- This topic has 18 ответов, 2 участника, and was last updated 16 years назад by
.
-
Сообщения
-
ComboFix 09-04-23.A1 — User 27.04.2009 17:35.4 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.319.103 [GMT 4:00]
Running from: c:documents and settingsUserРабочий столComboFix.exe
Command switches used :: c:documents and settingsUserРабочий столCFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Created a new restore point
.((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-4-27 )))))))))))))))))))))))))))))))
.2009-04-19 19:27 . 2009-04-19 19:26 73728 —-a-w c:winntsystem32javacpl.cpl
2009-04-17 12:06 . 2009-04-17 12:06
d
w c:documents and settingsUserApplication DataPRMT
2009-04-17 12:01 . 2009-04-17 12:01
d
w c:winntspeech
2009-04-17 11:55 . 2009-04-17 12:06
d
w c:winntLhsp
2009-04-17 11:55 . 2009-04-17 11:55
d
w c:documents and settingsAll UsersApplication DataPRMT
2009-04-12 09:16 . 2006-06-29 09:07 14048
w c:winntsystem32spmsg2.dll
2009-04-12 09:04 . 2009-04-12 09:04
d
w C:f90a74d6a44be9a5bb38
2009-04-11 11:21 . 2009-04-11 11:21
d
w c:documents and settingsAll UsersApplication DataSimply Super Software.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-27 09:51 . 2007-04-16 18:08 68512 —-a-w c:documents and settingsUserLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-04-25 17:55 . 2007-05-06 21:14 75 —-a-w C:audiodec.txt
2009-04-24 10:27 . 2007-04-15 18:36
d
w c:documents and settingsUserApplication DataMra
2009-04-19 19:26 . 2009-02-17 18:06 410984 —-a-w c:winntsystem32deploytk.dll
2009-04-19 19:21 . 2008-11-27 01:04
d
w c:program filesJava
2009-04-19 19:01 . 2007-08-03 21:31
d
w c:documents and settingsUserApplication DatauTorrent
2009-04-17 15:28 . 2008-11-27 22:03
d
w c:program filesGoogle
2009-04-17 11:56 . 2009-04-17 11:55
d
w c:program filesPRMT8
2009-04-17 11:53 . 2004-08-17 14:00 82364 —-a-w c:winntsystem32perfc019.dat
2009-04-17 11:53 . 2004-08-17 14:00 479846 —-a-w c:winntsystem32perfh019.dat
2009-04-12 09:17 . 2009-04-12 09:17
d
w c:program filesReference Assemblies
2009-04-11 21:01 . 2007-04-15 18:35
d
w c:documents and settingsUserApplication DataSkype
2009-04-11 11:27 . 2008-04-16 20:31
d—a-w c:documents and settingsAll UsersApplication DataTEMP
2009-04-11 11:22 . 2009-04-11 11:21
d
w c:program filesTrojan Remover
2009-04-11 11:21 . 2009-03-16 20:27
d
w c:documents and settingsUserApplication DataSimply Super Software
2009-04-10 12:35 . 2009-03-05 18:00
d
w c:program filesSpybot — Search & Destroy
2009-03-28 10:08 . 2009-03-17 12:15 108552 —-a-w c:winntsystem32driversavgtdix.sys
2009-03-21 21:06 . 2009-03-21 21:06
d
w c:documents and settingsUserApplication DataMySpace
2009-03-17 12:15 . 2009-03-17 12:15 10520 —-a-w c:winntsystem32avgrsstx.dll
2009-03-17 12:15 . 2009-03-17 12:15 325640 —-a-w c:winntsystem32driversavgldx86.sys
2009-03-17 12:15 . 2008-05-24 17:07
d
w c:documents and settingsAll UsersApplication Dataavg8
2009-03-17 11:21 . 2009-03-17 11:13
d
w c:program filesABBYY Lingvo 12
2009-03-16 22:31 . 2009-03-16 22:18
d
w c:program filestrend micro
2009-03-16 21:56 . 2009-03-16 21:56
d
w c:documents and settingsUserApplication DataMalwarebytes
2009-03-16 21:56 . 2009-03-16 21:56
d
w c:documents and settingsAll UsersApplication DataMalwarebytes
2009-03-16 19:18 . 2009-03-16 16:14
d
w c:documents and settingsAll UsersApplication DataLavasoft
2009-03-16 18:29 . 2009-03-16 18:29 220 —-a-w C:aaw7boot.log
2009-03-13 16:10 . 2009-03-13 16:10
d
w c:documents and settingsUserApplication DataPROject MT
2009-03-05 20:25 . 2009-03-05 18:00
d
w c:documents and settingsAll UsersApplication DataSpybot — Search & Destroy
2009-02-28 11:47 . 2008-02-26 13:33
d
w c:program filesAVerTV
2009-02-19 16:07 . 2007-06-08 22:23 4212 —h—w c:winntsystem32zllictbl.dat
2008-11-27 00:43 . 2008-11-27 00:43 127 —-a-w c:documents and settingsUserLocal SettingsApplication Datafusioncache.dat
2008-11-26 23:44 . 2008-12-01 22:23 6599 —-a-w c:program fileslicense.lic
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINE~Browser Helper Objects{B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10}]
2008-03-20 12:28 2469888 —-a-w c:program filesWebMoney Advisorwmadvisor.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2007-11-30 1336584]
«{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840}»= «c:program filesWebMoney Advisorwmadvisor.dll» [2008-03-20 2469888][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CLASSES_ROOTclsid{3affd7f7-fd3d-4c9d-8f83-03296a1a8840}]
[HKEY_CLASSES_ROOTTBSB03223.TBSB03223.3]
[HKEY_CLASSES_ROOTTypeLib{77AA25E8-6083-4949-A831-9CB11861DC10}]
[HKEY_CLASSES_ROOTTBSB03223.TBSB03223][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2007-11-30 1336584]
«{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840}»= «c:program filesWebMoney Advisorwmadvisor.dll» [2008-03-20 2469888][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CLASSES_ROOTclsid{3affd7f7-fd3d-4c9d-8f83-03296a1a8840}]
[HKEY_CLASSES_ROOTTBSB03223.TBSB03223.3]
[HKEY_CLASSES_ROOTTypeLib{77AA25E8-6083-4949-A831-9CB11861DC10}]
[HKEY_CLASSES_ROOTTBSB03223.TBSB03223][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«EPSON Stylus CX7300 Series»=»c:winntSystem32spoolDRIVERSW32X863E_FATICDP.EXE» [2007-04-12 182272]
«ctfmon.exe»=»c:winntsystem32ctfmon.exe» [2004-08-17 15360][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:winntsystem32NvCpl.dll» [2006-10-22 7700480]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2009-04-24 6210744]
«EPSON Stylus C43 Series»=»c:winntSystem32spoolDRIVERSW32X863E_S10IC2.EXE» [2002-12-10 75776]
«AVG8_TRAY»=»c:progra~1AVGAVG8avgtray.exe» [2009-03-17 1932568]
«TrojanScanner»=»c:program filesTrojan RemoverTrjscan.exe» [2009-03-30 1213320]
«SunJavaUpdateSched»=»c:program filesJavajre6binjusched.exe» [2009-04-19 148888]
«nwiz»=»nwiz.exe» — c:winntsystem32nwiz.exe [2006-10-22 1622016][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:winntsystem32CTFMON.EXE» [2004-08-17 15360]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
QuickTV.lnk — c:program filesAVerTVQuickTV.exe [2006-2-21 401408][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavgrsstarter]
2009-03-17 12:15 10520 —-a-w c:winntsystem32avgrsstx.dll[HKLM~startupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Adobe Reader Speed Launch.lnk]
backup=c:winntpssAdobe Reader Speed Launch.lnkCommon Startup[HKLM~startupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^InterVideo WinCinema Manager.lnk]
backup=c:winntpssInterVideo WinCinema Manager.lnkCommon Startup[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\InterVideo\DVD6\WinDVD.exe»=
«c:\Program Files\Mail.Ru\Agent\Magent.exe»=
«c:\Program Files\uTorrent [tfile.ru]\utorrent.exe»=
«c:\Documents and Settings\User\Application Data\SopCast\adv\SopAdver.exe»=
«c:\Program Files\Opera\Opera.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Common Files\AOL\Loader\aolload.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\WebMoney\WebMoney.exe»=
«c:\Program Files\AVG\AVG8\avgupd.exe»=
«c:\Program Files\AVG\AVG8\avgnsx.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«29099:TCP»= 29099:TCP:BNDR3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:winntsystem32DRIVERSAVerBDA3x.sys [2007-03-20 1176192]
S0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:winntSystem32driverssfsync03.sys [2005-10-13 35328]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:winntSystem32Driversavgldx86.sys [2009-03-17 325640]
S1 AvgTdiX;AVG Free8 Network Redirector;c:winntSystem32Driversavgtdix.sys [2009-03-28 108552]
S2 avg8wd;AVG Free8 WatchDog;c:progra~1AVGAVG8avgwdsvc.exe [2009-03-17 298264]
S3 PhTVTune;Cap7134 TVTuner;c:winntsystem32DRIVERSPhTVTune.sys [2007-04-15 57152].
Contents of the ‘Scheduled Tasks’ folder2009-04-18 c:winntTasksAppleSoftwareUpdate.job
— c:program filesApple Software UpdateSoftwareUpdate.exe [2007-08-29 10:57]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.yandex.ru/?clid=27130
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar Search — c:program filesaolaim toolbar 5.0resourcesen-uslocalsearch.html
IE: &Перевести с помощью ABBYY Lingvo… — c:program filesABBYY Lingvo 12Lingvo.exe/3000
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: Поиск@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/282
IE: Словари@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/283
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — c:program filesPRMT6PRMTIEprmtie5.htm
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — c:program filesPRMT6PRMTIEoptions.htm
IE: {{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — c:program filesWebMoney Advisorwmadvisor.dll
DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} — hxxps://w3s.webmoney.ru/WMAcceptor.dll
FF — ProfilePath — c:documents and settingsUserApplication DataMozillaFirefoxProfilesdeo74kzk.default
FF — plugin: c:program filesOperaprogrampluginsnpdivx32.dll
FF — plugin: c:program filesOperaprogrampluginsnpjpi160_11.dll
FF — plugin: c:program filesOperaprogrampluginsnpoji610.dll
FF — plugin: c:program filesOperaprogrampluginsNPOJI610.dll
FF — plugin: c:program filesViewpointViewpoint Media PlayernpViewpoint.dll
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-27 17:43
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-1220945662-1644491937-682003330-1003SoftwareMicrosoftSystemCertificatesAddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘explorer.exe'(2988)
c:winntsystem32msi.dll
c:winntsystem32browselc.dll
c:program filesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
c:progra~1SPYBOT~1SDHelper.dll
c:program filesmail.rusputnikMailRuSputnik.dll
c:program filesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
c:program filesAdobeAcrobat 7.0ActiveXPDFShell.dll
c:program filesMicrosoft OfficeOFFICE11msohev.dll
.
Completion time: 2009-04-27 17:50
ComboFix-quarantined-files.txt 2009-04-27 13:50
ComboFix2.txt 2009-04-18 13:25Pre-Run: 33 915 854 848 байт свободно
Post-Run: 33 910 276 096 байт свободно189
Лог выглядит нормально.
Проверьте ещё ваш компьютер используя Kaspersky Online Scanner, для этого кликните по этой ссылке.
Результаты сканирования вставьте в ваш ответ.Валерий, добрый вечер. Извините, долго не писал, уезжал на полгода. Ваша последняя ссылка на Касперский уже не работает. Плюс обнаружил трояны sdra64.exe, pdfupd.exe, и никак их не удалить. Вот лог.
Logfile of random’s system information tool 1.05 (written by random/random)
Run by User at 2009-10-18 22:04:19
Microsoft Windows XP Professional Service Pack 2
System drive C: has 28 GB (47%) free of 60 GB
Total RAM: 319 MB (27% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:05:33, on 18.10.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: NormalRunning processes:
C:WINNTsystem32csrss.exe
C:WINNTsystem32winlogon.exe
C:WINNTsystem32services.exe
C:WINNTsystem32lsass.exe
C:WINNTsystem32svchost.exe
C:WINNTsystem32svchost.exe
C:WINNTSystem32svchost.exe
C:WINNTsystem32svchost.exe
C:WINNTsystem32svchost.exe
C:WINNTExplorer.EXE
C:WINNTsystem32spoolsv.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:WINNTATKKBService.exe
C:PROGRA~1AVGAVG8avgwdsvc.exe
C:Program FilesCommon FilesEPSONeEBAPISAgent2.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINNTsystem32nvsvc32.exe
C:WINNTSystem32spoolDRIVERSW32X863E_S10IC2.EXE
C:WINNTsystem32svchost.exe
C:PROGRA~1AVGAVG8avgtray.exe
C:PROGRA~1AVGAVG8avgrsx.exe
C:PROGRA~1AVGAVG8avgnsx.exe
C:Program FilesMail.RuAgentMAgent.exe
C:Program FilesJavajre6binjusched.exe
C:WINNTsystem32ctfmon.exe
C:Program FilesAVerTVQuickTV.exe
C:Program FilesCanonCALCALMAIN.exe
C:WINNTSystem32alg.exe
C:WINNTsystem32wbemwmiapsrv.exe
C:Program FilesAVerTVAVerTV.exe
C:Documents and SettingsUserРабочий столRSIT.exe
C:WINNTsystem32wbemwmiprvse.exe
C:Program Filestrend microHijackThisUser.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/
R3 — URLSearchHook: AVG Security Toolbar BHO — {A3BC75A2-1F87-4686-AA43-5347D756017C} — C:Program FilesAVGAVG8ToolbarIEToolbar.dll
F2 — REG:system.ini: UserInit=C:WINNTSYSTEM32Userinit.exe,C:WINNTsystem32sdra64.exe,
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: RealPlayer Download and Record Plugin for Internet Explorer — {3049C3E9-B461-4BC5-8870-4C09146192CA} — C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Program FilesAVGAVG8avgssie.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMailRuSputnik.dll
O2 — BHO: AVG Security Toolbar BHO — {A3BC75A2-1F87-4686-AA43-5347D756017C} — C:Program FilesAVGAVG8ToolbarIEToolbar.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 — BHO: EpsonToolBandKicker Class — {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
O3 — Toolbar: PROMT — {FF284F5C-7CF9-4682-8701-D467C1DBB99F} — C:Program FilesPRMT6PRMTIEprmtie.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
O3 — Toolbar: EPSON Web-To-Page — {EE5D279F-081B-4404-994D-C6B60AAEBA6D} — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
O3 — Toolbar: AVG Security Toolbar — {CCC7A320-B3CA-4199-B1A6-9F516DD69829} — C:Program FilesAVGAVG8ToolbarIEToolbar.dll
O4 — HKLM..Run: [EPSON Stylus C43 Series] C:WINNTSystem32spoolDRIVERSW32X863E_S10IC2.EXE /P23 «EPSON Stylus C43 Series» /O6 «USB001» /M «Stylus C43»
O4 — HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [Malwarebytes Anti-Malware (reboot)] «C:Program FilesMalwarebytes’ Anti-Malwarembam.exe» /runcleanupscript
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINNTsystem32NvCpl.dll,NvStartup
O4 — HKCU..Run: [EPSON Stylus CX7300 Series] C:WINNTSystem32spoolDRIVERSW32X863E_FATICDP.EXE /FU «C:WINNTTEMPE_S151.tmp» /EF «HKCU»
O4 — HKCU..Run: [ctfmon.exe] C:WINNTsystem32ctfmon.exe
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINNTsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINNTsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: QuickTV.lnk = C:Program FilesAVerTVQuickTV.exe
O8 — Extra context menu item: &AOL Toolbar Search — c:program filesaolaim toolbar 5.0resourcesen-uslocalsearch.html
O8 — Extra context menu item: &Перевести с помощью ABBYY Lingvo… — res://C:Program FilesABBYY Lingvo 12Lingvo.exe/3000
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Поиск@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Словари@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/283
O9 — Extra button: AIM Toolbar — {3369AF0D-62E9-4bda-8103-B4C75499B578} — C:Program FilesAOLAIM Toolbar 5.0aoltb.dll (file missing)
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: (no name) — {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — C:Program FilesPRMT6PRMTIEprmtie5.htm
O9 — Extra ‘Tools’ menuitem: Перевести — {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — C:Program FilesPRMT6PRMTIEprmtie5.htm
O9 — Extra button: (no name) — {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — C:Program FilesPRMT6PRMTIEoptions.htm
O9 — Extra ‘Tools’ menuitem: Настройка перевода — {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — C:Program FilesPRMT6PRMTIEoptions.htm
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINNTNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINNTNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) — http://dl.tvunetworks.com/TVUAx.cab
O16 — DPF: {CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA} (Java Plug-in 1.4.2_08) —
O16 — DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) —
O16 — DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.6.0_11) —
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Program FilesAVGAVG8avgpp.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 — Winlogon Notify: avgrsstarter — C:WINNTSYSTEM32avgrsstx.dll
O23 — Service: Apple Mobile Device — Apple, Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: ATK Keyboard Service (ATKKeyboardService) — ASUSTeK COMPUTER INC. — C:WINNTATKKBService.exe
O23 — Service: AVG Free8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 — Service: Canon Camera Access Library 8 (CCALib8) — Canon Inc. — C:Program FilesCanonCALCALMAIN.exe
O23 — Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) — SEIKO EPSON CORPORATION — C:Program FilesCommon FilesEPSONeEBAPISAgent2.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINNTsystem32services.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINNTsystem32imapi.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINNTsystem32mnmsrvc.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINNTsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINNTsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINNTsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINNTSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINNTsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINNTSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINNTsystem32wbemwmiapsrv.exe—
End of file — 9620 bytes======Scheduled tasks folder======
C:WINNTtasksAd-Aware Update (Weekly).job
C:WINNTtasksAppleSoftwareUpdate.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-23 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2007-09-13 1312040][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer — C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll [2008-06-08 308856][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2009-08-29 1111320][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program filesmail.rusputnikMailRuSputnik.dll [2009-10-13 826032][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO — C:Program FilesAVGAVG8ToolbarIEToolbar.dll [2009-06-26 1008896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-07-25 41760][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-07-25 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll [2005-02-21 368640][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{FF284F5C-7CF9-4682-8701-D467C1DBB99F} — PROMT — C:Program FilesPRMT6PRMTIEprmtie.dll [2002-03-31 425984]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll [2009-10-13 826032]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} — EPSON Web-To-Page — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll [2005-02-21 368640]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} — AVG Security Toolbar — C:Program FilesAVGAVG8ToolbarIEToolbar.dll [2009-06-26 1008896][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«EPSON Stylus C43 Series»=C:WINNTSystem32spoolDRIVERSW32X863E_S10IC2.EXE [2002-12-10 75776]
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2009-10-05 2023704]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-10-13 7975608]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-07-25 149280]
«Malwarebytes Anti-Malware (reboot)»=C:Program FilesMalwarebytes’ Anti-Malwarembam.exe [2009-09-10 1312080]
«NvCplDaemon»=C:WINNTsystem32NvCpl.dll [2006-10-22 7700480][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«EPSON Stylus CX7300 Series»=C:WINNTSystem32spoolDRIVERSW32X863E_FATICDP.EXE [2007-04-12 182272]
«ctfmon.exe»=C:WINNTsystem32ctfmon.exe [2004-08-17 15360][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregiTunesHelper]
C:Program FilesiTunesiTunesHelper.exe [2007-09-14 267064][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
C:Program FilesABBYY Lingvo 12Lvagent.exe [2006-12-14 258048][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:WINNTsystem32NeroCheck.exe [2001-07-09 155648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINNTsystem32NvMcTray.dll [2006-10-22 86016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2007-06-29 286720][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2007-09-13 22880040][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSpybotSD TeaTimer]
[][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
[][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregTkBellExe]
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2008-06-08 185896][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWinampAgent]
C:Program FilesWinampwinampa.exe [2006-09-26 35328][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregYupdate!]
C:Program FilesCommon FilesYandexYupdateyupdate.exe [2007-11-30 449800][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Adobe Reader Speed Launch.lnk]
C:PROGRA~1AdobeACROBA~2.0ReaderREADER~1.EXE [2005-09-23 29696][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^InterVideo WinCinema Manager.lnk]
C:PROGRA~1INTERV~1CommonBinWINCIN~1.EXE [2005-04-23 237568]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
QuickTV.lnk — C:Program FilesAVerTVQuickTV.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINNTsystem32avgrsstx.dll [2009-08-29 11952][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalnetmon]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknetmon]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF
«NoDrives»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesInterVideoDVD6WinDVD.exe»=»C:Program FilesInterVideoDVD6WinDVD.exe:*:Enabled:WinDVD»
«C:Program FilesMail.RuAgentMagent.exe»=»C:Program FilesMail.RuAgentMagent.exe:*:Enabled:Mail.Ru Agent»
«C:Program FilesuTorrent [tfile.ru]utorrent.exe»=»C:Program FilesuTorrent [tfile.ru]utorrent.exe:*:Enabled:µTorrent»
«C:Documents and SettingsUserApplication DataSopCastadvSopAdver.exe»=»C:Documents and SettingsUserApplication DataSopCastadvSopAdver.exe:*:Enabled:SopCast Adver»
«C:Program FilesOperaOpera.exe»=»C:Program FilesOperaOpera.exe:*:Enabled:Opera Internet Browser»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
«C:Program FilesCommon FilesAOLLoaderaolload.exe»=»C:Program FilesCommon FilesAOLLoaderaolload.exe:*:Enabled:AOL Loader»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:Program FilesAVGAVG8avgnsx.exe»=»C:Program FilesAVGAVG8avgnsx.exe:*:Enabled:avgnsx.exe»
«C:WINNTsystemnetmon.exe»=»C:WINNTsystemnetmon.exe:*:Microsoft Enabled»
«C:Program FilesSopCastSopCast.exe»=»C:Program FilesSopCastSopCast.exe:*:Enabled:SopCast Main Application»
«C:Program FilesSopCastadvSopAdver.exe»=»C:Program FilesSopCastadvSopAdver.exe:*:Enabled:SopCast Adver»
«D:DC ++CorbinaStrongDCStrongDC.exe»=»D:DC ++CorbinaStrongDCStrongDC.exe:*:Enabled:StrongDC++»
«C:Program FilesMozilla Firefoxfirefox.exe»=»C:Program FilesMozilla Firefoxfirefox.exe:*:Enabled:Firefox»
«C:Program FilesQIP Infiuminfium.exe»=»C:Program FilesQIP Infiuminfium.exe:*:Enabled:QIP Infium»
«C:Program FilesTVAntsTvants.exe»=»C:Program FilesTVAntsTvants.exe:*:Enabled:TVAnts»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
«C:WINNTSystem3245.scr»=»C:WINNTSystem3245.scr:*:C:WINNTmslsrv32.exe»
«C:WINNTSystem3271.scr»=»C:WINNTSystem3271.scr:*:C:WINNTmsvddr32.exe»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»======List of files/folders created in the last 1 months======
2009-10-17 21:13:11 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-10-17 19:32:52 —-D—- C:autorun.inf
2009-10-17 19:31:06 —-D—- C:SDFix
2009-10-17 18:58:58 —-ASH—- C:WINNTmslsrv32(2).exe
2009-10-06 13:30:08 —-D—- C:KEYS
2009-10-06 11:56:05 —-A—- C:WINNTiproconf.INI
2009-10-06 11:42:39 —-D—- C:Baltic Bank
2009-10-05 18:11:01 —-D—- C:Program FilesFIFA 10======List of files/folders modified in the last 1 months======
2009-10-18 21:54:19 —-A—- C:WINNTAVerTV.ini
2009-10-18 21:49:47 —-D—- C:WINNTTemp
2009-10-18 21:08:35 —-A—- C:WINNTSchedLgU.Txt
2009-10-18 19:16:07 —-D—- C:WINNTsystem32drivers
2009-10-18 19:09:49 —-HD—- C:$AVG8.VAULT$
2009-10-18 18:51:15 —-D—- C:WINNT
2009-10-18 14:01:05 —-D—- C:Program FilesMozilla Firefox
2009-10-18 13:03:07 —-D—- C:WINNTsystem32
2009-10-18 12:57:48 —-D—- C:WINNTsystem32CatRoot
2009-10-18 12:57:07 —-HD—- C:WINNTinf
2009-10-18 12:52:21 —-D—- C:WINNTsystem32CatRoot2
2009-10-18 03:11:39 —-A—- C:WINNTNeroDigital.ini
2009-10-18 00:34:35 —-A—- C:WINNTntbtlog.txt
2009-10-17 21:35:19 —-D—- C:WINNTsystem
2009-10-17 21:13:11 —-RD—- C:Program Files
2009-10-17 21:08:39 —-SHD—- C:WINNTInstaller
2009-10-17 21:08:35 —-D—- C:Config.Msi
2009-10-17 21:08:30 —-D—- C:Program FilesOpera
2009-10-17 19:53:01 —-SD—- C:WINNTDownloaded Program Files
2009-10-17 19:43:53 —-D—- C:WINNTsystem32config
2009-10-17 19:43:31 —-D—- C:WINNTsystem32wbem
2009-10-17 19:43:29 —-D—- C:WINNTRegistration
2009-10-17 18:59:12 —-D—- C:WINDOWS
2009-10-14 22:36:22 —-D—- C:WINNTLhsp
2009-10-13 20:51:47 —-D—- C:Documents and SettingsUserApplication DataMra
2009-10-12 21:23:21 —-A—- C:WINNTAVerText.ini
2009-10-05 18:14:19 —-D—- C:WINNTWinSxS
2009-10-05 18:13:08 —-D—- C:WINNTsystem32DirectX
2009-10-05 18:12:50 —-RSD—- C:WINNTassembly
2009-10-05 17:44:53 —-HD—- C:Program FilesInstallShield Installation Information
2009-10-05 17:30:29 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2009-09-28 22:20:45 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-09-28 13:40:11 —-A—- C:WINNTpdf2word.INI
2009-09-24 09:50:44 —-D—- C:Program FilesTrojan Remover
2009-09-24 09:50:43 —-D—- C:Documents and SettingsUserApplication DataSimply Super Software======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 asuskbnt;Enhanced Display Driver Helper Service; C:WINNTsystem32driversatkkbnt.sys [2004-07-20 20096]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINNTSystem32Driversavgldx86.sys [2009-08-29 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINNTSystem32Driversavgmfx86.sys [2009-08-29 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINNTSystem32Driversavgtdix.sys [2009-05-05 108552]
R2 EIO;EIO; ??C:WINNTsystem32driversEIO.sys []
R3 ac97intc;Intel(r) 82801 служба установки аудиодрайвера (WDM); C:WINNTsystem32driversac97intc.sys [2001-08-18 96256]
R3 Cap7134;Cap7134 Capture; C:WINNTsystem32DRIVERSCap7134.sys [2007-04-15 407072]
R3 FETNDISB;D-Link PCI Fast Ethernet Adapter Driver Service; C:WINNTsystem32DRIVERSdlkfet5b.sys [2005-01-19 43008]
R3 GEARAspiWDM;GEARAspiWDM; C:WINNTSystem32DriversGEARAspiWDM.sys [2006-09-19 15664]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINNTsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 mouhid;Драйвер мыши HID; C:WINNTsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINNTsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:WINNTsystem32DRIVERSnv4_mini.sys [2006-10-22 3994624]
R3 pfc;Padus ASPI Shell; C:WINNTsystem32driverspfc.sys [2007-04-15 10368]
R3 PhTVTune;Cap7134 TVTuner; C:WINNTsystem32DRIVERSPhTVTune.sys [2007-04-15 57152]
R3 usbhub;USB2 концентратор; C:WINNTsystem32DRIVERSusbhub.sys [2004-08-17 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINNTsystem32DRIVERSusbuhci.sys [2004-08-17 20480]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service; C:WINNTsystem32DRIVERSAVerBDA3x.sys [2007-03-20 1176192]
S3 catchme;catchme; ??C:DOCUME~1UserLOCALS~1Tempcatchme.sys []
S3 CCDECODE;Closed Caption декодер; C:WINNTsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; ??R:INSTALLGMSIPCI.SYS []
S3 MPE;BDA MPE фильтр; C:WINNTsystem32DRIVERSMPE.sys [2004-08-03 15360]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINNTsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINNTsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINNTsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINNTsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINNTsystem32DRIVERSusbccgp.sys [2004-08-04 31616]
S3 usbprint;Класс принтеров Microsoft USB; C:WINNTsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINNTsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINNTsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 Video3D;ASUS Video3D Service; C:WINNTSystem32DriversVideo3D.sys []
S3 WSTCODEC;World Standard Teletext кодек; C:WINNTsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINNTSystem32driversws2ifsl.sys [2004-08-17 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2007-09-06 110592]
R2 ATKKeyboardService;ATK Keyboard Service; C:WINNTATKKBService.exe [2004-07-20 90112]
R2 avg8wd;AVG Free8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2009-08-29 297752]
R2 CCALib8;Canon Camera Access Library 8; C:Program FilesCanonCALCALMAIN.exe [2006-03-30 96341]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:Program FilesCommon FilesEPSONeEBAPISAgent2.exe [2002-07-17 94208]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-07-25 153376]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:WINNTsystem32nvsvc32.exe [2006-10-22 159810]
S3 aspnet_state;ASP.NET State Service; C:WINNTMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINNTMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:WINNTMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2006-10-30 741376]
S3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2007-09-14 503608]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINNTMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2006-10-30 122880]
EOF
Здравствуйте 🙂
Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.Примечание: перед использованием Combofix обязательно установите Recovery console. Как это сделать будет описано на странице, ссылку на которую я привёл выше.
- Для ответа в этой теме необходимо авторизоваться.
