Как удалить ленту новостей?

This topic has 9 ответов, 2 участника, and was last updated 16 years, 6 months назад by Аноним.

Просмотр 10 сообщений - с 1 по 10 (из 10 всего)

Автор

Сообщения
14 января, 2009 в 6:12 пп #16132
Аноним
Гость
- Темы:532
- Сообщений:1553
При запуске Explorera и открытии любой страницы в нем появляется и «висит» так называемая лента новостей. Посоветуйте, как её удалить? Заранее спасибо.
Результат сканирования RSIT:

Logfile of random’s system information tool 1.05 (written by random/random)
Run by Женя at 2009-01-14 21:08:44
Microsoft Windows XP Professional Service Pack 2
System drive C: has 36 GB (70%) free of 51 GB
Total RAM: 1535 MB (69% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object — C:Program FilesSMART Board SoftwareNotebookPlugin.dll [2006-11-24 614400]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{757FF18E-494C-46AC-AF9D-6A6012C315A3}]
SHN Data Decoder — C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll [2009-01-13 322560]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2009-01-01 2042944]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2009-01-06 737776]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-04-16 405504]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2009-01-01 2042944]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-12-16 3111712]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«nod32kui»=C:Program FilesEsetnod32kui.exe [2008-06-27 949376]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2006-07-21 86016]
«IMJPMIG8.1″=C:WINDOWSIMEimjp8_1IMJPMIG.EXE [2004-08-04 208952]
«MSPY2002″=C:WINDOWSsystem32IMEPINTLGNTImScInst.exe [2004-08-04 59392]
«PHIME2002ASync»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«PHIME2002A»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«BluetoothAuthenticationAgent»=C:WINDOWSsystem32bthprops.cpl [2004-08-17 110592]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«services»=C:WINDOWSservices.exe [2009-01-13 41472]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDownload Master]
C:Program FilesDownload Masterdmaster.exe [2008-11-18 3297280]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregFineReader7NewsReaderPro]
C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe [2003-09-11 278528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLoviVkontakte]
C:Program FilesLoviVkontaktelovivkontakte.exe [2009-01-06 729600]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]
C:Program FilesMSN Messengermsnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMuxaSoft Dialer 4]
C:Program FilesMuxaSoft Dialermdialer32.exe [2003-11-15 2097152]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2008-06-27 282624]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^InterVideo WinCinema Manager.lnk]
C:PROGRA~1INTERV~1CommonBinWINCIN~1.EXE [2005-07-27 278528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^Средства SMART Board.lnk]
C:PROGRA~1SMARTB~1SMARTB~2.EXE [2006-11-24 3411968]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~2.0ReaderREADER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Женя^Главное меню^Программы^Автозагрузка^HDDlife.lnk]
C:PROGRA~1BINARY~1HDDlifeHDDLIF~1.EXE [2005-07-07 1299316]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Женя^Главное меню^Программы^Автозагрузка^Total Commander.lnk]
C:PROGRA~1TOTALC~1Totalcmd.exe [2007-09-06 1079752]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
BTTray.lnk — C:Program FilesWIDCOMMПрограммное обеспечение BluetoothBTTray.exe

C:Documents and SettingsЖеняГлавное менюПрограммыАвтозагрузка
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«NoInternetOpenWith «=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«MaxRecentDocs»=16
«Start_ShowRecentDocs»=2

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»
«C:Program FilesInterVideoDVD5WinDVD.exe»=»C:Program FilesInterVideoDVD5WinDVD.exe:*:Enabled:WinDVD»
«C:Program FilesInterVideoDVD7WinDVD.exe»=»C:Program FilesInterVideoDVD7WinDVD.exe:*:Enabled:WinDVD»
«C:WINDOWSsystem32mmc.exe»=»C:WINDOWSsystem32mmc.exe:*:Enabled:Консоль управления (MMC)»
«C:WINDOWSsystem32dpvsetup.exe»=»C:WINDOWSsystem32dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test»
«C:WINDOWSsystem32rundll32.exe»=»C:WINDOWSsystem32rundll32.exe:*:Enabled:Запуск библиотеки DLL как приложения»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»

======List of files/folders created in the last 1 months======

2009-01-14 02:57:14 —-D—- C:Program Filestrend micro
2009-01-14 02:57:13 —-D—- C:rsit
2009-01-14 02:41:40 —-D—- C:Documents and SettingsЖеняApplication DataMozilla
2009-01-14 02:41:24 —-D—- C:Program FilesMozilla Firefox
2009-01-14 02:40:36 —-A—- C:logit.txt
2009-01-14 01:43:36 —-A—- C:WINDOWSsystem32stu2.exe
2009-01-14 01:43:33 —-A—- C:WINDOWSsystem32digeste.dll
2009-01-13 23:35:51 —-A—- C:WINDOWSservices.exe
2009-01-13 23:35:45 —-D—- C:Program FilesAntivirusXP2008
2009-01-13 23:34:28 —-A—- C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll
2009-01-09 23:19:33 —-D—- C:Downloads
2009-01-09 23:19:03 —-D—- C:Documents and SettingsЖеняApplication DataDownload Master
2009-01-09 23:17:49 —-D—- C:Program FilesDownload Master
2009-01-09 12:58:10 —-D—- C:Program FilesYandex
2009-01-09 12:57:50 —-D—- C:Documents and SettingsЖеняApplication DataYandex
2009-01-07 13:09:06 —-D—- C:Program FilesLoviVkontakte
2009-01-02 22:57:27 —-A—- C:WINDOWSsystem32~.exe
2009-01-01 22:12:33 —-D—- C:Documents and SettingsЖеняApplication DataGoogle
2009-01-01 22:00:43 —-D—- C:Documents and SettingsЖеняApplication DataSkype
2009-01-01 22:00:42 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataGoogle
2009-01-01 21:58:45 —-D—- C:Program FilesSkype
2009-01-01 19:21:46 —-D—- C:Program FilesMicrosoft Common
2008-12-30 22:55:18 —-D—- C:Program FilesZyXEL
2008-12-26 21:25:20 —-D—- C:WINDOWSspeech
2008-12-26 21:24:56 —-D—- C:ViaVoice
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32VVRtkReg.dll
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32vvrtkclients.dll
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32setresus.dll
2008-12-26 21:24:14 —-D—- C:Program FilesCommon FilesSLSHARED
2008-12-26 21:24:05 —-D—- C:EngLearn

======List of files/folders modified in the last 1 months======

2009-01-14 20:38:56 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-14 20:23:15 —-D—- C:WINDOWS
2009-01-14 20:01:59 —-D—- C:WINDOWSPrefetch
2009-01-14 19:44:36 —-D—- C:WINDOWSTemp
2009-01-14 19:43:45 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-14 19:43:33 —-ASH—- C:boot.ini
2009-01-14 19:43:33 —-A—- C:WINDOWSwin.ini
2009-01-14 19:43:33 —-A—- C:WINDOWSsystem.ini
2009-01-14 02:57:14 —-RD—- C:Program Files
2009-01-14 02:41:55 —-D—- C:WINDOWSsystem32
2009-01-14 02:41:49 —-D—- C:WINDOWSsystem32drivers
2009-01-14 01:43:32 —-A—- C:WINDOWSsystem32userinit.exe
2009-01-13 21:47:06 —-A—- C:WINDOWSNeroDigital.ini
2009-01-09 12:58:21 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-05 17:17:42 —-A—- C:WINDOWSModemLog_Generic 56K HCF Data Fax Modem.txt
2009-01-04 12:44:55 —-SHD—- C:WINDOWSInstaller
2009-01-02 01:14:47 —-D—- C:WINDOWSHelp
2009-01-01 22:00:44 —-D—- C:Program FilesGoogle
2008-12-29 19:44:42 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-12-28 19:31:13 —-A—- C:WINDOWSwinamp.ini
2008-12-28 16:40:45 —-HD—- C:WINDOWSinf
2008-12-27 21:30:01 —-D—- C:Program FilesLMBomber
2008-12-26 21:24:22 —-RSD—- C:WINDOWSFonts
2008-12-26 21:24:14 —-D—- C:Program FilesCommon Files
2008-12-25 16:19:37 —-A—- C:WINDOWScm.ini
2008-12-24 23:35:06 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataAdobe
2008-12-24 23:31:48 —-D—- C:Documents and SettingsЖеняApplication DataAdobe
2008-12-24 07:08:37 —-D—- C:Documents and SettingsЖеняApplication DataCanon
2008-12-23 16:18:46 —-SD—- C:Documents and SettingsЖеняApplication DataMicrosoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 nod32drv;nod32drv; C:WINDOWSsystem32driversnod32drv.sys [2008-06-27 15424]
R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2004-05-05 4228]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 AMON;AMON; C:WINDOWSsystem32driversamon.sys [2008-06-27 512096]
R2 BTSERIAL;Bluetooth Serial Driver; ??C:WINDOWSsystem32driversbtserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; ??C:WINDOWSsystem32driversbtslbcsp.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2006-03-20 3960000]
R3 BTKRNL;Нумератор шины Bluetooth; C:WINDOWSsystem32DRIVERSbtkrnl.sys [2006-05-12 1342602]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:WINDOWSSystem32Driversbtwusb.sys [2006-05-12 57320]
R3 Cap7134;Behold TV WDM Capture; C:WINDOWSsystem32DRIVERScap7134.sys [2005-01-09 333184]
R3 HCF_MSFT;HCF_MSFT; C:WINDOWSsystem32DRIVERSHCF_MSFT.sys [2001-10-19 907968]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2004-08-04 1897408]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2008-06-27 10368]
R3 PhTVTune;Behold TV Tuner; C:WINDOWSsystem32DRIVERSphtvtune.sys [2005-01-11 15456]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-03 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 btaudio;Аудиоустройство Bluetooth; C:WINDOWSsystem32driversbtaudio.sys [2006-05-12 401664]
S3 BTDriver;Драйвер виртуальной связи Bluetooth; C:WINDOWSsystem32DRIVERSbtport.sys [2006-05-12 30363]
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2004-08-17 274688]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-03 18944]
S3 BTWDNDIS;Сервер доступа к локальной сети Bluetooth; C:WINDOWSsystem32DRIVERSbtwdndis.sys [2006-05-12 148168]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-03 59648]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 btwdins;Bluetooth Service; C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe [2006-05-12 258103]
R2 LoviVkontakteService;LoviVkontake Service; C:Program FilesLoviVkontakteVkontakteService.exe [2009-01-04 425984]
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2008-06-27 552064]
R2 SMART Board Service;Служба SMART Board; C:Program FilesSMART Board SoftwareSMARTBoardService.exe [2006-11-24 1003520]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-03-26 292864]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-07-05 72704]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 usnjsvc;Служба Messenger Sharing Folders USN Journal Reader; C:Program FilesMSN Messengerusnsvc.exe [2007-01-19 97136]

EOF
15 января, 2009 в 4:36 пп #21146
Admin
Keymaster
- Темы:40
- Сообщений:5676
Здравствуйте, добро пожаловать на Spyware-ru форум.

Кроме «ленты новостей» ваш компьютер заражён еще парой троянов.

Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделено желтым цветом) скопируйте следующий текст.
```
:Processes

explorer.exe



:reg

[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{757FF18E-494C-46AC-AF9D-6A6012C315A3}]



[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]

"services"=-



[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"



:files

C:WINDOWSsystem32stu2.exe

C:WINDOWSsystem32digeste.dll

C:WINDOWSservices.exe

C:Program FilesAntivirusXP2008

C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll



:Commands

[emptytemp]

[start explorer]

[Reboot]
```
Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Так же к ответу приложите свежий RSIT лог.
15 января, 2009 в 6:25 пп #21147
Аноним
Гость
- Темы:532
- Сообщений:1553
Здравствуйте, вот результат работы OTMoveIt3 by OldTimer:

Process explorer.exe killed successfully.
Unable to kill process: :reg
Unable to kill process: [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{757FF18E-494C-46AC-AF9D-6A6012C315A3}]
Unable to kill process: [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
Unable to kill process: «services»=-
Unable to kill process: [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
Unable to kill process: «SecurityProviders»=»msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll»
Unable to kill process: :files
Unable to kill process: C:WINDOWSsystem32stu2.exe
Unable to kill process: C:WINDOWSsystem32digeste.dll
Unable to kill process: C:WINDOWSservices.exe
Unable to kill process: C:Program FilesAntivirusXP2008
Unable to kill process: C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll
Unable to kill process: :Commands
Unable to kill process: [emptytemp]
Unable to kill process: [start explorer]
Unable to kill process: [Reboot]

OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 01152009_210730
___________________________________________________________________________________

Logfile of random’s system information tool 1.05 (written by random/random)
Run by Женя at 2009-01-15 21:21:29
Microsoft Windows XP Professional Service Pack 2
System drive C: has 36 GB (71%) free of 51 GB
Total RAM: 1535 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:22:04, on 15.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesEsetnod32kui.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32rundll32.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:Program FilesSpyware DoctorpctsTray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesWIDCOMMПрограммное обеспечение BluetoothBTTray.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe
C:Program FilesLoviVkontakteVkontakteService.exe
C:PROGRA~1WIDCOMMBLUETO~1BTSTAC~1.EXE
C:Program FilesEsetnod32krn.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesSMART Board SoftwareSMARTBoardService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesMSN Messengerusnsvc.exe
C:Program FilesPC Connectivity SolutionNclBTHandler.exe
H:RSIT.exe
C:WINDOWSsystem32wbemwmiprvse.exe
C:Program Filestrend microЖеня.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://g.msn.com/0SERURU/SAOS03
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.vch.ru/
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = vkontakte.ru;www.vkontakte.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: SMART Notebook Download Plugin — {67BCF957-85FC-4036-8DC4-D4D80E00A77B} — C:Program FilesSMART Board SoftwareNotebookPlugin.dll
O2 — BHO: xaelibP — {757FF18E-494C-46AC-AF9D-6A6012C315A3} — C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [IMJPMIG8.1] «C:WINDOWSIMEimjp8_1IMJPMIG.EXE» /Spoil /RemAdvDef /Migration32
O4 — HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 — HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 — HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [msnmsgr] «C:Program FilesMSN Messengermsnmsgr.exe» /background
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Startup: HDDlife.lnk = C:Program FilesBinarySenseHDDlifeHDDlifePro.exe
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: BTTray.lnk = ?
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Отправить через &Bluetooth — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie_ctx.htm
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: @btrez.dll,-4015 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie.htm
O9 — Extra ‘Tools’ menuitem: @btrez.dll,-4017 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie.htm
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) — http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 — DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) — http://malysh-baby.spaces.live.com/PhotoUpload/MsnPUpld.cab
O17 — HKLMSystemCCSServicesTcpip..{B1D5F7AB-4CA5-4382-BC6A-92145902D989}: NameServer = 81.9.64.67,81.9.67.34
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Bluetooth Service (btwdins) — Broadcom Corporation. — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: LoviVkontake Service (LoviVkontakteService) — Zeyfman Genady — C:Program FilesLoviVkontakteVkontakteService.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Служба SMART Board (SMART Board Service) — SMART Technologies Inc. — C:Program FilesSMART Board SoftwareSMARTBoardService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 9663 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object — C:Program FilesSMART Board SoftwareNotebookPlugin.dll [2006-11-24 614400]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{757FF18E-494C-46AC-AF9D-6A6012C315A3}]
SHN Data Decoder — C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll [2009-01-13 322560]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2009-01-01 2042944]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2009-01-06 737776]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-04-16 405504]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2009-01-01 2042944]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-12-16 3111712]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«nod32kui»=C:Program FilesEsetnod32kui.exe [2008-06-27 949376]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2006-07-21 86016]
«IMJPMIG8.1″=C:WINDOWSIMEimjp8_1IMJPMIG.EXE [2004-08-04 208952]
«MSPY2002″=C:WINDOWSsystem32IMEPINTLGNTImScInst.exe [2004-08-04 59392]
«PHIME2002ASync»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«PHIME2002A»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«BluetoothAuthenticationAgent»=C:WINDOWSsystem32bthprops.cpl [2004-08-17 110592]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-08-25 1168264]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]
«msnmsgr»=C:Program FilesMSN Messengermsnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDownload Master]
C:Program FilesDownload Masterdmaster.exe [2008-11-18 3297280]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregFineReader7NewsReaderPro]
C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe [2003-09-11 278528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLoviVkontakte]
C:Program FilesLoviVkontaktelovivkontakte.exe [2009-01-06 729600]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]
C:Program FilesMSN Messengermsnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMuxaSoft Dialer 4]
C:Program FilesMuxaSoft Dialermdialer32.exe [2003-11-15 2097152]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2008-06-27 282624]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^InterVideo WinCinema Manager.lnk]
C:PROGRA~1INTERV~1CommonBinWINCIN~1.EXE [2005-07-27 278528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^Средства SMART Board.lnk]
C:PROGRA~1SMARTB~1SMARTB~2.EXE [2006-11-24 3411968]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~2.0ReaderREADER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Женя^Главное меню^Программы^Автозагрузка^HDDlife.lnk]
C:PROGRA~1BINARY~1HDDlifeHDDLIF~1.EXE [2005-07-07 1299316]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Женя^Главное меню^Программы^Автозагрузка^Total Commander.lnk]
C:PROGRA~1TOTALC~1Totalcmd.exe [2007-09-06 1079752]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
BTTray.lnk — C:Program FilesWIDCOMMПрограммное обеспечение BluetoothBTTray.exe

C:Documents and SettingsЖеняГлавное менюПрограммыАвтозагрузка
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
HDDlife.lnk — C:Program FilesBinarySenseHDDlifeHDDlifePro.exe

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati3jnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati5jdxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati7nnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati3jnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati5jdxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati7nnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«NoInternetOpenWith «=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«MaxRecentDocs»=16
«Start_ShowRecentDocs»=2

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»
«C:Program FilesInterVideoDVD5WinDVD.exe»=»C:Program FilesInterVideoDVD5WinDVD.exe:*:Enabled:WinDVD»
«C:Program FilesInterVideoDVD7WinDVD.exe»=»C:Program FilesInterVideoDVD7WinDVD.exe:*:Enabled:WinDVD»
«C:WINDOWSsystem32mmc.exe»=»C:WINDOWSsystem32mmc.exe:*:Enabled:Консоль управления (MMC)»
«C:WINDOWSsystem32dpvsetup.exe»=»C:WINDOWSsystem32dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test»
«C:WINDOWSsystem32rundll32.exe»=»C:WINDOWSsystem32rundll32.exe:*:Enabled:Запуск библиотеки DLL как приложения»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-01-15 20:58:49 —-A—- C:WINDOWSsystem32rs32net.exe
2009-01-15 00:16:59 —-AD—- C:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
2009-01-15 00:16:33 —-D—- C:Program FilesSpyware Doctor
2009-01-15 00:16:33 —-D—- C:Documents and SettingsЖеняApplication DataPC Tools
2009-01-14 23:57:04 —-D—- C:Avenger
2009-01-14 23:57:03 —-A—- C:avenger.txt
2009-01-14 02:57:14 —-D—- C:Program Filestrend micro
2009-01-14 02:57:13 —-D—- C:rsit
2009-01-14 02:41:40 —-D—- C:Documents and SettingsЖеняApplication DataMozilla
2009-01-14 02:41:24 —-D—- C:Program FilesMozilla Firefox
2009-01-14 01:43:36 —-A—- C:WINDOWSsystem32stu2.exe
2009-01-13 23:35:45 —-D—- C:Program FilesAntivirusXP2008
2009-01-13 23:34:28 —-A—- C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll
2009-01-09 23:19:33 —-D—- C:Downloads
2009-01-09 23:19:03 —-D—- C:Documents and SettingsЖеняApplication DataDownload Master
2009-01-09 23:17:49 —-D—- C:Program FilesDownload Master
2009-01-09 12:58:10 —-D—- C:Program FilesYandex
2009-01-09 12:57:50 —-D—- C:Documents and SettingsЖеняApplication DataYandex
2009-01-07 13:09:06 —-D—- C:Program FilesLoviVkontakte
2009-01-02 22:57:27 —-A—- C:WINDOWSsystem32~.exe
2009-01-01 22:12:33 —-D—- C:Documents and SettingsЖеняApplication DataGoogle
2009-01-01 22:00:43 —-D—- C:Documents and SettingsЖеняApplication DataSkype
2009-01-01 22:00:42 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataGoogle
2009-01-01 21:58:45 —-D—- C:Program FilesSkype
2008-12-30 22:55:18 —-D—- C:Program FilesZyXEL
2008-12-26 21:25:20 —-D—- C:WINDOWSspeech
2008-12-26 21:24:56 —-D—- C:ViaVoice
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32VVRtkReg.dll
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32vvrtkclients.dll
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32setresus.dll
2008-12-26 21:24:14 —-D—- C:Program FilesCommon FilesSLSHARED
2008-12-26 21:24:05 —-D—- C:EngLearn

======List of files/folders modified in the last 1 months======

2009-01-15 21:21:27 —-D—- C:WINDOWSTemp
2009-01-15 21:18:34 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-15 21:04:02 —-D—- C:WINDOWSsystem32drivers
2009-01-15 21:03:11 —-D—- C:WINDOWSsystem32
2009-01-15 20:58:50 —-D—- C:WINDOWSPrefetch
2009-01-15 20:47:00 —-D—- C:WINDOWS
2009-01-15 15:46:30 —-A—- C:WINDOWSNeroDigital.ini
2009-01-15 01:17:17 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-15 01:10:30 —-RD—- C:Program Files
2009-01-15 00:17:57 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-14 22:00:15 —-SHD—- C:WINDOWSInstaller
2009-01-14 21:57:45 —-D—- C:WINDOWSSoftwareDistribution
2009-01-14 21:57:45 —-D—- C:Program FilesTotal Video Converter
2009-01-14 21:57:45 —-D—- C:Program FilesLMBomber
2009-01-14 21:57:45 —-D—- C:Program FilesEset
2009-01-14 21:57:45 —-D—- C:Program FilesCommon FilesACD Systems
2009-01-14 21:57:45 —-D—- C:Program FilesApollo 3GP Video Converter
2009-01-14 21:57:45 —-D—- C:Program FilesABBYY FineReader 7.0 Professional Edition
2009-01-14 19:43:33 —-ASH—- C:boot.ini
2009-01-14 19:43:33 —-A—- C:WINDOWSwin.ini
2009-01-14 19:43:33 —-A—- C:WINDOWSsystem.ini
2009-01-14 01:43:32 —-A—- C:WINDOWSsystem32userinit.exe
2009-01-09 12:58:21 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-05 17:17:42 —-A—- C:WINDOWSModemLog_Generic 56K HCF Data Fax Modem.txt
2009-01-02 01:14:47 —-D—- C:WINDOWSHelp
2009-01-01 22:00:44 —-D—- C:Program FilesGoogle
2008-12-29 19:44:42 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-12-28 19:31:13 —-A—- C:WINDOWSwinamp.ini
2008-12-28 16:40:45 —-HD—- C:WINDOWSinf
2008-12-26 21:24:22 —-RSD—- C:WINDOWSFonts
2008-12-26 21:24:14 —-D—- C:Program FilesCommon Files
2008-12-25 16:19:37 —-A—- C:WINDOWScm.ini
2008-12-24 23:35:06 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataAdobe
2008-12-24 23:31:48 —-D—- C:Documents and SettingsЖеняApplication DataAdobe
2008-12-24 07:08:37 —-D—- C:Documents and SettingsЖеняApplication DataCanon
2008-12-23 16:18:46 —-SD—- C:Documents and SettingsЖеняApplication DataMicrosoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 IKSysFlt;System Filter Driver; C:WINDOWSsystem32driversiksysflt.sys [2008-08-25 66952]
R1 IKSysSec;System Security Driver; C:WINDOWSsystem32driversiksyssec.sys [2008-08-25 81288]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 nod32drv;nod32drv; C:WINDOWSsystem32driversnod32drv.sys [2008-06-27 15424]
R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2004-05-05 4228]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 AMON;AMON; C:WINDOWSsystem32driversamon.sys [2008-06-27 512096]
R2 BTSERIAL;Bluetooth Serial Driver; ??C:WINDOWSsystem32driversbtserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; ??C:WINDOWSsystem32driversbtslbcsp.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2006-03-20 3960000]
R3 BTKRNL;Нумератор шины Bluetooth; C:WINDOWSsystem32DRIVERSbtkrnl.sys [2006-05-12 1342602]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:WINDOWSSystem32Driversbtwusb.sys [2006-05-12 57320]
R3 Cap7134;Behold TV WDM Capture; C:WINDOWSsystem32DRIVERScap7134.sys [2005-01-09 333184]
R3 HCF_MSFT;HCF_MSFT; C:WINDOWSsystem32DRIVERSHCF_MSFT.sys [2001-10-19 907968]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2004-08-04 1897408]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2008-06-27 10368]
R3 PhTVTune;Behold TV Tuner; C:WINDOWSsystem32DRIVERSphtvtune.sys [2005-01-11 15456]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-03 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 btaudio;Аудиоустройство Bluetooth; C:WINDOWSsystem32driversbtaudio.sys [2006-05-12 401664]
S3 BTDriver;Драйвер виртуальной связи Bluetooth; C:WINDOWSsystem32DRIVERSbtport.sys [2006-05-12 30363]
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2004-08-17 274688]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-03 18944]
S3 BTWDNDIS;Сервер доступа к локальной сети Bluetooth; C:WINDOWSsystem32DRIVERSbtwdndis.sys [2006-05-12 148168]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-03 59648]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 btwdins;Bluetooth Service; C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe [2006-05-12 258103]
R2 LoviVkontakteService;LoviVkontake Service; C:Program FilesLoviVkontakteVkontakteService.exe [2009-01-04 425984]
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2008-06-27 552064]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2008-06-13 356920]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2008-10-09 1079176]
R2 SMART Board Service;Служба SMART Board; C:Program FilesSMART Board SoftwareSMARTBoardService.exe [2006-11-24 1003520]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-03-26 292864]
R3 usnjsvc;Служба Messenger Sharing Folders USN Journal Reader; C:Program FilesMSN Messengerusnsvc.exe [2007-01-19 97136]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-07-05 72704]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]

EOF
15 января, 2009 в 9:20 пп #21148
Аноним
Гость
- Темы:532
- Сообщений:1553
Здравствуйте! Вроде «лента новостей» исчезла.
На всякий случай последние результаты RSIT:

Logfile of random’s system information tool 1.05 (written by random/random)
Run by Женя at 2009-01-16 00:20:08
Microsoft Windows XP Professional Service Pack 2
System drive C: has 36 GB (70%) free of 51 GB
Total RAM: 1535 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:20:13, on 16.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe
C:Program FilesLoviVkontakteVkontakteService.exe
C:Program FilesEsetnod32krn.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesEsetnod32kui.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesSMART Board SoftwareSMARTBoardService.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesSpyware DoctorpctsTray.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesWIDCOMMПрограммное обеспечение BluetoothBTTray.exe
C:WINDOWSsystem32svchost.exe
C:PROGRA~1WIDCOMMBLUETO~1BTSTAC~1.EXE
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesPC Connectivity SolutionNclBTHandler.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe
C:Program FilesMozilla Firefoxfirefox.exe
E:ДОКУМЕНТАЦИЯПРОГРАММЫАнтивирусRSIT.exe
C:WINDOWSsystem32wbemwmiprvse.exe
C:Program Filestrend microЖеня.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://g.msn.com/0SERURU/SAOS03
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.vch.ru/
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = vkontakte.ru;www.vkontakte.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: SMART Notebook Download Plugin — {67BCF957-85FC-4036-8DC4-D4D80E00A77B} — C:Program FilesSMART Board SoftwareNotebookPlugin.dll
O2 — BHO: xaelibP — {757FF18E-494C-46AC-AF9D-6A6012C315A3} — C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll (file missing)
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [IMJPMIG8.1] «C:WINDOWSIMEimjp8_1IMJPMIG.EXE» /Spoil /RemAdvDef /Migration32
O4 — HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 — HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 — HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKLM..RunOnce: [Malwarebytes’ Anti-Malware] C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe /install /silent
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [msnmsgr] «C:Program FilesMSN Messengermsnmsgr.exe» /background
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Startup: HDDlife.lnk = C:Program FilesBinarySenseHDDlifeHDDlifePro.exe
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: BTTray.lnk = ?
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Отправить через &Bluetooth — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie_ctx.htm
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: @btrez.dll,-4015 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie.htm
O9 — Extra ‘Tools’ menuitem: @btrez.dll,-4017 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie.htm
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) — http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 — DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) — http://malysh-baby.spaces.live.com/PhotoUpload/MsnPUpld.cab
O17 — HKLMSystemCCSServicesTcpip..{B1D5F7AB-4CA5-4382-BC6A-92145902D989}: NameServer = 81.9.64.67,81.9.67.34
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Bluetooth Service (btwdins) — Broadcom Corporation. — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: LoviVkontake Service (LoviVkontakteService) — Zeyfman Genady — C:Program FilesLoviVkontakteVkontakteService.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Служба SMART Board (SMART Board Service) — SMART Technologies Inc. — C:Program FilesSMART Board SoftwareSMARTBoardService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 9967 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object — C:Program FilesSMART Board SoftwareNotebookPlugin.dll [2006-11-24 614400]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{757FF18E-494C-46AC-AF9D-6A6012C315A3}]
SHN Data Decoder — C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2009-01-01 2042944]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2009-01-06 737776]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-04-16 405504]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2009-01-01 2042944]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-12-16 3111712]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«nod32kui»=C:Program FilesEsetnod32kui.exe [2008-06-27 949376]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2006-07-21 86016]
«IMJPMIG8.1″=C:WINDOWSIMEimjp8_1IMJPMIG.EXE [2004-08-04 208952]
«MSPY2002″=C:WINDOWSsystem32IMEPINTLGNTImScInst.exe [2004-08-04 59392]
«PHIME2002ASync»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«PHIME2002A»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«BluetoothAuthenticationAgent»=C:WINDOWSsystem32bthprops.cpl [2004-08-17 110592]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-08-25 1168264]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
«Malwarebytes’ Anti-Malware»=C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe [2009-01-14 399504]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]
«msnmsgr»=C:Program FilesMSN Messengermsnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDownload Master]
C:Program FilesDownload Masterdmaster.exe [2008-11-18 3297280]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregFineReader7NewsReaderPro]
C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe [2003-09-11 278528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLoviVkontakte]
C:Program FilesLoviVkontaktelovivkontakte.exe [2009-01-06 729600]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]
C:Program FilesMSN Messengermsnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMuxaSoft Dialer 4]
C:Program FilesMuxaSoft Dialermdialer32.exe [2003-11-15 2097152]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2008-06-27 282624]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^InterVideo WinCinema Manager.lnk]
C:PROGRA~1INTERV~1CommonBinWINCIN~1.EXE [2005-07-27 278528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^Средства SMART Board.lnk]
C:PROGRA~1SMARTB~1SMARTB~2.EXE [2006-11-24 3411968]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~2.0ReaderREADER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Женя^Главное меню^Программы^Автозагрузка^HDDlife.lnk]
C:PROGRA~1BINARY~1HDDlifeHDDLIF~1.EXE [2005-07-07 1299316]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Женя^Главное меню^Программы^Автозагрузка^Total Commander.lnk]
C:PROGRA~1TOTALC~1Totalcmd.exe [2007-09-06 1079752]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
BTTray.lnk — C:Program FilesWIDCOMMПрограммное обеспечение BluetoothBTTray.exe

C:Documents and SettingsЖеняГлавное менюПрограммыАвтозагрузка
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
HDDlife.lnk — C:Program FilesBinarySenseHDDlifeHDDlifePro.exe

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati3jnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati5jdxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati7nnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati3jnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati5jdxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati7nnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«NoInternetOpenWith «=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«MaxRecentDocs»=16
«Start_ShowRecentDocs»=2

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»
«C:Program FilesInterVideoDVD5WinDVD.exe»=»C:Program FilesInterVideoDVD5WinDVD.exe:*:Enabled:WinDVD»
«C:Program FilesInterVideoDVD7WinDVD.exe»=»C:Program FilesInterVideoDVD7WinDVD.exe:*:Enabled:WinDVD»
«C:WINDOWSsystem32mmc.exe»=»C:WINDOWSsystem32mmc.exe:*:Enabled:Консоль управления (MMC)»
«C:WINDOWSsystem32dpvsetup.exe»=»C:WINDOWSsystem32dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test»
«C:WINDOWSsystem32rundll32.exe»=»C:WINDOWSsystem32rundll32.exe:*:Enabled:Запуск библиотеки DLL как приложения»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-01-15 23:00:14 —-D—- C:Documents and SettingsЖеняApplication DataMalwarebytes
2009-01-15 23:00:07 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-01-15 23:00:07 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataMalwarebytes
2009-01-15 20:58:49 —-A—- C:WINDOWSsystem32rs32net.exe
2009-01-15 00:16:59 —-AD—- C:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
2009-01-15 00:16:33 —-D—- C:Program FilesSpyware Doctor
2009-01-15 00:16:33 —-D—- C:Documents and SettingsЖеняApplication DataPC Tools
2009-01-14 23:57:04 —-D—- C:Avenger
2009-01-14 23:57:03 —-A—- C:avenger.txt
2009-01-14 02:57:14 —-D—- C:Program Filestrend micro
2009-01-14 02:57:13 —-D—- C:rsit
2009-01-14 02:41:40 —-D—- C:Documents and SettingsЖеняApplication DataMozilla
2009-01-14 02:41:24 —-D—- C:Program FilesMozilla Firefox
2009-01-14 01:43:36 —-A—- C:WINDOWSsystem32stu2.exe
2009-01-13 23:35:45 —-D—- C:Program FilesAntivirusXP2008
2009-01-09 23:19:33 —-D—- C:Downloads
2009-01-09 23:19:03 —-D—- C:Documents and SettingsЖеняApplication DataDownload Master
2009-01-09 23:17:49 —-D—- C:Program FilesDownload Master
2009-01-09 12:58:10 —-D—- C:Program FilesYandex
2009-01-09 12:57:50 —-D—- C:Documents and SettingsЖеняApplication DataYandex
2009-01-07 13:09:06 —-D—- C:Program FilesLoviVkontakte
2009-01-02 22:57:27 —-A—- C:WINDOWSsystem32~.exe
2009-01-01 22:12:33 —-D—- C:Documents and SettingsЖеняApplication DataGoogle
2009-01-01 22:00:43 —-D—- C:Documents and SettingsЖеняApplication DataSkype
2009-01-01 22:00:42 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataGoogle
2009-01-01 21:58:45 —-D—- C:Program FilesSkype
2008-12-30 22:55:18 —-D—- C:Program FilesZyXEL
2008-12-26 21:25:20 —-D—- C:WINDOWSspeech
2008-12-26 21:24:56 —-D—- C:ViaVoice
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32VVRtkReg.dll
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32vvrtkclients.dll
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32setresus.dll
2008-12-26 21:24:14 —-D—- C:Program FilesCommon FilesSLSHARED
2008-12-26 21:24:05 —-D—- C:EngLearn

======List of files/folders modified in the last 1 months======

2009-01-16 00:20:06 —-D—- C:WINDOWSTemp
2009-01-16 00:10:09 —-D—- C:WINDOWS
2009-01-16 00:09:09 —-D—- C:WINDOWSPrefetch
2009-01-15 23:51:31 —-D—- C:Program FilesEset
2009-01-15 23:08:56 —-A—- C:WINDOWSNeroDigital.ini
2009-01-15 23:00:12 —-D—- C:WINDOWSsystem32drivers
2009-01-15 23:00:07 —-RD—- C:Program Files
2009-01-15 22:48:22 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-15 22:46:10 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-15 21:03:11 —-D—- C:WINDOWSsystem32
2009-01-15 00:17:57 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-14 22:00:15 —-SHD—- C:WINDOWSInstaller
2009-01-14 21:57:45 —-D—- C:WINDOWSSoftwareDistribution
2009-01-14 21:57:45 —-D—- C:Program FilesTotal Video Converter
2009-01-14 21:57:45 —-D—- C:Program FilesLMBomber
2009-01-14 21:57:45 —-D—- C:Program FilesCommon FilesACD Systems
2009-01-14 21:57:45 —-D—- C:Program FilesApollo 3GP Video Converter
2009-01-14 21:57:45 —-D—- C:Program FilesABBYY FineReader 7.0 Professional Edition
2009-01-14 19:43:33 —-ASH—- C:boot.ini
2009-01-14 19:43:33 —-A—- C:WINDOWSwin.ini
2009-01-14 19:43:33 —-A—- C:WINDOWSsystem.ini
2009-01-14 01:43:32 —-A—- C:WINDOWSsystem32userinit.exe
2009-01-09 12:58:21 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-05 17:17:42 —-A—- C:WINDOWSModemLog_Generic 56K HCF Data Fax Modem.txt
2009-01-02 01:14:47 —-D—- C:WINDOWSHelp
2009-01-01 22:00:44 —-D—- C:Program FilesGoogle
2008-12-29 19:44:42 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-12-28 19:31:13 —-A—- C:WINDOWSwinamp.ini
2008-12-28 16:40:45 —-HD—- C:WINDOWSinf
2008-12-26 21:24:22 —-RSD—- C:WINDOWSFonts
2008-12-26 21:24:14 —-D—- C:Program FilesCommon Files
2008-12-25 16:19:37 —-A—- C:WINDOWScm.ini
2008-12-24 23:35:06 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataAdobe
2008-12-24 23:31:48 —-D—- C:Documents and SettingsЖеняApplication DataAdobe
2008-12-24 07:08:37 —-D—- C:Documents and SettingsЖеняApplication DataCanon
2008-12-23 16:18:46 —-SD—- C:Documents and SettingsЖеняApplication DataMicrosoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 IKSysFlt;System Filter Driver; C:WINDOWSsystem32driversiksysflt.sys [2008-08-25 66952]
R1 IKSysSec;System Security Driver; C:WINDOWSsystem32driversiksyssec.sys [2008-08-25 81288]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 nod32drv;nod32drv; C:WINDOWSsystem32driversnod32drv.sys [2008-06-27 15424]
R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2004-05-05 4228]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 AMON;AMON; C:WINDOWSsystem32driversamon.sys [2008-06-27 512096]
R2 BTSERIAL;Bluetooth Serial Driver; ??C:WINDOWSsystem32driversbtserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; ??C:WINDOWSsystem32driversbtslbcsp.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2006-03-20 3960000]
R3 BTKRNL;Нумератор шины Bluetooth; C:WINDOWSsystem32DRIVERSbtkrnl.sys [2006-05-12 1342602]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:WINDOWSSystem32Driversbtwusb.sys [2006-05-12 57320]
R3 Cap7134;Behold TV WDM Capture; C:WINDOWSsystem32DRIVERScap7134.sys [2005-01-09 333184]
R3 HCF_MSFT;HCF_MSFT; C:WINDOWSsystem32DRIVERSHCF_MSFT.sys [2001-10-19 907968]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2004-08-04 1897408]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2008-06-27 10368]
R3 PhTVTune;Behold TV Tuner; C:WINDOWSsystem32DRIVERSphtvtune.sys [2005-01-11 15456]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-03 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 btaudio;Аудиоустройство Bluetooth; C:WINDOWSsystem32driversbtaudio.sys [2006-05-12 401664]
S3 BTDriver;Драйвер виртуальной связи Bluetooth; C:WINDOWSsystem32DRIVERSbtport.sys [2006-05-12 30363]
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2004-08-17 274688]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-03 18944]
S3 BTWDNDIS;Сервер доступа к локальной сети Bluetooth; C:WINDOWSsystem32DRIVERSbtwdndis.sys [2006-05-12 148168]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-03 59648]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 btwdins;Bluetooth Service; C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe [2006-05-12 258103]
R2 LoviVkontakteService;LoviVkontake Service; C:Program FilesLoviVkontakteVkontakteService.exe [2009-01-04 425984]
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2008-06-27 552064]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2008-06-13 356920]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2008-10-09 1079176]
R2 SMART Board Service;Служба SMART Board; C:Program FilesSMART Board SoftwareSMARTBoardService.exe [2006-11-24 1003520]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-03-26 292864]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-07-05 72704]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 usnjsvc;Служба Messenger Sharing Folders USN Journal Reader; C:Program FilesMSN Messengerusnsvc.exe [2007-01-19 97136]

EOF

Спасибо!!!
16 января, 2009 в 3:59 пп #21149
Admin
Keymaster
- Темы:40
- Сообщений:5676
Ещё нужно немножко поработать.

Скачайте программу Avenger кликнув по этой ссылке и распакуйте её на Рабочий стол.
Запустите Avenger, при это убедитесь что стоит галочка в пункте «Scan for rootkits» и нет галочки в пункте «Automatically disable any rootkits found». Уберите или поставьте галочки в случае необходимости. Скопируйте ниже приведённый текст в Input script Box:
```
Registry keys to delete:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{757FF18E-494C-46AC-AF9D-6A6012C315A3}

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati3jnxx.sys

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati5jdxx.sys

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati7nnxx.sys

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati3jnxx.sys

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati5jdxx.sys

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati7nnxx.sys



Files to delete:

C:WINDOWSsystem32stu2.exe

C:WINDOWSsystem32rs32net.exe

C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll



Folders to delete:

C:Program FilesAntivirusXP2008
```
Кликните Execute. Появится запрос о подтверждении ваших действий, нажмите Yes.
Avenger запуститься. В процессе работы возможны несколько перезагрузок компьютера.
По-окончании работы будет показан лог, пожалуйста вставьте его в ваш ответ.
Так же приложите свежий RSIT лог.
16 января, 2009 в 6:54 пп #21150
Аноним
Гость
- Темы:532
- Сообщений:1553
После работы Авенгера пропали все ярлыки и панели с рабочего стола. Войти можно только через «контрл»-альт-делет», раскладка тоже не работает. Как вернуть?
16 января, 2009 в 7:24 пп #21151
Аноним
Гость
- Темы:532
- Сообщений:1553
Откатил обратно. Первоначально при запуске Avengera сканирование не осуществлялось, просто экран очистился от ярлыков, нижней панели, перезагрузки компа также не происходило, пока не перезагрузил принудительно. Лога никакого естественно не появилось. Может сделал что-то не то?
18 января, 2009 в 2:17 пп #21153
Admin
Keymaster
- Темы:40
- Сообщений:5676
Странное явление, судя по всему Avenger завис по каким-то причинам.

Скиньте свежий RSIT лог.
18 января, 2009 в 6:12 пп #21154
Аноним
Гость
- Темы:532
- Сообщений:1553
Здравствуйте, Valeri.
RSIT лог:

Logfile of random’s system information tool 1.05 (written by random/random)
Run by Женя at 2009-01-18 21:10:17
Microsoft Windows XP Professional Service Pack 2
System drive C: has 36 GB (70%) free of 51 GB
Total RAM: 1535 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:10:24, on 18.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesEsetnod32kui.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32rundll32.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:Program FilesSpyware DoctorpctsTray.exe
C:Program FilesLoviVkontaktelovivkontakte.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesWIDCOMMПрограммное обеспечение BluetoothBTTray.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe
C:Program FilesLoviVkontakteVkontakteService.exe
C:PROGRA~1WIDCOMMBLUETO~1BTSTAC~1.EXE
C:Program FilesEsetnod32krn.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesSMART Board SoftwareSMARTBoardService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesMSN Messengerusnsvc.exe
C:Program FilesPC Connectivity SolutionNclBTHandler.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsЖеняРабочий столСканир ЛОГ RSIT.exe
C:WINDOWSsystem32wbemwmiprvse.exe
C:Program Filestrend microЖеня.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://g.msn.com/0SERURU/SAOS03
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.vch.ru/
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = vkontakte.ru;www.vkontakte.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: SMART Notebook Download Plugin — {67BCF957-85FC-4036-8DC4-D4D80E00A77B} — C:Program FilesSMART Board SoftwareNotebookPlugin.dll
O2 — BHO: xaelibP — {757FF18E-494C-46AC-AF9D-6A6012C315A3} — C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll (file missing)
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [IMJPMIG8.1] «C:WINDOWSIMEimjp8_1IMJPMIG.EXE» /Spoil /RemAdvDef /Migration32
O4 — HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 — HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 — HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKLM..Run: [LoviVkontakte] C:Program FilesLoviVkontaktelovivkontakte.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [msnmsgr] «C:Program FilesMSN Messengermsnmsgr.exe» /background
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Startup: HDDlife.lnk = C:Program FilesBinarySenseHDDlifeHDDlifePro.exe
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: BTTray.lnk = ?
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Отправить через &Bluetooth — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie_ctx.htm
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: @btrez.dll,-4015 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie.htm
O9 — Extra ‘Tools’ menuitem: @btrez.dll,-4017 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbtsendto_ie.htm
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) — http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 — DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) — http://malysh-baby.spaces.live.com/PhotoUpload/MsnPUpld.cab
O17 — HKLMSystemCCSServicesTcpip..{B1D5F7AB-4CA5-4382-BC6A-92145902D989}: NameServer = 81.9.64.67,81.9.67.34
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Bluetooth Service (btwdins) — Broadcom Corporation. — C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: LoviVkontake Service (LoviVkontakteService) — Zeyfman Genady — C:Program FilesLoviVkontakteVkontakteService.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Служба SMART Board (SMART Board Service) — SMART Technologies Inc. — C:Program FilesSMART Board SoftwareSMARTBoardService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 9879 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object — C:Program FilesSMART Board SoftwareNotebookPlugin.dll [2006-11-24 614400]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{757FF18E-494C-46AC-AF9D-6A6012C315A3}]
SHN Data Decoder — C:Documents and SettingsAll Users.WINDOWSApplication Dataxaelib.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2009-01-01 2042944]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2009-01-06 737776]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-04-16 405504]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2009-01-01 2042944]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-12-16 3111712]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«nod32kui»=C:Program FilesEsetnod32kui.exe [2008-06-27 949376]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2006-07-21 86016]
«IMJPMIG8.1″=C:WINDOWSIMEimjp8_1IMJPMIG.EXE [2004-08-04 208952]
«MSPY2002″=C:WINDOWSsystem32IMEPINTLGNTImScInst.exe [2004-08-04 59392]
«PHIME2002ASync»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«PHIME2002A»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«BluetoothAuthenticationAgent»=C:WINDOWSsystem32bthprops.cpl [2004-08-17 110592]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-08-25 1168264]
«LoviVkontakte»=C:Program FilesLoviVkontaktelovivkontakte.exe [2009-01-06 729600]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]
«msnmsgr»=C:Program FilesMSN Messengermsnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDownload Master]
C:Program FilesDownload Masterdmaster.exe [2008-11-18 3297280]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregFineReader7NewsReaderPro]
C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe [2003-09-11 278528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMsnMsgr]
C:Program FilesMSN Messengermsnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMuxaSoft Dialer 4]
C:Program FilesMuxaSoft Dialermdialer32.exe [2003-11-15 2097152]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2008-06-27 282624]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^InterVideo WinCinema Manager.lnk]
C:PROGRA~1INTERV~1CommonBinWINCIN~1.EXE [2005-07-27 278528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^Средства SMART Board.lnk]
C:PROGRA~1SMARTB~1SMARTB~2.EXE [2006-11-24 3411968]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~2.0ReaderREADER~1.EXE [2005-09-24 29696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Женя^Главное меню^Программы^Автозагрузка^HDDlife.lnk]
C:PROGRA~1BINARY~1HDDlifeHDDLIF~1.EXE [2005-07-07 1299316]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Женя^Главное меню^Программы^Автозагрузка^Total Commander.lnk]
C:PROGRA~1TOTALC~1Totalcmd.exe [2007-09-06 1079752]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
BTTray.lnk — C:Program FilesWIDCOMMПрограммное обеспечение BluetoothBTTray.exe

C:Documents and SettingsЖеняГлавное менюПрограммыАвтозагрузка
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
HDDlife.lnk — C:Program FilesBinarySenseHDDlifeHDDlifePro.exe

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati3jnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati5jdxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalati7nnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati3jnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati5jdxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkati7nnxx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«NoInternetOpenWith «=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«MaxRecentDocs»=16
«Start_ShowRecentDocs»=2

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»
«C:Program FilesInterVideoDVD5WinDVD.exe»=»C:Program FilesInterVideoDVD5WinDVD.exe:*:Enabled:WinDVD»
«C:Program FilesInterVideoDVD7WinDVD.exe»=»C:Program FilesInterVideoDVD7WinDVD.exe:*:Enabled:WinDVD»
«C:WINDOWSsystem32mmc.exe»=»C:WINDOWSsystem32mmc.exe:*:Enabled:Консоль управления (MMC)»
«C:WINDOWSsystem32dpvsetup.exe»=»C:WINDOWSsystem32dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test»
«C:WINDOWSsystem32rundll32.exe»=»C:WINDOWSsystem32rundll32.exe:*:Enabled:Запуск библиотеки DLL как приложения»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-01-16 22:15:24 —-A—- C:Program Filesfhyksmid.txt
2009-01-15 23:00:14 —-D—- C:Documents and SettingsЖеняApplication DataMalwarebytes
2009-01-15 23:00:07 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-01-15 23:00:07 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataMalwarebytes
2009-01-15 00:16:59 —-AD—- C:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
2009-01-15 00:16:33 —-D—- C:Program FilesSpyware Doctor
2009-01-15 00:16:33 —-D—- C:Documents and SettingsЖеняApplication DataPC Tools
2009-01-14 23:57:04 —-D—- C:Avenger
2009-01-14 02:57:14 —-D—- C:Program Filestrend micro
2009-01-14 02:57:13 —-D—- C:rsit
2009-01-14 02:41:40 —-D—- C:Documents and SettingsЖеняApplication DataMozilla
2009-01-14 02:41:24 —-D—- C:Program FilesMozilla Firefox
2009-01-14 01:43:36 —-A—- C:WINDOWSsystem32stu2.exe
2009-01-09 23:19:33 —-D—- C:Downloads
2009-01-09 23:19:03 —-D—- C:Documents and SettingsЖеняApplication DataDownload Master
2009-01-09 23:17:49 —-D—- C:Program FilesDownload Master
2009-01-09 12:58:10 —-D—- C:Program FilesYandex
2009-01-09 12:57:50 —-D—- C:Documents and SettingsЖеняApplication DataYandex
2009-01-07 13:09:06 —-D—- C:Program FilesLoviVkontakte
2009-01-02 22:57:27 —-A—- C:WINDOWSsystem32~.exe
2009-01-01 22:12:33 —-D—- C:Documents and SettingsЖеняApplication DataGoogle
2009-01-01 22:00:43 —-D—- C:Documents and SettingsЖеняApplication DataSkype
2009-01-01 22:00:42 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataGoogle
2009-01-01 21:58:45 —-D—- C:Program FilesSkype
2008-12-30 22:55:18 —-D—- C:Program FilesZyXEL
2008-12-26 21:25:20 —-D—- C:WINDOWSspeech
2008-12-26 21:24:56 —-D—- C:ViaVoice
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32VVRtkReg.dll
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32vvrtkclients.dll
2008-12-26 21:24:56 —-A—- C:WINDOWSsystem32setresus.dll
2008-12-26 21:24:14 —-D—- C:Program FilesCommon FilesSLSHARED
2008-12-26 21:24:05 —-D—- C:EngLearn

======List of files/folders modified in the last 1 months======

2009-01-18 21:10:14 —-D—- C:WINDOWSTemp
2009-01-18 20:48:56 —-D—- C:WINDOWSPrefetch
2009-01-18 20:47:34 —-RD—- C:Program Files
2009-01-18 20:33:47 —-D—- C:WINDOWS
2009-01-18 15:19:24 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-18 14:35:36 —-D—- C:Program FilesEset
2009-01-18 14:34:34 —-D—- C:WINDOWSsystem32drivers
2009-01-18 14:33:09 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-18 14:32:37 —-ASH—- C:boot.ini
2009-01-18 14:32:37 —-A—- C:WINDOWSwin.ini
2009-01-18 14:32:37 —-A—- C:WINDOWSsystem.ini
2009-01-17 23:04:56 —-A—- C:WINDOWSNeroDigital.ini
2009-01-17 19:05:45 —-D—- C:WINDOWSsystem32
2009-01-16 22:07:30 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-01-16 22:04:36 —-D—- C:WINDOWSsystem32config
2009-01-16 22:04:26 —-D—- C:WINDOWSsystem32wbem
2009-01-16 22:04:26 —-D—- C:WINDOWSRegistration
2009-01-16 21:44:26 —-D—- C:Documents and Settings
2009-01-15 00:17:57 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-14 22:00:15 —-SHD—- C:WINDOWSInstaller
2009-01-14 21:57:45 —-D—- C:WINDOWSsystem32NtmsData
2009-01-14 21:57:45 —-D—- C:WINDOWSSoftwareDistribution
2009-01-14 21:57:45 —-D—- C:Program FilesTotal Video Converter
2009-01-14 21:57:45 —-D—- C:Program FilesLMBomber
2009-01-14 21:57:45 —-D—- C:Program FilesCommon FilesACD Systems
2009-01-14 21:57:45 —-D—- C:Program FilesApollo 3GP Video Converter
2009-01-14 21:57:45 —-D—- C:Program FilesABBYY FineReader 7.0 Professional Edition
2009-01-09 12:58:21 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-05 17:17:42 —-A—- C:WINDOWSModemLog_Generic 56K HCF Data Fax Modem.txt
2009-01-02 01:14:47 —-D—- C:WINDOWSHelp
2009-01-01 22:00:44 —-D—- C:Program FilesGoogle
2008-12-28 19:31:13 —-A—- C:WINDOWSwinamp.ini
2008-12-28 16:40:45 —-HD—- C:WINDOWSinf
2008-12-26 21:24:22 —-RSD—- C:WINDOWSFonts
2008-12-26 21:24:14 —-D—- C:Program FilesCommon Files
2008-12-25 16:19:37 —-A—- C:WINDOWScm.ini
2008-12-24 23:35:06 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataAdobe
2008-12-24 23:31:48 —-D—- C:Documents and SettingsЖеняApplication DataAdobe
2008-12-24 07:08:37 —-D—- C:Documents and SettingsЖеняApplication DataCanon
2008-12-23 16:18:46 —-SD—- C:Documents and SettingsЖеняApplication DataMicrosoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 IKSysFlt;System Filter Driver; C:WINDOWSsystem32driversiksysflt.sys [2008-08-25 66952]
R1 IKSysSec;System Security Driver; C:WINDOWSsystem32driversiksyssec.sys [2008-08-25 81288]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 nod32drv;nod32drv; C:WINDOWSsystem32driversnod32drv.sys [2008-06-27 15424]
R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2004-05-05 4228]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 AMON;AMON; C:WINDOWSsystem32driversamon.sys [2008-06-27 512096]
R2 BTSERIAL;Bluetooth Serial Driver; ??C:WINDOWSsystem32driversbtserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; ??C:WINDOWSsystem32driversbtslbcsp.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2006-03-20 3960000]
R3 BTKRNL;Нумератор шины Bluetooth; C:WINDOWSsystem32DRIVERSbtkrnl.sys [2006-05-12 1342602]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:WINDOWSSystem32Driversbtwusb.sys [2006-05-12 57320]
R3 Cap7134;Behold TV WDM Capture; C:WINDOWSsystem32DRIVERScap7134.sys [2005-01-09 333184]
R3 HCF_MSFT;HCF_MSFT; C:WINDOWSsystem32DRIVERSHCF_MSFT.sys [2001-10-19 907968]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2004-08-04 1897408]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2008-06-27 10368]
R3 PhTVTune;Behold TV Tuner; C:WINDOWSsystem32DRIVERSphtvtune.sys [2005-01-11 15456]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-03 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 btaudio;Аудиоустройство Bluetooth; C:WINDOWSsystem32driversbtaudio.sys [2006-05-12 401664]
S3 BTDriver;Драйвер виртуальной связи Bluetooth; C:WINDOWSsystem32DRIVERSbtport.sys [2006-05-12 30363]
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2004-08-17 274688]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-03 18944]
S3 BTWDNDIS;Сервер доступа к локальной сети Bluetooth; C:WINDOWSsystem32DRIVERSbtwdndis.sys [2006-05-12 148168]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-03 59648]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 btwdins;Bluetooth Service; C:Program FilesWIDCOMMПрограммное обеспечение Bluetoothbinbtwdins.exe [2006-05-12 258103]
R2 LoviVkontakteService;LoviVkontake Service; C:Program FilesLoviVkontakteVkontakteService.exe [2009-01-04 425984]
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2008-06-27 552064]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2008-06-13 356920]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2008-10-09 1079176]
R2 SMART Board Service;Служба SMART Board; C:Program FilesSMART Board SoftwareSMARTBoardService.exe [2006-11-24 1003520]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-03-26 292864]
R3 usnjsvc;Служба Messenger Sharing Folders USN Journal Reader; C:Program FilesMSN Messengerusnsvc.exe [2007-01-19 97136]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-07-05 72704]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]

EOF

___________________________-
info.txt logfile of random’s system information tool 1.05 2009-01-18 21:28:35

======Uninstall list======

—>MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
—>»C:ViaVoiceBinvunUS.exe» ProdRunControl Dc En_US ‘IBM ViaVoice™ Command and Control Runtime’ C:WINDOWSIsUninst.exe -fC:ViaVoiceRtCmnd_US.isu
—>»C:ViaVoiceBinvunUS.exe» ProdRunControl Dc En_US ‘IBM ViaVoice™ Command and Control Runtime’ C:WINDOWSIsUninst.exe -fC:ViaVoiceRtCmnd_US.isu
—>C:Program FilesDivXConverterUninstall.exe /CONVERTER
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
«Большая энциклопедия Кирилла и Мефодия 2004 (DVD)»—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{83A4C1FD-8A36-486C-985A-0A63F31AA1BC}setup.exe» -l0x19
ABBYY FineReader 7.0 Professional Edition—>MsiExec.exe /I{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}
ACDSee Pro—>MsiExec.exe /I{F99F74B4-972B-4B06-B893-6B3B0DB0128B}
Adobe Bridge 1.0—>MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer—>MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Help Center 1.0—>MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS Russian Version—>C:PROGRA~1AdobePHOTOS~1UNWISE.EXE C:PROGRA~1AdobePHOTOS~1INSTALL.LOG
Adobe Photoshop CS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EFB21DE7-8C19-4A88-BB28-A766E16493BC}setup.exe» -l0x9
Adobe Photoshop CS2—>msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
Adobe Stock Photos 1.0—>MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Apollo 3GP Video Converter 2.2.6—>»C:Program FilesApollo 3GP Video Converterunins000.exe»
ArcSoft PhotoStudio 5.5—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{230CCBE9-14B0-4008-97AF-30C10F99E42C}setup.exe» -l0x9
AusLogics Disk Defrag—>»C:Program FilesAusLogics Disk Defragunins000.exe»
Behold TV v3.50—>C:Program FilesBeholdTVBhUninst.exe
BSPlayer—>»C:Program FilesWebtehBSPlayeruninstall.exe»
Canon CanoScan Toolbox 4.5—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}setup.exe» -l0x9 anything
Canon PhotoRecord—>MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP5000—>C:WINDOWSsystem32CNMCP6d.exe «-PRINTERNAMECanon PIXMA iP5000» «-HELPERDLLC:BJPrinterCNMWINDOWSCanon PIXMA iP5000 InstallerInst2cnmis.dll» «-RCDLLC:BJPrinterCNMWINDOWSCanon PIXMA iP5000 InstallerInst2cnmi0419.dll»
Canon Utilities Easy-PhotoPrint—>C:Program FilesCanonEasy-PhotoPrintuninst.exe C:Program FilesCanonEasy-PhotoPrintuninst.ini
CD-LabelPrint—>»C:Program FilesCanonCD-LabelPrintUninstal.exe» Canon.CDLabelPrint.Application
CorelDRAW Graphics Suite X3—>MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
Creative DVD Audio Plugin for Audigy Series—>»C:Program FilesCreativeCTDPluginCTUIDVD.exe » -u
DivX Codec—>C:Program FilesDivXDivXCodecUninstall.exe /CODEC
DivX Content Uploader—>C:Program FilesDivXDivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter—>C:Program FilesDivXConverterUninstall.exe /CONVERTER
DivX Player—>C:Program FilesDivXDivXPlayerUninstall.exe /PLAYER
DivX Web Player—>C:Program FilesDivXDivXWebPlayerUninstall.exe /PLUGIN
Download Master version 5.5.7.1145—>»C:Program FilesDownload Masterunins000.exe»
Dream Aquarium—>»C:Program FilesDream AquariumUnInstall.exe»
Easy-WebPrint—>C:WINDOWSIsUninst.exe -f»C:Program FilesCanonEasy-WebPrintUninst.isu»
FontNav—>MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
Google Earth—>MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
HDDlife—>MsiExec.exe /I{E5B16D3B-B215-413D-85F8-7FEED40CA4A2}
Hide Folders XP 2.5 for Windows 2000/XP—>»C:Program FilesHide Folders XP 2unins000.exe»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
InterActual Player—>C:Program FilesInterActualInterActual Playerinuninst.exe
InterVideo WinDVD 5—>»C:Program FilesInstallShield Installation Information{1B399A41-C1D0-40A2-9E4F-095868EFAF01}setup.exe» REMOVEALL
InterVideo WinDVD 7—>»C:Program FilesInstallShield Installation Information{90885A82-9673-49EA-AB39-AF776639C67C}setup.exe» REMOVEALL
InterVideo WinDVD Creator—>»C:Program FilesInstallShield Installation Information{9933F0EE-DFCD-4829-B979-3C56C367CB1A}setup.exe» REMOVEALL
LMBomber Professional—>C:PROGRA~1LMBomberUNWISE.EXE C:PROGRA~1LMBomberINSTALL.LOG
LoviVkontakte 2.20.0.0—>»C:Program FilesLoviVkontakteunins000.exe»
Malwarebytes’ Anti-Malware—>»C:Program FilesMalwarebytes’ Anti-Malwareunins000.exe»
Manual CanoScan 3200,3200F—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B9C54C44-BB5A-4B03-8907-C01A9790195A}setup.exe» -l0x9
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (3.0.5)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 Parser and SDK—>MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MuxaSoft Dialer 4.1—>»C:Program FilesMuxaSoft Dialerunins000.exe»
Nero 7 Premium—>MsiExec.exe /I{42347B75-9660-2DA4-63FD-D35E344E1049}
Nokia Connectivity Cable Driver—>MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite—>C:Documents and SettingsAll Users.WINDOWSApplication DataInstallations{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}Nokia_PC_Suite_683_rel_14_1_EA.exe /LANG=»1049″
Nokia PC Suite—>MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
Norton PartitionMagic 8.0—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
PC Connectivity Solution—>MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
QuickTime—>C:PROGRA~1COMMON~1INSTAL~1Driver11INTEL3~1IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1033
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» -l0x19 -removeonly
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -l0x19 -removeonly
RU—>MsiExec.exe /I{01AE68B4-C785-4865-BC7E-78456372BB75}
Skype 2.5—>»C:Program FilesSkypePhoneunins000.exe»
SMART Board Software (Russian Language Pack)—>MsiExec.exe /X{FF509B15-7BF5-4BF5-946F-4DCE56935A3B}
SMART Essentials for Educators—>MsiExec.exe /X{A41A96D2-A069-4678-BDAF-2AACED576ABD}
Spyware Doctor 6.0—>C:Program FilesSpyware Doctorunins000.exe /LOG
Total Commander 7.02 Total Commander 7.02 PowerPack 1.50—>»C:Program FilesTotal Commanderuninstall.exe»
Total Video Converter 3.12 080330—>»C:Program FilesTotal Video Converterunins000.exe»
VBA—>MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
Video Converter 3—>C:Program FilesXilisoftVideo Converter 3Uninstall.exe
WIDCOMM Bluetooth Software—>MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
Windows Driver Package — Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33Epccswpddriver.inf
Windows Driver Package — Nokia Modem (02/15/2007 3.1)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293Bpccs_bluetooth.inf
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803$spuninstspuninst.exe»
Windows Live Messenger—>MsiExec.exe /I{FC3022FF-E8E2-47E2-9E06-6AF51FD7F26E}
Windows Live Sign-in Assistant—>MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
ZyXEL NetFriend 1.2.42—>»C:Program FilesZyXELNetFriendunins000.exe»
Английский: Путь к совершенству 2 — Advanced—>C:EngLearnAdvEngRussianunins000.exe
Антивирусная система NOD32—>C:Program FilesEsetSetupsetup.exe /UNINSTALL
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Готовимся к ЕГЭ. Русский язык—>»C:Program Filesintlinexs3unins000.exe»
Пакет драйверов Windows — Nokia Modem (11/03/2006 6.82.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567nokbtmdm.inf
Сократ Персональный 4.1—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9CD789E2-B7CE-11D5-B7E9-00A0C9449F99}setup.exe»
Электронная кулинарная книга 4.0—>C:WINDOWSunvise32.exe C:Program FilesCompax softwarekulinaruninstal.log
Яндекс.Бар для Internet Explorer 4.0.0—>»C:Program FilesYandexYandexBarIEunins000.exe»

======Hosts File======

127.0.0.1 vkontakte.ru
127.0.0.1 http://www.vkontakte.ru

======Security center information======

AV: Антивирусная система Eset NOD32 2.70

System event log

Computer Name: MALYSHEV
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Остановлена.

Record Number: 820
Source Name: Service Control Manager
Time Written: 20081019145441.000000+240
Event Type: информация
User:

Computer Name: MALYSHEV
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Работает.

Record Number: 819
Source Name: Service Control Manager
Time Written: 20081019145435.000000+240
Event Type: информация
User:

Computer Name: MALYSHEV
Event Code: 7035
Message: Служба «Служба COM записи компакт-дисков IMAPI» успешно отправила управляющий элемент «запустить».

Record Number: 818
Source Name: Service Control Manager
Time Written: 20081019145435.000000+240
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: MALYSHEV
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Остановлена.

Record Number: 817
Source Name: Service Control Manager
Time Written: 20081019135212.000000+240
Event Type: информация
User:

Computer Name: MALYSHEV
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Работает.

Record Number: 816
Source Name: Service Control Manager
Time Written: 20081019135206.000000+240
Event Type: информация
User:

Application event log

Computer Name: MALYSHEV
Event Code: 103
Message: msnmsgr (1952) \.C:Documents and SettingsЖеняLocal SettingsApplication DataMicrosoftMessengermalysh.baby@hotmail.comSharingMetadataWorkingdatabase_D640_3BF1_403B_D6C9dfsr.db: Ядро базы данных остановило работу экземпляра (0).

Record Number: 1078
Source Name: ESENT
Time Written: 20080822173008.000000+240
Event Type: информация
User:

Computer Name: MALYSHEV
Event Code: 102
Message: msnmsgr (1952) \.C:Documents and SettingsЖеняLocal SettingsApplication DataMicrosoftMessengermalysh.baby@hotmail.comSharingMetadataWorkingdatabase_D640_3BF1_403B_D6C9dfsr.db: Ядро базы данных запустило новый экземпляр (0).

Record Number: 1077
Source Name: ESENT
Time Written: 20080822155422.000000+240
Event Type: информация
User:

Computer Name: MALYSHEV
Event Code: 100
Message: msnmsgr (1952) Ядро базы данных 5.01.2600.2180 запущено.

Record Number: 1076
Source Name: ESENT
Time Written: 20080822155422.000000+240
Event Type: информация
User:

Computer Name: MALYSHEV
Event Code: 101
Message: msnmsgr (2296) Ядро базы данных остановлено.

Record Number: 1075
Source Name: ESENT
Time Written: 20080821201400.000000+240
Event Type: информация
User:

Computer Name: MALYSHEV
Event Code: 103
Message: msnmsgr (2296) \.C:Documents and SettingsЖеняLocal SettingsApplication DataMicrosoftMessengermalysh.baby@hotmail.comSharingMetadataWorkingdatabase_D640_3BF1_403B_D6C9dfsr.db: Ядро базы данных остановило работу экземпляра (0).

Record Number: 1074
Source Name: ESENT
Time Written: 20080821201400.000000+240
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesQuickTimeQTSystem;C:Program FilesCommon FilesAdobeAGL
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 2 Stepping 9, GenuineIntel
«PROCESSOR_REVISION»=0209
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«CLASSPATH»=.;C:Program FilesQuickTimeQTSystemQTJava.zip
«QTJAVA»=C:Program FilesQuickTimeQTSystemQTJava.zip

EOF
19 января, 2009 в 1:23 дп #21152
Admin
Keymaster
- Темы:40
- Сообщений:5676
Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.
Автор

Сообщения

Просмотр 10 сообщений - с 1 по 10 (из 10 всего)

Для ответа в этой теме необходимо авторизоваться.

Как удалить ленту новостей?

Добро пожаловать

Поиск

Последние темы

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки