Борьба с таблицей "инструкция по адресу 0x7c91ac4a…

[dovmf]

DDS (Ver_10-11-05.01) — NTFSx86
Run by Admin at 20:43:03,53 on 07.11.2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2046.1034 [GMT 3:00]

AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

C:windowssystem32svchost -k DcomLaunch
svchost.exe
C:windowsSystem32svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:windowssystem32spoolsv.exe
C:windowsExplorer.EXE
svchost.exe
C:Program FilesAskBarDisbarbinAskService.exe
C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
svchost.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:windowssystem32svchost.exe -k hpdevmgmt
C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:windowsSystem32svchost.exe -k HPZ12
C:windowssystem32nvsvc32.exe
C:windowsSystem32svchost.exe -k HPZ12
C:windowssystem32svchost.exe -k imgsvc
C:windowsSOUNDMAN.EXE
C:windowssystem32RUNDLL32.EXE
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSPixArtPAC207Monitor.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:windowssystem32rundll32.exe
C:Program FilesHPDigital ImagingbinhpqSRMon.exe
C:Program FilesYandexOnlineonline.exe
C:Program FilesAuslogicsAuslogics BoostSpeedboostspeed.exe
C:Игры от NevoSoftNevoDRMrun.exe
C:windowssystem32ctfmon.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesVZOchatVZOchat.exe
C:Program FilesSoftware Informersoftinfo.exe
C:Program FilesMarketGidHomePageHomePage.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesLogitechVid HDVid.exe
C:PROGRA~1MICROS~4rapimgr.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:Program FilesSippointMSippointM.exe
C:Program FilesYandexPunto Switcherpunto.exe
C:Program FilesCommon FilesLogishrdKHAL2KHALMNPR.EXE
C:Program FilesYandexOnlineyachatyachat.exe
C:Program FilesHPDigital Imagingbinhpqimzone.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:windowssystem32wuauclt.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Documents and SettingsAdminРабочий столdds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yandex.ru/?clid=37244&yasoft=barie
uWindow Title = Windows Internet Explorer предоставлен: Яндекс
uDefault_Page_URL = hxxp://www.yandex.ru/?clid=44290
mStart Page = hxxp://www.yandex.ru/?clid=40316
mWindow Title = Windows Internet Explorer предоставлен: Яндекс
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} — c:program filescommon filesadobeacrobatactivexAcroIEHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} — c:program filesgooglegoogle toolbarGoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} — c:program filesskypetoolbarsinternet explorerskypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} — c:program filesgooglegoogletoolbarnotifier5.6.5805.1910swg.dll
TB: Яндекс.Бар: {91397d20-1446-11d4-8af4-0040ca1127b6} — c:program filesyandexyandexbarieyndbar.dll
TB: MyPlayCityRU Toolbar: {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — c:program filesmyplaycityrutbMyPl.dll
TB: Спутник@Mail.Ru: {09900de8-1dca-443f-9243-26ff581438af} — c:program filesmail.rusputnikMailRuSputnik.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} — c:program filesaskbardisbarbinaskBar.dll
TB: Pivim Multibar: {1bb22d38-a411-4b13-a746-c2a4f4ec7344} — c:program filespivim multibarpivim.dll
TB: Яндекс.Бар (для НевоСофт): {17679b4f-3bcc-644b-8f28-a47597fbb905} — c:program filesyandexyandexbariebarsbarienevosoftyndbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} — c:program filesgooglegoogle toolbarGoogleToolbar_32.dll
uRun: [YandexOnline] «c:program filesyandexonlineonline.exe» -AutoStart
uRun: [Auslogics BoostSpeed 4] c:program filesauslogicsauslogics boostspeedboostspeed.exe
uRun: [ctfmon.exe] c:windowssystem32ctfmon.exe
uRun: [Skype] «c:program filesskypephoneSkype.exe» /nosplash /minimized
uRun: [swg] «c:program filesgooglegoogletoolbarnotifierGoogleToolbarNotifier.exe»
uRun: [VZOchat] c:program filesvzochatVZOchat.exe /m
uRun: [Software Informer] «c:program filessoftware informersoftinfo.exe» -autorun
uRun: [SetPageOnce] c:program filesmarketgidhomepageHomePage.exe
uRun: [H/PC Connection Agent] «c:program filesmicrosoft activesyncwcescomm.exe»
uRun: [RegistryBooster] «c:program filesuniblueregistryboosterlauncher.exe» delay 20000
uRun: [Logitech Vid] «c:program fileslogitechvid hdVid.exe» -bootmode
uRun: [Google Update] «c:documents and settingsadminlocal settingsapplication datagoogleupdateGoogleUpdate.exe» /c
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:windowssystem32NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:windowssystem32NvMcTray.dll,NvTaskbarInit
mRun: [HP Software Update] c:program fileshphp software updateHPWuSchd2.exe
mRun: [HPDJ Taskbar Utility] c:windowssystem32spooldriversw32x863hpztsb04.exe
mRun: [MAgent] c:program filesmail.ruagentMAgent.exe -LM
mRun: [PAC207_Monitor] c:windowspixartpac207Monitor.exe
mRun: [Monitor] c:windowspixartpac207Monitor.exe
mRun: [egui] «c:program fileseseteset nod32 antivirusegui.exe» /hide /waitservice
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [Adobe Reader Speed Launcher] «c:program filesadobereader 8.0readerReader_sl.exe»
mRun: [LogitechQuickCamRibbon] «c:program fileslogitechlogitech webcam softwareLWS.exe» /hide
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [exflashservice] «c:program filesepoxefsEZ_FLASH_SERVICE.exe» «5000»
mRun: [hpqSRMon] c:program fileshpdigital imagingbinhpqSRMon.exe
mRun: [NevoDRM] «c:игры от nevosoftnevodrmNevoDRM.exe»
dRun: [CTFMON.EXE] c:windowssystem32CTFMON.EXE
dRunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection c:windowsinfcustom.inf,NewUserFirstLogonInstall,0
dRunOnce: [IE7_011] regsvr32 /s /n /i:u shell32
dRunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N
StartupFolder: c:docume~1admin5d29~14a66~160c2~1puntos~1.lnk — c:program filesyandexpunto switcherpunto.exe
StartupFolder: c:docume~1admin5d29~14a66~160c2~1_unins~1.lnk — c:documents and settingsadminlocal settingstemp_uninst_setup_9.0.0.722_15.09.2010_18-23.exe.bat
StartupFolder: c:docume~1alluse~15d29~14a66~160c2~1logite~1.lnk — c:program fileslogitechsetpointSetPoint.exe
StartupFolder: c:docume~1alluse~15d29~14a66~160c2~1sippoi~1.lnk — c:program filessippointmSippointM.exe
StartupFolder: c:docume~1alluse~15d29~14a66~160c2~1hpphot~1.lnk — c:program fileshpdigital imagingbinhpqthb08.exe
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: &Экспорт в Microsoft Excel — c:progra~1micros~1office11EXCEL.EXE/3000
IE: Add to Google Photos Screensa&ver — c:windowssystem32GPhotos.scr/200
IE: Google ВикиКомментарии… — c:program filesgooglegoogle toolbarcomponentGoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Закачать ВСЕ при помощи Download Master
IE: Закачать при помощи Download Master
IE: Передать на удаленную закачку DM
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}
IE: {7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesmail.ruagentmagent.exe
IE: {8DAE90AD-4583-4977-9DD4-4360F7A45C74}
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} — %windir%Network Diagnosticxpnetdiag.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} — c:program filesjavajre1.6.0_07binssv.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} — c:progra~1micros~4INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} — c:progra~1micros~4INetRepl.dll
IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} — {6FAC4823-815E-4361-836E-46D65ED2550B}
IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} — {4CF088BD-BE95-40a5-BE9B-677F8683EDEA}
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — c:program filesskypetoolbarsinternet explorerskypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} — {FF059E31-CC5A-4E2E-BF3B-96E929D65503} — c:progra~1micros~1office11REFIEBAR.DLL
IE: {DAC5944B-F843-4b90-B605-09DE3360CDE6} — {61772ADE-7CC1-410B-A449-8EEED0930EDE}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} — {DDE87865-83C5-48c4-8357-2F5B1AA84522} — c:program fileshpdigital imagingsmart web printinghpswp_BHO.dll
Trusted Zone: microsoft.comwww.update
DPF: {17492023-C23A-453E-A040-C7C580BBF700} — hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} — hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237631017671
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} — hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237632483093
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} — hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} — hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {9E1D00CB-D28E-405D-B555-BF558D651D94} = 192.168.100.100 192.168.100.100
TCP: {BA7BFDDB-50E3-430F-AB04-388A9B8131A3} = 192.168.100.202,192.168.100.203
Handler: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} —
Handler: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — c:progra~1common~1skypeSKYPE4~1.DLL
Notify: LBTWlgn — c:program filescommon fileslogishrdbluetoothLBTWlgn.dll
SSODL: WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — c:windowssystem32wpdshserviceobj.dll

============= SERVICES / DRIVERS ===============

R0 hotcore3;Hotcore helper;c:windowssystem32drivershotcore3.sys [2006-11-1 40496]
R1 ehdrv;ehdrv;c:windowssystem32driversehdrv.sys [2009-2-6 106208]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [2009-2-6 93336]
R2 ASKService;ASKService;c:program filesaskbardisbarbinAskService.exe [2009-7-1 464264]
R2 ekrn;ESET Service;c:program fileseseteset nod32 antivirusekrn.exe [2009-2-6 727720]
R2 LBeepKE;LBeepKE;c:windowssystem32driversLBeepKE.sys [2010-2-23 10384]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:windowssystem32driversLEqdUsb.sys [2009-6-17 40720]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:windowssystem32driversLHidEqd.sys [2009-6-17 10384]
S2 ASKUpgrade;ASKUpgrade;c:program filesaskbardisbarbinASKUpgrade.exe [2009-7-1 234888]
S2 gupdate1c98951e1bf3772;Google Update Service (gupdate1c98951e1bf3772);c:program filesgoogleupdateGoogleUpdate.exe [2009-2-7 133104]
S3 NPF;Netgroup Packet Filter;c:windowssystem32driverspacket.sys [2006-9-28 13299]
S3 PAC207;e-Messenger 112;c:windowssystem32driversPFC027.SYS [2009-3-3 616064]

=============== Created Last 30 ================

8201-07-23 13:46:09

---

d

---

w- c:program filesAlhademic Sniper
2010-11-07 17:01:44

---

d

---

w- c:program filestrend micro
2010-10-14 14:43:36

---

d

---

w- c:docume~1adminapplic~1PhotoFiltre
2010-10-14 14:43:32

---

d

---

w- c:program filesPhotoFiltre

==================== Find3M ====================

2010-09-18 08:23:40 974848 —-a-w- c:windowssystem32mfc42u.dll
2010-09-18 06:53:38 974848 —-a-w- c:windowssystem32mfc42.dll
2010-09-18 06:53:38 954368 —-a-w- c:windowssystem32mfc40.dll
2010-09-18 06:53:38 953856 —-a-w- c:windowssystem32mfc40u.dll
2010-09-13 15:10:08 118784 —-a-w- c:windowswebwallpaperwaterfalls animated wallpaper diruninstall.exe
2010-09-13 15:10:08 118784 —-a-w- c:windowswebwallpaperliving waterfalls wallpaper #1 diruninstall.exe
2010-09-13 15:10:07 303104 —-a-w- c:windowsUninstall_tkexe.exe
2010-09-13 15:10:07 12288 —-a-r- c:windowsTwunk_32.dll
2010-09-13 15:10:07 12288 —-a-r- c:windowsTwunk_16.dll
2010-09-13 15:08:58 86016 —-a-w- c:windowssystem32sl_anet.acm
2010-09-13 15:07:52 81920 —-a-w- c:windowssystem32dpl100.dll
2010-09-13 15:06:19 196608 —-a-w- c:windowspchealthhelpctrbinariesmsconfig.exe
2010-09-13 15:04:35 405504 —-a-w- c:windowsLiving 3D Dolphins Full.scr
2010-09-13 15:04:30 647168 —-a-w- c:windowsJapan Rain.scr
2010-09-13 15:00:31 32768 —-a-w- c:windowshh.exe
2010-09-13 14:58:44 217088 —-a-w- c:windowsAlcrmv.exe
2010-09-10 05:51:37 916480 —-a-w- c:windowssystem32wininet.dll
2010-09-10 05:51:34 43520 —-a-w- c:windowssystem32licmgr10.dll
2010-09-10 05:51:34 1469440 —-a-w- c:windowssystem32inetcpl.cpl
2010-09-01 11:52:25 285824 —-a-w- c:windowssystem32atmfd.dll
2010-09-01 07:57:36 1852928 —-a-w- c:windowssystem32win32k.sys
2010-08-27 08:03:36 119808 —-a-w- c:windowssystem32t2embed.dll
2010-08-27 05:54:10 99840 —-a-w- c:windowssystem32srvsvc.dll
2010-08-26 14:43:50 5120 —-a-w- c:windowssystem32xpsp4res.dll
2010-08-23 16:12:37 617472 —-a-w- c:windowssystem32comctl32.dll
2010-08-17 13:17:06 58880 —-a-w- c:windowssystem32spoolsv.exe
2010-08-16 08:45:15 590848 —-a-w- c:windowssystem32rpcrt4.dll
2010-02-27 15:33:50 28940792 —-a-w- c:program filesFFConverters03-07.exe

============= FINISH: 20:43:35,40 ===============

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Расскажите подробнее о вашей проблеме.

[Автор]

Сообщения