вирус

This topic has 2 ответа, 2 участника, and was last updated 15 years назад by zmila.

Просмотр 3 сообщений - с 1 по 3 (из 3 всего)

Автор

Сообщения
29 августа, 2010 в 10:43 дп #18619
zmila
Participant
- Темы:1
- Сообщений:2
Месяц назад комп. поймал вирус: чёрный экран, System Recavery, потеря всех документов, но работа компа медленная,mail.ru не открывается с первого раза, часто нет соединения с саитами;
Logfile of random’s system information tool 1.08 (written by random/random)
Run by Compaq_Administrator at 2010-08-29 03:35:45
Microsoft Windows XP Professional Service Pack 3
System drive C: has 54 GB (51%) free of 106 GB
Total RAM: 446 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:36:04 AM, on 8/29/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
c:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:WINDOWSExplorer.EXE
c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
c:Program FilesCommon FilesSymantec SharedccProxy.exe
c:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
c:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSarservice.exe
C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesCommon FilesLogiShrdLVCOMSERLVComSer.exe
C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
C:WINDOWSsystem32lxczcoms.exe
c:Program FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe
C:Program FilesCDBurnerXPNMSAccessU.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe
C:Program FilesCommon FilesLogiShrdLVCOMSERLVComSer.exe
C:WINDOWSehomeehtray.exe
C:WINDOWSRTHDCPL.EXE
C:WINDOWSARPWRMSG.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe
C:Program FilesLogitechQuickCamQuickcam.exe
C:Program FilesHpHP Software UpdateHPWuSchd2.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesLexmark 1200 Serieslxczbmgr.exe
C:Program FilesLexmark 1200 Serieslxczbmon.exe
C:Program FilesCommon FilesJavaJava Updatejusched.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe
c:Program FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE
C:Program FilesSkypePlugin ManagerskypePM.exe
c:windowssystemhpsysdrv.exe
C:Program FilesDISCDISCover.exe
C:Program FilesDISCDiscUpdMgr.exe
C:Program FilesDISCDiscStreamHub.exe
C:Program FilesSkypeToolbarsSharedSkypeNames2.exe
C:Program FilesAdobeAcrobat 7.0ReaderAcroRd32.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32taskmgr.exe
C:Documents and SettingsCompaq_AdministratorMy DocumentsRSIT.exe
C:Program FilesMessengermsmsgs.exe
C:Program Filestrend microCompaq_Administrator.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60181
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O2 — BHO: &Yahoo! Toolbar Helper — {02478D38-C3F9-4EFB-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: RealPlayer Download and Record Plugin for Internet Explorer — {3049C3E9-B461-4BC5-8870-4C09146192CA} — C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll
O2 — BHO: NAV Helper — {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} — c:Program FilesNorton Internet SecurityNorton AntiVirusNavShExt.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: hpWebHelper Class — {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} — C:WINDOWSpchealthhelpctrVendorsCN=Hewlett-Packard,L=Cupertino,S=Ca,C=USpluginWebHelper.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.5.5126.1836swg.dll
O2 — BHO: Updater For Simppull Toolbar — {C4B8BAB4-1667-11DF-A242-BA9455D89593} — (no file)
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: (no name) — {E4E6BF2A-1667-11DF-A01F-1F9655D89593} — (no file)
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 — BHO: SingleInstance Class — {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} — C:Program FilesYahoo!CompanionInstallscpn0YTSingleInstance.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 — Toolbar: Norton AntiVirus — {C4069E3A-68F1-403E-B40E-20066696354B} — c:Program FilesNorton Internet SecurityNorton AntiVirusNavShExt.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [ehTray] «C:WINDOWSehomeehtray.exe»
O4 — HKLM..Run: [ftutil2] «rundll32.exe» ftutil2.dll,SetWriteCacheMode
O4 — HKLM..Run: [RTHDCPL] «RTHDCPL.EXE»
O4 — HKLM..Run: [AlwaysReady Power Message APP] «ARPWRMSG.EXE»
O4 — HKLM..Run: [NvCplDaemon] «RUNDLL32.EXE» C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] «nwiz.exe» /install
O4 — HKLM..Run: [Recguard] «C:WINDOWSSMINSTRECGUARD.EXE»
O4 — HKLM..Run: [ccApp] «c:Program FilesCommon FilesSymantec SharedccApp.exe»
O4 — HKLM..Run: [HPBootOp] «C:Program FilesHewlett-PackardHP Boot OptimizerHPBootOp.exe» /run
O4 — HKLM..Run: [Reminder] «C:WindowsCreatorRemind_XP.exe»
O4 — HKLM..Run: [LogitechCommunicationsManager] «C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe»
O4 — HKLM..Run: [LogitechQuickCamRibbon] «C:Program FilesLogitechQuickCamQuickcam.exe» /hide
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [HP Software Update] «C:Program FilesHpHP Software UpdateHPWuSchd2.exe»
O4 — HKLM..Run: [TkBellExe] «C:Program FilesCommon FilesRealUpdate_OBrealsched.exe» -osboot
O4 — HKLM..Run: [lxczbmgr.exe] «C:Program FilesLexmark 1200 Serieslxczbmgr.exe»
O4 — HKLM..Run: [FaxCenterServer] «C:Program FilesLexmark Fax Solutionsfm3032.exe» /s
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesCommon FilesJavaJava Updatejusched.exe»
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [DW6] «C:Program FilesThe Weather Channel FWDesktopDesktopWeather.exe»
O4 — HKCU..Run: [RegistryBooster] «C:Program FilesUniblueRegistryBoosterlauncher.exe» delay 20000
O4 — HKCU..RunOnce: [UniblueRegistryBooster] «C:Program FilesUniblueRegistryBoosterlauncher.exe» delay 20000
O4 — HKCU..RunOnce: [UniblueDriverScanner] C:Program FilesUniblueDriverScannerLauncher.exe delay
O4 — .DEFAULT User Startup: Pin.lnk = C:hpbinCLOAKER.EXE (User ‘Default user’)
O4 — .DEFAULT User Startup: PinMcLnk.lnk = C:hpbincloaker.exe (User ‘Default user’)
O4 — Global Startup: Compaq Connections.lnk = C:Program FilesCompaq Connections5577497ProgramCompaq Connections.exe
O4 — Global Startup: Nikon Monitor.lnk = C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~4OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Google Sidewiki… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~4OFFICE11REFIEBAR.DLL
O9 — Extra button: Internet Connection Help — {E2D4D26B-0180-43a4-B05F-462D6D54C789} — C:WINDOWSPCHEALTHHELPCTRVendorsCN=Hewlett-Packard,L=Cupertino,S=Ca,C=USIEButtonsupport.htm (file missing)
O9 — Extra ‘Tools’ menuitem: Internet Connection Help — {E2D4D26B-0180-43a4-B05F-462D6D54C789} — C:WINDOWSPCHEALTHHELPCTRVendorsCN=Hewlett-Packard,L=Cupertino,S=Ca,C=USIEButtonsupport.htm (file missing)
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O15 — Trusted Zone: http://*.trymedia.com (HKLM)
O16 — DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) — C:Program FilesYahoo!CommonYinsthelper.dll
O16 — DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) — https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 — DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) — http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1281674340640
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O22 — SharedTaskScheduler: Browseui preloader — {438755C2-A8BA-11D1-B96B-00A0C90312E1} — C:WINDOWSsystem32browseui.dll
O22 — SharedTaskScheduler: Component Categories cache daemon — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:WINDOWSsystem32browseui.dll
O23 — Service: Automatic LiveUpdate Scheduler — Symantec Corporation — C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 — Service: Symantec Event Manager (ccEvtMgr) — Symantec Corporation — c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 — Service: Symantec Internet Security Password Validation (ccISPwdSvc) — Symantec Corporation — c:Program FilesNorton Internet SecurityccPwdSvc.exe
O23 — Service: Symantec Network Proxy (ccProxy) — Symantec Corporation — c:Program FilesCommon FilesSymantec SharedccProxy.exe
O23 — Service: Symantec Settings Manager (ccSetMgr) — Symantec Corporation — c:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 — Service: COM Host (comHost) — Symantec Corporation — c:Program FilesNorton Internet SecuritycomHost.exe
O23 — Service: Google Update Service (gupdate) (gupdate) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: LiveUpdate — Symantec Corporation — C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 — Service: LVCOMSer — Logitech Inc. — C:Program FilesCommon FilesLogiShrdLVCOMSERLVComSer.exe
O23 — Service: Process Monitor (LVPrcSrv) — Logitech Inc. — C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
O23 — Service: lxcz_device — — C:WINDOWSsystem32lxczcoms.exe
O23 — Service: Norton AntiVirus Auto-Protect Service (navapsvc) — Symantec Corporation — c:Program FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe
O23 — Service: NMSAccess — Unknown owner — C:Program FilesCDBurnerXPNMSAccessU.exe
O23 — Service: Norton Protection Center Service (NSCService) — Symantec Corporation — c:Program FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Symantec AVScan (SAVScan) — Symantec Corporation — c:Program FilesNorton Internet SecurityNorton AntiVirusSAVScan.exe
O23 — Service: Symantec Network Drivers Service (SNDSrvc) — Symantec Corporation — c:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 — Service: Symantec SPBBCSvc (SPBBCSvc) — Symantec Corporation — c:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 — Service: Symantec Core LC — Unknown owner — C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 — Service: Yahoo! Updater (YahooAUService) — Yahoo! Inc. — C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe

—
End of file — 15024 bytes

======Scheduled tasks folder======

C:WINDOWStasksGoogleUpdateTaskMachineCore.job
C:WINDOWStasksGoogleUpdateTaskMachineUA.job
C:WINDOWStasksNorton AntiVirus — Run Full System Scan — Compaq_Administrator.job
C:WINDOWStasksNorton AntiVirus — Run Norton QuickScan — Compaq_Administrator.job
C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2229450754-2512486422-644003407-1007.job
C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2229450754-2512486422-644003407-1007.job
C:WINDOWStasksRegister Reminder 7 day.job
C:WINDOWStasksUser_Feed_Synchronization-{53E00774-2C79-4702-9458-B6427BDC5D32}.job
C:WINDOWStasksWarranty Reminder 11 month.job
C:WINDOWStasksWarranty Reminder 15 day.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper — C:Program FilesYahoo!CompanionInstallscpn0yt.dll [2010-03-23 1205560]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer — C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll [2010-08-08 341600]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}]
CNavExtBho Class — c:Program FilesNorton Internet SecurityNorton AntiVirusNavShExt.dll [2007-05-23 140912]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-07-22 278192]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}]
hpWebHelper Class — C:WINDOWSpchealthhelpctrVendorsCN=Hewlett-Packard,L=Cupertino,S=Ca,C=USpluginWebHelper.dll [2006-08-25 208896]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.5.5126.1836swg.dll [2010-07-22 814648]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C4B8BAB4-1667-11DF-A242-BA9455D89593}]
Updater For Simppull Toolbar

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E4E6BF2A-1667-11DF-A01F-1F9655D89593}]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class — C:Program FilesYahoo!CompanionInstallscpn0YTSingleInstance.dll [2010-03-23 158520]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program FilesYahoo!CompanionInstallscpn0yt.dll [2010-03-23 1205560]
{C4069E3A-68F1-403E-B40E-20066696354B} — Norton AntiVirus — c:Program FilesNorton Internet SecurityNorton AntiVirusNavShExt.dll [2007-05-23 140912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-07-22 278192]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«ehTray»=C:WINDOWSehomeehtray.exe [2005-09-29 67584]
«ftutil2″=ftutil2.dll,SetWriteCacheMode []
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-06-13 16239616]
«AlwaysReady Power Message APP»=C:WINDOWSARPWRMSG.EXE [2005-08-02 77312]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-05-09 7311360]
«nwiz»=nwiz.exe /install []
«Recguard»=C:WINDOWSSMINSTRECGUARD.EXE [2005-07-22 237568]
«»= []
«PCDrProfiler»= []
«ccApp»=c:Program FilesCommon FilesSymantec SharedccApp.exe [2005-09-17 52848]
«HPBootOp»=C:Program FilesHewlett-PackardHP Boot OptimizerHPBootOp.exe [2006-02-15 249856]
«Reminder»=C:WindowsCreatorRemind_XP.exe [2004-12-14 663552]
«LogitechCommunicationsManager»=C:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exe [2008-08-14 565008]
«LogitechQuickCamRibbon»=C:Program FilesLogitechQuickCamQuickcam.exe [2008-08-14 2407184]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2007-12-11 286720]
«HP Software Update»=C:Program FilesHpHP Software UpdateHPWuSchd2.exe [2010-06-09 49208]
«TkBellExe»=C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2010-08-08 202256]
«lxczbmgr.exe»=C:Program FilesLexmark 1200 Serieslxczbmgr.exe [2007-02-08 74672]
«FaxCenterServer»=C:Program FilesLexmark Fax Solutionsfm3032.exe [2007-02-08 295856]
«SunJavaUpdateSched»=C:Program FilesCommon FilesJavaJava Updatejusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2010-05-13 26192168]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2010-07-22 39408]
«DW6″=C:Program FilesThe Weather Channel FWDesktopDesktopWeather.exe []
«RegistryBooster»=C:Program FilesUniblueRegistryBoosterlauncher.exe delay 20000 []

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«UniblueRegistryBooster»=C:Program FilesUniblueRegistryBoosterlauncher.exe delay 20000 []
«UniblueDriverScanner»=C:Program FilesUniblueDriverScannerLauncher.exe delay []

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Compaq Connections.lnk — C:Program FilesCompaq Connections5577497ProgramCompaq Connections.exe
Nikon Monitor.lnk — C:Program FilesCommon FilesNikonMonitorNkMonitor.exe

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«InstallVisualStyle»=C:WINDOWSResourcesThemesRoyaleRoyale.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesRoyale.theme

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=1

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesDISCDISCover.exe»=»C:Program FilesDISCDISCover.exe:*:Enabled:DISCover Drop & Play System»
«C:Program FilesDISCDiscStreamHub.exe»=»C:Program FilesDISCDiscStreamHub.exe:*:Enabled:DISCover Stream Hub»
«C:Program FilesDISCmyFTP.exe»=»C:Program FilesDISCmyFTP.exe:*:Enabled:DISCover FTP»
«C:Program FilesCompaq Connections5577497ProgramCompaq Connections.exe»=»C:Program FilesCompaq Connections5577497ProgramCompaq Connections.exe:*:Enabled:Compaq Connections»
«C:Program FilesEarthLink TotalAccessTaskPanl.exe»=»C:Program FilesEarthLink TotalAccessTaskPanl.exe:*:Enabled:Earthlink»
«C:Program FilesSkypePlugin ManagerskypePM.exe»=»C:Program FilesSkypePlugin ManagerskypePM.exe:*:Enabled:Skype Extras Manager»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:WINDOWSsystem32lxczcoms.exe»=»C:WINDOWSsystem32lxczcoms.exe:*:Enabled:1200 Series Server»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesCompaq Connections5577497ProgramCompaq Connections.exe»=»C:Program FilesCompaq Connections5577497ProgramCompaq Connections.exe:*:Enabled:Compaq Connections»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

======List of files/folders created in the last 1 months======

2010-08-29 01:51:10 —-D—- C:Program Filestrend micro
2010-08-29 01:50:44 —-D—- C:rsit
2010-08-29 01:04:13 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataAdobeUM
2010-08-28 20:22:58 —-D—- C:WINDOWSsystem32NtmsData
2010-08-28 20:21:01 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataUniblue
2010-08-25 17:47:04 —-A—- C:WINDOWSsystem32javaws.exe
2010-08-25 17:47:04 —-A—- C:WINDOWSsystem32javaw.exe
2010-08-25 17:47:04 —-A—- C:WINDOWSsystem32java.exe
2010-08-25 17:14:20 —-A—- C:WINDOWSODBC.INI
2010-08-25 17:13:56 —-A—- C:WINDOWSsystem32mdimon.dll
2010-08-25 17:12:24 —-D—- C:Program FilesMicrosoft ActiveSync
2010-08-25 17:12:16 —-D—- C:Program FilesCommon FilesDESIGNER
2010-08-25 17:11:25 —-D—- C:WINDOWSSHELLNEW
2010-08-25 17:11:24 —-D—- C:Program FilesMicrosoft.NET
2010-08-25 17:07:26 —-RHD—- C:MSOCache
2010-08-25 02:27:14 —-D—- C:Program FilesMozilla Firefox
2010-08-24 11:17:12 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataTemplate
2010-08-21 20:47:36 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataMSNInstaller
2010-08-21 15:44:55 —-D—- C:Program FilesCCleaner
2010-08-21 15:35:16 —-D—- C:Program FilesActive PC Optimizer
2010-08-20 16:31:28 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataNetscape
2010-08-19 17:00:11 —-A—- C:WINDOWSsystem32driversmouhid.sys
2010-08-19 17:00:01 —-A—- C:WINDOWSsystem32drivershidusb.sys
2010-08-15 20:26:20 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataNikon
2010-08-15 20:24:59 —-A—- C:WINDOWSsystem32ptpusb.dll
2010-08-15 20:24:57 —-A—- C:WINDOWSsystem32ptpusd.dll
2010-08-13 19:51:10 —-D—- C:Documents and SettingsAll UsersApplication DataWebroot
2010-08-13 18:12:59 —-D—- C:Program FilesMicrosoft Silverlight
2010-08-13 01:26:46 —-A—- C:WINDOWSsystem32mucltui.dll.mui
2010-08-13 01:26:45 —-A—- C:WINDOWSsystem32mucltui.dll
2010-08-10 23:59:37 —-D—- C:WINDOWSpss
2010-08-10 17:58:54 —-D—- C:WINDOWSPrefetch
2010-08-10 14:51:47 —-HDC—- C:WINDOWS$NtUninstallKB982214$
2010-08-10 14:51:11 —-HDC—- C:WINDOWS$NtUninstallKB2115168$
2010-08-10 14:49:49 —-HDC—- C:WINDOWS$NtUninstallKB981852$
2010-08-10 14:47:21 —-HDC—- C:WINDOWS$NtUninstallKB2079403$
2010-08-10 14:39:33 —-HDC—- C:WINDOWS$NtUninstallKB2160329$
2010-08-10 14:39:09 —-HDC—- C:WINDOWS$NtUninstallKB980436$
2010-08-10 14:26:37 —-HDC—- C:WINDOWS$NtUninstallKB981997$
2010-08-10 14:26:07 —-HDC—- C:WINDOWS$NtUninstallKB982665$
2010-08-08 16:47:03 —-A—- C:WINDOWSWORDPAD.INI
2010-08-08 16:16:30 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataCakewalk
2010-08-08 16:02:31 —-A—- C:WINDOWSdsdxirmv.exe
2010-08-08 16:01:43 —-A—- C:WINDOWSsystem32ReWire.dll
2010-08-08 16:01:42 —-D—- C:Program FilesCakewalk
2010-08-08 16:01:42 —-D—- C:Cakewalk Projects
2010-08-08 15:55:42 —-A—- C:WINDOWScdplayer.ini
2010-08-08 15:35:26 —-A—- C:WINDOWSsystem32driversavc.sys
2010-08-08 15:35:20 —-A—- C:WINDOWSsystem32drivers61883.sys
2010-08-08 15:32:32 —-D—- C:Program FilesEDIROL
2010-08-08 15:32:32 —-A—- C:WINDOWSsystem32driversrrwd0002.sys
2010-08-08 15:32:32 —-A—- C:WINDOWSsystem32driversrrau0002.sys
2010-08-08 15:10:46 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataFaxCtr
2010-08-08 12:42:05 —-A—- C:WINDOWSsystem32LXPRMON.DLL
2010-08-08 12:42:05 —-A—- C:WINDOWSsystem32LXPMONUI.DLL
2010-08-08 12:41:44 —-A—- C:WINDOWSsystem32LXPMONRC.DLL
2010-08-08 12:41:44 —-A—- C:WINDOWSsystem32IMHOST32.DLL
2010-08-08 12:41:44 —-A—- C:WINDOWSsystem32IMGMAN32.DLL
2010-08-08 12:41:37 —-D—- C:Documents and SettingsAll UsersApplication DataFaxCtr
2010-08-08 12:41:03 —-D—- C:Program FilesLexmark Fax Solutions
2010-08-08 12:40:30 —-D—- C:Program FilesAbbyy FineReader 6.0 Sprint
2010-08-08 12:38:11 —-A—- C:WINDOWSLexstat.ini
2010-08-08 12:37:36 —-A—- C:WINDOWSsystem32lxczcoin.dll
2010-08-08 12:37:35 —-A—- C:WINDOWSsystem32lxczvs.dll
2010-08-08 12:36:53 —-A—- C:WINDOWSsystem32driversusbscan.sys
2010-08-08 12:36:48 —-A—- C:WINDOWSsystem32wiafbdrv.dll
2010-08-08 12:36:39 —-A—- C:WINDOWSsystem32rtsicis.ini
2010-08-08 12:36:38 —-A—- C:WINDOWSsystem32rtscan.dll
2010-08-08 12:36:38 —-A—- C:WINDOWSsystem32lxczdrs.dll
2010-08-08 12:36:38 —-A—- C:WINDOWSsystem32lxczcnv7.dll
2010-08-08 12:36:38 —-A—- C:WINDOWSsystem32lxczcnv6.dll
2010-08-08 12:36:38 —-A—- C:WINDOWSsystem32lxczcnv5.dll
2010-08-08 12:36:38 —-A—- C:WINDOWSsystem32lxczcnv4.dll
2010-08-08 12:36:13 —-D—- C:Program FilesLexmark 1200 Series
2010-08-08 12:35:59 —-A—- C:WINDOWSsystem32LXCZinst.dll
2010-08-08 12:35:58 —-A—- C:WINDOWSsystem32LXCZhcp.dll
2010-08-08 12:35:57 —-A—- C:WINDOWSsystem32lxczinpa.dll
2010-08-08 12:35:57 —-A—- C:WINDOWSsystem32lxcziesc.dll
2010-08-08 12:35:56 —-A—- C:WINDOWSsystem32lxczutil.dll
2010-08-08 12:35:56 —-A—- C:WINDOWSsystem32lxczusb1.dll
2010-08-08 12:35:55 —-A—- C:WINDOWSsystem32lxczserv.dll
2010-08-08 12:35:55 —-A—- C:WINDOWSsystem32lxczprox.dll
2010-08-08 12:35:55 —-A—- C:WINDOWSsystem32lxczpplc.dll
2010-08-08 12:35:54 —-A—- C:WINDOWSsystem32lxczpmui.dll
2010-08-08 12:35:54 —-A—- C:WINDOWSsystem32lxczlmpm.dll
2010-08-08 12:35:53 —-A—- C:WINDOWSsystem32lxczjswr.dll
2010-08-08 12:35:53 —-A—- C:WINDOWSsystem32lxczinsb.dll
2010-08-08 12:35:52 —-A—- C:WINDOWSsystem32lxczinsr.dll
2010-08-08 12:35:52 —-A—- C:WINDOWSsystem32lxczins.dll
2010-08-08 12:35:52 —-A—- C:WINDOWSsystem32lxczih.exe
2010-08-08 12:35:52 —-A—- C:WINDOWSsystem32lxczhbn3.dll
2010-08-08 12:35:51 —-A—- C:WINDOWSsystem32lxczgf.dll
2010-08-08 12:35:50 —-A—- C:WINDOWSsystem32lxczcur.dll
2010-08-08 12:35:50 —-A—- C:WINDOWSsystem32lxczcu.dll
2010-08-08 12:35:50 —-A—- C:WINDOWSsystem32lxczcoms.exe
2010-08-08 12:35:50 —-A—- C:WINDOWSsystem32lxczcomm.dll
2010-08-08 12:35:49 —-A—- C:WINDOWSsystem32lxczcomc.dll
2010-08-08 12:35:49 —-A—- C:WINDOWSsystem32lxczcfg.exe
2010-08-08 12:35:48 —-A—- C:WINDOWSsystem32LXCZcfg.dll
2010-08-08 10:47:34 —-A—- C:WINDOWSsystem32rmoc3260.dll
2010-08-08 10:47:09 —-A—- C:WINDOWSsystem32pndx5032.dll
2010-08-08 10:47:09 —-A—- C:WINDOWSsystem32pndx5016.dll
2010-08-08 10:46:42 —-D—- C:Program FilesCommon Filesxing shared
2010-08-06 22:28:00 —-D—- C:Documents and SettingsAll UsersApplication DataYahoo!
2010-08-06 22:26:50 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataYahoo!
2010-08-06 08:13:07 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataHpUpdate
2010-08-06 08:12:53 —-D—- C:WINDOWSHewlett-Packard
2010-08-03 03:01:14 —-HDC—- C:WINDOWS$NtUninstallKB2286198$
2010-08-01 10:07:20 —-D—- C:Softpaq
2010-07-31 18:13:32 —-D—- C:Program FilesCommon FilesLogitech
2010-07-30 20:43:01 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP

======List of files/folders modified in the last 1 months======

2010-08-29 03:35:11 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataSkype
2010-08-29 03:24:00 —-A—- C:WINDOWSSchedLgU.Txt
2010-08-29 02:44:51 —-AD—- C:WINDOWS
2010-08-29 02:24:33 —-D—- C:WINDOWSTemp
2010-08-29 01:52:37 —-SD—- C:WINDOWSTasks
2010-08-29 01:51:10 —-D—- C:Program Files
2010-08-29 01:51:03 —-D—- C:Program FilesCommon FilesSymantec Shared
2010-08-29 01:26:45 —-D—- C:WINDOWSHelp
2010-08-29 01:20:07 —-SD—- C:WINDOWSDownloaded Program Files
2010-08-29 00:09:13 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataskypePM
2010-08-28 20:58:26 —-D—- C:WINDOWSsystem32CatRoot2
2010-08-28 20:41:09 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DatauTorrent
2010-08-28 20:40:23 —-D—- C:WINDOWSnetwork diagnostic
2010-08-28 20:22:58 —-D—- C:WINDOWSsystem32
2010-08-28 03:11:44 —-SHD—- C:WINDOWSInstaller
2010-08-28 03:07:56 —-A—- C:WINDOWSwin.ini
2010-08-27 20:14:36 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2010-08-27 20:14:36 —-D—- C:Program FilesCommon Files
2010-08-27 20:12:19 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataAdobe
2010-08-27 03:06:28 —-RSD—- C:WINDOWSassembly
2010-08-27 03:05:00 —-RSD—- C:WINDOWSFonts
2010-08-25 20:24:46 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataMacromedia
2010-08-25 17:48:06 —-D—- C:Program FilesCommon FilesJava
2010-08-25 17:46:55 —-D—- C:Program FilesJava
2010-08-25 17:11:52 —-D—- C:Program FilesMicrosoft Office
2010-08-25 17:11:31 —-D—- C:Program FilesCommon FilesSystem
2010-08-25 17:11:24 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-08-25 17:07:33 —-D—- C:WINDOWSsystem
2010-08-24 11:17:13 —-SD—- C:Documents and SettingsCompaq_AdministratorApplication DataMicrosoft
2010-08-24 11:17:11 —-D—- C:WINDOWSsystem32FxsTmp
2010-08-24 11:15:12 —-D—- C:Program FilesMicrosoft Money 2006
2010-08-23 15:20:23 —-HD—- C:WINDOWSinf
2010-08-21 15:49:46 —-D—- C:WINDOWSDebug
2010-08-20 17:43:49 —-D—- C:WINDOWSsystem32drivers
2010-08-19 17:00:20 —-RSHD—- C:WINDOWSsystem32dllcache
2010-08-15 21:47:37 —-AD—- C:WINDOWSCREATOR
2010-08-15 20:25:52 —-D—- C:Program FilesMSN
2010-08-12 22:35:10 —-D—- C:WINDOWSWinSxS
2010-08-11 02:10:27 —-RASH—- C:boot.ini
2010-08-11 02:10:27 —-A—- C:WINDOWSsystem.ini
2010-08-10 14:58:18 —-D—- C:WINDOWSMicrosoft.NET
2010-08-10 14:51:45 —-HD—- C:WINDOWS$hf_mig$
2010-08-10 14:45:38 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-08-10 14:40:05 —-D—- C:Program FilesInternet Explorer
2010-08-10 14:39:48 —-D—- C:WINDOWSie8updates
2010-08-10 14:26:40 —-D—- C:Program FilesMovie Maker
2010-08-08 20:28:59 —-D—- C:Documents and Settings
2010-08-08 15:37:41 —-D—- C:WINDOWSsystem32ReinstallBackups
2010-08-08 12:37:00 —-D—- C:WINDOWStwain_32
2010-08-08 12:22:49 —-D—- C:Program FilesGoogle
2010-08-08 11:04:37 —-D—- C:Documents and SettingsCompaq_AdministratorApplication DataReal
2010-08-08 10:47:50 —-D—- C:Program FilesCommon FilesReal
2010-08-08 10:47:06 —-D—- C:Program FilesReal
2010-08-08 10:45:38 —-A—- C:WINDOWSsystem32pncrt.dll
2010-08-06 22:28:46 —-D—- C:Documents and SettingsAll UsersApplication DataYahoo! Companion
2010-08-06 22:28:00 —-D—- C:Program FilesYahoo!
2010-08-06 08:14:15 —-D—- C:Program FilesHP
2010-08-06 08:14:06 —-D—- C:Program FilesHewlett-Packard
2010-08-05 15:41:05 —-D—- C:WINDOWSSoftwareDistribution
2010-08-03 11:09:31 —-A—- C:WINDOWSsystem32MRT.exe
2010-08-01 10:58:37 —-D—- C:Program FilesRhapsody

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 bb-run;Promise driver accelerator; C:WINDOWSsystem32DRIVERSbb-run.sys [2003-11-05 17408]
R0 ftsata2;ftsata2; C:WINDOWSsystem32DRIVERSftsata2.sys [2005-06-29 175104]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:WINDOWSsystem32DRIVERSohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:WINDOWSSystem32DriversPxHelp20.sys [2006-03-09 46080]
R1 AmdK8;AMD Processor Driver; C:WINDOWSsystem32DRIVERSAmdK8.sys [2005-03-09 36352]
R1 eeCtrl;Symantec Eraser Control driver; ??C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys []
R1 SAVRTPEL;SAVRTPEL; ??c:Program FilesNorton Internet SecurityNorton AntiVirusSAVRTPEL.SYS []
R1 SPBBCDrv;SPBBCDrv; ??C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCDrv.sys []
R1 SYMTDI;SYMTDI; C:WINDOWSSystem32DriversSYMTDI.SYS [2007-10-01 189320]
R2 mdmxsdk;mdmxsdk; C:WINDOWSsystem32DRIVERSmdmxsdk.sys [2005-10-05 12544]
R2 symlcbrd;symlcbrd; ??C:WINDOWSsystem32driverssymlcbrd.sys []
R3 aracpi;aracpi; C:WINDOWSsystem32DRIVERSaracpi.sys [2005-08-02 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:WINDOWSsystem32DRIVERSarhidfltr.sys [2005-08-02 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:WINDOWSsystem32DRIVERSarkbcfltr.sys [2005-08-02 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:WINDOWSsystem32DRIVERSarmoucfltr.sys [2005-08-02 4992]
R3 Arp1394;1394 ARP Client Protocol; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-13 60800]
R3 ARPolicy;ARPolicy; C:WINDOWSsystem32DRIVERSarpolicy.sys [2005-08-02 10112]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-13 10368]
R3 HSX_DP;HSX_DP; C:WINDOWSsystem32DRIVERSHSX_DP.sys [2005-12-06 936448]
R3 HSXHWBS2;HSXHWBS2; C:WINDOWSsystem32DRIVERSHSXHWBS2.sys [2005-12-06 241664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-06-14 4299264]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:WINDOWSsystem32DRIVERSLVPr2Mon.sys [2008-07-26 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:WINDOWSsystem32driversLVUSBSta.sys [2008-07-26 41752]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; ??C:PROGRA~1COMMON~1SYMANT~1VIRUSD~120100828.004NAVENG.Sys []
R3 NAVEX15;NAVEX15; ??C:PROGRA~1COMMON~1SYMANT~1VIRUSD~120100828.004NavEx15.Sys []
R3 NIC1394;1394 Net Driver; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-13 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-05-09 3535680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-03-03 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-03-03 13056]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:WINDOWSsystem32DRIVERSLV302V32.SYS [2008-07-26 2570520]
R3 SAVRT;SAVRT; ??c:Program FilesNorton Internet SecurityNorton AntiVirusSAVRT.SYS []
R3 SYMDNS;SYMDNS; C:WINDOWSSystem32DriversSYMDNS.SYS [2007-10-01 12680]
R3 SymEvent;SymEvent; ??C:Program FilesSymantecSYMEVENT.SYS []
R3 SYMFW;SYMFW; C:WINDOWSSystem32DriversSYMFW.SYS [2007-10-01 98184]
R3 SYMIDS;SYMIDS; C:WINDOWSSystem32DriversSYMIDS.SYS [2007-10-01 31624]
R3 SYMIDSCO;SYMIDSCO; ??C:PROGRA~1COMMON~1SYMANT~1SymcDataidsdefs20100826.001symidsco.sys []
R3 SYMNDIS;SYMNDIS; C:WINDOWSSystem32DriversSYMNDIS.SYS [2007-10-01 28040]
R3 SYMREDRV;SYMREDRV; C:WINDOWSSystem32DriversSYMREDRV.SYS [2007-10-01 23944]
R3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
R3 winachsx;winachsx; C:WINDOWSsystem32DRIVERSHSX_CNXT.sys [2005-12-06 670208]
S3 61883;61883 Unit Device; C:WINDOWSsystem32DRIVERS61883.sys [2008-04-13 48128]
S3 Avc;AVC Device; C:WINDOWSsystem32DRIVERSavc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-13 17024]
S3 MHNDRV;MHN driver; C:WINDOWSsystem32DRIVERSmhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-13 10880]
S3 rrau0002;rrau0002; C:WINDOWSSystem32Driversrrau0002.sys [2004-09-28 24576]
S3 rrwd0002;rrwd0002; C:WINDOWSSystem32Driversrrwd0002.sys [2004-09-28 97280]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2009-11-12 7168]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-13 15232]
S3 usbstor;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-13 20608]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-13 19200]
S4 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-13 36352]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ARSVC;ARSVC; C:WINDOWSarservice.exe [2005-08-02 58880]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe [2010-03-04 99720]
R2 ccEvtMgr;Symantec Event Manager; c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe [2005-09-17 192112]
R2 ccProxy;Symantec Network Proxy; c:Program FilesCommon FilesSymantec SharedccProxy.exe [2005-09-17 202352]
R2 ccSetMgr;Symantec Settings Manager; c:Program FilesCommon FilesSymantec SharedccSetMgr.exe [2005-09-17 169584]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2010-07-17 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-06-21 49152]
R2 LVCOMSer;LVCOMSer; C:Program FilesCommon FilesLogiShrdLVCOMSERLVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe [2008-07-26 150040]
R2 lxcz_device;lxcz_device; C:WINDOWSsystem32lxczcoms.exe [2007-02-08 537520]
R2 McrdSvc;Media Center Extender Service; C:WINDOWSehomemcrdsvc.exe [2005-08-05 99328]
R2 navapsvc;Norton AntiVirus Auto-Protect Service; c:Program FilesNorton Internet SecurityNorton AntiVirusnavapsvc.exe [2007-05-23 139888]
R2 NMSAccess;NMSAccess; C:Program FilesCDBurnerXPNMSAccessU.exe [2010-03-04 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-05-09 131139]
R2 SNDSrvc;Symantec Network Drivers Service; c:Program FilesCommon FilesSymantec SharedSNDSrvc.exe [2007-10-01 214408]
R2 SPBBCSvc;Symantec SPBBCSvc; c:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe [2005-09-15 1160800]
R2 Symantec Core LC;Symantec Core LC; C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe [2010-07-22 1251720]
R2 YahooAUService;Yahoo! Updater; C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe [2008-11-09 602392]
R3 NSCService;Norton Protection Center Service; c:Program FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE [2006-12-15 750720]
S2 gupdate;Google Update Service (gupdate); C:Program FilesGoogleUpdateGoogleUpdate.exe [2010-07-22 135664]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 ccISPwdSvc;Symantec Internet Security Password Validation; c:Program FilesNorton Internet SecurityccPwdSvc.exe [2007-01-16 72328]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 comHost;COM Host; c:Program FilesNorton Internet SecuritycomHost.exe [2007-01-16 45696]
S3 Fax;Fax; C:WINDOWSsystem32fxssvc.exe [2008-04-13 267776]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2010-07-22 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE [2010-03-04 2106760]
S3 MHN;MHN; C:WINDOWSSystem32svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 SAVScan;Symantec AVScan; c:Program FilesNorton Internet SecurityNorton AntiVirusSAVScan.exe [2005-08-26 198368]
S3 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-08-04 38912]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]

EOF
29 августа, 2010 в 4:19 пп #31117
Admin
Keymaster
- Темы:40
- Сообщений:5676
Здравствуйте, добро пожаловать на Spyware-ru форум.

Проверим ещё одной программой.
Скачайте программу Combofix. Если вы уже скачивали эту программу, то удалите её и скачайте свежую копию.
Закройте все открытые окна и запустите эту программу.

После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.
30 августа, 2010 в 6:14 дп #31118
zmila
Participant
- Темы:1
- Сообщений:2
Спасибо, за помощь,но начитавшись о Cobofix, решение — отдать комп. специалистам т.к много времени берёт лечение комп. и нет уверенности что результат будет положительным, разбираюсь плохо.
Автор

Сообщения

Просмотр 3 сообщений - с 1 по 3 (из 3 всего)

Для ответа в этой теме необходимо авторизоваться.

вирус

Добро пожаловать

Поиск

Последние темы

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки