SPYWARE-RU.COM

Созданные ответы форума

Просмотр 1 сообщения - с 1 по 1 (всего 1)

Автор

Сообщения
23 декабря, 2009 в 10:35 пп в ответ на: Помогите пожалуйста. #27570
MrCBC
Participant
- Темы:1
- Сообщений:2
и 2 лог:

Logfile of random’s system information tool 1.06 (written by random/random)
Run by я at 2009-12-23 22:39:35
Microsoft® Windows Vista™ Home Premium
System drive C: has 37 GB (48%) free of 76 GB
Total RAM: 2037 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:40:00, on 23.12.2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesJavajre1.6.0_03binjusched.exe
C:WindowsSystem32igfxtray.exe
C:WindowsSystem32hkcmd.exe
C:WindowsSystem32igfxpers.exe
C:WindowsRtHDVCpl.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesIDMDesktop SMSDesktopSMS.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesTOSHIBAPower SaverTPwrMain.exe
C:Program FilesTOSHIBASmoothViewSmoothView.exe
C:Program FilesTOSHIBAFlashCardsTCrdMain.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Program FilesLogitechProfilerLWEMon.exe
C:Windowsehomeehtray.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Windowsehomeehmsas.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:Program FilesWindows MailWinMail.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesSynapticsSynTPSynTPHelper.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32MacromedFlashFlashUtil10c.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32wuauclt.exe
C:Program FilesJavajre1.6.0_03binjucheck.exe
C:Windowssystem32conime.exe
C:Windowssystem32igfxsrvc.exe
C:Program FilesInternet Exploreriexplore.exe
C:UsersяDesktopRSIT.exe
C:Program Filestrend microя.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.pioneernet.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 — Hosts: ::1 localhost
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_03binssv.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre1.6.0_03binjusched.exe»
O4 — HKLM..Run: [IgfxTray] C:Windowssystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] C:Windowssystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] C:Windowssystem32igfxpers.exe
O4 — HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 — HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [topi] C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe -startup
O4 — HKLM..Run: [Desktop SMS] C:Program FilesIDMDesktop SMSDesktopSMS.exe /auto
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe» /start
O4 — HKLM..Run: [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
O4 — HKLM..Run: [SmoothView] %ProgramFiles%ToshibaSmoothViewSmoothView.exe
O4 — HKLM..Run: [00TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [NeroFilterCheck] C:Windowssystem32NeroCheck.exe
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe»
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [TOSCDSPD] TOSCDSPD.EXE
O4 — HKCU..Run: [Start WingMan Profiler] «C:Program FilesLogitechProfilerlwemon.exe» /noui
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — .DEFAULT User Startup: TRDCReminder.lnk = C:Program FilesTOSHIBATRDCReminderTRDCReminder.exe (User ‘Default user’)
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeReader 8.0Readerreader_sl.exe
O4 — Global Startup: Adobe Reader Synchronizer.lnk = C:Program FilesAdobeReader 8.0ReaderAdobeCollabSync.exe
O4 — Global Startup: Билайн Интернет Дома.lnk = ?
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_03binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_03binssv.dll
O9 — Extra button: Статистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009SCIEPlgn.dll
O9 — Extra button: eBay — {76577871-04EC-495E-A12B-91F7C3600AFA} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?RU (file missing)
O9 — Extra button: Amazon.co.uk — {8A918C1D-E123-4E36-B562-5C1519E434CE} — http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)
O13 — Gopher Prefix:
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS1ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS2ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS3ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS4ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS5ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS6ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS7ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS8ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS9ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS10ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS11ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS12ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS13ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS14ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS15ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS16ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS17ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS18ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS19ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS20ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS21ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS22ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS23ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS24ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS25ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS26ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS27ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS28ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS29ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS30ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS31ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS32ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS33ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS34ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS35ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS36ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS37ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS38ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS39ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS40ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS41ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS42ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS43ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O17 — HKLMSystemCS44ServicesTcpip..{1FDAD8CF-5EB3-457D-8AC0-E0AB56EA7131}: NameServer = 192.168.7.202,192.168.10.1
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll
O23 — Service: Agere Modem Call Progress Audio (AgereModemAudio) — Agere Systems — C:Windowssystem32agrsmsvc.exe
O23 — Service: Kaspersky Anti-Virus (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
O23 — Service: ConfigFree Service — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: TOSHIBA Navi Support Service (TNaviSrv) — TOSHIBA Corporation — C:Program FilesTOSHIBATOSHIBA DVD PLAYERTNaviSrv.exe
O23 — Service: TOSHIBA Optical Disc Drive Service (TODDSrv) — TOSHIBA Corporation — C:Windowssystem32TODDSrv.exe
O23 — Service: TOSHIBA Power Saver (TosCoSrv) — TOSHIBA Corporation — c:Program FilesTOSHIBAPower SaverTosCoSrv.exe
O23 — Service: TOSHIBA SMART Log Service — TOSHIBA Corporation — c:Program FilesTOSHIBASMARTLogServiceTosIPCSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
O23 — Service: @%systemroot%system32SearchIndexer.exe,-103 (WSearch) — Корпорация Майкрософт — C:Windowssystem32SearchIndexer.exe

—
End of file — 13405 bytes

======Scheduled tasks folder======

C:WindowstasksUser_Feed_Synchronization-{50103364-E001-4AF8-B197-F851C4DD97DF}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll [2008-11-11 62728]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_03binssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-03-11 1006264]
«SunJavaUpdateSched»=C:Program FilesJavajre1.6.0_03binjusched.exe [2007-09-25 132496]
«IgfxTray»=C:Windowssystem32igfxtray.exe [2008-02-05 141848]
«HotKeysCmds»=C:Windowssystem32hkcmd.exe [2008-02-05 154136]
«Persistence»=C:Windowssystem32igfxpers.exe [2008-02-05 129560]
«RtHDVCpl»=C:WindowsRtHDVCpl.exe [2008-01-29 4911104]
«SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-12-06 1029416]
«NDSTray.exe»=NDSTray.exe []
«topi»=C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe [2007-07-10 581632]
«Desktop SMS»=C:Program FilesIDMDesktop SMSDesktopSMS.exe [2007-06-18 1507328]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-10-25 413696]
«TPwrMain»=C:Program FilesTOSHIBAPower SaverTPwrMain.EXE [2008-01-17 431456]
«SmoothView»=C:Program FilesToshibaSmoothViewSmoothView.exe [2008-01-25 509816]
«00TCrdMain»=C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [2008-01-22 712704]
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-05-04 571024]
«NeroFilterCheck»=C:Windowssystem32NeroCheck.exe [2006-01-12 155648]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-02-04 206088]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-01-07 1232896]
«TOSCDSPD»=TOSCDSPD.EXE []
«Start WingMan Profiler»=C:Program FilesLogitechProfilerlwemon.exe [2005-04-18 73728]
«ehTray.exe»=C:WindowsehomeehTray.exe [2006-11-02 125440]
«WMPNSCFG»=C:Program FilesWindows Media PlayerWMPNSCFG.exe [2006-11-02 201728]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeReader 8.0Readerreader_sl.exe
Adobe Reader Synchronizer.lnk — C:Program FilesAdobeReader 8.0ReaderAdobeCollabSync.exe
Билайн Интернет Дома.lnk — C:Program FilesZTEMF626Билайн Интернет ДомаBeeline Home Internet.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll»

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:Windowssystem32igfxdev.dll [2007-09-13 204800]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:Windowssystem32klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ba5668e5-da70-11dd-8094-00225f0783ad}]
shellAutoRuncommand — D:AutoRun.exe

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 3 months======

2009-12-23 22:39:35 —-D—- C:rsit
2009-12-23 22:39:35 —-D—- C:Program Filestrend micro
2009-12-23 18:10:01 —-A—- C:logit.txt
2009-12-12 00:34:32 —-A—- C:Windowssystem32nshhttp.dll
2009-12-12 00:34:29 —-A—- C:Windowssystem32httpapi.dll
2009-12-10 22:22:40 —-A—- C:Windowssystem32winhttp.dll
2009-12-10 22:22:34 —-A—- C:Windowssystem32mshtml.dll
2009-12-10 22:22:33 —-A—- C:Windowssystem32ieframe.dll
2009-12-10 22:22:32 —-A—- C:Windowssystem32wininet.dll
2009-12-10 22:22:32 —-A—- C:Windowssystem32urlmon.dll
2009-12-10 22:22:32 —-A—- C:Windowssystem32iertutil.dll
2009-12-10 22:22:31 —-A—- C:Windowssystem32occache.dll
2009-12-10 22:22:31 —-A—- C:Windowssystem32msfeeds.dll
2009-12-10 22:22:31 —-A—- C:Windowssystem32ieui.dll
2009-12-10 22:22:31 —-A—- C:Windowssystem32iepeers.dll
2009-12-10 22:22:31 —-A—- C:Windowssystem32iedkcs32.dll
2009-12-10 22:22:30 —-A—- C:Windowssystem32msfeedssync.exe
2009-12-10 22:22:30 —-A—- C:Windowssystem32msfeedsbs.dll
2009-12-10 22:22:30 —-A—- C:Windowssystem32jsproxy.dll
2009-12-10 22:22:30 —-A—- C:Windowssystem32ieUnatt.exe
2009-12-10 22:22:30 —-A—- C:Windowssystem32iesysprep.dll
2009-12-10 22:22:30 —-A—- C:Windowssystem32iesetup.dll
2009-12-10 22:22:30 —-A—- C:Windowssystem32iernonce.dll
2009-12-10 22:22:30 —-A—- C:Windowssystem32ie4uinit.exe
2009-12-10 22:20:57 —-A—- C:Windowssystem32rastls.dll
2009-12-10 22:20:57 —-A—- C:Windowssystem32raschap.dll
2009-11-24 23:15:51 —-A—- C:Windowssystem32tzres.dll
2009-11-24 22:14:24 —-A—- C:Windowssystem32msxml6.dll
2009-11-24 22:14:23 —-A—- C:Windowssystem32msxml6r.dll
2009-11-24 22:14:23 —-A—- C:Windowssystem32msxml3r.dll
2009-11-24 22:14:23 —-A—- C:Windowssystem32msxml3.dll
2009-11-11 09:51:10 —-A—- C:Windowssystem32WSDApi.dll
2009-11-05 20:19:37 —-A—- C:Windowssystem32msv1_0.dll
2009-11-05 20:19:28 —-A—- C:Windowssystem32ntoskrnl.exe
2009-11-05 20:19:27 —-A—- C:Windowssystem32ntkrnlpa.exe
2009-11-05 20:18:58 —-A—- C:Windowssystem32msasn1.dll
2009-11-05 20:18:45 —-A—- C:Windowssystem32WMSPDMOD.DLL
2009-11-05 19:03:38 —-A—- C:Windowssystem32wups2.dll
2009-11-05 19:03:38 —-A—- C:Windowssystem32wuauclt.exe
2009-11-05 19:03:37 —-A—- C:Windowssystem32wucltux.dll
2009-11-05 19:03:37 —-A—- C:Windowssystem32wuaueng.dll
2009-11-05 19:02:59 —-A—- C:Windowssystem32wups.dll
2009-11-05 19:02:59 —-A—- C:Windowssystem32wudriver.dll
2009-11-05 19:02:59 —-A—- C:Windowssystem32wuapi.dll
2009-11-05 19:02:52 —-A—- C:Windowssystem32wuwebv.dll
2009-11-05 19:02:52 —-A—- C:Windowssystem32wuapp.exe
2009-10-27 23:54:34 —-D—- C:UsersяAppDataRoamingskypePM
2009-10-27 23:39:48 —-D—- C:UsersяAppDataRoamingSkype
2009-10-27 23:38:32 —-RD—- C:Program FilesSkype
2009-10-27 23:38:24 —-D—- C:ProgramDataSkype
2009-10-02 22:17:14 —-N—- C:Windowssystem32MpSigStub.exe

======List of files/folders modified in the last 3 months======

2009-12-23 22:39:49 —-D—- C:WindowsTemp
2009-12-23 22:39:35 —-RD—- C:Program Files
2009-12-23 20:05:18 —-HD—- C:ProgramData
2009-12-23 19:41:44 —-AD—- C:WindowsSystem32
2009-12-23 19:41:43 —-D—- C:Windowsinf
2009-12-23 19:41:43 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-12-23 19:37:58 —-D—- C:ProgramDataKaspersky Lab
2009-12-23 18:24:01 —-D—- C:Windowssystem32catroot2
2009-12-21 23:48:35 —-SHD—- C:System Volume Information
2009-12-12 08:40:57 —-D—- C:Windowssystem32drivers
2009-12-12 00:35:35 —-D—- C:Windowswinsxs
2009-12-12 00:35:20 —-D—- C:Windowssystem32catroot
2009-12-11 00:50:36 —-D—- C:Windowssystem32migration
2009-12-11 00:50:32 —-D—- C:Windowssystem32ru-RU
2009-12-11 00:50:32 —-D—- C:Windowssystem32en-US
2009-12-11 00:50:32 —-D—- C:Program FilesInternet Explorer
2009-12-01 23:06:19 —-A—- C:Windowssystem32mrt.exe
2009-11-05 19:54:29 —-D—- C:Windowssystem32config
2009-11-05 19:54:03 —-D—- C:WindowsTasks
2009-11-05 19:54:03 —-D—- C:Windowssystem32Tasks
2009-11-05 19:54:03 —-D—- C:Windowssystem32spool
2009-11-05 19:54:03 —-D—- C:Windowssystem32CodeIntegrity
2009-11-05 19:54:03 —-D—- C:Windows
2009-11-05 19:53:55 —-D—- C:Windowssystem32wbem
2009-11-05 19:53:55 —-D—- C:Windowsregistration
2009-11-02 23:54:46 —-D—- C:WindowsModemLogs
2009-10-27 23:39:08 —-SHD—- C:WindowsInstaller
2009-10-27 23:38:33 —-D—- C:Program FilesCommon Files
2009-10-14 22:58:14 —-D—- C:WindowsMicrosoft.NET
2009-10-14 22:58:13 —-RSD—- C:Windowsassembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 kl1;kl1; C:Windowssystem32DRIVERSkl1.sys [2008-07-21 121872]
R1 KLIF;Kaspersky Lab Driver; C:Windowssystem32DRIVERSklif.sys [2009-02-04 239120]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:Windowssystem32DRIVERSklim6.sys [2008-07-09 20496]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:Windowssystem32DRIVERSrtlprot.sys [2007-04-23 25896]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-03-11 14208]
R3 FwLnk;FwLnk Driver; C:Windowssystem32DRIVERSFwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:Windowssystem32DRIVERSigdkmd32.sys [2007-09-13 1925632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2008-01-30 2058528]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2007-12-28 104448]
R3 RTL8187B;Сетевой адаптер Realtek RTL8187B Wireless 802.11b/g 54 Мбит/с USB 2.0; C:Windowssystem32DRIVERSRTL8187B.sys [2007-12-26 290304]
R3 StillCam;Драйвер цифровой фотокамеры для посл. порта; C:Windowssystem32DRIVERSserscan.sys [2006-11-02 9216]
R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys [2007-12-06 196400]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:Windowssystem32DRIVERStdcmdpst.sys [2006-10-18 16128]
R3 usbvideo;Chicony USB 2.0 Camera; C:WindowsSystem32Driversusbvideo.sys [2008-03-11 133888]
R3 UVCFTR;UVCFTR; C:WindowsSystem32DriversUVCFTR_S.SYS [2007-12-17 18432]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:Windowssystem32driversWmBEnum.sys [2005-04-12 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:Windowssystem32driversWmXlCore.sys [2005-04-12 45504]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSVSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:Windowssystem32DRIVERSVSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2006-11-02 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2006-11-02 6016]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 winachsf;winachsf; C:Windowssystem32DRIVERSVSTCNXT3.SYS [2006-11-02 654336]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:Windowssystem32driversWmFilter.sys [2005-04-12 22240]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:Windowssystem32driversWmHidLo.sys [2005-04-12 17632]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:Windowssystem32driversWmVirHid.sys [2005-04-12 5600]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2006-11-02 82560]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:Windowssystem32DRIVERSZTEusbmdm6k.sys [2008-06-30 104960]
S3 ZTEusbnmea;ZTE NMEA Port; C:Windowssystem32DRIVERSZTEusbnmea.sys [2008-06-30 104960]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:Windowssystem32DRIVERSZTEusbser6k.sys [2008-06-30 104960]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:Windowssystem32agrsmsvc.exe [2006-10-05 9216]
R2 AVP;Kaspersky Anti-Virus; C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-02-04 206088]
R2 ConfigFree Service;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2007-12-25 40960]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:Program FilesTOSHIBATOSHIBA DVD PLAYERTNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:Windowssystem32TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; c:Program FilesTOSHIBAPower SaverTosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; c:Program FilesTOSHIBASMARTLogServiceTosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]

EOF
Автор

Сообщения

Просмотр 1 сообщения - с 1 по 1 (всего 1)

MrCBC

Созданные ответы форума

Добро пожаловать

Поиск

Важные инструкции

Как запустить компьютер в безопасном режиме (Safe Mode)

Убрать рекламу в браузере (Chrome, Firefox, Opera, Yandex)

Этот параметр включен администратором

Как сбросить настройки Firefox (Инструкция)

Нет доступа в интернет после удаления вируса — Как восстановить

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки