- This topic has 7 ответов, 2 участника, and was last updated 16 years, 3 months назад by
.
-
Сообщения
-
Помогите пожалуйста! После открытия сайта всплыло окно, требующее ввести код(послать смс и получить код) и одновременно с ним стал всплывать Антивирус XP? Который установился на рабочий стол. И теперь, при входе в интернет висит это окно.
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Roman at 2009-01-09 12:13:34
Microsoft Windows XP Professional Service Pack 2
System drive C: has 32 GB (79%) free of 40 GB
Total RAM: 1023 MB (53% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:35, on 09.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
G:progi 2aawservice.exe
C:WINDOWSExplorer.EXE
C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
C:Program FilesAnalog DevicesSoundMAXSmax4.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesAcronisTrueImageTrueImageMonitor.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesDrWeb AV-Deskdrwagnui.exe
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:PROGRA~1DRWEBA~1spidernt.exe
C:Program FilesDrWeb AV-Deskspiderml.exe
C:WINDOWSSystem32svchost.exe
C:PROGRA~1DRWEBA~1spiderui.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
C:WINDOWSservices.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program Filesiriveririver plusiAgent.exe
C:PROGRA~1MICROS~3wcescomm.exe
C:Program FilesDrWeb AV-Deskdrwagntd.exe
C:Program FilesPicasa2PicasaMediaDetector.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:PROGRA~1MICROS~3rapimgr.exe
G:CommonBinWinCinemaMgr.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32notepad.exe
C:Documents and SettingsRomanDesktopRSIT.exe
C:Program Filestrend microRoman.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
O2 — BHO: agblibP — {065C52C3-9AA2-4577-AFB0-33F17EA5686E} — C:Documents and SettingsAll UsersApplication Dataagblib.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
O4 — HKLM..Run: [SoundMAX] «C:Program FilesAnalog DevicesSoundMAXSmax4.exe» /tray
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [TrueImageMonitor.exe] C:Program FilesAcronisTrueImageTrueImageMonitor.exe
O4 — HKLM..Run: [Acronis Scheduler2 Service] «C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [DrWebAgentUI] «C:Program FilesDrWeb AV-Deskdrwagnui.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWeb AV-Deskspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DRWEBA~1spiderui.exe /agent
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
O4 — HKLM..Run: [HP Software Update] C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
O4 — HKLM..Run: [DeviceDiscovery] C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
O4 — HKLM..Run: [services] C:WINDOWSservices.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [iPlusAgent] «C:Program Filesiriveririver plusiAgent.exe»
O4 — HKCU..Run: [iriverPlus] «C:Program Filesiriveririver plusiPlus.exe»
O4 — HKCU..Run: [H/PC Connection Agent] «C:PROGRA~1MICROS~3wcescomm.exe»
O4 — HKCU..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [updateMgr] C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe AcRdB7_0_5
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 — Global Startup: InterVideo WinCinema Manager.lnk = G:CommonBinWinCinemaMgr.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra ‘Tools’ menuitem: Create Mobile Favorite… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{39B2264D-70B9-4545-82C2-AC0994F742B9}: NameServer = 213.234.192.7 85.21.192.5
O23 — Service: Lavasoft Ad-Aware Service (aawservice) — Lavasoft — G:progi 2aawservice.exe
O23 — Service: Acronis Scheduler2 Service (AcrSch2Svc) — Acronis — C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
O23 — Service: Apple Mobile Device — Apple, Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Dr.Web(R) AV-Desk Agent (drwagntd) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Deskdrwagntd.exe
O23 — Service: Dr.Web(R) AV-Desk Upgrade Service (drwupgrade) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Desk1drwupgrade.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) — Analog Devices, Inc. — C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DRWEBA~1spidernt.exe—
End of file — 7855 bytes======Scheduled tasks folder======
C:WINDOWStasksAppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{065C52C3-9AA2-4577-AFB0-33F17EA5686E}]
ALAC Video Helper — C:Documents and SettingsAll UsersApplication Dataagblib.dll [2009-01-08 322560][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-23 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-11-16 2427968][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2008-12-18 737776][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-11-16 2427968][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMAXPnP»=C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe [2004-10-14 1388544]
«SoundMAX»=C:Program FilesAnalog DevicesSoundMAXSmax4.exe [2004-09-23 860160]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«TrueImageMonitor.exe»=C:Program FilesAcronisTrueImageTrueImageMonitor.exe [2005-10-25 988565]
«Acronis Scheduler2 Service»=C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe [2005-10-25 118784]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-10-22 7700480]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2006-10-22 86016]
«DrWebAgentUI»=C:Program FilesDrWeb AV-Deskdrwagnui.exe [2008-11-16 812336]
«SpIDerMail»=C:Program FilesDrWeb AV-Deskspiderml.exe [2008-11-16 501080]
«SpIDerNT»=C:PROGRA~1DRWEBA~1spiderui.exe [2008-11-16 230936]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2008-03-28 413696]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2008-03-30 267048]
«HPDJ Taskbar Utility»=C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe [2003-03-25 172032]
«HP Software Update»=C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe [2002-12-17 49152]
«DeviceDiscovery»=C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe [2002-12-02 40960]
«services»=C:WINDOWSservices.exe [2009-01-08 42496][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-03 1667584]
«iPlusAgent»=C:Program Filesiriveririver plusiAgent.exe [2005-06-07 225280]
«iriverPlus»=C:Program Filesiriveririver plusiPlus.exe [2005-06-07 1265664]
«H/PC Connection Agent»=C:PROGRA~1MICROS~3wcescomm.exe [2005-11-15 1200128]
«Picasa Media Detector»=C:Program FilesPicasa2PicasaMediaDetector.exe [2008-08-20 443968]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-12-18 68856]
«updateMgr»=C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe [2005-08-18 307200][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«lanmanworkstation»=2
«lanmanserver»=2C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
InterVideo WinCinema Manager.lnk — G:CommonBinWinCinemaMgr.exe[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«authentication packages»=msv1_0
relog_ap[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkUploadMgr]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1d742d22-b198-11dd-81e1-00173164d2a9}]
shellAutoRuncommand — J:
shellopencommand — rundll32.exe .\dpnmodlm.dll,InstallM[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c5aa9e48-b0e1-11dd-81de-00173164d2a9}]
shellAutocommand — I:RavMonE.exe e
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e======List of files/folders created in the last 1 months======
2009-01-09 11:34:57 —-D—- C:rsit
2009-01-09 11:34:57 —-D—- C:Program Filestrend micro
2009-01-08 12:32:20 —-D—- C:Documents and SettingsAll UsersApplication DataLavasoft
2009-01-08 12:30:40 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-01-08 06:12:58 —-A—- C:Documents and SettingsAll UsersApplication Dataagblib.dll
2009-01-08 06:12:51 —-A—- C:WINDOWSservices.exe
2009-01-03 23:19:33 —-D—- C:Documents and SettingsRomanApplication DataDivX
2009-01-03 23:17:45 —-D—- C:Program FilesDivX
2008-12-24 13:29:11 —-D—- C:Program Filesdirectx
2008-12-24 13:17:16 —-D—- C:Documents and SettingsRomanApplication DataArcSoft
2008-12-24 13:12:38 —-D—- C:Program FilesArcSoft
2008-12-24 13:03:23 —-A—- C:WINDOWSsystem32vfwwdm32.dll
2008-12-24 13:02:40 —-A—- C:WINDOWSvideoimp.ini
2008-12-24 13:02:39 —-A—- C:WINDOWSsystem32LMRTREND.dll
2008-12-24 13:02:37 —-A—- C:WINDOWSsystem32dxtmsft3.dll
2008-12-24 13:02:35 —-A—- C:WINDOWSsystem32unam4ie.exe
2008-12-24 13:02:33 —-A—- C:WINDOWSsystem32vidx16.dll
2008-12-24 13:02:32 —-A—- C:WINDOWSsystem32qcut.dll
2008-12-24 13:02:31 —-A—- C:WINDOWSsystem32w95inf32.dll
2008-12-24 13:02:31 —-A—- C:WINDOWSsystem32w95inf16.dll
2008-12-24 13:02:23 —-A—- C:WINDOWSVI_setup.ini
2008-12-24 13:00:59 —-A—- C:WINDOWSPI4_setup.ini
2008-12-24 13:00:58 —-A—- C:WINDOWSpcdlib32.dll
2008-12-18 14:41:50 —-D—- C:WINDOWSsystem32LogFiles
2008-12-17 01:38:37 —-D—- C:WINDOWSpss
2008-12-14 21:41:00 —-D—- C:Documents and SettingsRomanApplication DataYandex
2008-12-14 21:40:18 —-D—- C:Documents and SettingsRomanApplication DataMozilla
2008-12-14 21:40:10 —-D—- C:Program FilesMozilla Firefox
2008-12-13 22:26:18 —-D—- C:Program FilesDVD X Studios
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxinsi64.exe
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxinsa64.exe
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxcpyi64.exe
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxcpya64.exe
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxafs.dll
2008-12-13 21:36:13 —-N—- C:WINDOWSsystem32pxsfs.dll
2008-12-12 14:13:22 —-A—- C:WINDOWSIsUn0419.exe
2008-12-12 14:12:53 —-D—- C:Program FilesHewlett-Packard
2008-12-12 14:11:55 —-A—- C:WINDOWShpbvspst.ini
2008-12-10 12:01:05 —-D—- C:Documents and SettingsRomanApplication DataAuslogics======List of files/folders modified in the last 1 months======
2009-01-09 11:35:04 —-D—- C:WINDOWSPrefetch
2009-01-09 11:34:57 —-RD—- C:Program Files
2009-01-09 11:08:41 —-D—- C:WINDOWSTemp
2009-01-09 10:22:21 —-D—- C:Program FilesDrWeb AV-Desk
2009-01-09 10:22:05 —-D—- C:WINDOWS
2009-01-09 10:20:44 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-09 09:26:44 —-D—- C:Documents and SettingsRomanApplication DataAdobeUM
2009-01-08 13:57:34 —-D—- C:Documents and SettingsRomanApplication DataAdobe
2009-01-08 12:33:24 —-SHD—- C:WINDOWSInstaller
2009-01-08 12:32:20 —-D—- C:WINDOWSsystem32drivers
2009-01-08 12:32:20 —-D—- C:WINDOWSsystem32
2009-01-08 12:30:40 —-D—- C:Program FilesCommon Files
2009-01-08 06:13:03 —-D—- C:Program FilesInternet Explorer
2009-01-04 01:22:46 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-03 23:56:39 —-A—- C:WINDOWSNeroDigital.ini
2008-12-29 15:28:07 —-HD—- C:WINDOWSinf
2008-12-24 13:28:40 —-HD—- C:Program FilesInstallShield Installation Information
2008-12-24 13:14:44 —-D—- C:WINDOWStwain_32
2008-12-24 13:14:04 —-D—- C:Program FilesWindows Media Player
2008-12-24 13:14:01 —-D—- C:WINDOWSHelp
2008-12-24 13:03:45 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-12-21 21:52:41 —-SD—- C:Documents and SettingsRomanApplication DataMicrosoft
2008-12-20 19:19:58 —-D—- C:Program FilesGoogle
2008-12-20 19:19:58 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle
2008-12-18 14:39:07 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2008-12-17 23:05:56 —-D—- C:WINDOWSsystem32ReinstallBackups
2008-12-17 01:40:41 —-RASH—- C:boot.ini
2008-12-17 01:40:41 —-A—- C:WINDOWSwin.ini
2008-12-17 01:40:41 —-A—- C:WINDOWSsystem.ini
2008-12-12 14:15:06 —-A—- C:WINDOWShpdj5100.ini
2008-12-12 14:11:28 —-D—- C:WINDOWSsystem32CatRoot
2008-12-10 12:18:26 —-D—- C:WINDOWSsystem32config
2008-12-10 12:18:26 —-D—- C:WINDOWSMinidump======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:WINDOWSsystem32driversAFS2K.sys [2008-11-16 82380]
R1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board; C:WINDOWSsystem32driversDCxxMJPG.sys [2002-06-04 132940]
R1 intelppm;Intel Processor Driver; C:WINDOWSSystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-08-23 12032]
R2 spider;SpIDer Guard File System Monitor; ??C:PROGRA~1DRWEBA~1spider.sys []
R2 tifsfilter;Acronis TrueImage FS Filter; C:WINDOWSSystem32DRIVERStifsfilt.sys [2007-01-11 30688]
R3 aeaudio;aeaudio; C:WINDOWSsystem32driversaeaudio.sys [2005-03-04 127872]
R3 Arp1394;1394 ARP Client Protocol; C:WINDOWSSystem32DRIVERSarp1394.sys [2004-08-03 60800]
R3 GEARAspiWDM;GEARAspiWDM; C:WINDOWSSystem32DriversGEARAspiWDM.sys [2008-01-29 16168]
R3 NIC1394;1394 Net Driver; C:WINDOWSSystem32DRIVERSnic1394.sys [2004-08-03 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-10-22 3994624]
R3 senfilt;senfilt; C:WINDOWSsystem32driverssenfilt.sys [2005-03-01 392704]
R3 smwdm;smwdm; C:WINDOWSsystem32driverssmwdm.sys [2005-03-28 220992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSSystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSSystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSSystem32DRIVERSusbprint.sys [2004-08-03 25856]
R3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSSystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSSystem32DRIVERSyk51x86.sys [2005-04-01 230272]
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:WINDOWSSystem32DriversSQcaptur.sys [2003-01-10 30921]
S3 HidUsb;Microsoft HID Class Driver; C:WINDOWSSystem32DRIVERShidusb.sys [2001-08-17 9600]
S3 MidiSyn;MidiSyn; C:WINDOWSsystem32driversMidiSyn.sys [2004-09-14 88960]
S3 mouhid;Mouse HID Driver; C:WINDOWSSystem32DRIVERSmouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2002-06-13 14604]
S3 PortlUSB;PortlUSB; C:WINDOWSsystem32DRIVERSH10USB.sys [2004-06-23 7552]
S3 QV2KUX;Casio Digital Camera; C:WINDOWSSystem32DRIVERSqv2kux.sys [2001-08-17 3328]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usb_rndisx;USB RNDIS Adapter; C:WINDOWSsystem32DRIVERSusb8023x.sys [2005-10-20 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:WINDOWSSystem32Driversusbaapl.sys [2008-02-18 30464]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSSystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; G:progi 2aawservice.exe [2009-01-08 611664]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:Program FilesCommon FilesAcronisSchedule2schedul2.exe [2005-10-25 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-02-18 110592]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2007-07-24 229376]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-10-22 159810]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:Program FilesAnalog DevicesSoundMAXSMAgent.exe [2002-09-20 45056]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DRWEBA~1spidernt.exe [2008-11-16 226840]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
R3 drwagntd;Dr.Web(R) AV-Desk Agent; C:Program FilesDrWeb AV-Deskdrwagntd.exe [2008-11-16 1860912]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2008-03-30 504104]
S2 drwupgrade;Dr.Web(R) AV-Desk Upgrade Service; C:Program FilesDrWeb AV-Desk1drwupgrade.exe [2008-11-16 410928]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-16 138168]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Кроме проблем описанных вами, судя по логу ваш компьютер так же заражён autorun.inf трояном.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов. Скачайте и запустите Flash_Disinfector, не забудьте при этом по требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации.Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделено желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{065C52C3-9AA2-4577-AFB0-33F17EA5686E}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
"services"=-
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1d742d22-b198-11dd-81e1-00173164d2a9}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c5aa9e48-b0e1-11dd-81de-00173164d2a9}]
:files
C:Documents and SettingsAll UsersApplication Dataagblib.dll
C:WINDOWSservices.exe
:Commands
[emptytemp]
[start explorer]
[Reboot]Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Кроме этого к вашему ответу приложите свежий RSIT лог.Большое спасибо за совет, результат пока ещё не знаю.
PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{065C52C3-9AA2-4577-AFB0-33F17EA5686E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\services deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1d742d22-b198-11dd-81e1-00173164d2a9}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c5aa9e48-b0e1-11dd-81de-00173164d2a9}\ deleted successfully.
========== FILES ==========
C:Documents and SettingsAll UsersApplication Dataagblib.dll unregistered successfully.
C:Documents and SettingsAll UsersApplication Dataagblib.dll moved successfully.
C:WINDOWSservices.exe moved successfully.
========== COMMANDS ==========
File delete failed. C:DOCUME~1RomanLOCALS~1Tempetilqs_qKCPiydkDz8dCrCQIopR scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1RomanLOCALS~1Temphpotdd126.log scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1RomanLOCALS~1TempWCESLog.log scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
File delete failed. C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultCache_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultCache_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultCache_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultCache_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaulturlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultXUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 01102009_063843
Files moved on Reboot…
File C:DOCUME~1RomanLOCALS~1Tempetilqs_qKCPiydkDz8dCrCQIopR not found!
C:DOCUME~1RomanLOCALS~1Temphpotdd126.log moved successfully.
C:DOCUME~1RomanLOCALS~1TempWCESLog.log moved successfully.
File move failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be moved on reboot.
C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultCache_CACHE_001_ moved successfully.
C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultCache_CACHE_002_ moved successfully.
C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultCache_CACHE_003_ moved successfully.
C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultCache_CACHE_MAP_ moved successfully.
C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaulturlclassifier3.sqlite moved successfully.
C:Documents and SettingsRomanLocal SettingsApplication DataMozillaFirefoxProfilesr7xlfvrg.defaultXUL.mfl moved successfully.Logfile of random’s system information tool 1.05 (written by random/random)
Run by Roman at 2009-01-10 06:46:27
Microsoft Windows XP Professional Service Pack 2
System drive C: has 32 GB (79%) free of 40 GB
Total RAM: 1023 MB (60% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:46:30, on 10.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
G:progi 2aawservice.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:PROGRA~1DRWEBA~1spidernt.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesDrWeb AV-Deskdrwagntd.exe
C:WINDOWSnotepad.exe
C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
C:Program FilesAnalog DevicesSoundMAXSmax4.exe
C:Program FilesAcronisTrueImageTrueImageMonitor.exe
C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesDrWeb AV-Deskdrwagnui.exe
C:Program FilesDrWeb AV-Deskspiderml.exe
C:PROGRA~1DRWEBA~1spiderui.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program Filesiriveririver plusiAgent.exe
C:PROGRA~1MICROS~3wcescomm.exe
C:Program FilesPicasa2PicasaMediaDetector.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:PROGRA~1MICROS~3rapimgr.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
G:CommonBinWinCinemaMgr.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsRomanDesktopRSIT.exe
C:Program Filestrend microRoman.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
O4 — HKLM..Run: [SoundMAX] «C:Program FilesAnalog DevicesSoundMAXSmax4.exe» /tray
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [TrueImageMonitor.exe] C:Program FilesAcronisTrueImageTrueImageMonitor.exe
O4 — HKLM..Run: [Acronis Scheduler2 Service] «C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [DrWebAgentUI] «C:Program FilesDrWeb AV-Deskdrwagnui.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWeb AV-Deskspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DRWEBA~1spiderui.exe /agent
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
O4 — HKLM..Run: [HP Software Update] C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
O4 — HKLM..Run: [DeviceDiscovery] C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
O4 — HKLM..Run: [services] C:WINDOWSservices.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [iPlusAgent] «C:Program Filesiriveririver plusiAgent.exe»
O4 — HKCU..Run: [iriverPlus] «C:Program Filesiriveririver plusiPlus.exe»
O4 — HKCU..Run: [H/PC Connection Agent] «C:PROGRA~1MICROS~3wcescomm.exe»
O4 — HKCU..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [updateMgr] C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe AcRdB7_0_5
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 — Global Startup: InterVideo WinCinema Manager.lnk = G:CommonBinWinCinemaMgr.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra ‘Tools’ menuitem: Create Mobile Favorite… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{39B2264D-70B9-4545-82C2-AC0994F742B9}: NameServer = 213.234.192.7 85.21.192.5
O23 — Service: Lavasoft Ad-Aware Service (aawservice) — Lavasoft — G:progi 2aawservice.exe
O23 — Service: Acronis Scheduler2 Service (AcrSch2Svc) — Acronis — C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
O23 — Service: Apple Mobile Device — Apple, Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Dr.Web(R) AV-Desk Agent (drwagntd) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Deskdrwagntd.exe
O23 — Service: Dr.Web(R) AV-Desk Upgrade Service (drwupgrade) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Desk1drwupgrade.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) — Analog Devices, Inc. — C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DRWEBA~1spidernt.exe—
End of file — 7879 bytes======Scheduled tasks folder======
C:WINDOWStasksAppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-23 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-11-16 2427968][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2008-12-18 737776][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-11-16 2427968][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMAXPnP»=C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe [2004-10-14 1388544]
«SoundMAX»=C:Program FilesAnalog DevicesSoundMAXSmax4.exe [2004-09-23 860160]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«TrueImageMonitor.exe»=C:Program FilesAcronisTrueImageTrueImageMonitor.exe [2005-10-25 988565]
«Acronis Scheduler2 Service»=C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe [2005-10-25 118784]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-10-22 7700480]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2006-10-22 86016]
«DrWebAgentUI»=C:Program FilesDrWeb AV-Deskdrwagnui.exe [2008-11-16 812336]
«SpIDerMail»=C:Program FilesDrWeb AV-Deskspiderml.exe [2008-11-16 501080]
«SpIDerNT»=C:PROGRA~1DRWEBA~1spiderui.exe [2008-11-16 230936]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2008-03-28 413696]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2008-03-30 267048]
«HPDJ Taskbar Utility»=C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe [2003-03-25 172032]
«HP Software Update»=C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe [2002-12-17 49152]
«DeviceDiscovery»=C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe [2002-12-02 40960]
«services»=C:WINDOWSservices.exe [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-03 1667584]
«iPlusAgent»=C:Program Filesiriveririver plusiAgent.exe [2005-06-07 225280]
«iriverPlus»=C:Program Filesiriveririver plusiPlus.exe [2005-06-07 1265664]
«H/PC Connection Agent»=C:PROGRA~1MICROS~3wcescomm.exe [2005-11-15 1200128]
«Picasa Media Detector»=C:Program FilesPicasa2PicasaMediaDetector.exe [2008-08-20 443968]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-12-18 68856]
«updateMgr»=C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe [2005-08-18 307200][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«lanmanworkstation»=2
«lanmanserver»=2C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
InterVideo WinCinema Manager.lnk — G:CommonBinWinCinemaMgr.exe[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«authentication packages»=msv1_0
relog_ap[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkUploadMgr]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»======List of files/folders created in the last 1 months======
2009-01-10 06:38:43 —-D—- C:_OTMoveIt
2009-01-10 06:31:51 —-RASHD—- C:autorun.inf
2009-01-09 11:34:57 —-D—- C:rsit
2009-01-09 11:34:57 —-D—- C:Program Filestrend micro
2009-01-08 12:32:20 —-D—- C:Documents and SettingsAll UsersApplication DataLavasoft
2009-01-08 12:30:40 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-01-03 23:19:33 —-D—- C:Documents and SettingsRomanApplication DataDivX
2009-01-03 23:17:45 —-D—- C:Program FilesDivX
2008-12-24 13:29:11 —-D—- C:Program Filesdirectx
2008-12-24 13:17:16 —-D—- C:Documents and SettingsRomanApplication DataArcSoft
2008-12-24 13:12:38 —-D—- C:Program FilesArcSoft
2008-12-24 13:03:23 —-A—- C:WINDOWSsystem32vfwwdm32.dll
2008-12-24 13:02:40 —-A—- C:WINDOWSvideoimp.ini
2008-12-24 13:02:39 —-A—- C:WINDOWSsystem32LMRTREND.dll
2008-12-24 13:02:37 —-A—- C:WINDOWSsystem32dxtmsft3.dll
2008-12-24 13:02:35 —-A—- C:WINDOWSsystem32unam4ie.exe
2008-12-24 13:02:33 —-A—- C:WINDOWSsystem32vidx16.dll
2008-12-24 13:02:32 —-A—- C:WINDOWSsystem32qcut.dll
2008-12-24 13:02:31 —-A—- C:WINDOWSsystem32w95inf32.dll
2008-12-24 13:02:31 —-A—- C:WINDOWSsystem32w95inf16.dll
2008-12-24 13:02:23 —-A—- C:WINDOWSVI_setup.ini
2008-12-24 13:00:59 —-A—- C:WINDOWSPI4_setup.ini
2008-12-24 13:00:58 —-A—- C:WINDOWSpcdlib32.dll
2008-12-18 14:41:50 —-D—- C:WINDOWSsystem32LogFiles
2008-12-17 01:38:37 —-D—- C:WINDOWSpss
2008-12-14 21:41:00 —-D—- C:Documents and SettingsRomanApplication DataYandex
2008-12-14 21:40:18 —-D—- C:Documents and SettingsRomanApplication DataMozilla
2008-12-14 21:40:10 —-D—- C:Program FilesMozilla Firefox
2008-12-13 22:26:18 —-D—- C:Program FilesDVD X Studios
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxinsi64.exe
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxinsa64.exe
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxcpyi64.exe
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxcpya64.exe
2008-12-13 21:36:14 —-N—- C:WINDOWSsystem32pxafs.dll
2008-12-13 21:36:13 —-N—- C:WINDOWSsystem32pxsfs.dll
2008-12-12 14:13:22 —-A—- C:WINDOWSIsUn0419.exe
2008-12-12 14:12:53 —-D—- C:Program FilesHewlett-Packard
2008-12-12 14:11:55 —-A—- C:WINDOWShpbvspst.ini======List of files/folders modified in the last 1 months======
2009-01-10 06:42:10 —-D—- C:WINDOWSTemp
2009-01-10 06:41:48 —-D—- C:Program FilesDrWeb AV-Desk
2009-01-10 06:40:30 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-10 06:38:43 —-D—- C:WINDOWS
2009-01-10 06:38:27 —-D—- C:WINDOWSPrefetch
2009-01-09 14:23:20 —-A—- C:WINDOWSNeroDigital.ini
2009-01-09 11:34:57 —-RD—- C:Program Files
2009-01-09 09:26:44 —-D—- C:Documents and SettingsRomanApplication DataAdobeUM
2009-01-08 13:57:34 —-D—- C:Documents and SettingsRomanApplication DataAdobe
2009-01-08 12:33:24 —-SHD—- C:WINDOWSInstaller
2009-01-08 12:32:20 —-D—- C:WINDOWSsystem32drivers
2009-01-08 12:32:20 —-D—- C:WINDOWSsystem32
2009-01-08 12:30:40 —-D—- C:Program FilesCommon Files
2009-01-08 06:13:03 —-D—- C:Program FilesInternet Explorer
2009-01-04 01:22:46 —-D—- C:WINDOWSsystem32CatRoot2
2008-12-29 15:28:07 —-HD—- C:WINDOWSinf
2008-12-24 13:28:40 —-HD—- C:Program FilesInstallShield Installation Information
2008-12-24 13:14:44 —-D—- C:WINDOWStwain_32
2008-12-24 13:14:04 —-D—- C:Program FilesWindows Media Player
2008-12-24 13:14:01 —-D—- C:WINDOWSHelp
2008-12-24 13:03:45 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-12-21 21:52:41 —-SD—- C:Documents and SettingsRomanApplication DataMicrosoft
2008-12-20 19:19:58 —-D—- C:Program FilesGoogle
2008-12-20 19:19:58 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle
2008-12-18 14:39:07 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2008-12-17 23:05:56 —-D—- C:WINDOWSsystem32ReinstallBackups
2008-12-17 01:40:41 —-RASH—- C:boot.ini
2008-12-17 01:40:41 —-A—- C:WINDOWSwin.ini
2008-12-17 01:40:41 —-A—- C:WINDOWSsystem.ini
2008-12-12 14:15:06 —-A—- C:WINDOWShpdj5100.ini
2008-12-12 14:11:28 —-D—- C:WINDOWSsystem32CatRoot======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:WINDOWSsystem32driversAFS2K.sys [2008-11-16 82380]
R1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board; C:WINDOWSsystem32driversDCxxMJPG.sys [2002-06-04 132940]
R1 intelppm;Intel Processor Driver; C:WINDOWSSystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-08-23 12032]
R2 spider;SpIDer Guard File System Monitor; ??C:PROGRA~1DRWEBA~1spider.sys []
R2 tifsfilter;Acronis TrueImage FS Filter; C:WINDOWSSystem32DRIVERStifsfilt.sys [2007-01-11 30688]
R3 aeaudio;aeaudio; C:WINDOWSsystem32driversaeaudio.sys [2005-03-04 127872]
R3 Arp1394;1394 ARP Client Protocol; C:WINDOWSSystem32DRIVERSarp1394.sys [2004-08-03 60800]
R3 GEARAspiWDM;GEARAspiWDM; C:WINDOWSSystem32DriversGEARAspiWDM.sys [2008-01-29 16168]
R3 NIC1394;1394 Net Driver; C:WINDOWSSystem32DRIVERSnic1394.sys [2004-08-03 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-10-22 3994624]
R3 senfilt;senfilt; C:WINDOWSsystem32driverssenfilt.sys [2005-03-01 392704]
R3 smwdm;smwdm; C:WINDOWSsystem32driverssmwdm.sys [2005-03-28 220992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSSystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSSystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSSystem32DRIVERSusbprint.sys [2004-08-03 25856]
R3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
R3 USBSTOR;USB Mass Storage Driver; C:WINDOWSSystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSSystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSSystem32DRIVERSyk51x86.sys [2005-04-01 230272]
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:WINDOWSSystem32DriversSQcaptur.sys [2003-01-10 30921]
S3 HidUsb;Microsoft HID Class Driver; C:WINDOWSSystem32DRIVERShidusb.sys [2001-08-17 9600]
S3 MidiSyn;MidiSyn; C:WINDOWSsystem32driversMidiSyn.sys [2004-09-14 88960]
S3 mouhid;Mouse HID Driver; C:WINDOWSSystem32DRIVERSmouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2002-06-13 14604]
S3 PortlUSB;PortlUSB; C:WINDOWSsystem32DRIVERSH10USB.sys [2004-06-23 7552]
S3 QV2KUX;Casio Digital Camera; C:WINDOWSSystem32DRIVERSqv2kux.sys [2001-08-17 3328]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usb_rndisx;USB RNDIS Adapter; C:WINDOWSsystem32DRIVERSusb8023x.sys [2005-10-20 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:WINDOWSSystem32Driversusbaapl.sys [2008-02-18 30464]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; G:progi 2aawservice.exe [2009-01-08 611664]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:Program FilesCommon FilesAcronisSchedule2schedul2.exe [2005-10-25 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-02-18 110592]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2007-07-24 229376]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-10-22 159810]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:Program FilesAnalog DevicesSoundMAXSMAgent.exe [2002-09-20 45056]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DRWEBA~1spidernt.exe [2008-11-16 226840]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
R3 drwagntd;Dr.Web(R) AV-Desk Agent; C:Program FilesDrWeb AV-Deskdrwagntd.exe [2008-11-16 1860912]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2008-03-30 504104]
S2 drwupgrade;Dr.Web(R) AV-Desk Upgrade Service; C:Program FilesDrWeb AV-Desk1drwupgrade.exe [2008-11-16 410928]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-16 138168]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Ещё раз спасибо!Извините за задержку с ответом.
Лог выглядит получше, но ещё нужно удалить один ключик в реестре.Скачайте программу Avenger кликнув по этой ссылке и распакуйте её на Рабочий стол.
Запустите Avenger, при это убедитесь что стоит галочка в пункте «Scan for rootkits» и нет галочки в пункте «Automatically disable any rootkits found». Уберите или поставьте галочки в случае необходимости. Скопируйте ниже приведённый текст в Input script Box:Registry values to delete:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun | services
Files to delete:
C:WINDOWSservices.exeКликните Execute. Появится запрос о подтверждении ваших действий, нажмите Yes.
Avenger запуститься. В процессе работы возможны несколько перезагрузок компьютера.
По-окончании работы будет показан лог (c:avenger.txt), пожалуйста вставьте его в ваш ответ.
Так же к ответу приложите свежий RSIT лог.Спасибо за помощь, окно ушло, но есть ещё проблема: В интернете не прослушивается музыка(вообще нет звука) и видео.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.comPlatform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.Backups directory opened successfully at C:Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!Error: file «C:WINDOWSservices.exe» not found!
Deletion of file «C:WINDOWSservices.exe» failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
—> the object does not existRegistry value «HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun|services» deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Roman at 2009-01-14 01:38:54
Microsoft Windows XP Professional Service Pack 2
System drive C: has 31 GB (77%) free of 40 GB
Total RAM: 1023 MB (63% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:38:57, on 14.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
G:progi 2aawservice.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32NOTEPAD.EXE
C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
C:Program FilesAnalog DevicesSoundMAXSmax4.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesAcronisTrueImageTrueImageMonitor.exe
C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:Program FilesDrWeb AV-Deskdrwagnui.exe
C:PROGRA~1DRWEBA~1spidernt.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesDrWeb AV-Deskspiderml.exe
C:PROGRA~1DRWEBA~1spiderui.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program Filesiriveririver plusiAgent.exe
C:Program FilesDrWeb AV-Deskdrwagntd.exe
C:PROGRA~1MICROS~3wcescomm.exe
C:Program FilesPicasa2PicasaMediaDetector.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:PROGRA~1MICROS~3rapimgr.exe
C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
G:CommonBinWinCinemaMgr.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsRomanDesktopRSIT.exe
C:Program Filestrend microRoman.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
O4 — HKLM..Run: [SoundMAX] «C:Program FilesAnalog DevicesSoundMAXSmax4.exe» /tray
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [TrueImageMonitor.exe] C:Program FilesAcronisTrueImageTrueImageMonitor.exe
O4 — HKLM..Run: [Acronis Scheduler2 Service] «C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [DrWebAgentUI] «C:Program FilesDrWeb AV-Deskdrwagnui.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWeb AV-Deskspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DRWEBA~1spiderui.exe /agent
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
O4 — HKLM..Run: [HP Software Update] C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
O4 — HKLM..Run: [DeviceDiscovery] C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [iPlusAgent] «C:Program Filesiriveririver plusiAgent.exe»
O4 — HKCU..Run: [iriverPlus] «C:Program Filesiriveririver plusiPlus.exe»
O4 — HKCU..Run: [H/PC Connection Agent] «C:PROGRA~1MICROS~3wcescomm.exe»
O4 — HKCU..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [updateMgr] C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe AcRdB7_0_5
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 — Global Startup: InterVideo WinCinema Manager.lnk = G:CommonBinWinCinemaMgr.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra ‘Tools’ menuitem: Create Mobile Favorite… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{39B2264D-70B9-4545-82C2-AC0994F742B9}: NameServer = 213.234.192.7 85.21.192.5
O23 — Service: Lavasoft Ad-Aware Service (aawservice) — Lavasoft — G:progi 2aawservice.exe
O23 — Service: Acronis Scheduler2 Service (AcrSch2Svc) — Acronis — C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
O23 — Service: Apple Mobile Device — Apple, Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Dr.Web(R) AV-Desk Agent (drwagntd) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Deskdrwagntd.exe
O23 — Service: Dr.Web(R) AV-Desk Upgrade Service (drwupgrade) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Desk1drwupgrade.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) — Analog Devices, Inc. — C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DRWEBA~1spidernt.exe—
End of file — 7742 bytes======Scheduled tasks folder======
C:WINDOWStasksAppleSoftwareUpdate.job
C:WINDOWStasksNorton Security Scan for Roman.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-23 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-11-16 2427968][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2008-12-18 737776][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-11-16 2427968][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMAXPnP»=C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe [2004-10-14 1388544]
«SoundMAX»=C:Program FilesAnalog DevicesSoundMAXSmax4.exe [2004-09-23 860160]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«TrueImageMonitor.exe»=C:Program FilesAcronisTrueImageTrueImageMonitor.exe [2005-10-25 988565]
«Acronis Scheduler2 Service»=C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe [2005-10-25 118784]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-10-22 7700480]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2006-10-22 86016]
«DrWebAgentUI»=C:Program FilesDrWeb AV-Deskdrwagnui.exe [2008-11-16 812336]
«SpIDerMail»=C:Program FilesDrWeb AV-Deskspiderml.exe [2008-11-16 501080]
«SpIDerNT»=C:PROGRA~1DRWEBA~1spiderui.exe [2008-11-16 230936]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2008-03-28 413696]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2008-03-30 267048]
«HPDJ Taskbar Utility»=C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe [2003-03-25 172032]
«HP Software Update»=C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe [2002-12-17 49152]
«DeviceDiscovery»=C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe [2002-12-02 40960][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-03 1667584]
«iPlusAgent»=C:Program Filesiriveririver plusiAgent.exe [2005-06-07 225280]
«iriverPlus»=C:Program Filesiriveririver plusiPlus.exe [2005-06-07 1265664]
«H/PC Connection Agent»=C:PROGRA~1MICROS~3wcescomm.exe [2005-11-15 1200128]
«Picasa Media Detector»=C:Program FilesPicasa2PicasaMediaDetector.exe [2008-08-20 443968]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-12-18 68856]
«updateMgr»=C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe [2005-08-18 307200][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«lanmanworkstation»=2
«lanmanserver»=2C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
InterVideo WinCinema Manager.lnk — G:CommonBinWinCinemaMgr.exe[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«authentication packages»=msv1_0
relog_ap[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkaawservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkUploadMgr]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»======List of files/folders created in the last 1 months======
2009-01-14 01:33:27 —-D—- C:Avenger
2009-01-14 01:33:27 —-A—- C:avenger.txt
2009-01-11 02:35:45 —-D—- C:Program FilesCommon FilesSymantec Shared
2009-01-11 02:35:40 —-D—- C:Program FilesNorton Security Scan
2009-01-10 12:15:27 —-HDC—- C:WINDOWS$MSI31Uninstall_KB893803v2$
2009-01-10 12:11:38 —-HDC—- C:Documents and SettingsAll UsersApplication Data{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-01-10 11:23:12 —-D—- C:WINDOWSsystem32Adobe
2009-01-10 11:00:16 —-D—- C:Program FilesAdobe Media Player
2009-01-10 11:00:13 —-D—- C:Program FilesCommon FilesAdobe AIR
2009-01-10 06:38:43 —-D—- C:_OTMoveIt
2009-01-10 06:31:51 —-RASHD—- C:autorun.inf
2009-01-09 11:34:57 —-D—- C:rsit
2009-01-09 11:34:57 —-D—- C:Program Filestrend micro
2009-01-08 12:32:20 —-D—- C:Documents and SettingsAll UsersApplication DataLavasoft
2009-01-08 12:30:40 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-01-03 23:19:33 —-D—- C:Documents and SettingsRomanApplication DataDivX
2009-01-03 23:17:45 —-D—- C:Program FilesDivX
2008-12-24 13:29:11 —-D—- C:Program Filesdirectx
2008-12-24 13:17:16 —-D—- C:Documents and SettingsRomanApplication DataArcSoft
2008-12-24 13:12:38 —-D—- C:Program FilesArcSoft
2008-12-24 13:03:23 —-A—- C:WINDOWSsystem32vfwwdm32.dll
2008-12-24 13:02:40 —-A—- C:WINDOWSvideoimp.ini
2008-12-24 13:02:39 —-A—- C:WINDOWSsystem32LMRTREND.dll
2008-12-24 13:02:37 —-A—- C:WINDOWSsystem32dxtmsft3.dll
2008-12-24 13:02:35 —-A—- C:WINDOWSsystem32unam4ie.exe
2008-12-24 13:02:33 —-A—- C:WINDOWSsystem32vidx16.dll
2008-12-24 13:02:32 —-A—- C:WINDOWSsystem32qcut.dll
2008-12-24 13:02:31 —-A—- C:WINDOWSsystem32w95inf32.dll
2008-12-24 13:02:31 —-A—- C:WINDOWSsystem32w95inf16.dll
2008-12-24 13:02:23 —-A—- C:WINDOWSVI_setup.ini
2008-12-24 13:00:59 —-A—- C:WINDOWSPI4_setup.ini
2008-12-24 13:00:58 —-A—- C:WINDOWSpcdlib32.dll
2008-12-18 14:41:50 —-D—- C:WINDOWSsystem32LogFiles
2008-12-17 01:38:37 —-D—- C:WINDOWSpss======List of files/folders modified in the last 1 months======
2009-01-14 01:34:33 —-D—- C:Program FilesDrWeb AV-Desk
2009-01-14 01:34:07 —-D—- C:WINDOWSTemp
2009-01-14 01:33:27 —-D—- C:WINDOWSsystem32drivers
2009-01-14 01:32:56 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-14 01:32:06 —-D—- C:WINDOWSPrefetch
2009-01-11 13:15:32 —-SD—- C:WINDOWSTasks
2009-01-11 02:35:45 —-D—- C:WINDOWS
2009-01-11 02:35:45 —-D—- C:Program FilesCommon Files
2009-01-11 02:35:43 —-SHD—- C:WINDOWSInstaller
2009-01-11 02:35:40 —-RD—- C:Program Files
2009-01-11 02:30:49 —-D—- C:Documents and SettingsRomanApplication DataAdobeUM
2009-01-10 13:43:28 —-A—- C:WINDOWSNeroDigital.ini
2009-01-10 12:23:25 —-D—- C:Program FilesMozilla Firefox
2009-01-10 12:17:20 —-D—- C:WINDOWSsystem32
2009-01-10 12:15:49 —-HD—- C:WINDOWSinf
2009-01-10 12:15:10 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-10 11:00:20 —-D—- C:Documents and SettingsRomanApplication DataAdobe
2009-01-10 11:00:17 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-01-08 06:13:03 —-D—- C:Program FilesInternet Explorer
2008-12-24 13:28:40 —-HD—- C:Program FilesInstallShield Installation Information
2008-12-24 13:14:44 —-D—- C:WINDOWStwain_32
2008-12-24 13:14:04 —-D—- C:Program FilesWindows Media Player
2008-12-24 13:14:01 —-D—- C:WINDOWSHelp
2008-12-24 13:03:45 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-12-21 21:52:41 —-SD—- C:Documents and SettingsRomanApplication DataMicrosoft
2008-12-20 19:19:58 —-D—- C:Program FilesGoogle
2008-12-20 19:19:58 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle
2008-12-18 14:39:07 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2008-12-17 23:05:56 —-D—- C:WINDOWSsystem32ReinstallBackups
2008-12-17 01:40:41 —-RASH—- C:boot.ini
2008-12-17 01:40:41 —-A—- C:WINDOWSwin.ini
2008-12-17 01:40:41 —-A—- C:WINDOWSsystem.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:WINDOWSsystem32driversAFS2K.sys [2008-11-16 82380]
R1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board; C:WINDOWSsystem32driversDCxxMJPG.sys [2002-06-04 132940]
R1 intelppm;Intel Processor Driver; C:WINDOWSSystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-08-23 12032]
R2 spider;SpIDer Guard File System Monitor; ??C:PROGRA~1DRWEBA~1spider.sys []
R2 tifsfilter;Acronis TrueImage FS Filter; C:WINDOWSSystem32DRIVERStifsfilt.sys [2007-01-11 30688]
R3 aeaudio;aeaudio; C:WINDOWSsystem32driversaeaudio.sys [2005-03-04 127872]
R3 Arp1394;1394 ARP Client Protocol; C:WINDOWSSystem32DRIVERSarp1394.sys [2004-08-03 60800]
R3 GEARAspiWDM;GEARAspiWDM; C:WINDOWSSystem32DriversGEARAspiWDM.sys [2008-01-29 16168]
R3 NIC1394;1394 Net Driver; C:WINDOWSSystem32DRIVERSnic1394.sys [2004-08-03 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-10-22 3994624]
R3 senfilt;senfilt; C:WINDOWSsystem32driverssenfilt.sys [2005-03-01 392704]
R3 smwdm;smwdm; C:WINDOWSsystem32driverssmwdm.sys [2005-03-28 220992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSSystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSSystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSSystem32DRIVERSusbprint.sys [2004-08-03 25856]
R3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSSystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSSystem32DRIVERSyk51x86.sys [2005-04-01 230272]
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:WINDOWSSystem32DriversSQcaptur.sys [2003-01-10 30921]
S3 HidUsb;Microsoft HID Class Driver; C:WINDOWSSystem32DRIVERShidusb.sys [2001-08-17 9600]
S3 MidiSyn;MidiSyn; C:WINDOWSsystem32driversMidiSyn.sys [2004-09-14 88960]
S3 mouhid;Mouse HID Driver; C:WINDOWSSystem32DRIVERSmouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2002-06-13 14604]
S3 PortlUSB;PortlUSB; C:WINDOWSsystem32DRIVERSH10USB.sys [2004-06-23 7552]
S3 QV2KUX;Casio Digital Camera; C:WINDOWSSystem32DRIVERSqv2kux.sys [2001-08-17 3328]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usb_rndisx;USB RNDIS Adapter; C:WINDOWSsystem32DRIVERSusb8023x.sys [2005-10-20 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:WINDOWSSystem32Driversusbaapl.sys [2008-02-18 30464]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSSystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; G:progi 2aawservice.exe [2009-01-08 611664]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:Program FilesCommon FilesAcronisSchedule2schedul2.exe [2005-10-25 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-02-18 110592]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2007-07-24 229376]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-10-22 159810]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:Program FilesAnalog DevicesSoundMAXSMAgent.exe [2002-09-20 45056]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DRWEBA~1spidernt.exe [2008-11-16 226840]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
R3 drwagntd;Dr.Web(R) AV-Desk Agent; C:Program FilesDrWeb AV-Deskdrwagntd.exe [2008-11-16 1860912]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2008-03-30 504104]
S2 drwupgrade;Dr.Web(R) AV-Desk Upgrade Service; C:Program FilesDrWeb AV-Desk1drwupgrade.exe [2008-11-16 410928]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-16 138168]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Спасибо, очень надеюсь на вашу помощь.В интернете не прослушивается музыка(вообще нет звука) и видео.
Расскажите об этом подробнее, флэш видео не работает (youtube и тд) ?
Ни в explorer, ни в mozille при открытии музыкального файла звука нет(например в «моем мире» песню). В youtube видео идет, звука нет. А когда открываю сайт, где транслируется видео, ничего не показывает. Флеш плеер установлен.
Попробуйте для начала переустановить флэш плеер. При этом учитывайте, что для IE и Firefox необходимы разные версии проигрывателя.
Откройте этот сайт http://get.adobe.com/flashplayer/?promoid=DAFYL сначала в IE, а затем в Firefox и установите свежую версию плеера.
- Для ответа в этой теме необходимо авторизоваться.
