И ещё раз про FREE PORNO VIDEO

[Vitaliy]

Помогите пожалуйста избавиться от этого кошмара

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:40:21, on 30.11.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesJavajre1.5.0_07binjusched.exe
C:WINDOWSsystem32rundll32.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.000
C:WINDOWSexplorer.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (file missing)
O2 — BHO: emolibP — {41F60EE2-ED6B-44A7-B3AE-76305D05B697} — C:WINDOWSsystem32emolib.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.5.0_07binssv.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: zlnlibP — {AD448923-F2EF-4E15-83AF-822C549F5E8F} — C:WINDOWSsystem32zlnlib.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_07binjusched.exe
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesVistaCodecPackQTqttask.exe» -atboottime
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [QIP.Online] C:Program FilesQIP.Onlineqiponline.exe auto_start
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O4 — Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Найти в интернете — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Найти в словарях — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.5.0_07binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.5.0_07binssv.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (file missing)
O10 — Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll
O17 — HKLMSystemCCSServicesTcpip..{CEB396CE-9E25-4130-ABC2-BC139A0CCC6F}: NameServer = 81.200.0.1,81.200.2.222
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: BlueSoleil Hid Service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 9229 bytes

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Запустите HijackThis, кликните по кнопке Do a system scan only.
Далее отметьте галочкой (слева) следующие строки:

O2 - BHO: emolibP - {41F60EE2-ED6B-44A7-B3AE-76305D05B697} - C:WINDOWSsystem32emolib.dll

O2 - BHO: zlnlibP - {AD448923-F2EF-4E15-83AF-822C549F5E8F} - C:WINDOWSsystem32zlnlib.dll

Кликните по кнопке Fix checked и подтвердите свои действия выбрав YES.
Перезагрузите компьютер.

Для более полной проверки, скачайте сканер RSIT кликнув по этой ссылке.

Дважды кликните по скачанному файлу.
Кликните по кнопке Continue.
Когда программа закончит работу, будут показаны два лога (log.txt и info.txt).

Вставьте оба RSIT лога в ваш ответ.

[Vitaliy]

Logfile of random’s system information tool 1.04 (written by random/random)
Run by Администратор at 2008-12-03 21:52:44
Microsoft Windows XP Professional Service Pack 2
System drive C: has 66 GB (86%) free of 76 GB
Total RAM: 511 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:52:49, on 03.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesJavajre1.5.0_07binjusched.exe
C:Program FilesAdobeReader 8.0ReaderReader_sl.exe
C:WINDOWSsystem32rundll32.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.000
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE51XXV5ARHRSIT[1].exe
C:Program Filestrend microHijackThisАдминистратор.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch_1.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (file missing)
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.5.0_07binssv.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_07binjusched.exe
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesVistaCodecPackQTqttask.exe» -atboottime
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [QIP.Online] C:Program FilesQIP.Onlineqiponline.exe auto_start
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O4 — Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Найти в интернете — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Найти в словарях — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.5.0_07binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.5.0_07binssv.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (file missing)
O10 — Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll
O17 — HKLMSystemCCSServicesTcpip..{CEB396CE-9E25-4130-ABC2-BC139A0CCC6F}: NameServer = 81.200.0.1,81.200.2.222
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: BlueSoleil Hid Service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 9243 bytes

======Scheduled tasks folder======

C:WINDOWStasksAppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.5.0_07binssv.dll [2006-05-03 434279]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-11-08 667336]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-11-17 2427968]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-11-08 667336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-11-17 2427968]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2004-10-15 4612096]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2004-10-15 86016]
«SunJavaUpdateSched»=C:Program FilesJavajre1.5.0_07binjusched.exe [2006-05-03 36975]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2006-11-28 222720]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-01-11 39792]
«BluetoothAuthenticationAgent»=C:WINDOWSsystem32bthprops.cpl [2004-08-17 110592]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2008-11-18 81000]
«AppleSyncNotifier»=C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe [2008-07-10 116040]
«QuickTime Task»=C:Program FilesVistaCodecPackQTqttask.exe [2008-05-27 413696]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-11-30 4412920]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe []
«QIP.Online»=C:Program FilesQIP.Onlineqiponline.exe auto_start []
«Skype»=C:Program FilesSkypePhoneSkype.exe /nosplash /minimized []

C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
Microsoft Office.lnk — C:Program FilesMicrosoft OfficeOffice10OSA.EXE

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyNavLogon]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«authentication packages»=msv1_0
nwprovau

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesNeroNero SippsPhone.exe»=»C:Program FilesNeroNero SippsPhone.exe:*:Enabled:Phone»
«C:Program Files3DOHeroes3HEROES3.EXE»=»C:Program Files3DOHeroes3HEROES3.EXE:*:Enabled:Герои Меча и Магии® III»
«C:Program FilesGameSpy ArcadeAphex.exe»=»C:Program FilesGameSpy ArcadeAphex.exe:*:Enabled:GameSpy Arcade»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil.000″=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil.000:*:Enabled:BlueSoleil»
«C:Program FilesInterVideoDVD7WinDVD.exe»=»C:Program FilesInterVideoDVD7WinDVD.exe:*:Enabled:WinDVD»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2F]
shellAutoRuncommand — F:LaunchU3.exe -a

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1d2d139e-089b-11dc-b071-001109322fa1}]
shellAutoRuncommand — G:d.com
shellexplorecommand — G:d.com
shellopencommand — G:d.com

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2e107836-f6c5-11dc-b18a-001109322fa1}]
shellAutoRuncommand — F:ntde1ect.com
shellexplorecommand — F:ntde1ect.com
shellopencommand — F:ntde1ect.com

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{610c69e4-1e79-11dd-b19d-001109322fa1}]
shellAutoRuncommand — F:d.com
shellexplorecommand — F:d.com
shellopencommand — F:d.com

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{737c8054-2352-11dd-b1a3-001109322fa1}]
shellAutoRuncommand — F:ntde1ect.com
shellexplorecommand — F:ntde1ect.com
shellopencommand — F:ntde1ect.com

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a36db398-816a-11dd-b1d2-b2d7d76a0098}]
shellAutoRuncommand — F:LaunchU3.exe -a

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e8f47ae5-b862-11dd-b200-001109322fa1}]
shellAutoRuncommand — F:LaunchU3.exe -a

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e8f47ae6-b862-11dd-b200-001109322fa1}]
shellAutoRuncommand — G:
shellopencommand — rundll32.exe .desktop.dll,InstallM

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f644b214-0ed7-11dd-b19a-001109322fa1}]
shellAutoRuncommand — F:ntde1ect.com
shellexplorecommand — F:ntde1ect.com
shellopencommand — F:ntde1ect.com

======List of files/folders created in the last 1 months======

2008-11-30 13:21:30 —-RASHD—- C:autorun.inf
2008-11-30 12:25:17 —-A—- C:WINDOWSsystem32CF6383.exe
2008-11-30 12:20:42 —-D—- C:Program Filestrend micro
2008-11-30 12:20:40 —-D—- C:rsit
2008-11-27 22:34:14 —-D—- C:Documents and SettingsAll UsersApplication DataMSScanAppDataDir
2008-11-27 21:45:59 —-D—- C:Program FilesuTorrent
2008-11-27 21:45:53 —-D—- C:Documents and SettingsАдминистраторApplication DatauTorrent
2008-11-21 21:13:42 —-D—- C:Documents and SettingsАдминистраторApplication DataskypePM
2008-11-21 21:08:46 —-D—- C:Documents and SettingsАдминистраторApplication DataSkype
2008-11-21 21:04:25 —-D—- C:Program FilesCommon FilesSkype
2008-11-21 21:04:16 —-D—- C:Documents and SettingsAll UsersApplication DataSkype
2008-11-21 21:03:15 —-D—- C:Program FilesVstplugins
2008-11-21 20:53:11 —-RSD—- C:WINDOWSassembly
2008-11-21 20:49:49 —-D—- C:WINDOWSMicrosoft.NET
2008-11-19 16:07:00 —-HDC—- C:WINDOWS$NtUninstallKB929399$
2008-11-19 16:06:23 —-HDC—- C:WINDOWS$NtUninstallKB939683$
2008-11-19 16:05:45 —-HDC—- C:WINDOWS$NtUninstallKB954154_WM11$
2008-11-19 16:05:30 —-HDC—- C:WINDOWS$NtUninstallKB936782_WMP11$
2008-11-18 21:35:59 —-N—- C:WINDOWSsystem32spmsg.dll
2008-11-18 21:16:23 —-D—- C:Program FilesMyCentria
2008-11-17 23:29:03 —-D—- C:Program FilesSony
2008-11-17 23:16:52 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle
2008-11-17 22:47:38 —-HDC—- C:WINDOWS$NtUninstallKB926239$
2008-11-17 22:47:14 —-HDC—- C:WINDOWS$NtUninstallMSCompPackV1$
2008-11-17 22:46:07 —-D—- C:Program FilesWindows Media Connect 2
2008-11-17 22:45:44 —-HDC—- C:WINDOWS$NtUninstallwmp11$
2008-11-17 22:42:51 —-HDC—- C:WINDOWS$NtUninstallWMFDist11$
2008-11-17 22:41:37 —-D—- C:WINDOWSsystem32LogFiles
2008-11-17 22:41:30 —-HDC—- C:WINDOWS$NtUninstallWudf01000$
2008-11-17 20:12:36 —-D—- C:Documents and SettingsАдминистраторApplication DataQIP.Online
2008-11-17 20:10:13 —-D—- C:Program FilesQIP Infium
2008-11-17 14:31:01 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2008-11-17 14:30:54 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2008-11-17 14:30:47 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2008-11-17 14:30:41 —-HDC—- C:WINDOWS$NtUninstallKB956391$
2008-11-17 14:30:33 —-HDC—- C:WINDOWS$NtUninstallKB957095$
2008-11-17 14:29:54 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2008-11-17 14:29:46 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2008-11-17 14:29:38 —-HDC—- C:WINDOWS$NtUninstallKB954211$
2008-11-17 14:29:12 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2008-11-17 14:29:06 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2008-11-17 14:28:30 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2008-11-17 14:28:23 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2008-11-17 14:28:16 —-HDC—- C:WINDOWS$NtUninstallKB951072-v2$
2008-11-17 14:28:08 —-HDC—- C:WINDOWS$NtUninstallKB923689$
2008-11-17 14:27:27 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2008-11-17 14:27:19 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2008-11-17 14:27:13 —-D—- C:WINDOWSie7updates
2008-11-17 14:27:07 —-HDC—- C:WINDOWS$NtUninstallKB885884$
2008-11-17 14:26:58 —-HDC—- C:WINDOWS$NtUninstallKB938464$
2008-11-17 14:26:51 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2008-11-17 14:26:39 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2008-11-17 14:26:31 —-D—- C:Program FilesMSXML 4.0
2008-11-17 12:53:40 —-D—- C:WINDOWSsystem32CatRoot_bak
2008-11-17 12:47:00 —-D—- C:WINDOWSsystem32PreInstall
2008-11-17 12:46:58 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2008-11-17 12:42:42 —-D—- C:WINDOWSsystem32SoftwareDistribution
2008-11-16 16:01:38 —-D—- C:WINDOWSWBEM
2008-11-16 16:01:37 —-D—- C:WINDOWSsystem32ru-ru
2008-11-16 16:00:05 —-HDC—- C:WINDOWSie7
2008-11-16 15:59:30 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2008-11-16 15:58:40 —-A—- C:WINDOWSsystem32spupdsvc.exe
2008-11-16 15:58:39 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2008-11-16 15:57:40 —-HDC—- C:WINDOWS$NtUninstallKB915865$
2008-11-16 15:57:40 —-HD—- C:WINDOWS$hf_mig$
2008-11-16 15:57:33 —-N—- C:WINDOWSsystem32xmllite.dll
2008-11-16 15:56:25 —-D—- C:Program FilesSony Setup
2008-11-09 14:25:26 —-A—- C:WINDOWSModemLog_Nokia GSM Phone USB Modem #3.txt
2008-11-09 14:24:45 —-A—- C:WINDOWSModemLog_Bluetooth DUN Modem.txt
2008-11-08 22:00:52 —-D—- C:Documents and SettingsАдминистраторApplication DataMra
2008-11-08 22:00:16 —-D—- C:Program FilesMail.Ru
2008-11-04 12:05:09 —-A—- C:WINDOWSModemLog_Nokia GSM Phone USB Modem #2.txt

======List of files/folders modified in the last 1 months======

2008-12-03 21:52:09 —-D—- C:WINDOWSTemp
2008-12-03 21:50:58 —-D—- C:WINDOWS
2008-12-03 21:50:42 —-D—- C:WINDOWSsystem32Macromed
2008-12-03 21:49:57 —-A—- C:WINDOWSSchedLgU.Txt
2008-12-03 21:49:17 —-D—- C:WINDOWSsystem32
2008-12-03 21:44:20 —-D—- C:WINDOWSPrefetch
2008-12-03 21:44:05 —-SD—- C:WINDOWSDownloaded Program Files
2008-12-03 21:44:04 —-HD—- C:WINDOWSinf
2008-12-03 21:41:03 —-D—- C:WINDOWSsystem32CatRoot2
2008-11-30 23:58:47 —-D—- C:Program FilesBeholdTV
2008-11-30 22:11:44 —-SD—- C:WINDOWSTasks
2008-11-30 21:37:05 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2008-11-30 12:20:42 —-RD—- C:Program Files
2008-11-30 12:11:07 —-D—- C:Program FilesAnyReader
2008-11-29 21:45:01 —-A—- C:WINDOWSNeroDigital.ini
2008-11-28 20:17:19 —-D—- C:Documents and SettingsАдминистраторApplication DataGoogle
2008-11-27 22:48:20 —-D—- C:Program FilesLight Alloy
2008-11-26 23:05:16 —-D—- C:Documents and SettingsАдминистраторApplication DataReal
2008-11-26 22:46:43 —-SHD—- C:WINDOWSInstaller
2008-11-23 22:48:51 —-D—- C:Documents and SettingsАдминистраторApplication DataU3
2008-11-22 17:49:36 —-D—- C:Documents and SettingsАдминистраторApplication DataApple Computer
2008-11-22 11:18:52 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2008-11-21 21:04:25 —-D—- C:Program FilesCommon Files
2008-11-21 21:00:10 —-D—- C:WINDOWSWinSxS
2008-11-21 21:00:10 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2008-11-21 20:59:29 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2008-11-21 20:50:09 —-D—- C:Program FilesInternet Explorer
2008-11-21 20:50:08 —-D—- C:WINDOWSsystem32mui
2008-11-21 20:47:06 —-D—- C:Documents and SettingsАдминистраторApplication DataSony Setup
2008-11-19 22:52:03 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-11-19 19:31:49 —-D—- C:WINDOWSHelp
2008-11-19 16:06:26 —-A—- C:WINDOWSimsins.BAK
2008-11-18 21:37:05 —-D—- C:WINDOWSsystem32CatRoot
2008-11-18 21:25:14 —-D—- C:Program FilesWindows Media Player
2008-11-18 20:41:38 —-A—- C:WINDOWSsystem32aswBoot.exe
2008-11-18 20:37:25 —-D—- C:WINDOWSsystem32Flash
2008-11-17 23:16:54 —-D—- C:Program FilesGoogle
2008-11-17 23:04:08 —-D—- C:WINDOWSAppPatch
2008-11-17 22:46:26 —-A—- C:WINDOWSwin.ini
2008-11-17 22:43:22 —-D—- C:WINDOWSsystem32drivers
2008-11-17 12:53:40 —-D—- C:WINDOWSDebug
2008-11-17 12:42:56 —-D—- C:WINDOWSSoftwareDistribution
2008-11-16 16:01:27 —-D—- C:WINDOWSMedia
2008-11-08 20:18:10 —-D—- C:Documents and SettingsАдминистраторApplication DataNokia Multimedia Player

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2008-11-18 26944]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2008-11-18 110160]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2008-11-18 50864]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 prodrv04;Star Force copy protection driver v4; C:WINDOWSSystem32driversprodrv04.sys [2007-08-28 114496]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2008-11-18 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2008-11-18 94032]
R2 hardlock;hardlock; ??C:WINDOWSsystem32drivershardlock.sys []
R2 Haspnt;Haspnt; ??C:WINDOWSsystem32driversHaspnt.sys []
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-совместимый транспортный протокол; C:WINDOWSsystem32DRIVERSnwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;NWLink NetBIOS; C:WINDOWSsystem32DRIVERSnwlnknb.sys [2001-10-20 63232]
R2 NwlnkSpx;Протокол NWLink SPX/SPXII; C:WINDOWSsystem32DRIVERSnwlnkspx.sys [2001-10-20 55936]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2008-11-18 23152]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:WINDOWSsystem32DRIVERSBlueletSCOAudio.sys [2005-08-31 20480]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2005-10-23 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:WINDOWSsystem32DRIVERSvbtenum.sys [2005-07-29 11988]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSfetnd5.sys [2001-08-17 27165]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-20 9600]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-20 12160]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2004-10-15 2824768]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 SAA713x;Behold TV WDM Capture (SAA713x); C:WINDOWSsystem32DRIVERSsaa713x.sys [2007-01-07 175744]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2006-02-28 84836]
R3 VIAudio;Vinyl AC’97 Audio Controller (WDM); C:WINDOWSsystem32driversviaudios.sys [2004-06-18 152192]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS []
S3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2006-01-19 10068]
S3 BthEnum;Служба Bluetooth Enumerator; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2008-06-14 272512]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-03 18944]
S3 BTNetFilter;Bluetooth Network Filter; ??C:Program FilesIVT CorporationBlueSoleilDeviceWin2kBTNetFilter.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; ??E:INSTALLGMSIPCI.SYS []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2006-10-10 9216]
S3 Nokia USB Modem;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2006-10-10 12800]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2006-10-10 138240]
S3 Nokia USB Port;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2006-10-10 12800]
S3 NWRDR;NetWare Rdr; C:WINDOWSsystem32DRIVERSnwrdr.sys [2004-08-03 163584]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-03 59648]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 StMp3Rec;Player Recovery Device Control Driver; C:WINDOWSSystem32DriversStMp3Rec.sys [2006-01-20 71358]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:WINDOWSSystem32Driversusbaapl.sys [2008-07-10 32000]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 w800bus;Sony Ericsson W800 driver (WDM); C:WINDOWSsystem32DRIVERSw800bus.sys [2005-05-24 52384]
S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSw800mdfl.sys [2005-05-24 6096]
S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:WINDOWSsystem32DRIVERSw800mdm.sys [2005-05-24 87424]
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:WINDOWSsystem32DRIVERSw800mgmt.sys [2005-05-24 79216]
S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; C:WINDOWSsystem32DRIVERSw800obex.sys [2005-05-24 77040]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-07-10 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2008-11-18 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2008-11-18 155160]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:Program FilesIVT CorporationBlueSoleilBTNtService.exe [2005-04-06 110592]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2007-07-24 229376]
R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2004-10-15 127043]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
S2 NWCWorkstation;Клиент для сетей NetWare; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2008-11-18 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2008-11-18 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-17 138168]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2006-11-06 210432]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]

---

EOF

---

[Vitaliy]

Второй лог-файл info.txt не открылся. Это нормально? 😮

[Admin]

Второй лог-файл info.txt не открылся. Это нормально?

Это не нормально, но ничего страшного. Вы не запускали эту программу до того, как я попросил это сделать ?

RSIT показал, что ваш компьютер заражён autorun.inf вирусом.

Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов. Скачайте и запустите Flash_Disinfector, не забудьте при этом по требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации.

Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.

[Автор]

Сообщения