2-ой лог
Logfile of random’s system information tool 1.06 (written by random/random)
Run by мой компьютер at 2010-01-02 17:54:36
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 162 GB (53%) free of 305 GB
Total RAM: 3071 MB (55% free)
HijackThis download failed
======Scheduled tasks folder======
C:WindowstasksDr.Web Daily scan.job
C:WindowstasksDr.Web Update.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader — C:Program FilesWinamp Toolbarwinamptb.dll [2009-05-06 1262888]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу в Windows Live — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-09-01 1572864]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2009-10-08 849392]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} — Winamp Toolbar — C:Program FilesWinamp Toolbarwinamptb.dll [2009-05-06 1262888]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-21 1008184]
«IntelliPoint»=C:Program FilesMicrosoft IntelliPointipoint.exe [2007-02-05 849280]
«SysTrayApp»=C:Program FilesIDTWDMsttray.exe [2007-12-14 413696]
«Depo»=C:WINDOWSsystem32DepoComputersQuestioning.exe [2007-09-17 212992]
«GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
«SpIDerAgent»=C:Program FilesDrWebSpIDerAgent.exe [2009-11-18 447728]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2009-06-30 644336]
«SpIDerNT»=C:PROGRA~1DrWebspiderui.exe [2009-08-17 231840]
«OutpostFeedBack»=C:Program FilesAgnitumOutpost Firewall Profeedback.exe [2009-09-23 436552]
«OutpostMonitor»=C:PROGRA~1AgnitumOUTPOS~1op_mon.exe [2009-12-17 1269632]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-21 1233920]
«WindowsWelcomeCenter»=oobefldr.dll,ShowWelcomeCenter []
«YandexDesktopSearch»=C:Program FilesYandexDesktopyandesk.exe [2008-09-18 7508776]
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2008-09-01 479496]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2009-10-09 25626408]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2009-12-16 289584]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-11-16 172792]
«WMPNSCFG»=C:Program FilesWindows Media PlayerWMPNSCFG.exe [2008-01-21 202240]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»c:PROGRA~1AgnitumOUTPOS~1wl_hook.dll»
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}»= []
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«ConsentPromptBehaviorUser»=0
«EnableInstallerDetection»=0
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoDrives»=0
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDrives»=
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
======List of files/folders created in the last 1 months======
2010-01-02 17:54:40 —-DC—- C:Program Filestrend micro
2010-01-02 17:54:36 —-DC—- C:rsit
2010-01-02 17:22:49 —-SHDC—- C:$RECYCLE.BIN
2010-01-02 17:22:46 —-D—- C:Windowstemp
2010-01-02 17:22:44 —-AC—- C:ComboFix.txt
2010-01-02 17:10:48 —-A—- C:WindowsPEV.exe
2010-01-02 17:10:48 —-A—- C:WindowsNIRCMD.exe
2010-01-02 17:10:48 —-A—- C:WindowsMBR.exe
2010-01-02 17:10:47 —-A—- C:Windowszip.exe
2010-01-02 17:10:47 —-A—- C:WindowsSWSC.exe
2010-01-02 17:10:47 —-A—- C:WindowsSWREG.exe
2010-01-02 17:10:47 —-A—- C:Windowssed.exe
2010-01-02 17:10:47 —-A—- C:Windowsgrep.exe
2010-01-02 17:10:38 —-D—- C:WindowsERDNT
2010-01-02 17:10:30 —-DC—- C:ComboFix
2010-01-02 17:10:10 —-DC—- C:Qoobox
2010-01-02 17:09:00 —-A—- C:WindowsSWXCACLS.exe
2009-12-28 16:15:20 —-DC—- C:Program FilesAgnitum
2009-12-28 16:15:20 —-D—- C:Windowssystem32Filt
2009-12-28 16:14:47 —-D—- C:ProgramDataAgnitum
2009-12-28 15:48:26 —-DC—- C:Program FilesCommon FilesDoctor Web
2009-12-28 15:48:23 —-DC—- C:Program FilesDrWeb
2009-12-28 15:48:23 —-D—- C:ProgramDataDoctor Web
2009-12-27 23:53:16 —-D—- C:Usersмой компьютерAppDataRoamingHP
2009-12-25 03:00:59 —-DC—- C:Program FilesMSXML 4.0
2009-12-24 01:00:10 —-DC—- C:Program FilesVistaVisualMaster
2009-12-23 23:39:03 —-D—- C:ProgramDataWEBREG
2009-12-23 23:37:14 —-D—- C:ProgramDataHPSSUPPLY
2009-12-23 23:34:59 —-DC—- C:Program FilesHewlett-Packard
2009-12-23 23:34:49 —-DC—- C:Program FilesCommon FilesHewlett-Packard
2009-12-23 23:29:03 —-DC—- C:Program FilesHP
2009-12-23 23:28:14 —-D—- C:ProgramDataHP
2009-12-23 14:02:12 —-D—- C:Usersмой компьютерAppDataRoamingOpera
2009-12-23 14:01:59 —-DC—- C:Program FilesOpera
2009-12-16 16:09:45 —-DC—- C:Program Files4Game
2009-12-15 22:28:18 —-A—- C:Windowssystem32msonpmon.dll
2009-12-15 22:26:02 —-DC—- C:Program FilesMicrosoft Visual Studio
2009-12-15 22:22:57 —-DC—- C:Program FilesMicrosoft Visual Studio 8
2009-12-15 22:22:21 —-D—- C:WindowsSHELLNEW
2009-12-15 17:19:03 —-DC—- C:Program FilesICQ6.5
2009-12-12 14:23:17 —-D—- C:Usersмой компьютерAppDataRoamingteamspeak2
2009-12-09 15:15:24 —-A—- C:Windowssystem32winhttp.dll
2009-12-09 15:15:19 —-A—- C:Windowssystem32mshtml.dll
2009-12-09 15:15:18 —-A—- C:Windowssystem32wininet.dll
2009-12-09 15:15:18 —-A—- C:Windowssystem32urlmon.dll
2009-12-09 15:15:18 —-A—- C:Windowssystem32occache.dll
2009-12-09 15:15:17 —-A—- C:Windowssystem32iertutil.dll
2009-12-09 15:15:17 —-A—- C:Windowssystem32ieframe.dll
2009-12-09 15:15:17 —-A—- C:Windowssystem32ieapfltr.dll
2009-12-09 15:15:16 —-A—- C:Windowssystem32mstime.dll
2009-12-09 15:15:16 —-A—- C:Windowssystem32msfeeds.dll
2009-12-09 15:15:16 —-A—- C:Windowssystem32jsproxy.dll
2009-12-09 15:15:16 —-A—- C:Windowssystem32ieUnatt.exe
2009-12-09 15:15:16 —-A—- C:Windowssystem32ieencode.dll
2009-12-09 15:15:16 —-A—- C:Windowssystem32iedkcs32.dll
2009-12-09 15:15:16 —-A—- C:Windowssystem32ieaksie.dll
2009-12-09 15:15:08 —-A—- C:Windowssystem32nshhttp.dll
2009-12-09 15:15:08 —-A—- C:Windowssystem32httpapi.dll
2009-12-09 15:15:00 —-A—- C:Windowssystem32rastls.dll
2009-12-09 15:15:00 —-A—- C:Windowssystem32raschap.dll
======List of files/folders modified in the last 1 months======
2010-01-02 17:54:41 —-D—- C:Usersмой компьютерAppDataRoaminguTorrent
2010-01-02 17:54:40 —-RDC—- C:Program Files
2010-01-02 17:25:34 —-D—- C:Program FilesMozilla Firefox
2010-01-02 17:22:46 —-D—- C:Windows
2010-01-02 17:20:25 —-AC—- C:Windowssystem.ini
2010-01-02 17:16:22 —-D—- C:Windowssystem32drivers
2010-01-02 17:16:22 —-D—- C:WindowsSystem32
2010-01-02 17:16:22 —-D—- C:WindowsAppPatch
2010-01-02 17:16:21 —-DC—- C:Program FilesCommon Files
2010-01-02 16:35:21 —-D—- C:Usersмой компьютерAppDataRoamingSkype
2010-01-02 16:33:02 —-D—- C:Windowssystem32wbem
2010-01-02 16:32:17 —-D—- C:WindowsTasks
2010-01-02 16:32:17 —-D—- C:Windowssystem32spool
2010-01-02 16:32:17 —-D—- C:Windowssystem32CodeIntegrity
2010-01-02 16:32:17 —-D—- C:Windowssystem32catroot2
2010-01-02 16:32:17 —-D—- C:Windowsinf
2010-01-02 16:32:15 —-D—- C:Windowsregistration
2010-01-02 16:15:25 —-SHD—- C:System Volume Information
2010-01-02 03:01:13 —-D—- C:Windowstracing
2010-01-01 19:22:05 —-D—- C:Usersмой компьютерAppDataRoamingICQ
2009-12-31 21:05:07 —-D—- C:WindowsPrefetch
2009-12-30 21:50:24 —-D—- C:Program FilesIceDC++
2009-12-30 21:04:09 —-D—- C:WindowsMinidump
2009-12-30 03:54:30 —-D—- C:Windowssystem32config
2009-12-30 02:20:51 —-SHD—- C:WindowsInstaller
2009-12-30 02:05:41 —-SD—- C:Usersмой компьютерAppDataRoamingMicrosoft
2009-12-29 02:14:53 —-D—- C:Windowssystem32catroot
2009-12-28 16:14:47 —-D—- C:ProgramData
2009-12-28 15:49:05 —-D—- C:Windowssystem32Tasks
2009-12-28 12:55:16 —-D—- C:ProgramDataMicrosoft Help
2009-12-28 12:53:56 —-RSD—- C:Windowsassembly
2009-12-28 12:33:12 —-D—- C:Windowssystem32Msdtc
2009-12-28 12:31:54 —-DC—- C:Program FilesuTorrent
2009-12-28 12:31:54 —-DC—- C:Program FilesQIP
2009-12-27 19:26:05 —-D—- C:Program FilesCounter-Strike Source
2009-12-26 03:04:26 —-D—- C:Windowswinsxs
2009-12-23 23:35:08 —-D—- C:Windowstwain_32
2009-12-20 22:12:23 —-D—- C:Windowssystem32WDI
2009-12-17 12:29:37 —-A—- C:Windowswin.ini
2009-12-17 12:23:04 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-12-15 22:26:35 —-DC—- C:Program FilesCommon Filesmicrosoft shared
2009-12-15 22:26:31 —-D—- C:Program FilesMSBuild
2009-12-15 22:25:34 —-DC—- C:Program FilesMicrosoft Office
2009-12-15 22:25:27 —-RSD—- C:WindowsFonts
2009-12-15 22:25:18 —-SD—- C:ProgramDataMicrosoft
2009-12-15 22:22:32 —-DC—- C:Program FilesCommon FilesSystem
2009-12-10 19:36:06 —-D—- C:Windowsrescache
2009-12-10 11:13:45 —-D—- C:Windowssystem32ru-RU
2009-12-10 11:13:45 —-D—- C:Windowssystem32en-US
2009-12-10 11:13:45 —-D—- C:Program FilesWindows Mail
2009-12-10 11:13:45 —-D—- C:Program FilesInternet Explorer
2009-12-05 16:51:32 —-HD—- C:Program FilesInstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 afw;Agnitum Firewall Driver; C:Windowssystem32DRIVERSafw.sys [2009-02-18 29208]
R1 SandBox;SandBox; ??C:Windowssystem32driversSandBox.sys [2009-08-28 714112]
R2 RMCAST;Драйвер протокола RMCAST (Pgm); C:Windowssystem32DRIVERSRMCAST.sys [2008-05-10 113664]
R2 SPIDER;SpIDer Guard File System Monitor; ??C:PROGRA~1DrWebspider.sys [2009-08-17 306464]
R3 afwcore;afwcore; C:Windowssystem32driversafwcore.sys [2009-09-14 318488]
R3 Atc002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Controller; C:Windowssystem32DRIVERSL260x86.sys [2006-12-13 25600]
R3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys [2008-08-20 3928576]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:Windowssystem32DRIVERSpoint32k.sys [2006-11-07 24064]
R3 RTHDMIAzAudService;Service for HDMI; C:Windowssystem32driversRtHDMIV.sys [2007-05-14 135400]
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt.sys [2007-12-14 361984]
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-21 83328]
S3 ASWFilt;ASWFilt; ??C:Windowssystem32FiltASWFilt.dll [2009-08-28 33920]
S3 BthEnum;Служба перечислителя Bluetooth; C:Windowssystem32DRIVERSBthEnum.sys [2008-01-21 19456]
S3 BthPan;Устройства Bluetooth (личной сети); C:Windowssystem32DRIVERSbthpan.sys [2008-01-21 92160]
S3 BTHPORT;Драйвер порта Bluetooth; C:WindowsSystem32DriversBTHport.sys [2008-04-29 220160]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WindowsSystem32DriversBTHUSB.sys [2008-04-29 29184]
S3 catchme;catchme; ??C:Users3ED1~1AppDataLocalTempcatchme.sys []
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 mbr;mbr; ??C:Users3ED1~1AppDataLocalTempmbr.sys []
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-21 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:Windowssystem32DRIVERSrfcomm.sys [2008-01-21 49664]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 драйвер; C:Windowssystem32DRIVERSRtnicxp.sys [2006-11-02 47104]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 acssrv;Agnitum Client Security Service; C:PROGRA~1AgnitumOUTPOS~1acs.exe [2009-12-17 1338624]
R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe [2008-08-20 700416]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe [2009-09-22 869688]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DrWebspidernt.exe [2009-08-17 231328]
R2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt.inf_c6f2043dSTacSV.exe [2007-12-14 212992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
S3 npggsvc;nProtect GameGuard Service; C:Windowssystem32GameMon.des [2009-10-12 3369044]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 usnjsvc;Служба Messenger Sharing Folders USN Journal Reader; C:Program FilesWindows LiveMessengerusnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:Program FilesWindows LiveinstallerWLSetupSvc.exe [2007-10-25 266240]
EOF
