Re: Re: помогите

[Alexandr]

DDS (Ver_09-02-01.01) — FAT32x86
Run by Berzz at 15:02:31,15 on 15.02.2009
Internet Explorer: 8.0.6001.18372
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.511.187 [GMT 3:00]

AV: Антивирусная система Eset NOD32 2.50 *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:WINDOWSsystem32svchost -k DcomLaunch
SVCHOST.EXE
C:WINDOWSSystem32svchost.exe -k netsvcs
SVCHOST.EXE
SVCHOST.EXE
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSOUNDMAN.EXE
D:softpower DVDPDVDServ.exe
D:softProcess Killerprkiller.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesEsetnod32kui.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesJavajre6binjusched.exe
C:WINDOWSsystem32ctfmon.exe
C:Documents and SettingsBerzzLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
C:WINDOWSsystem32DRIVERSCDANTSRV.EXE
C:Program FilesJavajre6binjqs.exe
D:Autodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe
C:Program FilesEsetnod32krn.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesCyberLinkShared filesRichVideo.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsBerzzРабочий столdds.scr

============== Pseudo HJT Report ===============

uStart Page = start.qip.ru
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
uURLSearchHooks: QIPBHO Class: {95289393-33ea-4f8d-b952-483415b9c955} — c:documents and settingsberzzapplication datamicrosoftinternet explorerqipsearchbar.dll
uURLSearchHooks: H — No File
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} — d:softflashgetjccatch.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} — c:program filesjavajre6binssv.dll
BHO: URLHooker2 Class: {93935f7f-9c88-42f8-8445-95251d27fabc} — c:progra~1flashv~1URLHOO~1.DLL
BHO: QIPBHO Class: {95289393-33ea-4f8d-b952-483415b9c955} — c:documents and settingsberzzapplication datamicrosoftinternet explorerqipsearchbar.dll
BHO: BP Data Feeder: {9d64f819-9380-8473-dab2-702fcb3d7a3e} — %USERPROFILE%Application Databpfeed.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} — c:program filesjavajre6binjp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} — c:program filesjavajre6libdeployjqsiejqs_plugin.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} — d:softflashgetgetflash.dll
TB: FlashGet: {e0e899ab-f487-11d5-8d29-0050ba6940e3} — d:softflashgetfgiebar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} — No File
uRun: [Punto Switcher] c:program filespunto switcherps.exe
uRun: [ctfmon.exe] c:windowssystem32ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «c:program filescommon filesaheadlibNMBgMonitor.exe»
uRun: [Google Update] «c:documents and settingsberzzlocal settingsapplication datagoogleupdateGoogleUpdate.exe» /c
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [RemoteControl] «d:softpower dvdPDVDServ.exe»
mRun: [Process Killer] d:softprocess killerprkiller.exe
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:windowssystem32NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:windowssystem32NvCpl.dll,NvStartup
mRun: [nod32kui] «c:program filesesetnod32kui.exe» /WAITSERVICE
mRun: [LiveNote] livenote.exe
mRun: [LanguageShortcut] «d:softpower dvdlanguageLanguage.exe»
mRun: [FlashGet] d:softflashgetFlashGet.exe /min
mRun: [anvshell] anvshell.exe
mRun: [Active Web Reader] c:program filesdeskshareactive web readerActive Web Reader.exe -background
mRun: [parentalcontrol] «c:program filesparentalcontrolparentalcontrol.exe» «c:program filesparentalcontrolparentalcontrol.dll» «parentalcontrol»
mRun: [SunJavaUpdateSched] «c:program filesjavajre6binjusched.exe»
dRun: [CTFMON.EXE] c:windowssystem32CTFMON.EXE
IE: &D&ownload &with BitComet — d:softbitcometBitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet — d:softbitcometBitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet — d:softbitcometBitComet.exe/AddAllLink.htm
IE: &Закачать все при помощи FlashGet — d:softflashgetjc_all.htm
IE: &Закачать при помощи FlashGet — d:softflashgetjc_link.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — d:softflashgetFlashGet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} — %windir%Network Diagnosticxpnetdiag.exe
IE: {F10082A8-5BC5-489A-9892-28B9EE35F5E3} — c:program filesbytescout movies extractor scoutflashextract_ie.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} — c:program filesmessengermsmsgs.exe
LSP: c:windowssystem32imon.dll
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} — hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} — hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} — hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} — hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} — hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} — hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232743139125
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} — hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} — hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
TCP: {DA69388E-2CAA-409F-B5BF-28AD81F85B1A} = 91.144.164.1 91.144.166.1
SSODL: CDBurn — {B1A7C4C9-BCB1-06AF-B7B7-80C9C0EF4E52} — MSVCR32.DLL
SSODL: WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — c:windowssystem32WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 ANVIOCTL;ANVIOCTL;c:windowssystem32driversanvioctl.sys [2008-8-30 233280]
R1 nod32drv;nod32drv;c:windowssystem32driversnod32drv.sys [2008-8-8 15424]
R1 prodrv01;prodrv01;c:windowssystem32driversprodrv01.sys [2009-1-2 125184]
R2 NOD32krn;NOD32 Kernel Service;c:program filesesetnod32krn.exe [2008-8-8 495616]
S2 MySQL5;MySQL5;»c:program filesmysqlmysql server 5.0binmysqld-nt» —defaults-file=»c:program filesmysqlmysql server 5.0my.ini» mysql5 —> c:program filesmysqlmysql server 5.0binmysqld-nt [?]
S2 sfrem02;FrontLine Drivers Auto Removal (v2);c:windowssystem32sfrem02.exe svc —> c:windowssystem32sfrem02.exe svc [?]

=============== Created Last 30 ================

2009-02-13 12:43

—d

---

C:ComboFix
2009-02-12 16:18 —dsh— C:FOUND.002
2009-02-10 02:27 —dsh— C:FOUND.001
2009-02-09 18:44 3,584 a—sh— C:Thumbs.db
2009-02-06 21:09 —dsh— C:FOUND.000
2009-02-05 13:09 —d

---

c:program filesQIP.Online
2009-02-01 16:53 —d

---

c:program filesICQ6Toolbar
2009-02-01 16:53 —d

---

c:docume~1alluse~1applic~1ICQ
2009-01-31 17:53 1,253,376 a

---

c:windowssystem32WibuKe32.cpl
2009-01-31 17:53 516,096 a

---

c:windowssystem32WibuXpm4J32.dll
2009-01-31 17:53 479,232 a

---

c:windowssystem32wibuKJni.dll
2009-01-31 17:53 348,160 a

---

c:windowssystem32WkExt32.dll
2009-01-31 17:53 57,552 a

---

c:windowssystem32WkDos.exe
2009-01-31 17:53 16,384 a

---

c:windowssystem32driversWibukey2.sys
2009-01-31 17:53 159,744 a

---

c:windowssystem32WkWin32.dll
2009-01-31 17:53 72,704 a

---

c:windowssystem32driversWibuKey.sys
2009-01-31 17:53 54,336 a

---

c:windowssystemWkWin.dll
2009-01-31 17:53 —d

---

c:program filesWIBUKEY
2009-01-31 17:53 —d

---

c:program filesWIBU-SYSTEMS
2009-01-31 17:51 —d

---

c:program filesChaos Group
2009-01-30 20:35 —d

---

c:docume~1berzzapplic~1Yandex
2009-01-30 13:26 —dsh— c:documents and settingsberzzIECompatCache
2009-01-30 13:16 —dsh— c:documents and settingsberzzIETldCache
2009-01-30 13:12 —d-h— c:windowsie8
2009-01-28 09:38 —d

---

c:docume~1alluse~1applic~1NFS Underground
2009-01-28 09:37 —d

---

c:program filescommon filesDirectX
2009-01-28 01:32 73,728 a

---

c:windowssystem32javacpl.cpl
2009-01-28 00:27 102,664 a

---

c:windowssystem32driverstmcomm.sys
2009-01-27 19:46 —d

---

c:documents and settingsberzz.housecall6.6
2009-01-27 19:37 —dsh— c:documents and settingsberzzUserData
2009-01-25 18:03 —d

---

c:docume~1alluse~1applic~1Egoset
2009-01-25 18:02 —d

---

c:program filesGamerOnline.ru
2009-01-25 03:37 a-dshr— C:cmdcons
2009-01-25 01:04 —d

---

c:docume~1berzzapplic~1Malwarebytes
2009-01-25 01:04 —d

---

c:docume~1alluse~1applic~1Malwarebytes
2009-01-24 22:33 268,648 a

---

c:windowssystem32mucltui.dll
2009-01-24 22:33 27,496 a

---

c:windowssystem32mucltui.dll.mui
2009-01-24 20:17 —d

---

c:program filesQIP Infium
2009-01-24 15:24 —d

---

c:windowsie8updates
2009-01-24 13:41 88 a

---

c:windowswininit.ini
2009-01-24 13:03 —d

---

c:docume~1alluse~1applic~1Spybot — Search & Destroy
2009-01-24 04:09 —d

---

c:program filesparentalcontrol
2009-01-24 03:36 a-dshr— C:autorun.inf
2009-01-24 03:10 —d

---

c:program filestrend micro
2009-01-23 23:12 —d

---

c:program filesWindows Media Connect 2
2009-01-23 20:42 —dsh— c:documents and settingsberzzPrivacIE
2009-01-23 16:25 69,632 a

---

c:docume~1berzzapplic~1bpfeed.dll
2009-01-17 00:08 —d

---

c:program filesthriXXX

==================== Find3M ====================

2009-02-10 02:51 502,208 a

---

c:windowssystem32driversamon.sys
2009-02-10 02:51 270,336 a

---

c:windowssystem32imon.dll
2009-01-28 01:32 410,984 a

---

c:windowssystem32deploytk.dll
2009-01-15 02:17 636,264 a

---

c:windowssystem32dllcacheiexplore.exe
2009-01-15 02:17 392,040 a

---

c:windowssystem32dllcacheiedkcs32.dll
2009-01-15 02:13 5,888,512 a

---

c:windowssystem32dllcachemshtml.dll
2009-01-15 02:12 10,963,968 a

---

c:windowssystem32dllcacheieframe.dll
2009-01-15 02:06 1,182,720 a

---

c:windowssystem32dllcacheurlmon.dll
2009-01-15 02:06 236,544 a

---

c:windowssystem32dllcachewebcheck.dll
2009-01-15 02:06 105,984 a

---

c:windowssystem32dllcacheurl.dll
2009-01-15 02:05 911,872 a

---

c:windowssystem32wininet.dll
2009-01-15 02:05 911,872 a

---

c:windowssystem32dllcachewininet.dll
2009-01-15 02:05 193,536 a

---

c:windowssystem32dllcachemsrating.dll
2009-01-15 02:05 109,056 a

---

c:windowssystem32dllcacheoccache.dll
2009-01-15 02:05 43,008 a

---

c:windowssystem32licmgr10.dll
2009-01-15 02:05 43,008 a

---

c:windowssystem32dllcachelicmgr10.dll
2009-01-15 02:04 755,200 a

---

c:windowssystem32dllcacheVGX.dll
2009-01-15 02:04 18,944 a

---

c:windowssystem32dllcachecorpol.dll
2009-01-15 02:04 18,944 a

---

c:windowssystem32corpol.dll
2009-01-15 02:04 25,600 a

---

c:windowssystem32dllcachejsproxy.dll
2009-01-15 02:02 1,975,296 a

---

c:windowssystem32dllcacheiertutil.dll
2009-01-15 02:02 593,920 a

---

c:windowssystem32dllcachemsfeeds.dll
2009-01-15 02:02 611,840 a

---

c:windowssystem32dllcachemstime.dll
2009-01-15 02:01 183,808 a

---

c:windowssystem32dllcacheiepeers.dll
2009-01-15 02:01 59,904 a

---

c:windowssystem32dllcacheicardie.dll
2009-01-15 02:01 54,272 a

---

c:windowssystem32dllcachemsfeedsbs.dll
2009-01-15 02:01 34,304 a

---

c:windowssystem32imgutil.dll
2009-01-15 02:01 34,304 a

---

c:windowssystem32dllcacheimgutil.dll
2009-01-15 02:01 348,160 a

---

c:windowssystem32dllcachedxtmsft.dll
2009-01-15 02:01 46,592 a

---

c:windowssystem32dllcachepngfilt.dll
2009-01-15 02:01 216,064 a

---

c:windowssystem32dllcachedxtrans.dll
2009-01-15 02:01 66,560 a

---

c:windowssystem32dllcachemshtmled.dll
2009-01-15 02:00 48,128 a

---

c:windowssystem32mshtmler.dll
2009-01-15 02:00 48,128 a

---

c:windowssystem32dllcachemshtmler.dll
2009-01-15 02:00 45,568 a

---

c:windowssystem32mshta.exe
2009-01-15 02:00 45,568 a

---

c:windowssystem32dllcachemshta.exe
2009-01-15 01:53 68,608 a

---

c:windowssystem32dllcachehmmapi.dll
2009-01-15 01:50 156,160 a

---

c:windowssystem32msls31.dll
2009-01-15 01:50 156,160 a

---

c:windowssystem32dllcachemsls31.dll
2009-01-15 01:35 445,440 a

---

c:windowssystem32dllcacheieapfltr.dll
2009-01-12 15:10 432,488 a

---

c:windowssystem32perfh019.dat
2009-01-12 15:10 70,134 a

---

c:windowssystem32perfc019.dat
2009-01-12 14:59 22,328 a

---

c:docume~1berzzapplic~1PnkBstrK.sys
2008-12-29 22:06 96,384 a

---

c:windowssystem32driverssptd8413.sys
2008-12-23 01:26 2,334,720 a

---

c:windowssystem32frysdk32.dll
2008-12-14 17:12 3,698,040 a

---

c:windowssystem32dllcacheieapfltr.dat
2008-12-12 15:02 2,308 a

---

c:windowsmozver.dat
2008-12-11 13:57 333,952

---

c:windowssystem32dllcachesrv.sys

============= FINISH: 15:02:54,39 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Professional
Boot Device: DeviceHarddiskVolume1
Install Date: 08.08.2008 16:46:52
System Uptime: 15.02.2009 9:21:31 (6 hours ago)

Motherboard: Gigabyte Technology Co., Ltd. | | 8PE800
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | Socket 478 | 2411/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (FAT32) — 10 GiB total, 1,589 GiB free.
D: is FIXED (FAT32) — 65 GiB total, 1,653 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP308: 13.02.2009 12:44:06 — Системная контрольная точка
RP309: 15.02.2009 10:14:28 — Системная контрольная точка

==== Installed Programs ======================

Исправление для Windows XP (KB952287)
Исправление для проигрывателя Windows Media 11 — (KB939683)
Антивирусная система NOD32
Сократ Персональный 4.1
Проигрыватель Windows Media 11
Обновление безопасности для Windows Internet Explorer 7 (KB938127-v2)
Обновление безопасности для Windows Internet Explorer 7 (KB938127)
Обновление безопасности для Windows Internet Explorer 7 (KB956390)
Обновление безопасности для Windows Internet Explorer 7 (KB958215)
Обновление безопасности для Windows Internet Explorer 7 (KB960714)
Обновление безопасности для Windows XP — (KB941569)
Обновление безопасности для Windows XP (KB938464)
Обновление безопасности для Windows XP (KB946648)
Обновление безопасности для Windows XP (KB950762)
Обновление безопасности для Windows XP (KB950974)
Обновление безопасности для Windows XP (KB951066)
Обновление безопасности для Windows XP (KB951376-v2)
Обновление безопасности для Windows XP (KB951698)
Обновление безопасности для Windows XP (KB951748)
Обновление безопасности для Windows XP (KB952954)
Обновление безопасности для Windows XP (KB953839)
Обновление безопасности для Windows XP (KB954211)
Обновление безопасности для Windows XP (KB954459)
Обновление безопасности для Windows XP (KB954600)
Обновление безопасности для Windows XP (KB955069)
Обновление безопасности для Windows XP (KB956391)
Обновление безопасности для Windows XP (KB956802)
Обновление безопасности для Windows XP (KB956803)
Обновление безопасности для Windows XP (KB956841)
Обновление безопасности для Windows XP (KB957095)
Обновление безопасности для Windows XP (KB957097)
Обновление безопасности для Windows XP (KB958644)
Обновление безопасности для Windows XP (KB958687)
Обновление безопасности для Windows XP (KB960715)
Обновление безопасности для проигрывателя Windows Media — (KB952069)
Обновление безопасности для проигрывателя Windows Media 11 — (KB936782)
Обновление безопасности для проигрывателя Windows Media 11 — (KB954154)
Обновление для Windows XP (KB951978)
Обновление для Windows XP (KB955839)
3dsmax ancillary install
7-Zip 4.42
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS2
Adobe Reader 6.0
Adobe SVG Viewer 3.0
Aspyr MTX Mototrax
ASUS Display Drivers
Autodesk 3ds Max 9 32-bit
Autodesk 3ds Max 9 SDK
Autodesk DWF Viewer 7
Backburner
BSPlayer
C-Dilla Licence Management System
Circulate
Counter-Strike 1.6
DivX 5.0.5 Pro Video Codec
DjVu Solo 3.1
Enable S3 for USB Device
FastStone Image Viewer 2.29
FBX Plugin 2006.08 for Max 9.0
Final Fantasy VII
FL Studio 5
FlashGet 1.81
Google Chrome
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix для Microsoft .NET Framework 2.0 (КБ918842)
Intel Application Accelerator
J2SE Runtime Environment 5.0 Update 3
Java(TM) 6 Update 11
K-Lite Mega Codec Pack 1.53
Knights Of The Temple
Kyodai Mahjongg 2006 v1.0
MakeUp Pilot 1.30.1
Matrix Ижевск 6.0.8
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Primary Interoperability Assemblies 2005
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mojo Master Winamp Visualizer for Winamp (remove only)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
NOD32 FiX v2.1
NVIDIA Drivers
OpenOffice.org 2.0.2
Opera 9.63
Peggle Deluxe 1.0
Perfect World 1.3.4.2265
PowerDVD
QIP 2005 8090
QIP Infium 2.0.9026 RC4
QIP.Online
QuickTime 3.0
Realtek AC’97 Audio
RTLSetup
Solid Balance
SuperCleaner
V-Ray for 3dsmax R9 for x86
WebFldrs XP
WIBU-KEY Setup (WIBU-KEY Remove)
Winamp
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8 Release Candidate 1
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
XviD 1.2.-127 +SMP Alpha uninstall

==== End Of File ===========================