer
2011-07-08 18:59:42 ----D---- F:\Program Files\MSBuild
2011-07-08 18:59:35 ----D---- F:\WINDOWS\system32\en-US
2011-07-08 18:59:16 ----D---- F:\Program Files\Reference Assemblies
2011-07-08 18:57:34 ----N---- F:\WINDOWS\system32\xpssvcs.dll
2011-07-08 18:57:34 ----N---- F:\WINDOWS\system32\xpsshhdr.dll
2011-07-08 18:57:34 ----N---- F:\WINDOWS\system32\prntvpt.dll
2011-07-08 18:56:55 ----D---- F:\WINDOWS\SxsCaPendDel
2011-07-08 18:52:07 ----HD---- F:\Config.Msi
2011-07-08 18:48:42 ----HDC---- F:\WINDOWS\$NtUninstallWIC$
2011-07-08 17:44:39 ----HDC---- F:\WINDOWS\$NtUninstallKB942288-v3$
2011-07-08 17:35:46 ----D---- F:\Program Files\Alcohol Soft
2011-07-08 16:22:12 ----A---- F:\WINDOWS\system32\drivers\sptd.sys
2011-07-08 12:40:10 ----D---- F:\Program Files\uTorrent
2011-07-08 12:38:30 ----D---- F:\Documents and Settings\Анна\Application Data\uTorrent
2011-07-08 12:26:09 ----D---- F:\Documents and Settings\Анна\Application Data\TeamViewer
2011-07-08 12:25:49 ----D---- F:\Program Files\TeamViewer

======Список файлов и папок, измененных за последние 3 месяца======

2011-08-20 14:42:46 ----D---- F:\Program Files
2011-08-20 14:41:49 ----D---- F:\WINDOWS\Prefetch
2011-08-20 14:40:26 ----D---- F:\WINDOWS\Temp
2011-08-20 14:31:05 ----HD---- F:\WINDOWS\inf
2011-08-20 14:31:04 ----D---- F:\WINDOWS\system32\CatRoot2
2011-08-20 14:31:04 ----D---- F:\WINDOWS
2011-08-20 14:29:46 ----D---- F:\WINDOWS\system32\ias
2011-08-20 14:28:12 ----SHD---- F:\WINDOWS\Installer
2011-08-20 14:26:02 ----D---- F:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2011-08-20 14:26:01 ----D---- F:\Program Files\Kaspersky Lab
2011-08-20 14:24:25 ----D---- F:\WINDOWS\system32
2011-08-20 14:23:53 ----D---- F:\WINDOWS\system32\drivers
2011-08-20 14:10:57 ----HD---- F:\WINDOWS\$hf_mig$
2011-08-20 13:59:10 ----A---- F:\WINDOWS\win.ini
2011-08-20 13:59:10 ----A---- F:\WINDOWS\system.ini
2011-08-20 13:54:25 ----A---- F:\WINDOWS\ntbtlog.txt
2011-08-19 20:26:28 ----D---- F:\Program Files\Advanced IP Scanner
2011-08-19 20:09:47 ----RD---- F:\WINDOWS\Web
2011-08-19 17:16:04 ----D---- F:\TempEI4
2011-08-19 17:11:24 ----D---- F:\WINDOWS\pss
2011-08-19 17:05:36 ----A---- F:\WINDOWS\SchedLgU.Txt
2011-08-19 16:58:49 ----RSHDC---- F:\WINDOWS\system32\dllcache
2011-08-19 16:39:37 ----D---- F:\WINDOWS\system32\CatRoot_bak
2011-08-19 16:39:37 ----D---- F:\WINDOWS\system32\CatRoot
2011-08-19 16:14:55 ----D---- F:\WINDOWS\Help
2011-08-19 14:47:20 ----D---- F:\WINDOWS\Minidump
2011-08-19 13:46:33 ----A---- F:\WINDOWS\DUMPf898.tmp
2011-08-19 13:36:18 ----A---- F:\WINDOWS\DUMP788b.tmp
2011-08-19 13:13:48 ----A---- F:\WINDOWS\DUMPff9d.tmp
2011-08-09 17:30:49 ----A---- F:\WINDOWS\ccolwiz.ini
2011-08-04 16:57:36 ----A---- F:\WINDOWS\system32\PerfStringBackup.INI
2011-08-04 16:16:50 ----D---- F:\WINDOWS\system
2011-08-04 16:15:53 ----A---- F:\WINDOWS\setuplog.txt
2011-07-28 17:49:55 ----SD---- F:\WINDOWS\Tasks
2011-07-28 17:14:21 ----D---- F:\Program Files\Autodesk Architectural Desktop 2007
2011-07-28 17:14:13 ----D---- F:\Program Files\Messenger
2011-07-28 16:38:38 ----D---- F:\WINDOWS\twain_32
2011-07-28 15:22:27 ----D---- F:\WINDOWS\Media
2011-07-28 14:47:57 ----D---- F:\Program Files\Common Files
2011-07-11 14:40:11 ----D---- F:\Distributive
2011-07-09 01:20:33 ----D---- F:\Documents and Settings\Анна\Application Data\Autodesk
2011-07-09 01:20:33 ----D---- F:\Documents and Settings\All Users\Application Data\Autodesk
2011-07-09 00:43:36 ----D---- F:\Documents and Settings\All Users\Application Data\FLEXnet
2011-07-08 20:42:01 ----D---- F:\WINDOWS\Microsoft.NET
2011-07-08 20:41:58 ----RSD---- F:\WINDOWS\assembly
2011-07-08 20:01:38 ----SD---- F:\WINDOWS\Downloaded Program Files
2011-07-08 20:01:38 ----D---- F:\Program Files\Common Files\Autodesk Shared
2011-07-08 19:45:17 ----RSD---- F:\WINDOWS\Fonts
2011-07-08 19:39:28 ----D---- F:\Program Files\Autodesk
2011-07-08 19:16:14 ----D---- F:\WINDOWS\WinSxS
2011-07-08 19:15:45 ----D---- F:\WINDOWS\system32\DirectX
2011-07-08 19:05:25 ----A---- F:\WINDOWS\imsins.BAK
2011-07-08 19:04:32 ----D---- F:\WINDOWS\system32\ru-ru
2011-07-08 18:58:43 ----D---- F:\WINDOWS\system32\spool
2011-07-08 18:46:02 ----D---- F:\Program Files\Common Files\Microsoft Shared
2011-07-08 17:45:19 ----D---- F:\WINDOWS\system32\mui
2011-07-08 12:41:01 ----SD---- F:\Documents and Settings\All Users\Application Data\Microsoft
2011-07-08 12:38:28 ----SD---- F:\Documents and Settings\Анна\Application Data\Microsoft

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 sptd;sptd; F:\WINDOWS\System32\Drivers\sptd.sys [2011-07-08 721904]
R1 intelppm;Драйвер Intel процессора; F:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 40448]
R2 cpuz135;cpuz135; \??\F:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-совместимый транспортный протокол; F:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;NWLink NetBIOS; F:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-20 63232]
R2 NwlnkSpx;Протокол NWLink SPX/SPXII; F:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-20 55936]
R2 WIBUKEY;WIBU-KEY Kernel Driver; F:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2007-06-14 72704]
R3 GT681x;%GrandTechICNameNT%; F:\WINDOWS\system32\DRIVERS\GT681x.SYS [2001-08-27 18120]
R3 ialm;ialm; F:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-06-06 730653]
R3 NWRDR;NetWare Rdr; F:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; F:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 SMBios;Intel (R) System Management BIOS Service; F:\WINDOWS\system32\DRIVERS\SMBios.sys [2009-03-12 36484]
R3 usbscan;Драйвер USB-сканера; F:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; F:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S0 DwProt;DrWeb Protection; F:\WINDOWS\system32\drivers\dwprot.sys []
S3 al2ehte9;al2ehte9; F:\WINDOWS\system32\drivers\al2ehte9.sys []
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); F:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Класс принтеров Microsoft USB; F:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;Драйвер запоминающих устройств для USB; F:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 uti3ndu1;AVZ Kernel Driver; \??\F:\WINDOWS\system32\Drivers\uti3ndu1.sys []

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; F:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 MDM;Machine Debug Manager; F:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NWCWorkstation;Клиент для сетей NetWare; F:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 NetTcpPortSharing;Служба общего доступа к портам Net.Tcp; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S2 StarWindServiceAE;StarWind AE Service; F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 aspnet_state;Служба состояний ASP.NET; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; F:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-03-14 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; F:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-07-08 1045256]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; F:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

-----------------EOF-----------------