- This topic has 4 ответа, 2 участника, and was last updated 14 years, 11 months назад by
.
-
Сообщения
-
Опять на меня напала какаята гадость. «AV Security Suite» Такого же плана как и «Antispyware Visata,но хуже,не дает запустить RSIT даже.Помогите пожалуйста(( Он пропал,я успел RSIT запустить,но думаю пропал не на долго.
Logfile of random’s system information tool 1.08 (written by random/random)
Run by PIONER at 2010-07-10 00:22:07
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 358 GB (51%) free of 700 GB
Total RAM: 6077 MB (69% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:22:12, on 10.07.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: NormalRunning processes:
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program Files (x86)SteamSteam.exe
C:Program Files (x86)DAEMON Tools Litedaemon.exe
C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe
C:Program Files (x86)Digital Line DetectDLG.exe
C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program Files (x86)Enigma Software GroupSpyHunterSpyHunter3.exe
C:Program Files (x86)AdobeReader 9.0Readerreader_sl.exe
C:Program Files (x86)LogitechQuickCamQuickcam.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer.exe
C:Program Files (x86)Common FilesLogishrdLQCVFXCOCIManager.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbarUser_32.exe
C:Program Files (x86)Windows LiveToolbarwltuser.exe
C:WindowsSysWOW64conime.exe
C:UsersPIONERDownloadsRSIT(2).exe
C:Program Files (x86)trend microPIONER.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/USCON/1
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=41128
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet Explorer provided by Dell
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:5577
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program Files (x86)Mail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
F2 — REG:system.ini: UserInit=userinit.exe
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: (no name) — {5C255C8A-E604-49b4-9D64-90988571CECB} — (no file)
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll
O2 — BHO: MSN Toolbar Helper — {d2ce3e00-f94a-4740-988e-03dc2f38c34f} — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O2 — BHO: Windows Live Toolbar Helper — {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 — BHO: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O3 — Toolbar: &Windows Live Toolbar — {21FA44EF-376D-4D53-9B0F-8A89D3229068} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O3 — Toolbar: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll
O3 — Toolbar: MSN Toolbar — {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [StartCCC] «C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [LogitechQuickCamRibbon] «C:Program Files (x86)LogitechQuickCamQuickcam.exe» /hide
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Javajre6binjusched.exe»
O4 — HKLM..Run: [Microsoft Default Manager] «C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe» -resume
O4 — HKLM..Run: [avast5] «C:Program FilesAlwil SoftwareAvast5avastUI.exe» /nogui
O4 — HKLM..Run: [NokiaMServer] C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles
O4 — HKLM..Run: [NokiaMusic FastStart] «C:Program Files (x86)NokiaNokia MusicNokiaMusic.exe» /command:faststart
O4 — HKLM..RunOnce: [TSC] «C:Program FilesTrend MicroInternet Securitytsc.exe» /HD
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [Steam] «c:program files (x86)steamsteam.exe» -silent
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program Files (x86)DAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [RGSC] C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent
O4 — HKCU..Run: [EA Core] C:Program Files (x86)Electronic ArtsEADMCore.exe -silent
O4 — HKCU..Run: [swg] «C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [Comrade.exe] C:Program Files (x86)GameSpyComradeComrade.exe
O4 — HKCU..Run: [msnmsgr] «C:Program Files (x86)Windows LiveMessengermsnmsgr.exe» /background
O4 — HKCU..Run: [SUPERAntiSpyware] C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — .DEFAULT User Startup: Dell Dock First Run.lnk = C:Program FilesDellDellDockDellDock.exe (User ‘Default user’)
O4 — Startup: Dell Dock.lnk = C:Program FilesDellDellDockDellDock.exe
O4 — Global Startup: Digital Line Detect.lnk = C:Program Files (x86)Digital Line DetectDLG.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O8 — Extra context menu item: Google Sidewiki… — res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O13 — Gopher Prefix:
O15 — Trusted Zone: http://*.combats.com
O15 — Trusted Zone: http://*.combats.ru
O16 — DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) — http://picasaweb.google.com/s/v/62.12/uploader2.cab
O16 — DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) — http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSkype4COM.dll
O20 — Winlogon Notify: !SASWinLogon — C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Unknown owner — C:WindowsSystem32appdrvrem01.exe (file missing)
O23 — Service: ASP.NET State Service (aspnet_state) — Unknown owner — C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe (file missing)
O23 — Service: Ati External Event Utility — Unknown owner — C:Windowssystem32Ati2evxx.exe (file missing)
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: Dragon Age: Origins — Content Updater (DAUpdaterSvc) — Unknown owner — C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe (file missing)
O23 — Service: @dfsrres.dll,-101 (DFSR) — Unknown owner — C:Windowssystem32DFSR.exe (file missing)
O23 — Service: Dock Login Service (DockLoginService) — Stardock Corporation — C:Program FilesDellDellDockDockLogin.exe
O23 — Service: Google Update Service (gupdate) (gupdate) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Process Monitor (LVPrcS64) — Logitech Inc. — C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: nProtect GameGuard Service (npggsvc) — Unknown owner — C:Windowssystem32GameMon.des.exe (file missing)
O23 — Service: NVIDIA Display Driver Service (nvsvc) — Unknown owner — C:Windowssystem32nvvsvc.exe (file missing)
O23 — Service: PnkBstrA — Unknown owner — C:Windowssystem32PnkBstrA.exe
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: ServiceLayer — Unknown owner — C:Program Files (x86)NokiaPC Connectivity SolutionServiceLayer.exe (file missing)
O23 — Service: Trend Micro Central Control Component (SfCtlCom) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe
O23 — Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) — Unknown owner — C:Windowssystem32SLsvc.exe (file missing)
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: Audio Service (STacSV) — Unknown owner — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe (file missing)
O23 — Service: Steam Client Service — Valve Corporation — C:Program Files (x86)Common FilesSteamSteamService.exe
O23 — Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) — Trend Micro Inc. — C:Program FilesTrend MicroBMTMBMSRV.exe
O23 — Service: Trend Micro Personal Firewall (TmPfw) — Trend Micro Inc. — C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
O23 — Service: Trend Micro Proxy Service (tmproxy) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecurityTmProxy.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
O23 — Service: XAudioService — Unknown owner — C:Windowssystem32DRIVERSxaudio64.exe (file missing)—
End of file — 15496 bytes======Scheduled tasks folder======
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksSpyHunter Scanner.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll [2008-12-04 92504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-22 278192][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll [2010-05-27 814648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2009-05-21 41368][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program Files (x86)YandexYandexBarIEyndbar.dll [2009-04-20 3701024]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — MSN Toolbar — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-22 278192][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«StartCCC»=C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
«Adobe Reader Speed Launcher»=c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«LogitechQuickCamRibbon»=C:Program Files (x86)LogitechQuickCamQuickcam.exe [2008-12-20 2656528]
«SunJavaUpdateSched»=C:Program Files (x86)Javajre6binjusched.exe [2009-05-21 148888]
«Microsoft Default Manager»=C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe [2009-02-03 233304]
«avast5″=C:Program FilesAlwil SoftwareAvast5avastUI.exe [2010-03-09 2769336]
«NokiaMServer»=C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles []
«NokiaMusic FastStart»=C:Program Files (x86)NokiaNokia MusicNokiaMusic.exe [2009-07-22 2331936][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
«TSC»=C:Program FilesTrend MicroInternet Securitytsc.exe [2010-03-31 423688][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-20 1555968]
«Steam»=c:program files (x86)steamsteam.exe [2010-05-12 1238352]
«DAEMON Tools Lite»=C:Program Files (x86)DAEMON Tools Litedaemon.exe [2008-12-29 687560]
«RGSC»=C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent []
«EA Core»=C:Program Files (x86)Electronic ArtsEADMCore.exe [2008-07-22 2772992]
«swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-04-04 39408]
«Comrade.exe»=C:Program Files (x86)GameSpyComradeComrade.exe [2008-12-09 800256]
«PlayNC Launcher»= []
«msnmsgr»=C:Program Files (x86)Windows LiveMessengermsnmsgr.exe [2008-12-02 3882312]
«SUPERAntiSpyware»=C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe [2010-02-18 2012912]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-20 138240]
«WMPNSCFG»=C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe []C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Digital Line Detect.lnk — C:Program Files (x86)Digital Line DetectDLG.exe
Logitech Desktop Messenger.lnk — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exeC:UsersPIONERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Dell Dock.lnk — C:Program Files (x86)DellDellDockDellDock.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify!SASWinLogon]
C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll [2009-09-03 548352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}»=C:Program Files (x86)SUPERAntiSpywareSASSEH.DLL [2008-05-13 77824][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=1
«NoActiveDesktopChanges»=1
«ForceActiveDesktopOn»=0[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
======File associations======
.js — edit — C:WindowsSysWOW64Notepad.exe %1
.js — open — C:WindowsSysWOW64WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2010-07-03 11:24:29 —-D—- C:ProgramDataUbisoft
2010-06-25 22:28:19 —-D—- C:Program Files (x86)Microsoft.NET
2010-06-25 22:27:58 —-SHD—- C:Config.Msi
2010-06-25 22:27:11 —-D—- C:18f7626aa80af1b637
2010-06-23 15:27:33 —-A—- C:WindowsSysWOW64psisdecd.dll
2010-06-23 15:27:33 —-A—- C:WindowsSysWOW64EncDec.dll
2010-06-23 15:27:19 —-A—- C:WindowsSysWOW64PresentationHostProxy.dll
2010-06-23 15:27:19 —-A—- C:WindowsSysWOW64PresentationHost.exe
2010-06-23 15:27:19 —-A—- C:WindowsSysWOW64netfxperf.dll
2010-06-23 15:27:19 —-A—- C:WindowsSysWOW64mscoree.dll
2010-06-23 15:27:19 —-A—- C:WindowsSysWOW64dfshim.dll
2010-06-23 14:24:01 —-A—- C:WindowsSysWOW64Apphlpdm.dll
2010-06-23 14:24:00 —-A—- C:WindowsSysWOW64GameUXLegacyGDFs.dll======List of files/folders modified in the last 1 months======
2010-07-10 00:22:10 —-D—- C:Program Files (x86)trend micro
2010-07-10 00:22:09 —-D—- C:WindowsTemp
2010-07-10 00:20:20 —-D—- C:Program Files (x86)Steam
2010-07-10 00:05:53 —-D—- C:UsersPIONERAppDataRoamingskypePM
2010-07-09 23:48:19 —-D—- C:UsersPIONERAppDataRoamingSkype
2010-07-09 21:18:46 —-D—- C:Program Files (x86)Runes of Magic
2010-07-09 13:41:50 —-D—- C:WindowsSystem32
2010-07-09 13:41:50 —-D—- C:Windowsinf
2010-07-09 13:10:30 —-D—- C:UsersPIONERAppDataRoaminguTorrent
2010-07-09 13:03:13 —-D—- C:WindowsPrefetch
2010-07-09 02:21:30 —-SHD—- C:System Volume Information
2010-07-07 12:00:56 —-D—- C:WindowsSysWOW64
2010-07-06 08:56:32 —-D—- C:Program Files (x86)Common FilesSteam
2010-07-06 08:53:57 —-D—- C:WindowsMinidump
2010-07-06 08:53:52 —-D—- C:Windows
2010-07-04 16:54:23 —-D—- C:Games
2010-07-03 11:24:29 —-HD—- C:ProgramData
2010-07-02 14:23:22 —-D—- C:Music
2010-06-25 22:30:03 —-SHD—- C:WindowsInstaller
2010-06-25 22:30:02 —-RSD—- C:Windowsassembly
2010-06-25 22:28:50 —-D—- C:WindowsMicrosoft.NET
2010-06-25 22:28:22 —-D—- C:WindowsSysWOW64en-US
2010-06-25 22:28:19 —-RD—- C:Program Files (x86)
2010-06-24 09:55:38 —-D—- C:WindowsAppPatch
2010-06-24 09:55:37 —-D—- C:Windowsehome
2010-06-23 15:28:45 —-D—- C:Windowswinsxs
2010-06-20 07:43:49 —-SD—- C:WindowsDownloaded Program Files
2010-06-19 13:51:41 —-SD—- C:UsersPIONERAppDataRoamingMicrosoft
2010-06-11 03:21:29 —-D—- C:WindowsSysWOW64wbem
2010-06-11 03:21:29 —-D—- C:WindowsSysWOW64migration
2010-06-11 03:21:29 —-D—- C:Program Files (x86)Internet Explorer
2010-06-11 03:21:28 —-D—- C:Program Files (x86)Windows Mail======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:Windowssystem32driversiastor.sys []
R0 sptd;sptd; C:WindowsSystem32Driverssptd.sys []
R1 appdrv01;Application Driver (01); C:WindowsSystem32Driversappdrv01.sys []
R1 aswRdr;aswRdr; C:WindowsSysWOW64driversaswRdr.sys []
R1 aswSP;aswSP; C:WindowsSysWOW64driversaswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:WindowsSysWOW64driversaswTdi.sys []
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver; C:Windowssystem32DRIVERStmlwf.sys []
R1 tmtdi;Trend Micro TDI Driver; C:Windowssystem32DRIVERStmtdi.sys []
R2 aswFsBlk;aswFsBlk; C:WindowsSysWOW64driversaswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys []
R2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys []
R2 tmpreflt;tmpreflt; C:Windowssystem32DRIVERStmpreflt.sys []
R2 tmwfp;Trend Micro WFP Callout Driver; C:Windowssystem32DRIVERStmwfp.sys []
R2 tmxpflt;tmxpflt; C:Windowssystem32DRIVERStmxpflt.sys []
R2 vsapint;vsapint; C:Windowssystem32DRIVERSvsapint.sys []
R2 XAudio;XAudio; C:Windowssystem32DRIVERSxaudio64.sys []
R3 CAXHWBS2;CAXHWBS2; C:Windowssystem32DRIVERSCAXHWBS2.sys []
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:Windowssystem32driversHCW85BDA.sys []
R3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSCAX_DPV.sys []
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:Windowssystem32DRIVERSlvrs64.sys []
R3 lvsels64;Logitech Selective Suspend Filter; C:Windowssystem32DRIVERSlvsels64.sys []
R3 LVUSBS64;Logitech USB Monitor Filter; C:Windowssystem32driversLVUSBS64.sys []
R3 LVUVC64;QuickCam Orbit/Sphere AF(UVC); C:Windowssystem32DRIVERSlvuvc64.sys []
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys []
R3 pmxmouse;PMXMOUSE; C:Windowssystem32DRIVERSpmxmouse.sys []
R3 pmxusblf;PMXUSBLF; C:Windowssystem32DRIVERSpmxusblf.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt64.sys []
R3 usbaudio;USB Audio Driver (WDM); C:Windowssystem32driversusbaudio.sys []
R3 winachsf;winachsf; C:Windowssystem32DRIVERSCAX_CNXT.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S1 aswSnx;aswSnx; C:WindowsSysWOW64driversaswSnx.sys []
S1 SASDIFSV;SASDIFSV; ??C:Program Files (x86)SUPERAntiSpywareSASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL; ??C:Program Files (x86)SUPERAntiSpywareSASKUTIL.SYS [2010-02-17 66632]
S3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
S3 aw62ceyq;aw62ceyq; C:WindowsSysWOW64driversaw62ceyq.sys []
S3 btwavdt;Bluetooth AVDT; C:Windowssystem32driversbtwavdt.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; ??C:Program Files (x86)Steamsteamappscommonaionbin32GameGuarddump_wmimmc.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 nmwcdcx64;Nokia USB Generic; C:Windowssystem32driversccdcmbox64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:Windowssystem32driversccdcmbx64.sys []
S3 NPPTNT2;NPPTNT2; ??C:Windowssystem32npptNT2.sys [2009-04-08 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfdx64.sys []
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
S3 SASENUM;SASENUM; ??C:Program Files (x86)SUPERAntiSpywareSASENUM.SYS [2010-02-17 12872]
S3 upperdev;upperdev; C:Windowssystem32DRIVERSusbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:Windowssystem32driversusbser.sys []
S3 UsbserFilt;UsbserFilt; C:Windowssystem32DRIVERSusbser_lowerfltx64j.sys []
S3 usbvideo;USB Video Device (WDM); C:WindowsSystem32Driversusbvideo.sys []
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys []
S4 btwrchid;btwrchid; C:Windowssystem32driversbtwrchid.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 hcw85cir;Hauppauge Consumer Infrared Receiver; C:Windowssystem32drivershcw85cir.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-09-23 155648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [2008-04-15 354840]
R2 LVPrcS64;Process Monitor; C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe [2008-12-16 187416]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2009-04-05 66872]
R2 SeaPort;SeaPort; C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-01-14 226656]
R2 SfCtlCom;Trend Micro Central Control Component; C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe [2009-08-12 820488]
R2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe []
R2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:Program FilesTrend MicroBMTMBMSRV.exe [2009-08-12 563464]
R2 XAudioService;XAudioService; C:Windowssystem32DRIVERSxaudio64.exe []
R3 Steam Client Service;Steam Client Service; C:Program Files (x86)Common FilesSteamSteamService.exe [2010-07-02 395048]
R3 TmPfw;Trend Micro Personal Firewall; C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe [2009-08-12 587696]
R3 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet SecurityTmProxy.exe [2009-08-12 854280]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WindowsSystem32appdrvrem01.exe svc []
S2 gupdate;Google Update Service (gupdate); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2010-01-30 135664]
S3 aspnet_state;ASP.NET State Service; C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe []
S3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
S3 DAUpdaterSvc;Dragon Age: Origins — Content Updater; C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe []
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 npggsvc;nProtect GameGuard Service; C:Windowssystem32GameMon.des [2009-08-30 3407412]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-20 19968]
S3 ServiceLayer;ServiceLayer; C:Program Files (x86)NokiaPC Connectivity SolutionServiceLayer.exe []
EOF
Здравствуйте.
Запустите HijackThis, для этого кликните Пуск, Выполнить, введите
C:Program Files (x86)trend microPIONER.exeи нажмите Enter.
Откроется главное меню программы HijackThis.
Кликните по кнопке Do a system scan only.
Далее отметьте галочкой (слева) следующие строки, если они присутствуют:R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:5577
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)Закройте все запущенные программы (включая InternetExplorer) и окна Windows.
Кликните по кнопке Fix checked и подтвердите свои действия выбрав YES.
Перезагрузите компьютер.Прочитайте описание программы Malwarebytes Anti-malware (MBAM).
Скачайте и выполните сканирование вашего компьютера. Удалите всё что будет найдено. В конце работы будет показан лог.
Жду от вас этот лог и свежий RSIT лог.Malwarebytes’ Anti-Malware 1.46
http://www.malwarebytes.orgВерсия базы данных: 4052
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.1892811.07.2010 19:21:07
mbam-log-2010-07-11 (19-21-07).txtТип сканирования: Быстрое сканирование
Просканированные объекты: 119951
Времени прошло: 5 минут, 48 секундЗараженные процессы в памяти: 0
Зараженные модули в памяти: 0
Зараженные ключи в реестре: 1
Зараженные параметры в реестре: 0
Объекты реестра заражены: 1
Зараженные папки: 0
Зараженные файлы: 1Зараженные процессы в памяти:
(Вредоносных программ не обнаружено)Зараженные модули в памяти:
(Вредоносных программ не обнаружено)Зараженные ключи в реестре:
HKEY_CURRENT_USERSoftwareavsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.Зараженные параметры в реестре:
(Вредоносных программ не обнаружено)Объекты реестра заражены:
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand(default) (Hijack.StartMenuInternet) -> Bad: («C:UsersPIONERAppDataLocalave.exe» /START «C:Program Files (x86)Internet Exploreriexplore.exe») Good: (iexplore.exe) -> Quarantined and deleted successfully.Зараженные папки:
(Вредоносных программ не обнаружено)Зараженные файлы:
C:UsersPIONERAppDataLocalTempsvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.Logfile of random’s system information tool 1.06 (written by random/random)
Run by PIONER at 2010-07-11 19:28:09
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 345 GB (49%) free of 700 GB
Total RAM: 6077 MB (71% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:11, on 11.07.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: NormalRunning processes:
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program Files (x86)SteamSteam.exe
C:Program Files (x86)DAEMON Tools Litedaemon.exe
C:Program Files (x86)Digital Line DetectDLG.exe
C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program Files (x86)AdobeReader 9.0Readerreader_sl.exe
C:Program Files (x86)LogitechQuickCamQuickcam.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer.exe
C:Program Files (x86)Common FilesLogishrdLQCVFXCOCIManager.exe
C:UsersPIONERDownloadsRSIT.exe
C:Program Files (x86)trend microPIONER.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/USCON/1
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=41128
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet Explorer provided by Dell
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program Files (x86)Mail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: (no name) — {5C255C8A-E604-49b4-9D64-90988571CECB} — (no file)
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll
O2 — BHO: MSN Toolbar Helper — {d2ce3e00-f94a-4740-988e-03dc2f38c34f} — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O2 — BHO: Windows Live Toolbar Helper — {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 — BHO: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O3 — Toolbar: &Windows Live Toolbar — {21FA44EF-376D-4D53-9B0F-8A89D3229068} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O3 — Toolbar: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll
O3 — Toolbar: MSN Toolbar — {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [StartCCC] «C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [LogitechQuickCamRibbon] «C:Program Files (x86)LogitechQuickCamQuickcam.exe» /hide
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Javajre6binjusched.exe»
O4 — HKLM..Run: [Microsoft Default Manager] «C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe» -resume
O4 — HKLM..Run: [avast5] «C:Program FilesAlwil SoftwareAvast5avastUI.exe» /nogui
O4 — HKLM..Run: [NokiaMServer] C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles
O4 — HKLM..Run: [NokiaMusic FastStart] «C:Program Files (x86)NokiaNokia MusicNokiaMusic.exe» /command:faststart
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [Steam] «c:program files (x86)steamsteam.exe» -silent
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program Files (x86)DAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [RGSC] C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent
O4 — HKCU..Run: [EA Core] C:Program Files (x86)Electronic ArtsEADMCore.exe -silent
O4 — HKCU..Run: [swg] «C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [Comrade.exe] C:Program Files (x86)GameSpyComradeComrade.exe
O4 — HKCU..Run: [msnmsgr] «C:Program Files (x86)Windows LiveMessengermsnmsgr.exe» /background
O4 — HKCU..Run: [SUPERAntiSpyware] C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — .DEFAULT User Startup: Dell Dock First Run.lnk = C:Program FilesDellDellDockDellDock.exe (User ‘Default user’)
O4 — Startup: Dell Dock.lnk = C:Program FilesDellDellDockDellDock.exe
O4 — Global Startup: Digital Line Detect.lnk = C:Program Files (x86)Digital Line DetectDLG.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O8 — Extra context menu item: Google Sidewiki… — res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O13 — Gopher Prefix:
O15 — Trusted Zone: http://*.combats.com
O15 — Trusted Zone: http://*.combats.ru
O16 — DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) — http://picasaweb.google.com/s/v/62.12/uploader2.cab
O16 — DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) — http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSkype4COM.dll
O20 — Winlogon Notify: !SASWinLogon — C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Unknown owner — C:WindowsSystem32appdrvrem01.exe (file missing)
O23 — Service: ASP.NET State Service (aspnet_state) — Unknown owner — C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe (file missing)
O23 — Service: Ati External Event Utility — Unknown owner — C:Windowssystem32Ati2evxx.exe (file missing)
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: Dragon Age: Origins — Content Updater (DAUpdaterSvc) — Unknown owner — C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe (file missing)
O23 — Service: @dfsrres.dll,-101 (DFSR) — Unknown owner — C:Windowssystem32DFSR.exe (file missing)
O23 — Service: Dock Login Service (DockLoginService) — Stardock Corporation — C:Program FilesDellDellDockDockLogin.exe
O23 — Service: Google Update Service (gupdate) (gupdate) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Process Monitor (LVPrcS64) — Logitech Inc. — C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: nProtect GameGuard Service (npggsvc) — Unknown owner — C:Windowssystem32GameMon.des.exe (file missing)
O23 — Service: NVIDIA Display Driver Service (nvsvc) — Unknown owner — C:Windowssystem32nvvsvc.exe (file missing)
O23 — Service: PnkBstrA — Unknown owner — C:Windowssystem32PnkBstrA.exe
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: ServiceLayer — Unknown owner — C:Program Files (x86)NokiaPC Connectivity SolutionServiceLayer.exe (file missing)
O23 — Service: Trend Micro Central Control Component (SfCtlCom) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe
O23 — Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) — Unknown owner — C:Windowssystem32SLsvc.exe (file missing)
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: Audio Service (STacSV) — Unknown owner — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe (file missing)
O23 — Service: Steam Client Service — Valve Corporation — C:Program Files (x86)Common FilesSteamSteamService.exe
O23 — Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) — Trend Micro Inc. — C:Program FilesTrend MicroBMTMBMSRV.exe
O23 — Service: Trend Micro Personal Firewall (TmPfw) — Trend Micro Inc. — C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
O23 — Service: Trend Micro Proxy Service (tmproxy) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecurityTmProxy.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
O23 — Service: XAudioService — Unknown owner — C:Windowssystem32DRIVERSxaudio64.exe (file missing)—
End of file — 14852 bytes======Scheduled tasks folder======
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksSpyHunter Scanner.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll [2008-12-04 92504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-22 278192][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll [2010-05-27 814648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2009-05-21 41368][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program Files (x86)YandexYandexBarIEyndbar.dll [2009-04-20 3701024]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — MSN Toolbar — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-22 278192][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«StartCCC»=C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
«Adobe Reader Speed Launcher»=c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«LogitechQuickCamRibbon»=C:Program Files (x86)LogitechQuickCamQuickcam.exe [2008-12-20 2656528]
«SunJavaUpdateSched»=C:Program Files (x86)Javajre6binjusched.exe [2009-05-21 148888]
«Microsoft Default Manager»=C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe [2009-02-03 233304]
«avast5″=C:Program FilesAlwil SoftwareAvast5avastUI.exe [2010-03-09 2769336]
«NokiaMServer»=C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles []
«NokiaMusic FastStart»=C:Program Files (x86)NokiaNokia MusicNokiaMusic.exe [2009-07-22 2331936][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-20 1555968]
«Steam»=c:program files (x86)steamsteam.exe [2010-05-12 1238352]
«DAEMON Tools Lite»=C:Program Files (x86)DAEMON Tools Litedaemon.exe [2008-12-29 687560]
«RGSC»=C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent []
«EA Core»=C:Program Files (x86)Electronic ArtsEADMCore.exe [2008-07-22 2772992]
«swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-04-04 39408]
«Comrade.exe»=C:Program Files (x86)GameSpyComradeComrade.exe [2008-12-09 800256]
«PlayNC Launcher»= []
«msnmsgr»=C:Program Files (x86)Windows LiveMessengermsnmsgr.exe [2008-12-02 3882312]
«SUPERAntiSpyware»=C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe [2010-02-18 2012912]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-20 138240]
«WMPNSCFG»=C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe []C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Digital Line Detect.lnk — C:Program Files (x86)Digital Line DetectDLG.exe
Logitech Desktop Messenger.lnk — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exeC:UsersPIONERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Dell Dock.lnk — C:Program Files (x86)DellDellDockDellDock.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify!SASWinLogon]
C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll [2009-09-03 548352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}»=C:Program Files (x86)SUPERAntiSpywareSASSEH.DLL [2008-05-13 77824][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=
«NoActiveDesktopChanges»=
«ForceActiveDesktopOn»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7f636032-7b10-11df-a91b-0022191d86fd}]
shellAutoRuncommand — C:Windowssystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .RECYCLERS-5-3-42-2819952290-8240758988-879315005-3665jwgkvsq.vmx,ahaezedrn[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c71679e1-fd6b-11de-8522-0022191d86fd}]
shellAutoRuncommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013keygen.exe
shellopencommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013keygen.exe======File associations======
.js — edit — C:WindowsSysWOW64Notepad.exe %1
.js — open — C:WindowsSysWOW64WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2010-07-11 19:26:33 —-D—- C:Windows6D1E83602F354C848D53C614FBCA621C.TMP
2010-07-11 19:14:03 —-A—- C:mbam-error.txt
2010-07-11 19:13:09 —-D—- C:UsersPIONERAppDataRoamingMalwarebytes
2010-07-11 19:13:02 —-D—- C:ProgramDataMalwarebytes
2010-07-11 19:13:02 —-D—- C:Program Files (x86)Malwarebytes’ Anti-Malware
2010-07-10 19:51:05 —-D—- C:Program Files (x86)Counter-Strike Source
2010-07-03 11:24:29 —-D—- C:ProgramDataUbisoft
2010-06-25 22:28:19 —-D—- C:Program Files (x86)Microsoft.NET
2010-06-25 22:27:58 —-SHD—- C:Config.Msi
2010-06-25 22:27:11 —-D—- C:18f7626aa80af1b637
2010-06-23 15:27:33 —-A—- C:Windowssystem32psisdecd.dll
2010-06-23 15:27:33 —-A—- C:Windowssystem32EncDec.dll
2010-06-23 15:27:19 —-A—- C:Windowssystem32PresentationHostProxy.dll
2010-06-23 15:27:19 —-A—- C:Windowssystem32PresentationHost.exe
2010-06-23 15:27:19 —-A—- C:Windowssystem32netfxperf.dll
2010-06-23 15:27:19 —-A—- C:Windowssystem32mscoree.dll
2010-06-23 15:27:19 —-A—- C:Windowssystem32dfshim.dll
2010-06-23 14:24:01 —-A—- C:Windowssystem32Apphlpdm.dll
2010-06-23 14:24:00 —-A—- C:Windowssystem32GameUXLegacyGDFs.dll======List of files/folders modified in the last 1 months======
2010-07-11 19:28:10 —-D—- C:Program Files (x86)trend micro
2010-07-11 19:28:08 —-D—- C:WindowsTemp
2010-07-11 19:28:06 —-D—- C:WindowsPrefetch
2010-07-11 19:26:57 —-D—- C:WindowsSystem32
2010-07-11 19:26:51 —-SHD—- C:WindowsInstaller
2010-07-11 19:26:47 —-D—- C:WindowsSysWOW64
2010-07-11 19:26:33 —-D—- C:Windows
2010-07-11 19:25:18 —-D—- C:Program Files (x86)Steam
2010-07-11 19:25:02 —-D—- C:Program Files (x86)Common FilesWise Installation Wizard
2010-07-11 19:21:56 —-D—- C:UsersPIONERAppDataRoamingSkype
2010-07-11 19:20:06 —-D—- C:UsersPIONERAppDataRoamingskypePM
2010-07-11 19:15:09 —-D—- C:Program Files (x86)Mozilla Firefox
2010-07-11 19:14:14 —-D—- C:Windowsinf
2010-07-11 19:14:00 —-D—- C:Windowssystem32drivers
2010-07-11 19:13:02 —-RD—- C:Program Files (x86)
2010-07-11 19:13:02 —-HD—- C:ProgramData
2010-07-11 16:39:17 —-D—- C:Program Files (x86)Runes of Magic
2010-07-11 01:20:41 —-SHD—- C:System Volume Information
2010-07-09 13:10:30 —-D—- C:UsersPIONERAppDataRoaminguTorrent
2010-07-06 08:56:32 —-D—- C:Program Files (x86)Common FilesSteam
2010-07-06 08:53:57 —-D—- C:WindowsMinidump
2010-07-04 16:54:23 —-D—- C:Games
2010-07-02 14:23:22 —-D—- C:Music
2010-06-25 22:30:02 —-RSD—- C:Windowsassembly
2010-06-25 22:28:50 —-D—- C:WindowsMicrosoft.NET
2010-06-25 22:28:22 —-D—- C:Windowssystem32en-US
2010-06-24 09:55:38 —-D—- C:WindowsAppPatch
2010-06-24 09:55:37 —-D—- C:Windowsehome
2010-06-23 15:28:45 —-D—- C:Windowswinsxs
2010-06-20 07:43:49 —-SD—- C:WindowsDownloaded Program Files
2010-06-19 13:51:41 —-SD—- C:UsersPIONERAppDataRoamingMicrosoft======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:WindowsSystem32Driversappdrv01.sys []
R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys []
R1 aswSP;aswSP; C:Windowssystem32driversaswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys []
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver; C:Windowssystem32DRIVERStmlwf.sys []
R1 tmtdi;Trend Micro TDI Driver; C:Windowssystem32DRIVERStmtdi.sys []
R2 aswFsBlk;aswFsBlk; C:Windowssystem32driversaswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys []
R2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys []
R2 tmpreflt;tmpreflt; C:Windowssystem32DRIVERStmpreflt.sys []
R2 tmwfp;Trend Micro WFP Callout Driver; C:Windowssystem32DRIVERStmwfp.sys []
R2 tmxpflt;tmxpflt; C:Windowssystem32DRIVERStmxpflt.sys []
R2 vsapint;vsapint; C:Windowssystem32DRIVERSvsapint.sys []
R2 XAudio;XAudio; C:Windowssystem32DRIVERSxaudio64.sys []
R3 CAXHWBS2;CAXHWBS2; C:Windowssystem32DRIVERSCAXHWBS2.sys []
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:Windowssystem32driversHCW85BDA.sys []
R3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSCAX_DPV.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:Windowssystem32DRIVERSlvrs64.sys []
R3 lvsels64;Logitech Selective Suspend Filter; C:Windowssystem32DRIVERSlvsels64.sys []
R3 LVUSBS64;Logitech USB Monitor Filter; C:Windowssystem32driversLVUSBS64.sys []
R3 LVUVC64;QuickCam Orbit/Sphere AF(UVC); C:Windowssystem32DRIVERSlvuvc64.sys []
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys []
R3 pmxmouse;PMXMOUSE; C:Windowssystem32DRIVERSpmxmouse.sys []
R3 pmxusblf;PMXUSBLF; C:Windowssystem32DRIVERSpmxusblf.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt64.sys []
R3 usbaudio;USB Audio Driver (WDM); C:Windowssystem32driversusbaudio.sys []
R3 winachsf;winachsf; C:Windowssystem32DRIVERSCAX_CNXT.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S1 aswSnx;aswSnx; C:Windowssystem32driversaswSnx.sys []
S1 SASDIFSV;SASDIFSV; ??C:Program Files (x86)SUPERAntiSpywareSASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL; ??C:Program Files (x86)SUPERAntiSpywareSASKUTIL.SYS [2010-02-17 66632]
S3 a1nvd7gi;a1nvd7gi; C:Windowssystem32driversa1nvd7gi.sys []
S3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
S3 btwavdt;Bluetooth AVDT; C:Windowssystem32driversbtwavdt.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; ??C:Program Files (x86)Steamsteamappscommonaionbin32GameGuarddump_wmimmc.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 nmwcdcx64;Nokia USB Generic; C:Windowssystem32driversccdcmbox64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:Windowssystem32driversccdcmbx64.sys []
S3 NPPTNT2;NPPTNT2; ??C:Windowssystem32npptNT2.sys [2009-04-08 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfdx64.sys []
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
S3 SASENUM;SASENUM; ??C:Program Files (x86)SUPERAntiSpywareSASENUM.SYS [2010-02-17 12872]
S3 upperdev;upperdev; C:Windowssystem32DRIVERSusbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:Windowssystem32driversusbser.sys []
S3 UsbserFilt;UsbserFilt; C:Windowssystem32DRIVERSusbser_lowerfltx64j.sys []
S3 usbvideo;USB Video Device (WDM); C:WindowsSystem32Driversusbvideo.sys []
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys []
S4 btwrchid;btwrchid; C:Windowssystem32driversbtwrchid.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 hcw85cir;Hauppauge Consumer Infrared Receiver; C:Windowssystem32drivershcw85cir.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-09-23 155648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [2008-04-15 354840]
R2 LVPrcS64;Process Monitor; C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe [2008-12-16 187416]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2009-04-05 66872]
R2 SeaPort;SeaPort; C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-01-14 226656]
R2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe []
R2 XAudioService;XAudioService; C:Windowssystem32DRIVERSxaudio64.exe []
R3 Steam Client Service;Steam Client Service; C:Program Files (x86)Common FilesSteamSteamService.exe [2010-07-02 395048]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WindowsSystem32appdrvrem01.exe svc []
S2 gupdate;Google Update Service (gupdate); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2010-01-30 135664]
S2 SfCtlCom;Trend Micro Central Control Component; C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe [2009-08-12 820488]
S2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:Program FilesTrend MicroBMTMBMSRV.exe [2009-08-12 563464]
S3 aspnet_state;ASP.NET State Service; C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe []
S3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
S3 DAUpdaterSvc;Dragon Age: Origins — Content Updater; C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe []
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 npggsvc;nProtect GameGuard Service; C:Windowssystem32GameMon.des [2009-08-30 3407412]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-20 19968]
S3 ServiceLayer;ServiceLayer; C:Program Files (x86)NokiaPC Connectivity SolutionServiceLayer.exe []
S3 TmPfw;Trend Micro Personal Firewall; C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe [2009-08-12 587696]
S3 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet SecurityTmProxy.exe [2009-08-12 854280]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2008-07-27 93184]
EOF
Судя по логу вы подключали заражённую флешку к вашему компьютеру (с момента создания предыдущего RSIT лога). Проверьте все ваши флешки на вирусы используя ваш антивирус или например, Kaspersky® Virus Removal Tool (ссылка).
Скачайте OTM by OldTimer кликнув по этой ссылке.
Запустите OTM и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:reg
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7f636032-7b10-11df-a91b-0022191d86fd}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c71679e1-fd6b-11de-8522-0022191d86fd}]
:Commands
[emptytemp]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога. И приложите свежий RSIT лог.
- Для ответа в этой теме необходимо авторизоваться.
