Lock Em All

[spec]

Logfile of random’s system information tool 1.08 (written by random/random)
Run by SERGEY at 2010-11-13 00:17:14
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 95 GB (31%) free of 302 GB
Total RAM: 2046 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:17:16, on 13.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Windowssystem32taskeng.exe
C:UsersSERGEYAppDataLocalYandexUpdaterpraetorian.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesMail.RuSputnikSputnikHelper.exe
C:Program FilesMail.RuSputnikSputnikFlashPlayer.exe
C:WindowsSystem32mobsync.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32NOTEPAD.EXE
C:Windowssystem32NOTEPAD.EXE
C:UsersSERGEYDesktopRSIT.exe
C:Program Filestrend microSERGEY.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
F2 — REG:system.ini: UserInit=C:Windowssystem32userinit.exe,C:Windowssystem32usrinit.exe
O1 — Hosts: ::1 localhost
O1 — Hosts: 217.199.212.137 launcher.worldofwarcraft.com
O1 — Hosts: 217.199.212.137 launcher.wow-europe.com
O1 — Hosts: 217.199.212.137 status.wow-europe.com
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [HDAudDeck] C:Program FilesVIAVIAudioiVistaADeckHDAudioCPL.exe 1
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [Adobe ARM] «C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe»
O4 — HKCU..Run: [Praetorian] C:UsersSERGEYAppDataLocalYandexUpdaterpraetorian.exe
O4 — HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Google ВикиКомментарии… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) — http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 — DPF: {8A06DE21-1DB8-426F-8E46-3B96134B9FA8} (MessagePRO Class) — https://cbvtb24back.vtb24.ru/mesproax.cab
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 — HKLMSystemCCSServicesTcpip..{D34F5BAF-F45C-4AC6-9E44-0C896D766FC3}: NameServer = 10.10.0.2,195.189.80.66
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSkype4COM.dll
O22 — SharedTaskScheduler: Component Categories cache daemon — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:Windowssystem32browseui.dll
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: FsUsbExService — Teruten — C:Windowssystem32FsUsbExService.Exe
O23 — Service: Guard.Mail.ru — Unknown owner — C:Program FilesMail.RuGuardGuardMailRu.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: PnkBstrA — Unknown owner — C:Windowssystem32PnkBstrA.exe
O23 — Service: Protexis Licensing V2 (PSI_SVC_2) — Protexis Inc. — C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Steam Client Service — Valve Corporation — C:Program FilesCommon FilesSteamSteamService.exe
O23 — Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) — NVIDIA Corporation — C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe

—
End of file — 7458 bytes

[spec]

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2010-09-22 61888]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2010-09-23 1146040]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2010-01-21 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2010-09-23 1146040]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2010-09-16 10961224]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
«HDAudDeck»=C:Program FilesVIAVIAudioiVistaADeckHDAudioCPL.exe [2007-05-11 1183744]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2010-09-23 35760]
«Adobe ARM»=C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Praetorian»=C:UsersSERGEYAppDataLocalYandexUpdaterpraetorian.exe [2010-08-18 823112]
«WMPNSCFG»=C:Program FilesWindows Media PlayerWMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe ARM]
C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]
C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAutoStartNPSAgent]
C:Program FilesSamsungSamsung New PC StudioNPSAgent.exe [2010-03-09 102400]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools Lite]
C:Program FilesDAEMON Tools LiteDTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDTClock15.exe]
C:Program FilesDTClockDTClock15.exe [2003-01-08 365568]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGuard.Mail.ru.gui]
C:Program FilesMail.RuGuardGuardMailRu.exe [2010-09-23 973168]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHomeAlarm]
C:Program FilesChameleon ClockChamClock.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMAAgent]
C:Program FilesMarkAnyContentSaferMAAgent.exe [2007-01-30 57344]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeQTTask.exe -atboottime []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRGSC]
C:Program FilesRockstar GamesRockstar Games Social ClubRGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSidebar]
C:Program FilesWindows Sidebarsidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSMSTray]
C:Program FilesSamsungSamsung Media Studio 5SMSTray.exe [2007-09-20 132624]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSteam]
C:Program FilesSteamSteam.exe -silent []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched]
C:Program FilesJavajre6binjusched.exe [2010-01-21 149280]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreguTorrent]
C:Program FilesuTorrentuTorrent.exe []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{88485281-8b4b-4f8d-9ede-82e29a064277}»=C:PROGRA~1MarkAnyCONTEN~1MACSMA~1.DLL [2004-11-23 192512]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«BindDirectlyToPropertySetStorage»=0

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2010-11-13 00:07:42 —-D—- C:rsit
2010-11-13 00:07:42 —-D—- C:Program Filestrend micro
2010-11-11 02:05:11 —-ASH—- C:hiberfil.sys
2010-11-10 22:53:59 —-D—- C:Program FilesLiving Dolphins 3D Screensaver
2010-11-10 22:51:33 —-D—- C:Program FilesElectriCalm 3D Screensaver
2010-11-09 10:33:12 —-D—- C:Program FilesCommon Files27F44FE0a
2010-11-07 14:59:00 —-D—- C:Program FilesCounter-strike
2010-11-05 22:04:39 —-D—- C:Program FilesEarth 3D Space Survey Screensaver
2010-10-27 10:15:34 —-A—- C:Windowssystem32gameux.dll
2010-10-27 10:15:32 —-A—- C:Windowssystem32GameUXLegacyGDFs.dll
2010-10-27 10:15:32 —-A—- C:Windowssystem32Apphlpdm.dll
2010-10-26 19:02:17 —-D—- C:Program FilesDAEMON Tools Lite

======List of files/folders modified in the last 1 months======

2010-11-13 00:17:11 —-D—- C:WindowsTemp
2010-11-13 00:07:42 —-RD—- C:Program Files
2010-11-13 00:03:11 —-D—- C:WindowsSystem32
2010-11-13 00:03:11 —-A—- C:Windowssystem32PerfStringBackup.INI
2010-11-12 23:58:43 —-D—- C:ProgramDataNVIDIA
2010-11-11 16:31:25 —-D—- C:Windowssystem32LogFiles
2010-11-11 02:02:05 —-A—- C:Windowsntbtlog.txt
2010-11-11 01:57:25 —-SHD—- C:System Volume Information
2010-11-11 01:56:18 —-D—- C:WindowsDebug
2010-11-11 01:08:18 —-D—- C:Windowswinsxs
2010-11-11 00:53:10 —-D—- C:Windowssystem32catroot2
2010-11-11 00:53:10 —-D—- C:Windowssystem32catroot
2010-11-11 00:53:06 —-D—- C:Program FilesWindows Mail
2010-11-11 00:36:29 —-D—- C:WindowsPrefetch
2010-11-10 23:23:37 —-D—- C:Алёна-Востановленные+new
2010-11-10 22:49:45 —-SHD—- C:WindowsInstaller
2010-11-10 22:49:35 —-D—- C:Program FilesQuickTime
2010-11-10 22:41:59 —-D—- C:ProgramDataMotionDSP
2010-11-10 22:04:40 —-A—- C:Windowssystem32mrt.exe
2010-11-10 02:59:43 —-DC—- C:Windowssystem32DRVSTORE
2010-11-10 02:59:37 —-D—- C:Windows
2010-11-10 00:23:12 —-D—- C:Windowssystem32Samsung_USB_Drivers
2010-11-10 00:21:41 —-D—- C:Windowsinf
2010-11-10 00:21:40 —-D—- C:Windowssystem32drivers
2010-11-10 00:20:21 —-HD—- C:Program FilesInstallShield Installation Information
2010-11-10 00:17:47 —-D—- C:Program FilesSamsung
2010-11-10 00:14:58 —-D—- C:UsersSERGEYAppDataRoaminguTorrent
2010-11-09 23:32:17 —-D—- C:UsersSERGEYAppDataRoamingSkype
2010-11-09 16:01:17 —-D—- C:UsersSERGEYAppDataRoamingskypePM
2010-11-09 10:33:12 —-D—- C:Program FilesCommon Files
2010-11-07 14:54:26 —-D—- C:Program FilesValve
2010-11-06 18:14:21 —-A—- C:Windowssystem32PnkBstrB.exe
2010-10-28 18:40:49 —-SD—- C:UsersSERGEYAppDataRoamingMicrosoft
2010-10-28 18:40:49 —-D—- C:ProgramDataMicrosoft Help
2010-10-27 10:54:10 —-D—- C:WindowsAppPatch
2010-10-19 10:41:44 —-N—- C:Windowssystem32MpSigStub.exe
2010-10-15 21:13:53 —-D—- C:Program FilesSteam
2010-10-14 08:52:46 —-D—- C:Windowsrescache
2010-10-14 06:41:13 —-D—- C:Program FilesCommon FilesBlizzard Entertainment
2010-10-14 06:31:44 —-D—- C:Windowssystem32ru-RU
2010-10-14 06:31:44 —-D—- C:Program FilesWindows Media Player
2010-10-14 06:31:41 —-D—- C:Windowssystem32migration
2010-10-14 06:31:41 —-D—- C:Program FilesInternet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:WindowsSystem32Driverssptd.sys [2010-01-31 691696]
R0 ViBus;ViBus; C:Windowssystem32DRIVERSViBus.sys [2007-03-26 16896]
R0 videX32;videX32; C:Windowssystem32DRIVERSvideX32.sys [2006-10-17 9216]
R0 ViPrt;VIA SATA IDE Device Driver; C:Windowssystem32DRIVERSViPrt.sys [2007-03-26 52224]
R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-11-25 53328]
R2 atksgt;atksgt; C:Windowssystem32DRIVERSatksgt.sys [2010-01-31 271360]
R2 irda;ИК-протокол IrDA; C:Windowssystem32DRIVERSirda.sys [2008-01-19 95744]
R2 lirsgt;lirsgt; C:Windowssystem32DRIVERSlirsgt.sys [2010-01-31 18048]
R2 regi;regi; ??C:Windowssystem32driversregi.sys [2007-04-17 11032]
R3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver; C:Windowssystem32DRIVERSfetnd6v.sys [2008-09-22 43520]
R3 FsUsbExDisk;FsUsbExDisk; ??C:Windowssystem32FsUsbExDisk.SYS [2009-03-31 36608]
R3 HdAudAddService;VIA High Definition Audio Service; C:Windowssystem32driversviahduaa.sys [2007-04-23 219136]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-08-06 9569664]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S0 BTHidEnum;Bluetooth HID Enumerator; C:WindowsSystem32Driversvbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:WindowsSystem32DriversBTHidMgr.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:Windowssystem32DRIVERSblueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:Windowssystem32DRIVERSBlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:Windowssystem32DRIVERSbtnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WindowsSystem32Driversbtcusb.sys []
S3 BthEnum;Драйвер блока запроса Bluetooth; C:Windowssystem32DRIVERSBthEnum.sys [2009-04-11 22528]
S3 BthPan;Устройства Bluetooth (личной сети); C:Windowssystem32DRIVERSbthpan.sys [2008-01-19 92160]
S3 BTHPORT;Драйвер порта Bluetooth; C:WindowsSystem32DriversBTHport.sys [2009-04-11 507904]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WindowsSystem32DriversBTHUSB.sys [2009-04-11 29696]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:Windowssystem32DRIVERSfetnd5bv.sys [2007-02-27 42496]
S3 FETNDIS;VIA Rhine-Family Fast Ethernet служба драйвера адаптера; C:Windowssystem32DRIVERSfetnd5.sys [2006-11-02 45568]
S3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:Windowssystem32DRIVERSirsir.sys [2006-11-02 20992]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:Windowssystem32driversnvhda32v.sys [2009-08-11 66592]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:Windowssystem32DRIVERSrfcomm.sys [2009-04-11 148992]
S3 usbscan;Драйвер USB-сканера; C:Windowssystem32DRIVERSusbscan.sys [2008-01-19 35328]
S3 usbser;USB Serial emulation modem driver; C:Windowssystem32DRIVERSusbser.sys [2009-04-11 27648]
S3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2008-01-19 134016]
S3 VComm;Virtual Serial port driver; C:Windowssystem32DRIVERSVComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:WindowsSystem32DriversVcommMgr.sys []
S3 VHidMinidrv;Bluetooth HID Device Service; C:Windowssystem32driversVHIDMini.sys []
S3 VIAudio;VIA AC’97 аудио контроллер; C:Windowssystem32driversac97via.sys [2006-11-02 68096]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 FsUsbExService;FsUsbExService; C:Windowssystem32FsUsbExService.Exe [2009-03-31 233472]
R2 Guard.Mail.ru;Guard.Mail.ru; C:Program FilesMail.RuGuardGuardMailRu.exe [2010-09-23 973168]
R2 Irmon;@%SystemRoot%System32irmon.dll,-2000; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-08-06 215584]
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2010-03-04 75064]
R2 PSI_SVC_2;Protexis Licensing V2; C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe [2007-07-24 185632]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe [2009-08-06 239648]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2008-04-07 430592]
S3 Steam Client Service;Steam Client Service; C:Program FilesCommon FilesSteamSteamService.exe [2009-07-16 316664]

---

EOF

---

[juli]

Привет) Можете помочь, у меня баннер, его удалось закрыть, т.е. было написано Lock Em All. При следущем включении опять вылезает баннер! Что делать? Признаюсь, я-чайник, пишите как можно подробней))) спасибо

[Qvadro]

Отвчаю… включаем комп, далее когда появляется этот рекламный банер нажимаем Win+M и он сворачивается. далее заходим в мой компьютер диск С Windows далее в папку sistem32 в этой папке ищем файл usrinit.exe и удаляем…. все перезагружаем комп и готово, можно антивирусом проверить на всякий случай!

[Автор]

Сообщения