Созданные ответы форума
-
Сообщения
-
Logfile of random’s system information tool 1.06 (written by random/random)
Run by PIONER at 2011-01-31 19:06:57
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 285 GB (41%) free of 700 GB
Total RAM: 6077 MB (63% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:07:01, on 31.01.2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: NormalRunning processes:
C:Program FilesDellDellDockDockLogin.exe
C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program Files (x86)SteamSteam.exe
C:Program Files (x86)DAEMON Tools Litedaemon.exe
C:Program Files (x86)Digital Line DetectDLG.exe
C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program Files (x86)LogitechQuickCamQuickcam.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer.exe
C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe
C:Program Files (x86)Spyware DoctorpctsTray.exe
C:Program Files (x86)Spyware DoctorBDTBDTUpdateService.exe
C:Program Files (x86)Common FilesLogishrdLQCVFXCOCIManager.exe
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
C:Program Files (x86)Common FilesLogiShrdLVMVFMLVPrS64H.exe
C:WindowsSysWOW64PnkBstrA.exe
C:Program Files (x86)Spyware DoctorpctsAuxs.exe
C:Program Files (x86)Spyware DoctorpctsSvc.exe
C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe
C:Program Files (x86)Common FilesSteamSteamService.exe
C:Program Files (x86)Spyware DoctorTFEngineTFService.exe
C:Program Files (x86)SkypePhoneSkype.exe
C:Program Files (x86)SkypePlugin ManagerskypePM.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:UsersPIONERDownloadsRSIT(2).exe
C:Program Files (x86)trend microPIONER.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.lineage-2.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=41128
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet Explorer provided by Dell
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:8992
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program Files (x86)Mail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
R3 — URLSearchHook: (no name) — {9CB65206-89C4-402c-BA80-02D8C59F9B1D} — C:Program Files (x86)AskTBarSrchAstt1.binA5SRCHAS.DLL
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Browser Defender BHO — {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} — C:Program Files (x86)Spyware DoctorBDTPCTBrowserDefender.dll
O2 — BHO: (no name) — {5C255C8A-E604-49b4-9D64-90988571CECB} — (no file)
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Ask Search Assistant BHO — {9CB65201-89C4-402c-BA80-02D8C59F9B1D} — C:Program Files (x86)AskTBarSrchAstt1.binA5SRCHAS.DLL
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program Files (x86)GoogleGoogleToolbarNotifier5.6.5805.1910swg.dll
O2 — BHO: MSN Toolbar Helper — {d2ce3e00-f94a-4740-988e-03dc2f38c34f} — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll
O2 — BHO: Ask Toolbar BHO — {D4027C7F-154A-4066-A1AD-4243D8127440} — C:Program Files (x86)Ask.comGenericAskToolbar.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O2 — BHO: Windows Live Toolbar Helper — {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 — BHO: Ask Toolbar BHO — {FE063DB1-4EC0-403e-8DD8-394C54984B2C} — C:Program Files (x86)AskTBarbar1.binASKTBAR.DLL
O2 — BHO: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O3 — Toolbar: &Windows Live Toolbar — {21FA44EF-376D-4D53-9B0F-8A89D3229068} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O3 — Toolbar: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll
O3 — Toolbar: MSN Toolbar — {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
O3 — Toolbar: Ask Toolbar — {FE063DB9-4EC0-403e-8DD8-394C54984B2C} — C:Program Files (x86)AskTBarbar1.binASKTBAR.DLL
O3 — Toolbar: Nero Toolbar — {D4027C7F-154A-4066-A1AD-4243D8127440} — C:Program Files (x86)Ask.comGenericAskToolbar.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O3 — Toolbar: PC Tools Browser Guard — {472734EA-242A-422B-ADF8-83D1E48CC825} — C:Program Files (x86)Spyware DoctorBDTPCTBrowserDefender.dll
O4 — HKLM..Run: [StartCCC] «C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [LogitechQuickCamRibbon] «C:Program Files (x86)LogitechQuickCamQuickcam.exe» /hide
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Javajre6binjusched.exe»
O4 — HKLM..Run: [Microsoft Default Manager] «C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe» -resume
O4 — HKLM..Run: [avast5] «C:Program FilesAlwil SoftwareAvast5avastUI.exe» /nogui
O4 — HKLM..Run: [NokiaMServer] C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles
O4 — HKLM..Run: [NokiaMusic FastStart] «C:Program Files (x86)NokiaNokia MusicNokiaMusic.exe» /command:faststart
O4 — HKLM..Run: [DivXUpdate] «C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe» /CHECKNOW
O4 — HKLM..Run: [ISTray] «C:Program Files (x86)Spyware DoctorpctsTray.exe»
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [Steam] «c:program files (x86)steamsteam.exe» -silent
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program Files (x86)DAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [RGSC] C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent
O4 — HKCU..Run: [EA Core] C:Program Files (x86)Electronic ArtsEADMCore.exe -silent
O4 — HKCU..Run: [swg] «C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [Comrade.exe] C:Program Files (x86)GameSpyComradeComrade.exe
O4 — HKCU..Run: [msnmsgr] «C:Program Files (x86)Windows LiveMessengermsnmsgr.exe» /background
O4 — HKCU..Run: [SUPERAntiSpyware] C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [jstrndnu] C:UsersPIONERAppDataLocalTempwwgbtixkrftwhmddsjmo.exe
O4 — .DEFAULT User Startup: Dell Dock First Run.lnk = C:Program FilesDellDellDockDellDock.exe (User ‘Default user’)
O4 — Startup: Dell Dock.lnk = C:Program FilesDellDellDockDellDock.exe
O4 — Global Startup: Digital Line Detect.lnk = C:Program Files (x86)Digital Line DetectDLG.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O8 — Extra context menu item: Google Sidewiki… — res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O13 — Gopher Prefix:
O15 — Trusted Zone: http://*.combats.com
O15 — Trusted Zone: http://*.combats.ru
O16 — DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) — http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSkype4COM.dll
O20 — Winlogon Notify: !SASWinLogon — C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Unknown owner — C:WindowsSystem32appdrvrem01.exe (file missing)
O23 — Service: ASP.NET State Service (aspnet_state) — Unknown owner — C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe (file missing)
O23 — Service: Ati External Event Utility — Unknown owner — C:Windowssystem32Ati2evxx.exe (file missing)
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: Browser Defender Update Service — Threat Expert Ltd. — C:Program Files (x86)Spyware DoctorBDTBDTUpdateService.exe
O23 — Service: Dragon Age: Origins — Content Updater (DAUpdaterSvc) — Unknown owner — C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe (file missing)
O23 — Service: @dfsrres.dll,-101 (DFSR) — Unknown owner — C:Windowssystem32DFSR.exe (file missing)
O23 — Service: Dock Login Service (DockLoginService) — Stardock Corporation — C:Program FilesDellDellDockDockLogin.exe
O23 — Service: Google Update Service (gupdate) (gupdate) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Process Monitor (LVPrcS64) — Logitech Inc. — C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: nProtect GameGuard Service (npggsvc) — Unknown owner — C:Windowssystem32GameMon.des.exe (file missing)
O23 — Service: NVIDIA Display Driver Service (nvsvc) — Unknown owner — C:Windowssystem32nvvsvc.exe (file missing)
O23 — Service: PnkBstrA — Unknown owner — C:Windowssystem32PnkBstrA.exe
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program Files (x86)Spyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program Files (x86)Spyware DoctorpctsSvc.exe
O23 — Service: ServiceLayer — Unknown owner — C:Program Files (x86)NokiaPC Connectivity SolutionServiceLayer.exe (file missing)
O23 — Service: Trend Micro Central Control Component (SfCtlCom) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe
O23 — Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) — Unknown owner — C:Windowssystem32SLsvc.exe (file missing)
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: Audio Service (STacSV) — Unknown owner — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe (file missing)
O23 — Service: Steam Client Service — Valve Corporation — C:Program Files (x86)Common FilesSteamSteamService.exe
O23 — Service: ThreatFire — PC Tools — C:Program Files (x86)Spyware DoctorTFEngineTFService.exe
O23 — Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) — Trend Micro Inc. — C:Program FilesTrend MicroBMTMBMSRV.exe
O23 — Service: Trend Micro Personal Firewall (TmPfw) — Trend Micro Inc. — C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
O23 — Service: Trend Micro Proxy Service (tmproxy) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecurityTmProxy.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
O23 — Service: XAudioService — Unknown owner — C:Windowssystem32DRIVERSxaudio64.exe (file missing)—
End of file — 16801 bytes======Scheduled tasks folder======
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksSpyHunter Scanner.job
C:WindowstasksUser_Feed_Synchronization-{F70F8DD0-30DB-4A99-B0AB-DB4AE747E206}.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO — C:Program Files (x86)Spyware DoctorBDTPCTBrowserDefender.dll [2010-01-22 567248][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll [2008-12-04 92504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO — C:Program Files (x86)AskTBarSrchAstt1.binA5SRCHAS.DLL [2010-09-13 57344][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-12-10 297648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.6.5805.1910swg.dll [2010-10-26 843832][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar — C:Program Files (x86)Ask.comGenericAskToolbar.dll [2010-10-11 1244040][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2009-05-21 41368][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO — C:Program Files (x86)AskTBarbar1.binASKTBAR.DLL [2010-09-13 245760][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program Files (x86)YandexYandexBarIEyndbar.dll [2009-04-20 3701024]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — MSN Toolbar — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032]
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} — Ask Toolbar — C:Program Files (x86)AskTBarbar1.binASKTBAR.DLL [2010-09-13 245760]
{D4027C7F-154A-4066-A1AD-4243D8127440} — Nero Toolbar — C:Program Files (x86)Ask.comGenericAskToolbar.dll [2010-10-11 1244040]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-12-10 297648]
{472734EA-242A-422B-ADF8-83D1E48CC825} — PC Tools Browser Guard — C:Program Files (x86)Spyware DoctorBDTPCTBrowserDefender.dll [2010-01-22 567248][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«StartCCC»=C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
«Adobe Reader Speed Launcher»=c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«LogitechQuickCamRibbon»=C:Program Files (x86)LogitechQuickCamQuickcam.exe [2008-12-20 2656528]
«SunJavaUpdateSched»=C:Program Files (x86)Javajre6binjusched.exe [2009-05-21 148888]
«Microsoft Default Manager»=C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe [2009-02-03 233304]
«avast5″=C:Program FilesAlwil SoftwareAvast5avastUI.exe [2010-03-09 2769336]
«NokiaMServer»=C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles []
«NokiaMusic FastStart»=C:Program Files (x86)NokiaNokia MusicNokiaMusic.exe [2009-07-22 2331936]
«DivXUpdate»=C:Program Files (x86)DivXDivX UpdateDivXUpdate.exe [2010-09-01 1164584]
«ISTray»=C:Program Files (x86)Spyware DoctorpctsTray.exe [2011-01-30 1287120][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-20 1555968]
«Steam»=c:program files (x86)steamsteam.exe [2010-11-17 1242448]
«DAEMON Tools Lite»=C:Program Files (x86)DAEMON Tools Litedaemon.exe [2008-12-29 687560]
«RGSC»=C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent []
«EA Core»=C:Program Files (x86)Electronic ArtsEADMCore.exe [2008-07-22 2772992]
«swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-04-04 39408]
«Comrade.exe»=C:Program Files (x86)GameSpyComradeComrade.exe [2008-12-09 800256]
«PlayNC Launcher»= []
«msnmsgr»=C:Program Files (x86)Windows LiveMessengermsnmsgr.exe [2008-12-02 3882312]
«SUPERAntiSpyware»=C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe [2010-02-18 2012912]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-20 138240]
«jstrndnu»=C:UsersPIONERAppDataLocalTempwwgbtixkrftwhmddsjmo.exe []C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Digital Line Detect.lnk — C:Program Files (x86)Digital Line DetectDLG.exe
Logitech Desktop Messenger.lnk — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exeC:UsersPIONERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Dell Dock.lnk — C:Program Files (x86)DellDellDockDellDock.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify!SASWinLogon]
C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll [2009-09-03 548352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}»=C:Program Files (x86)SUPERAntiSpywareSASSEH.DLL [2008-05-13 77824][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=
«ForceActiveDesktopOn»=
«NoActiveDesktopChanges»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c71679e1-fd6b-11de-8522-0022191d86fd}]
shellAutoRuncommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013keygen.exe
shellopencommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013keygen.exe======File associations======
.js — edit — C:WindowsSysWOW64Notepad.exe %1
.js — open — C:WindowsSysWOW64WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2011-01-31 15:37:39 —-D—- C:_OTM
2011-01-30 13:26:02 —-D—- C:Program Files (x86)Common FilesSkype
2011-01-30 12:05:23 —-A—- C:WindowsSGDetectionTool.dll
2011-01-30 12:05:23 —-A—- C:WindowsBDTSupport.dll
2011-01-30 12:05:22 —-A—- C:WindowsPCTBDRes.dll
2011-01-30 12:05:22 —-A—- C:WindowsPCTBDCore.dll
2011-01-30 12:04:59 —-D—- C:UsersPIONERAppDataRoamingPC Tools
2011-01-30 12:04:59 —-D—- C:ProgramDataPC Tools
2011-01-30 12:04:59 —-D—- C:Program Files (x86)Spyware Doctor
2011-01-30 12:04:59 —-D—- C:Program Files (x86)Common FilesPC Tools
2011-01-30 12:04:44 —-AD—- C:ProgramDataTEMP
2011-01-29 06:44:30 —-A—- C:Windowszip.exe
2011-01-29 06:44:30 —-A—- C:WindowsSWSC.exe
2011-01-29 06:44:30 —-A—- C:WindowsSWREG.exe
2011-01-29 06:44:30 —-A—- C:Windowssed.exe
2011-01-29 06:44:30 —-A—- C:WindowsPEV.exe
2011-01-29 06:44:30 —-A—- C:WindowsNIRCMD.exe
2011-01-29 06:44:30 —-A—- C:WindowsMBR.exe
2011-01-29 06:44:30 —-A—- C:Windowsgrep.exe
2011-01-29 06:44:27 —-D—- C:WindowsERDNT
2011-01-29 06:44:01 —-D—- C:Qoobox
2011-01-29 06:43:47 —-A—- C:WindowsSWXCACLS.exe
2011-01-29 06:43:46 —-D—- C:32788R22FWJFW
2011-01-27 16:59:09 —-D—- C:ProgramDataNorton
2011-01-22 11:04:33 —-D—- C:UsersPIONERAppDataRoamingoverkings.04594315F8773BFA10854F099DD0E1AAF1951F41.1
2011-01-11 20:59:43 —-D—- C:UsersPIONERAppDataRoamingICAClient
2011-01-11 16:16:09 —-A—- C:Windowssystem32odbc32.dll======List of files/folders modified in the last 1 months======
2011-01-31 19:07:00 —-D—- C:WindowsTemp
2011-01-31 19:06:59 —-D—- C:Program Files (x86)trend micro
2011-01-31 18:38:21 —-D—- C:UsersPIONERAppDataRoamingSkype
2011-01-31 18:19:28 —-D—- C:Program Files (x86)Runes of Magic
2011-01-31 16:50:27 —-D—- C:WindowsSystem32
2011-01-31 16:41:38 —-D—- C:Windowsinf
2011-01-31 16:37:44 —-D—- C:UsersPIONERAppDataRoamingskypePM
2011-01-31 16:34:55 —-D—- C:Program Files (x86)Steam
2011-01-31 16:04:51 —-D—- C:WindowsPrefetch
2011-01-31 15:37:40 —-HD—- C:ProgramData
2011-01-31 15:37:39 —-D—- C:WindowsTasks
2011-01-31 15:36:29 —-D—- C:Program Files (x86)Mozilla Firefox
2011-01-31 15:35:50 —-A—- C:Windowsntbtlog.txt
2011-01-31 00:28:15 —-SHD—- C:System Volume Information
2011-01-30 13:26:20 —-SHD—- C:WindowsInstaller
2011-01-30 13:26:02 —-RD—- C:Program Files (x86)Skype
2011-01-30 13:26:02 —-D—- C:ProgramDataSkype
2011-01-30 13:26:02 —-D—- C:Program Files (x86)Common Files
2011-01-30 12:36:12 —-SD—- C:WindowsDownloaded Program Files
2011-01-30 12:05:23 —-D—- C:Windows
2011-01-30 12:04:59 —-RD—- C:Program Files (x86)
2011-01-29 07:30:54 —-D—- C:Program Files (x86)Mail.Ru
2011-01-28 20:24:23 —-D—- C:UsersPIONERAppDataRoaminguTorrent
2011-01-28 15:46:42 —-D—- C:Program Files (x86)Malwarebytes’ Anti-Malware
2011-01-28 15:46:40 —-D—- C:Windowssystem32drivers
2011-01-26 09:42:43 —-D—- C:Program Files (x86)Common FilesSteam
2011-01-22 11:04:32 —-D—- C:ProgramDataAdobe
2011-01-22 11:04:27 —-D—- C:Program Files (x86)Common FilesAdobe AIR
2011-01-22 11:04:27 —-D—- C:Program Files (x86)Adobe
2011-01-22 11:02:16 —-D—- C:UsersPIONERAppDataRoamingAdobe
2011-01-13 03:00:20 —-D—- C:Windowswinsxs
2011-01-12 03:18:26 —-D—- C:WindowsSysWOW64
2011-01-11 20:58:02 —-D—- C:UsersPIONERAppDataRoamingMozilla
2011-01-11 18:00:45 —-D—- C:Windowsregistration======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:WindowsSystem32Driversappdrv01.sys []
R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys []
R1 aswSP;aswSP; C:Windowssystem32driversaswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys []
R1 pctgntdi;pctgntdi; ??C:Windowssystem32driverspctgntdi64.sys []
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver; C:Windowssystem32DRIVERStmlwf.sys []
R1 tmtdi;Trend Micro TDI Driver; C:Windowssystem32DRIVERStmtdi.sys []
R2 aswFsBlk;aswFsBlk; C:Windowssystem32driversaswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys []
R2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys []
R2 tmpreflt;tmpreflt; C:Windowssystem32DRIVERStmpreflt.sys []
R2 tmwfp;Trend Micro WFP Callout Driver; C:Windowssystem32DRIVERStmwfp.sys []
R2 tmxpflt;tmxpflt; C:Windowssystem32DRIVERStmxpflt.sys []
R2 vsapint;vsapint; C:Windowssystem32DRIVERSvsapint.sys []
R2 XAudio;XAudio; C:Windowssystem32DRIVERSxaudio64.sys []
R3 CAXHWBS2;CAXHWBS2; C:Windowssystem32DRIVERSCAXHWBS2.sys []
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:Windowssystem32driversHCW85BDA.sys []
R3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSCAX_DPV.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:Windowssystem32DRIVERSlvrs64.sys []
R3 lvsels64;Logitech Selective Suspend Filter; C:Windowssystem32DRIVERSlvsels64.sys []
R3 LVUSBS64;Logitech USB Monitor Filter; C:Windowssystem32driversLVUSBS64.sys []
R3 LVUVC64;QuickCam Orbit/Sphere AF(UVC); C:Windowssystem32DRIVERSlvuvc64.sys []
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys []
R3 pctplsg;pctplsg; ??C:WindowsSystem32driverspctplsg64.sys []
R3 pmxmouse;PMXMOUSE; C:Windowssystem32DRIVERSpmxmouse.sys []
R3 pmxusblf;PMXUSBLF; C:Windowssystem32DRIVERSpmxusblf.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt64.sys []
R3 TfNetMon;TfNetMon; ??C:Windowssystem32driversTfNetMon.sys []
R3 usbaudio;USB Audio Driver (WDM); C:Windowssystem32driversusbaudio.sys []
R3 winachsf;winachsf; C:Windowssystem32DRIVERSCAX_CNXT.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S1 aswSnx;aswSnx; C:Windowssystem32driversaswSnx.sys []
S1 SASDIFSV;SASDIFSV; ??C:Program Files (x86)SUPERAntiSpywareSASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL; ??C:Program Files (x86)SUPERAntiSpywareSASKUTIL.SYS [2010-02-17 66632]
S3 ald7r0rn;ald7r0rn; C:Windowssystem32driversald7r0rn.sys []
S3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
S3 btwavdt;Bluetooth AVDT; C:Windowssystem32driversbtwavdt.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; ??C:Program Files (x86)ZZimaCabalGameGuarddump_wmimmc.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 nmwcdcx64;Nokia USB Generic; C:Windowssystem32driversccdcmbox64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:Windowssystem32driversccdcmbx64.sys []
S3 NPPTNT2;NPPTNT2; ??C:Windowssystem32npptNT2.sys [2009-04-08 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfdx64.sys []
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
S3 SASENUM;SASENUM; ??C:Program Files (x86)SUPERAntiSpywareSASENUM.SYS [2010-02-17 12872]
S3 upperdev;upperdev; C:Windowssystem32DRIVERSusbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:Windowssystem32driversusbser.sys []
S3 UsbserFilt;UsbserFilt; C:Windowssystem32DRIVERSusbser_lowerfltx64j.sys []
S3 usbvideo;USB Video Device (WDM); C:WindowsSystem32Driversusbvideo.sys []
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys []
S4 btwrchid;btwrchid; C:Windowssystem32driversbtwrchid.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 hcw85cir;Hauppauge Consumer Infrared Receiver; C:Windowssystem32drivershcw85cir.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
R2 Browser Defender Update Service;Browser Defender Update Service; C:Program Files (x86)Spyware DoctorBDTBDTUpdateService.exe [2010-01-22 112592]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-09-23 155648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [2008-04-15 354840]
R2 LVPrcS64;Process Monitor; C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe [2008-12-16 187416]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2009-04-05 66872]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program Files (x86)Spyware DoctorpctsAuxs.exe [2010-03-11 366840]
R2 sdCoreService;PC Tools Security Service; C:Program Files (x86)Spyware DoctorpctsSvc.exe [2010-03-15 1142224]
R2 SeaPort;SeaPort; C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-01-14 226656]
R2 SfCtlCom;Trend Micro Central Control Component; C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe [2009-08-12 820488]
R2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe []
R2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:Program FilesTrend MicroBMTMBMSRV.exe [2009-08-12 563464]
R2 XAudioService;XAudioService; C:Windowssystem32DRIVERSxaudio64.exe []
R3 Steam Client Service;Steam Client Service; C:Program Files (x86)Common FilesSteamSteamService.exe [2011-01-12 407336]
R3 ThreatFire;ThreatFire; C:Program Files (x86)Spyware DoctorTFEngineTFService.exe [2010-02-02 70928]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WindowsSystem32appdrvrem01.exe svc []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2010-01-30 135664]
S3 aspnet_state;ASP.NET State Service; C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe []
S3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
S3 DAUpdaterSvc;Dragon Age: Origins — Content Updater; C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe []
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 npggsvc;nProtect GameGuard Service; C:Windowssystem32GameMon.des [2010-06-06 3819912]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-20 19968]
S3 ServiceLayer;ServiceLayer; C:Program Files (x86)NokiaPC Connectivity SolutionServiceLayer.exe []
S3 TmPfw;Trend Micro Personal Firewall; C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe [2009-08-12 587696]
S3 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet SecurityTmProxy.exe [2009-08-12 854280]
S3 WPFFontCache_v0400;@c:WindowsMicrosoft.NETFramework64v4.0.30319WPFWPFFontCache_v0400.exe,-100; C:WindowsMicrosoft.NETFramework64v4.0.30319WPFWPFFontCache_v0400.exe [2010-03-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2008-07-27 93184]
EOF
Malwarebytes’ Anti-Malware 1.46
http://www.malwarebytes.orgВерсия базы данных: 4052
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.1892811.07.2010 19:21:07
mbam-log-2010-07-11 (19-21-07).txtТип сканирования: Быстрое сканирование
Просканированные объекты: 119951
Времени прошло: 5 минут, 48 секундЗараженные процессы в памяти: 0
Зараженные модули в памяти: 0
Зараженные ключи в реестре: 1
Зараженные параметры в реестре: 0
Объекты реестра заражены: 1
Зараженные папки: 0
Зараженные файлы: 1Зараженные процессы в памяти:
(Вредоносных программ не обнаружено)Зараженные модули в памяти:
(Вредоносных программ не обнаружено)Зараженные ключи в реестре:
HKEY_CURRENT_USERSoftwareavsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.Зараженные параметры в реестре:
(Вредоносных программ не обнаружено)Объекты реестра заражены:
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand(default) (Hijack.StartMenuInternet) -> Bad: («C:UsersPIONERAppDataLocalave.exe» /START «C:Program Files (x86)Internet Exploreriexplore.exe») Good: (iexplore.exe) -> Quarantined and deleted successfully.Зараженные папки:
(Вредоносных программ не обнаружено)Зараженные файлы:
C:UsersPIONERAppDataLocalTempsvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.Logfile of random’s system information tool 1.06 (written by random/random)
Run by PIONER at 2010-07-11 19:28:09
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 345 GB (49%) free of 700 GB
Total RAM: 6077 MB (71% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:11, on 11.07.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: NormalRunning processes:
C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program Files (x86)SteamSteam.exe
C:Program Files (x86)DAEMON Tools Litedaemon.exe
C:Program Files (x86)Digital Line DetectDLG.exe
C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program Files (x86)AdobeReader 9.0Readerreader_sl.exe
C:Program Files (x86)LogitechQuickCamQuickcam.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer.exe
C:Program Files (x86)Common FilesLogishrdLQCVFXCOCIManager.exe
C:UsersPIONERDownloadsRSIT.exe
C:Program Files (x86)trend microPIONER.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/USCON/1
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=41128
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet Explorer provided by Dell
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program Files (x86)Mail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: (no name) — {5C255C8A-E604-49b4-9D64-90988571CECB} — (no file)
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll
O2 — BHO: MSN Toolbar Helper — {d2ce3e00-f94a-4740-988e-03dc2f38c34f} — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O2 — BHO: Windows Live Toolbar Helper — {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 — BHO: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O3 — Toolbar: &Windows Live Toolbar — {21FA44EF-376D-4D53-9B0F-8A89D3229068} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O3 — Toolbar: BS Player Toolbar — {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — C:Program Files (x86)BS_PlayertbBS_0.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll
O3 — Toolbar: MSN Toolbar — {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program files (x86)mail.rusputnikMailRuSputnik.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [StartCCC] «C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [LogitechQuickCamRibbon] «C:Program Files (x86)LogitechQuickCamQuickcam.exe» /hide
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Javajre6binjusched.exe»
O4 — HKLM..Run: [Microsoft Default Manager] «C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe» -resume
O4 — HKLM..Run: [avast5] «C:Program FilesAlwil SoftwareAvast5avastUI.exe» /nogui
O4 — HKLM..Run: [NokiaMServer] C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles
O4 — HKLM..Run: [NokiaMusic FastStart] «C:Program Files (x86)NokiaNokia MusicNokiaMusic.exe» /command:faststart
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [Steam] «c:program files (x86)steamsteam.exe» -silent
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program Files (x86)DAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [RGSC] C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent
O4 — HKCU..Run: [EA Core] C:Program Files (x86)Electronic ArtsEADMCore.exe -silent
O4 — HKCU..Run: [swg] «C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [Comrade.exe] C:Program Files (x86)GameSpyComradeComrade.exe
O4 — HKCU..Run: [msnmsgr] «C:Program Files (x86)Windows LiveMessengermsnmsgr.exe» /background
O4 — HKCU..Run: [SUPERAntiSpyware] C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — .DEFAULT User Startup: Dell Dock First Run.lnk = C:Program FilesDellDellDockDellDock.exe (User ‘Default user’)
O4 — Startup: Dell Dock.lnk = C:Program FilesDellDellDockDellDock.exe
O4 — Global Startup: Digital Line Detect.lnk = C:Program Files (x86)Digital Line DetectDLG.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O8 — Extra context menu item: Google Sidewiki… — res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O13 — Gopher Prefix:
O15 — Trusted Zone: http://*.combats.com
O15 — Trusted Zone: http://*.combats.ru
O16 — DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) — http://picasaweb.google.com/s/v/62.12/uploader2.cab
O16 — DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) — http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSkype4COM.dll
O20 — Winlogon Notify: !SASWinLogon — C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Unknown owner — C:WindowsSystem32appdrvrem01.exe (file missing)
O23 — Service: ASP.NET State Service (aspnet_state) — Unknown owner — C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe (file missing)
O23 — Service: Ati External Event Utility — Unknown owner — C:Windowssystem32Ati2evxx.exe (file missing)
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: Dragon Age: Origins — Content Updater (DAUpdaterSvc) — Unknown owner — C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe (file missing)
O23 — Service: @dfsrres.dll,-101 (DFSR) — Unknown owner — C:Windowssystem32DFSR.exe (file missing)
O23 — Service: Dock Login Service (DockLoginService) — Stardock Corporation — C:Program FilesDellDellDockDockLogin.exe
O23 — Service: Google Update Service (gupdate) (gupdate) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Process Monitor (LVPrcS64) — Logitech Inc. — C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: nProtect GameGuard Service (npggsvc) — Unknown owner — C:Windowssystem32GameMon.des.exe (file missing)
O23 — Service: NVIDIA Display Driver Service (nvsvc) — Unknown owner — C:Windowssystem32nvvsvc.exe (file missing)
O23 — Service: PnkBstrA — Unknown owner — C:Windowssystem32PnkBstrA.exe
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: ServiceLayer — Unknown owner — C:Program Files (x86)NokiaPC Connectivity SolutionServiceLayer.exe (file missing)
O23 — Service: Trend Micro Central Control Component (SfCtlCom) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe
O23 — Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) — Unknown owner — C:Windowssystem32SLsvc.exe (file missing)
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: Audio Service (STacSV) — Unknown owner — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe (file missing)
O23 — Service: Steam Client Service — Valve Corporation — C:Program Files (x86)Common FilesSteamSteamService.exe
O23 — Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) — Trend Micro Inc. — C:Program FilesTrend MicroBMTMBMSRV.exe
O23 — Service: Trend Micro Personal Firewall (TmPfw) — Trend Micro Inc. — C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
O23 — Service: Trend Micro Proxy Service (tmproxy) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecurityTmProxy.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
O23 — Service: XAudioService — Unknown owner — C:Windowssystem32DRIVERSxaudio64.exe (file missing)—
End of file — 14852 bytes======Scheduled tasks folder======
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksSpyHunter Scanner.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll [2008-12-04 92504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-22 278192][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll [2010-05-27 814648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2009-05-21 41368][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program Files (x86)YandexYandexBarIEyndbar.dll [2009-04-20 3701024]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — MSN Toolbar — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-22 278192][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«StartCCC»=C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
«Adobe Reader Speed Launcher»=c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«LogitechQuickCamRibbon»=C:Program Files (x86)LogitechQuickCamQuickcam.exe [2008-12-20 2656528]
«SunJavaUpdateSched»=C:Program Files (x86)Javajre6binjusched.exe [2009-05-21 148888]
«Microsoft Default Manager»=C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe [2009-02-03 233304]
«avast5″=C:Program FilesAlwil SoftwareAvast5avastUI.exe [2010-03-09 2769336]
«NokiaMServer»=C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles []
«NokiaMusic FastStart»=C:Program Files (x86)NokiaNokia MusicNokiaMusic.exe [2009-07-22 2331936][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-20 1555968]
«Steam»=c:program files (x86)steamsteam.exe [2010-05-12 1238352]
«DAEMON Tools Lite»=C:Program Files (x86)DAEMON Tools Litedaemon.exe [2008-12-29 687560]
«RGSC»=C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent []
«EA Core»=C:Program Files (x86)Electronic ArtsEADMCore.exe [2008-07-22 2772992]
«swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-04-04 39408]
«Comrade.exe»=C:Program Files (x86)GameSpyComradeComrade.exe [2008-12-09 800256]
«PlayNC Launcher»= []
«msnmsgr»=C:Program Files (x86)Windows LiveMessengermsnmsgr.exe [2008-12-02 3882312]
«SUPERAntiSpyware»=C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe [2010-02-18 2012912]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-20 138240]
«WMPNSCFG»=C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe []C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Digital Line Detect.lnk — C:Program Files (x86)Digital Line DetectDLG.exe
Logitech Desktop Messenger.lnk — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exeC:UsersPIONERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Dell Dock.lnk — C:Program Files (x86)DellDellDockDellDock.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify!SASWinLogon]
C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll [2009-09-03 548352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}»=C:Program Files (x86)SUPERAntiSpywareSASSEH.DLL [2008-05-13 77824][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=
«NoActiveDesktopChanges»=
«ForceActiveDesktopOn»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7f636032-7b10-11df-a91b-0022191d86fd}]
shellAutoRuncommand — C:Windowssystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .RECYCLERS-5-3-42-2819952290-8240758988-879315005-3665jwgkvsq.vmx,ahaezedrn[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c71679e1-fd6b-11de-8522-0022191d86fd}]
shellAutoRuncommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013keygen.exe
shellopencommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013keygen.exe======File associations======
.js — edit — C:WindowsSysWOW64Notepad.exe %1
.js — open — C:WindowsSysWOW64WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2010-07-11 19:26:33 —-D—- C:Windows6D1E83602F354C848D53C614FBCA621C.TMP
2010-07-11 19:14:03 —-A—- C:mbam-error.txt
2010-07-11 19:13:09 —-D—- C:UsersPIONERAppDataRoamingMalwarebytes
2010-07-11 19:13:02 —-D—- C:ProgramDataMalwarebytes
2010-07-11 19:13:02 —-D—- C:Program Files (x86)Malwarebytes’ Anti-Malware
2010-07-10 19:51:05 —-D—- C:Program Files (x86)Counter-Strike Source
2010-07-03 11:24:29 —-D—- C:ProgramDataUbisoft
2010-06-25 22:28:19 —-D—- C:Program Files (x86)Microsoft.NET
2010-06-25 22:27:58 —-SHD—- C:Config.Msi
2010-06-25 22:27:11 —-D—- C:18f7626aa80af1b637
2010-06-23 15:27:33 —-A—- C:Windowssystem32psisdecd.dll
2010-06-23 15:27:33 —-A—- C:Windowssystem32EncDec.dll
2010-06-23 15:27:19 —-A—- C:Windowssystem32PresentationHostProxy.dll
2010-06-23 15:27:19 —-A—- C:Windowssystem32PresentationHost.exe
2010-06-23 15:27:19 —-A—- C:Windowssystem32netfxperf.dll
2010-06-23 15:27:19 —-A—- C:Windowssystem32mscoree.dll
2010-06-23 15:27:19 —-A—- C:Windowssystem32dfshim.dll
2010-06-23 14:24:01 —-A—- C:Windowssystem32Apphlpdm.dll
2010-06-23 14:24:00 —-A—- C:Windowssystem32GameUXLegacyGDFs.dll======List of files/folders modified in the last 1 months======
2010-07-11 19:28:10 —-D—- C:Program Files (x86)trend micro
2010-07-11 19:28:08 —-D—- C:WindowsTemp
2010-07-11 19:28:06 —-D—- C:WindowsPrefetch
2010-07-11 19:26:57 —-D—- C:WindowsSystem32
2010-07-11 19:26:51 —-SHD—- C:WindowsInstaller
2010-07-11 19:26:47 —-D—- C:WindowsSysWOW64
2010-07-11 19:26:33 —-D—- C:Windows
2010-07-11 19:25:18 —-D—- C:Program Files (x86)Steam
2010-07-11 19:25:02 —-D—- C:Program Files (x86)Common FilesWise Installation Wizard
2010-07-11 19:21:56 —-D—- C:UsersPIONERAppDataRoamingSkype
2010-07-11 19:20:06 —-D—- C:UsersPIONERAppDataRoamingskypePM
2010-07-11 19:15:09 —-D—- C:Program Files (x86)Mozilla Firefox
2010-07-11 19:14:14 —-D—- C:Windowsinf
2010-07-11 19:14:00 —-D—- C:Windowssystem32drivers
2010-07-11 19:13:02 —-RD—- C:Program Files (x86)
2010-07-11 19:13:02 —-HD—- C:ProgramData
2010-07-11 16:39:17 —-D—- C:Program Files (x86)Runes of Magic
2010-07-11 01:20:41 —-SHD—- C:System Volume Information
2010-07-09 13:10:30 —-D—- C:UsersPIONERAppDataRoaminguTorrent
2010-07-06 08:56:32 —-D—- C:Program Files (x86)Common FilesSteam
2010-07-06 08:53:57 —-D—- C:WindowsMinidump
2010-07-04 16:54:23 —-D—- C:Games
2010-07-02 14:23:22 —-D—- C:Music
2010-06-25 22:30:02 —-RSD—- C:Windowsassembly
2010-06-25 22:28:50 —-D—- C:WindowsMicrosoft.NET
2010-06-25 22:28:22 —-D—- C:Windowssystem32en-US
2010-06-24 09:55:38 —-D—- C:WindowsAppPatch
2010-06-24 09:55:37 —-D—- C:Windowsehome
2010-06-23 15:28:45 —-D—- C:Windowswinsxs
2010-06-20 07:43:49 —-SD—- C:WindowsDownloaded Program Files
2010-06-19 13:51:41 —-SD—- C:UsersPIONERAppDataRoamingMicrosoft======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:WindowsSystem32Driversappdrv01.sys []
R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys []
R1 aswSP;aswSP; C:Windowssystem32driversaswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys []
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver; C:Windowssystem32DRIVERStmlwf.sys []
R1 tmtdi;Trend Micro TDI Driver; C:Windowssystem32DRIVERStmtdi.sys []
R2 aswFsBlk;aswFsBlk; C:Windowssystem32driversaswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys []
R2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys []
R2 tmpreflt;tmpreflt; C:Windowssystem32DRIVERStmpreflt.sys []
R2 tmwfp;Trend Micro WFP Callout Driver; C:Windowssystem32DRIVERStmwfp.sys []
R2 tmxpflt;tmxpflt; C:Windowssystem32DRIVERStmxpflt.sys []
R2 vsapint;vsapint; C:Windowssystem32DRIVERSvsapint.sys []
R2 XAudio;XAudio; C:Windowssystem32DRIVERSxaudio64.sys []
R3 CAXHWBS2;CAXHWBS2; C:Windowssystem32DRIVERSCAXHWBS2.sys []
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:Windowssystem32driversHCW85BDA.sys []
R3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSCAX_DPV.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:Windowssystem32DRIVERSlvrs64.sys []
R3 lvsels64;Logitech Selective Suspend Filter; C:Windowssystem32DRIVERSlvsels64.sys []
R3 LVUSBS64;Logitech USB Monitor Filter; C:Windowssystem32driversLVUSBS64.sys []
R3 LVUVC64;QuickCam Orbit/Sphere AF(UVC); C:Windowssystem32DRIVERSlvuvc64.sys []
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys []
R3 pmxmouse;PMXMOUSE; C:Windowssystem32DRIVERSpmxmouse.sys []
R3 pmxusblf;PMXUSBLF; C:Windowssystem32DRIVERSpmxusblf.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt64.sys []
R3 usbaudio;USB Audio Driver (WDM); C:Windowssystem32driversusbaudio.sys []
R3 winachsf;winachsf; C:Windowssystem32DRIVERSCAX_CNXT.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S1 aswSnx;aswSnx; C:Windowssystem32driversaswSnx.sys []
S1 SASDIFSV;SASDIFSV; ??C:Program Files (x86)SUPERAntiSpywareSASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL; ??C:Program Files (x86)SUPERAntiSpywareSASKUTIL.SYS [2010-02-17 66632]
S3 a1nvd7gi;a1nvd7gi; C:Windowssystem32driversa1nvd7gi.sys []
S3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
S3 btwavdt;Bluetooth AVDT; C:Windowssystem32driversbtwavdt.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; ??C:Program Files (x86)Steamsteamappscommonaionbin32GameGuarddump_wmimmc.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 nmwcdcx64;Nokia USB Generic; C:Windowssystem32driversccdcmbox64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:Windowssystem32driversccdcmbx64.sys []
S3 NPPTNT2;NPPTNT2; ??C:Windowssystem32npptNT2.sys [2009-04-08 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfdx64.sys []
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
S3 SASENUM;SASENUM; ??C:Program Files (x86)SUPERAntiSpywareSASENUM.SYS [2010-02-17 12872]
S3 upperdev;upperdev; C:Windowssystem32DRIVERSusbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:Windowssystem32driversusbser.sys []
S3 UsbserFilt;UsbserFilt; C:Windowssystem32DRIVERSusbser_lowerfltx64j.sys []
S3 usbvideo;USB Video Device (WDM); C:WindowsSystem32Driversusbvideo.sys []
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys []
S4 btwrchid;btwrchid; C:Windowssystem32driversbtwrchid.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 hcw85cir;Hauppauge Consumer Infrared Receiver; C:Windowssystem32drivershcw85cir.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-09-23 155648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [2008-04-15 354840]
R2 LVPrcS64;Process Monitor; C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe [2008-12-16 187416]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2009-04-05 66872]
R2 SeaPort;SeaPort; C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-01-14 226656]
R2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe []
R2 XAudioService;XAudioService; C:Windowssystem32DRIVERSxaudio64.exe []
R3 Steam Client Service;Steam Client Service; C:Program Files (x86)Common FilesSteamSteamService.exe [2010-07-02 395048]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WindowsSystem32appdrvrem01.exe svc []
S2 gupdate;Google Update Service (gupdate); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2010-01-30 135664]
S2 SfCtlCom;Trend Micro Central Control Component; C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe [2009-08-12 820488]
S2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:Program FilesTrend MicroBMTMBMSRV.exe [2009-08-12 563464]
S3 aspnet_state;ASP.NET State Service; C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe []
S3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
S3 DAUpdaterSvc;Dragon Age: Origins — Content Updater; C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe []
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 npggsvc;nProtect GameGuard Service; C:Windowssystem32GameMon.des [2009-08-30 3407412]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-20 19968]
S3 ServiceLayer;ServiceLayer; C:Program Files (x86)NokiaPC Connectivity SolutionServiceLayer.exe []
S3 TmPfw;Trend Micro Personal Firewall; C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe [2009-08-12 587696]
S3 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet SecurityTmProxy.exe [2009-08-12 854280]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2008-07-27 93184]
EOF
Спасибо огромнейшое!! Если вам чтонебудь понадобится,вседа можете на меня расчитовать.
Logfile of random’s system information tool 1.06 (written by random/random)
Run by PIONER at 2010-03-17 10:34:03
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 339 GB (48%) free of 700 GB
Total RAM: 6077 MB (53% free)======Scheduled tasks folder======
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksSpyHunter Scanner.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — c:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2009-08-04 1586472][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll [2008-12-04 92504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.4723.1820swg.dll [2010-01-30 812528][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2009-05-21 41368][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-08 1067352]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} — BS Player Toolbar — C:Program Files (x86)BS_PlayertbBS_0.dll [2010-02-20 2349080]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program Files (x86)YandexYandexBarIEyndbar.dll [2009-04-20 3701024]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} — MSN Toolbar — C:Program Files (x86)MSNToolbar3.0.1125.0msneshellx.dll [2009-02-09 82768]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program files (x86)mail.rusputnikMailRuSputnik.dll [2009-09-17 826032]{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«StartCCC»=C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
«Adobe Reader Speed Launcher»=c:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«LogitechQuickCamRibbon»=C:Program Files (x86)LogitechQuickCamQuickcam.exe [2008-12-20 2656528]
«SunJavaUpdateSched»=C:Program Files (x86)Javajre6binjusched.exe [2009-05-21 148888]
«Microsoft Default Manager»=C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe [2009-02-03 233304]
«avast5″=C:Program FilesAlwil SoftwareAvast5avastUI.exe [2010-03-09 2769336][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-20 1555968]
«Steam»=c:program files (x86)steamsteam.exe [2010-02-20 1217872]
«DAEMON Tools Lite»=C:Program Files (x86)DAEMON Tools Litedaemon.exe [2008-12-29 687560]
«RGSC»=C:GamesGTA gameRockstar Games Social ClubRGSCLauncher.exe /silent []
«EA Core»=C:Program Files (x86)Electronic ArtsEADMCore.exe [2008-07-22 2772992]
«swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-04-04 39408]
«Comrade.exe»=C:Program Files (x86)GameSpyComradeComrade.exe [2008-12-09 800256]
«PlayNC Launcher»= []
«msnmsgr»=C:Program Files (x86)Windows LiveMessengermsnmsgr.exe [2008-12-02 3882312]
«Skype»=C:Program Files (x86)SkypePhoneSkype.exe [2009-10-09 25623336]
«WMPNSCFG»=C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe []
«SUPERAntiSpyware»=C:Program Files (x86)SUPERAntiSpywareSUPERAntiSpyware.exe [2010-02-18 2012912]C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Digital Line Detect.lnk — C:Program Files (x86)Digital Line DetectDLG.exe
Logitech Desktop Messenger.lnk — C:Program Files (x86)LogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exeC:UsersPIONERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Dell Dock.lnk — C:Program Files (x86)DellDellDockDellDock.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify!SASWinLogon]
C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll [2009-09-03 548352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}»=C:Program Files (x86)SUPERAntiSpywareSASSEH.DLL [2008-05-13 77824][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=
«NoActiveDesktopChanges»=
«ForceActiveDesktopOn»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c71679e1-fd6b-11de-8522-0022191d86fd}]
shellAutoRuncommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013keygen.exe
shellopencommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013keygen.exe======File associations======
.exe — open — «C:UsersPIONERAppDataLocalave.exe» /START «%1» %*
.js — edit — C:WindowsSysWOW64Notepad.exe %1
.js — open — C:WindowsSysWOW64WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2010-03-17 10:34:03 —-D—- C:rsit
2010-03-17 10:34:03 —-D—- C:Program Files (x86)trend micro
2010-03-16 23:31:56 —-D—- C:ProgramDataSUPERAntiSpyware.com
2010-03-16 23:31:39 —-D—- C:UsersPIONERAppDataRoamingSUPERAntiSpyware.com
2010-03-16 23:31:39 —-D—- C:Program Files (x86)SUPERAntiSpyware
2010-03-16 22:04:01 —-D—- C:Program Files (x86)Enigma Software Group
2010-03-16 20:34:20 —-D—- C:ProgramDataAlwil Software
2010-03-10 04:01:38 —-A—- C:Windowssystem32nshhttp.dll
2010-03-10 04:01:28 —-A—- C:Windowssystem32httpapi.dll
2010-03-05 11:35:15 —-D—- C:Program Files (x86)Runes of Magic
2010-03-04 16:12:53 —-D—- C:UsersPIONERAppDataRoamingFOG Downloader
2010-02-28 12:42:19 —-A—- C:Windowssystem32XAudio2_5.dll
2010-02-28 12:42:19 —-A—- C:Windowssystem32xactengine3_5.dll
2010-02-28 12:42:18 —-A—- C:Windowssystem32d3dx11_42.dll
2010-02-28 12:42:18 —-A—- C:Windowssystem32d3dcsx_42.dll
2010-02-28 12:42:18 —-A—- C:Windowssystem32D3DCompiler_42.dll
2010-02-28 12:42:17 —-A—- C:Windowssystem32D3DX9_42.dll
2010-02-28 12:42:17 —-A—- C:Windowssystem32d3dx10_42.dll
2010-02-28 12:42:15 —-A—- C:Windowssystem32d3dx10_41.dll
2010-02-28 12:42:15 —-A—- C:Windowssystem32D3DCompiler_41.dll
2010-02-28 12:42:13 —-A—- C:Windowssystem32D3DX9_41.dll
2010-02-28 12:42:12 —-A—- C:Windowssystem32XAudio2_4.dll
2010-02-28 12:42:12 —-A—- C:Windowssystem32XAPOFX1_3.dll
2010-02-28 12:42:12 —-A—- C:Windowssystem32xactengine3_4.dll
2010-02-28 12:42:12 —-A—- C:Windowssystem32X3DAudio1_6.dll
2010-02-28 12:42:11 —-A—- C:Windowssystem32d3dx10_40.dll
2010-02-28 12:42:11 —-A—- C:Windowssystem32D3DCompiler_40.dll
2010-02-28 12:42:09 —-A—- C:Windowssystem32D3DX9_40.dll
2010-02-28 12:42:08 —-A—- C:Windowssystem32XAudio2_3.dll
2010-02-28 12:42:08 —-A—- C:Windowssystem32XAPOFX1_2.dll
2010-02-28 12:42:07 —-A—- C:Windowssystem32xactengine3_3.dll
2010-02-28 12:42:07 —-A—- C:Windowssystem32X3DAudio1_5.dll
2010-02-28 12:42:06 —-A—- C:Windowssystem32XAudio2_2.dll
2010-02-28 12:42:06 —-A—- C:Windowssystem32XAPOFX1_1.dll
2010-02-28 12:42:06 —-A—- C:Windowssystem32xactengine3_2.dll
2010-02-28 12:42:03 —-A—- C:Windowssystem32XAudio2_1.dll
2010-02-28 12:42:03 —-A—- C:Windowssystem32XAPOFX1_0.dll
2010-02-28 12:42:02 —-A—- C:Windowssystem32xactengine3_1.dll
2010-02-28 12:42:02 —-A—- C:Windowssystem32X3DAudio1_4.dll
2010-02-28 12:42:01 —-A—- C:Windowssystem32d3dx10_38.dll
2010-02-28 12:42:01 —-A—- C:Windowssystem32D3DCompiler_38.dll
2010-02-28 12:41:59 —-A—- C:Windowssystem32XAudio2_0.dll
2010-02-28 12:41:59 —-A—- C:Windowssystem32D3DX9_38.dll
2010-02-28 12:41:58 —-A—- C:Windowssystem32xactengine3_0.dll
2010-02-28 12:41:58 —-A—- C:Windowssystem32X3DAudio1_3.dll
2010-02-28 12:41:57 —-A—- C:Windowssystem32d3dx10_37.dll
2010-02-28 12:41:57 —-A—- C:Windowssystem32D3DCompiler_37.dll
2010-02-28 12:41:54 —-A—- C:Windowssystem32D3DX9_37.dll
2010-02-28 12:41:53 —-A—- C:Windowssystem32xactengine2_10.dll
2010-02-28 12:41:50 —-A—- C:Windowssystem32d3dx10_36.dll
2010-02-28 12:41:50 —-A—- C:Windowssystem32D3DCompiler_36.dll
2010-02-28 12:41:49 —-A—- C:Windowssystem32d3dx9_36.dll
2010-02-28 12:41:48 —-A—- C:Windowssystem32xactengine2_9.dll
2010-02-28 12:41:47 —-A—- C:Windowssystem32d3dx10_35.dll
2010-02-28 12:41:47 —-A—- C:Windowssystem32D3DCompiler_35.dll
2010-02-28 12:41:46 —-A—- C:Windowssystem32d3dx9_35.dll
2010-02-28 12:41:45 —-A—- C:Windowssystem32xactengine2_8.dll
2010-02-28 12:41:45 —-A—- C:Windowssystem32X3DAudio1_2.dll
2010-02-28 12:41:43 —-A—- C:Windowssystem32d3dx10_34.dll
2010-02-28 12:41:43 —-A—- C:Windowssystem32D3DCompiler_34.dll
2010-02-28 12:41:42 —-A—- C:Windowssystem32xinput1_3.dll
2010-02-28 12:41:42 —-A—- C:Windowssystem32d3dx9_34.dll
2010-02-28 12:41:41 —-A—- C:Windowssystem32xactengine2_7.dll
2010-02-28 12:41:40 —-A—- C:Windowssystem32d3dx10_33.dll
2010-02-28 12:41:40 —-A—- C:Windowssystem32D3DCompiler_33.dll
2010-02-28 12:41:38 —-A—- C:Windowssystem32d3dx9_33.dll
2010-02-28 12:41:37 —-A—- C:Windowssystem32xactengine2_6.dll
2010-02-28 12:41:37 —-A—- C:Windowssystem32xactengine2_5.dll
2010-02-28 12:41:36 —-A—- C:Windowssystem32d3dx10.dll
2010-02-28 12:41:35 —-A—- C:Windowssystem32d3dx9_32.dll
2010-02-28 12:41:34 —-A—- C:Windowssystem32xactengine2_4.dll
2010-02-28 12:41:34 —-A—- C:Windowssystem32x3daudio1_1.dll
2010-02-28 12:41:31 —-A—- C:Windowssystem32d3dx9_31.dll
2010-02-28 12:41:30 —-A—- C:Windowssystem32xactengine2_3.dll
2010-02-28 12:41:29 —-A—- C:Windowssystem32xinput1_2.dll
2010-02-28 12:41:28 —-A—- C:Windowssystem32xactengine2_2.dll
2010-02-28 12:41:27 —-A—- C:Windowssystem32xinput1_1.dll
2010-02-28 12:41:26 —-A—- C:Windowssystem32xactengine2_1.dll
2010-02-28 12:41:15 —-A—- C:Windowssystem32d3dx9_30.dll
2010-02-28 12:41:14 —-A—- C:Windowssystem32xactengine2_0.dll
2010-02-28 12:41:14 —-A—- C:Windowssystem32x3daudio1_0.dll
2010-02-28 12:41:12 —-A—- C:Windowssystem32d3dx9_29.dll
2010-02-28 12:41:11 —-A—- C:Windowssystem32d3dx9_28.dll
2010-02-28 12:41:08 —-A—- C:Windowssystem32d3dx9_27.dll
2010-02-28 12:41:06 —-A—- C:Windowssystem32d3dx9_26.dll
2010-02-28 12:41:04 —-A—- C:Windowssystem32d3dx9_25.dll
2010-02-28 12:41:01 —-A—- C:Windowssystem32d3dx9_24.dll
2010-02-27 20:02:23 —-D—- C:Klipbl
2010-02-27 01:43:22 —-A—- C:Windowsntbtlog.txt
2010-02-26 23:16:17 —-A—- C:Windowssystem32unicows.dll
2010-02-26 17:16:14 —-D—- C:UsersPIONERAppDataRoamingGetRightToGo
2010-02-23 22:18:56 —-A—- C:Windowssystem32jscript.dll
2010-02-23 22:18:46 —-A—- C:Windowssystem32tzres.dll
2010-02-23 22:18:32 —-A—- C:Windowssystem32RMActivate_isv.exe
2010-02-23 22:18:32 —-A—- C:Windowssystem32RMActivate.exe
2010-02-23 22:18:31 —-A—- C:Windowssystem32secproc.dll
2010-02-23 22:18:31 —-A—- C:Windowssystem32RMActivate_ssp_isv.exe
2010-02-23 22:18:31 —-A—- C:Windowssystem32RMActivate_ssp.exe
2010-02-23 22:18:30 —-A—- C:Windowssystem32secproc_isv.dll
2010-02-23 22:18:29 —-A—- C:Windowssystem32secproc_ssp_isv.dll
2010-02-23 22:18:29 —-A—- C:Windowssystem32secproc_ssp.dll
2010-02-23 22:18:29 —-A—- C:Windowssystem32msdrm.dll======List of files/folders modified in the last 1 months======
2010-03-17 10:34:03 —-RD—- C:Program Files (x86)
2010-03-17 10:34:03 —-D—- C:WindowsTemp
2010-03-17 10:34:03 —-D—- C:WindowsPrefetch
2010-03-17 10:31:58 —-D—- C:Program Files (x86)Mozilla Firefox
2010-03-17 10:30:25 —-D—- C:UsersPIONERAppDataRoamingSkype
2010-03-17 10:30:16 —-D—- C:WindowsSysWOW64
2010-03-17 10:29:58 —-D—- C:UsersPIONERAppDataRoamingskypePM
2010-03-17 01:42:49 —-D—- C:WindowsSystem32
2010-03-17 01:42:49 —-D—- C:Windowsinf
2010-03-17 01:36:08 —-D—- C:Program Files (x86)Steam
2010-03-16 23:53:14 —-SHD—- C:System Volume Information
2010-03-16 23:31:56 —-HD—- C:ProgramData
2010-03-16 23:31:45 —-SHD—- C:WindowsInstaller
2010-03-16 23:30:48 —-D—- C:Program Files (x86)Common FilesWise Installation Wizard
2010-03-16 22:33:43 —-D—- C:WindowsTasks
2010-03-16 20:36:13 —-D—- C:Windowswinsxs
2010-03-16 16:42:37 —-D—- C:Program Files (x86)Common FilesSteam
2010-03-15 19:04:56 —-D—- C:UsersPIONERAppDataRoaminguTorrent
2010-03-10 04:20:28 —-D—- C:Program Files (x86)Windows Mail
2010-03-09 05:24:05 —-A—- C:Windowssystem32aswBoot.exe
2010-03-04 16:12:53 —-D—- C:Games
2010-03-04 13:30:55 —-D—- C:Music
2010-02-28 12:41:26 —-RSD—- C:Windowsassembly
2010-02-28 00:37:51 —-D—- C:Program Files (x86)ArtMoney
2010-02-27 19:09:30 —-RSD—- C:WindowsFonts
2010-02-27 01:43:22 —-D—- C:Windows
2010-02-24 04:35:48 —-D—- C:Windowsrescache
2010-02-24 04:17:58 —-D—- C:Windowssystem32en-US
2010-02-20 11:21:21 —-D—- C:Program Files (x86)BS_Player======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:WindowsSystem32Driversappdrv01.sys []
R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys []
R1 aswSP;aswSP; C:Windowssystem32driversaswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys []
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver; C:Windowssystem32DRIVERStmlwf.sys []
R1 tmtdi;Trend Micro TDI Driver; C:Windowssystem32DRIVERStmtdi.sys []
R2 aswFsBlk;aswFsBlk; C:Windowssystem32driversaswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys []
R2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys []
R2 tmpreflt;tmpreflt; C:Windowssystem32DRIVERStmpreflt.sys []
R2 tmwfp;Trend Micro WFP Callout Driver; C:Windowssystem32DRIVERStmwfp.sys []
R2 tmxpflt;tmxpflt; C:Windowssystem32DRIVERStmxpflt.sys []
R2 vsapint;vsapint; C:Windowssystem32DRIVERSvsapint.sys []
R2 XAudio;XAudio; C:Windowssystem32DRIVERSxaudio64.sys []
R3 CAXHWBS2;CAXHWBS2; C:Windowssystem32DRIVERSCAXHWBS2.sys []
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:Windowssystem32driversHCW85BDA.sys []
R3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSCAX_DPV.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:Windowssystem32DRIVERSlvrs64.sys []
R3 lvsels64;Logitech Selective Suspend Filter; C:Windowssystem32DRIVERSlvsels64.sys []
R3 LVUSBS64;Logitech USB Monitor Filter; C:Windowssystem32driversLVUSBS64.sys []
R3 LVUVC64;QuickCam Orbit/Sphere AF(UVC); C:Windowssystem32DRIVERSlvuvc64.sys []
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys []
R3 pmxmouse;PMXMOUSE; C:Windowssystem32DRIVERSpmxmouse.sys []
R3 pmxusblf;PMXUSBLF; C:Windowssystem32DRIVERSpmxusblf.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt64.sys []
R3 usbaudio;USB Audio Driver (WDM); C:Windowssystem32driversusbaudio.sys []
R3 winachsf;winachsf; C:Windowssystem32DRIVERSCAX_CNXT.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S1 aswSnx;aswSnx; C:Windowssystem32driversaswSnx.sys []
S1 SASDIFSV;SASDIFSV; ??C:Program Files (x86)SUPERAntiSpywareSASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL; ??C:Program Files (x86)SUPERAntiSpywareSASKUTIL.SYS [2010-02-17 66632]
S3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
S3 awt3vnsx;awt3vnsx; C:Windowssystem32driversawt3vnsx.sys []
S3 btwavdt;Bluetooth AVDT; C:Windowssystem32driversbtwavdt.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; ??C:Program Files (x86)Steamsteamappscommonaionbin32GameGuarddump_wmimmc.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:Windowssystem32DRIVERSLVPr2M64.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 NPPTNT2;NPPTNT2; ??C:Windowssystem32npptNT2.sys [2009-04-08 4682]
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
S3 SASENUM;SASENUM; ??C:Program Files (x86)SUPERAntiSpywareSASENUM.SYS [2010-02-17 12872]
S3 usbvideo;USB Video Device (WDM); C:WindowsSystem32Driversusbvideo.sys []
S4 btwrchid;btwrchid; C:Windowssystem32driversbtwrchid.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 hcw85cir;Hauppauge Consumer Infrared Receiver; C:Windowssystem32drivershcw85cir.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-09-23 155648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [2008-04-15 354840]
R2 LVPrcS64;Process Monitor; C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe [2008-12-16 187416]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2009-04-05 66872]
R2 SeaPort;SeaPort; C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-01-14 226656]
R2 SfCtlCom;Trend Micro Central Control Component; C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe [2009-08-12 820488]
R2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:Program FilesTrend MicroBMTMBMSRV.exe [2009-08-12 563464]
R2 XAudioService;XAudioService; C:Windowssystem32DRIVERSxaudio64.exe []
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-03-09 40384]
R3 Steam Client Service;Steam Client Service; C:Program Files (x86)Common FilesSteamSteamService.exe [2010-03-10 332720]
R3 TmPfw;Trend Micro Personal Firewall; C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe [2009-08-12 587696]
R3 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet SecurityTmProxy.exe [2009-08-12 854280]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WindowsSystem32appdrvrem01.exe svc []
S2 gupdate;Google Update Service (gupdate); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2010-01-30 135664]
S2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_f86438beSTacSV64.exe []
S3 aspnet_state;ASP.NET State Service; C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe []
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2008-07-27 93184]
S3 DAUpdaterSvc;Dragon Age: Origins — Content Updater; C:Program Files (x86)Dragon Agebin_shipDAUpdaterSvc.Service.exe []
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 npggsvc;nProtect GameGuard Service; C:Windowssystem32GameMon.des [2009-08-30 3407412]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-20 19968]
EOF
nfo.txt logfile of random’s system information tool 1.06 2010-03-17 10:34:06======Uninstall list======
—>MsiExec /X{506DDFBE-983F-4BC3-84B8-65F423B2D798}
Acrobat.com—>C:Program Files (x86)Common FilesAdobe AIRVersions1.0Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com—>MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR—>C:Program Files (x86)Common FilesAdobe AIRVersions1.0Adobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX—>C:WindowsSysWOW64MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WindowsSysWOW64MacromedFlashuninstall_plugin.exe
Adobe Reader 9—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Aion — Collector’s Edition—>»C:Program Files (x86)Steamsteam.exe» steam://uninstall/29650
ArtMoney SE v7.31—>»C:Program Files (x86)ArtMoneyUninstallunins000.exe»
ATI Catalyst Control Center—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x9
AutoCombats.info—>»C:Program Files (x86)AutoCombats.infounins000.exe»
avast! Pro Antivirus—>C:Program FilesAlwil SoftwareAvast5aswRunDll.exe «C:Program FilesAlwil SoftwareAvast5Setupsetiface.dll» RunSetup
BS.Player FREE—>»C:Program Files (x86)WebtehBSplayeruninstall.exe»
BS_Player Toolbar—>C:PROGRA~2BS_PLA~1UNWISE.EXE /U C:PROGRA~2BS_PLA~1INSTALL.LOG
Call of Duty(R) 4 — Modern Warfare(TM) 1.1 Patch—>C:Program Files (x86)InstallShield Installation Information{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 — Modern Warfare(TM) 1.2 Patch—>C:Program Files (x86)InstallShield Installation Information{E5141379-B2D9-4BBC-BB2A-5805541571DD}setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 — Modern Warfare(TM) 1.3 Patch—>C:Program Files (x86)InstallShield Installation Information{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 — Modern Warfare(TM) 1.4 Patch—>C:Program Files (x86)InstallShield Installation Information{3BD633E0-4BF8-4499-9149-88F0767D449C}setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 — Modern Warfare(TM) 1.5 Singleplayer Patch—>C:Program Files (x86)InstallShield Installation Information{D1B7EF59-A3E2-452A-882E-076E1A18D94A}setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 — Modern Warfare(TM) 1.6 Patch—>C:Program Files (x86)InstallShield Installation Information{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 — Modern Warfare(TM) 1.7 Patch—>C:Program Files (x86)InstallShield Installation Information{931C37FC-594D-43A9-B10F-A2F2B1F03498}setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 — Modern Warfare(TM)—>C:Program Files (x86)InstallShield Installation Information{E48469CC-635E-4FD5-A122-1497C286D217}setup.exe -runfromtemp -l0x0409
Choice Guard—>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Compatibility Pack for the 2007 Office system—>MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Consumer In-Home Service Agreement—>MsiExec.exe /I{F47C37A4-7189-430A-B81D-739FF8A7A554}
Crysis WARHEAD(R)—>»C:ProgramData{0691F710-1ECA-4B5A-9727-25554F1BFDC6}setup.exe» REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)—>C:ProgramData{0691F710-1ECA-4B5A-9727-25554F1BFDC6}setup.exe
Crysis—>»C:Program Files (x86)Steamsteam.exe» steam://uninstall/17300
Dell Getting Started Guide—>MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Digital Line Detect—>C:Program Files (x86)InstallShield Installation Information{E646DCF0-5A68-11D5-B229-002078017FBF}setup.exe -runfromtemp -l0x0009 -removeonly
Dragon Age: Origins—>C:Program Files (x86)Common FilesBioWareUninstall Dragon Age.exe
EA Download Manager—>C:PROGRA~2COMMON~1INSTAL~1Driver11INTEL3~1IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1049
EDocs—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}setup.exe»
F.E.A.R. 2 — Project Origin v1.0 R-E—>»C:GamesFEAR 2 Project Originunins000.exe»
GameSpy Comrade—>MsiExec.exe /X{894084B6-BC69-43B7-BF06-B93AECFEA520}
Google Toolbar for Internet Explorer—>»C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarManager_E85CDE7661A53A6A.exe» /uninstall
Google Toolbar for Internet Explorer—>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper—>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>c:WindowsSysWOW64msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)—>c:WindowsSysWOW64msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=»»
InstallMgr—>MsiExec.exe /I{98177940-C048-4831-A279-F3888B1E2C7F}
Java(TM) 6 Update 14—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update—>MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Left 4 Dead 2—>»C:Program Files (x86)Steamsteam.exe» steam://uninstall/550
Left 4 Dead—>»C:Program Files (x86)Steamsteam.exe» steam://uninstall/500
Legend — Hand Of God—>»C:Program Files (x86)Legend — Hand Of Godunins000.exe»
Lineage II — PTS—>C:Program Files (x86)InstallShield Installation Information{5C26ABF3-B560-42CD-9144-6422595C5943}setup.exe -runfromtemp -l0x0009 -removeonly
Lineage II—>C:Program Files (x86)InstallShield Installation Information{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}setup.exe -runfromtemp -l0x0009 -removeonly
Logitech Desktop Messenger—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}Setup.exe» -l0x9 UNINSTALL
Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)—>C:Program Files (x86)Mail.RuAgentmagentsetup.exe -uninstalllm
Mail.Ru Спутник 2.1.0.4—>c:program files (x86)mail.rusputnikSputnikInstaller.exe -uninstall
Microsoft .NET Framework 1.1 Security Update (KB953297)—>»C:WindowsMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WindowsMicrosoft.NETFrameworkv1.1.4322UpdatesM953297M953297Uninstall.msp»
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Default Manager—>MsiExec.exe /I{B7148D71-0A8F-4501-96B4-4E1CC67F874E}
Microsoft Games for Windows — LIVE —>MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office PowerPoint Viewer 2007 (English)—>MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack—>MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]—>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)—>MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)—>MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.4148—>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Windows Media Video 9 VCM—>RunDll32 advpack.dll,LaunchINFSection C:WindowsINFwmv9vcm.inf, Uninstall
Microsoft Works—>MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mouse Suite for Desktop Computers—>C:Program Files (x86)InstallShield Installation Information{448E2D77-E504-4221-B2C2-93646B344729}setup.exe -runfromtemp -l0x0009 -removeonly
Mozilla Firefox (3.5.8)—>C:Program Files (x86)Mozilla Firefoxuninstallhelper.exe
MSN Toolbar—>»C:Program Files (x86)MicrosoftSearch Enhancement PackInstallMgrInstallMgr.exe»
MSN Toolbar—>MsiExec.exe /X{D0E604A0-5C90-4212-88B5-2AFCFF134FB5}
MSVCRT—>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
NCsoft Launcher—>»C:Program Files (x86)InstallShield Installation Information{30349EFD-29C6-471B-B720-10D805B2D9F3}setup.exe» -runfromtemp -l0x0009 -removeonly
NetWaiting—>C:Program Files (x86)InstallShield Installation Information{3F92ABBB-6BBF-11D5-B229-002078017FBF}setup.exe -runfromtemp -l0x0009 -removeonly
NVIDIA PhysX—>MsiExec.exe /X{506DDFBE-983F-4BC3-84B8-65F423B2D798}
OpenAL—>»C:Program Files (x86)OpenALOpenALwEAX.exe» /U /S
PunkBuster Services—>C:Windowssystem32pbsvc.exe -u
Runes of Magic—>»C:Program Files (x86)Runes of Magicunins000.exe»
Sacred 2—>MsiExec.exe /I{1023383E-D9F6-478C-A965-23A4657B3C9A}
Skype web features—>MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SpyHunter—>»C:Program Files (x86)Enigma Software GroupSpyHunterUninstall.exe» «C:Program Files (x86)Enigma Software GroupSpyHunterinstall.log» -u
?iaaen.Aa? aey Internet Explorer 3.5.4—>»C:Program Files (x86)YandexYandexBarIEunins000.exe»
STALKER: Clear Sky—>»C:Program Files (x86)Steamsteam.exe» steam://uninstall/20510
Steam—>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPERAntiSpyware Free Edition—>MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Team Fortress 2—>»C:Program Files (x86)Steamsteam.exe» steam://uninstall/440
TimeZero client 7.0.0—>»C:Program Files (x86)TimeZerounins000.exe»
Trophy Bass 2007—>»C:Program Files (x86)Trophy Bass 2007unins000.exe»
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)—>c:WindowsSysWOW64msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=»»
Windows Live Call—>MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}
Windows Live Communications Platform—>MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials—>C:Program Files (x86)Windows LiveInstallerwlarp.exe
Windows Live Essentials—>MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}
Windows Live Mail—>MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Messenger—>MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Photo Gallery—>MsiExec.exe /X{F73A5B18-EB75-4B2C-B32D-9457576E2417}
Windows Live Sign-in Assistant—>MsiExec.exe /I{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}
Windows Live Sync—>MsiExec.exe /X{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}
Windows Live Toolbar—>MsiExec.exe /X{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}
Windows Live Upload Tool—>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer—>MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
WinRAR archiver—>C:Program Files (x86)WinRARuninstall.exe
Яндекс.Бар для Internet Explorer 4.2.0—>»C:Program Files (x86)YandexYandexBarIEunins000.exe»======Hosts File======
127.0.0.1 localhost
::1 localhost
127.0.0.1 preymaster.humanhead.com======Security center information======
AV: Trend Micro Internet Security
AS: Windows Defender
AS: SUPERAntiSpyware (disabled)======System event log======
Computer Name: PIONER-PC
Event Code: 10016
Message: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user PIONER-PCPIONER SID (S-1-5-21-1049547293-2946452347-4184033027-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Record Number: 42622
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090930020938.000000-000
Event Type: Error
User: PIONER-PCPIONERComputer Name: PIONER-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 42627
Source Name: Tcpip
Time Written: 20090930045902.047000-000
Event Type: Warning
User:Computer Name: PIONER-PC
Event Code: 10016
Message: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user PIONER-PCPIONER SID (S-1-5-21-1049547293-2946452347-4184033027-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Record Number: 42634
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090930071910.000000-000
Event Type: Error
User: PIONER-PCPIONERComputer Name: PIONER-PC
Event Code: 10016
Message: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user PIONER-PCPIONER SID (S-1-5-21-1049547293-2946452347-4184033027-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Record Number: 42637
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090930072210.000000-000
Event Type: Error
User: PIONER-PCPIONERComputer Name: PIONER-PC
Event Code: 6008
Message: The previous system shutdown at 11:22:15 on 30.09.2009 was unexpected.
Record Number: 42665
Source Name: EventLog
Time Written: 20090930192728.000000-000
Event Type: Error
User:=====Application event log=====
Computer Name: PIONER-PC
Event Code: 10
Message: Event filter with query «SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA «Win32_Processor» AND TargetInstance.LoadPercentage > 99″ could not be reactivated in namespace «//./root/CIMV2» because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 6617
Source Name: Microsoft-Windows-WMI
Time Written: 20100317063144.000000-000
Event Type: Error
User:Computer Name: PIONER-PC
Event Code: 6000
Message: The winlogon notification subscriber was unavailable to handle a notification event.
Record Number: 6618
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100317063236.000000-000
Event Type: Warning
User:Computer Name: PIONER-PC
Event Code: 6000
Message: The winlogon notification subscriber was unavailable to handle a notification event.
Record Number: 6621
Source Name: Microsoft-Windows-Winlogon
Time Written: 20100317063237.000000-000
Event Type: Warning
User:Computer Name: PIONER-PC
Event Code: 10
Message: Event filter with query «SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA «Win32_Processor» AND TargetInstance.LoadPercentage > 99″ could not be reactivated in namespace «//./root/CIMV2» because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 6640
Source Name: Microsoft-Windows-WMI
Time Written: 20100317063651.000000-000
Event Type: Error
User:Computer Name: PIONER-PC
Event Code: 1000
Message: Faulting application STacSV64.exe, version 1.0.6017.1, time stamp 0x4835e75e, faulting module msvcrt.dll, version 7.0.6001.18000, time stamp 0x4791ad6b, exception code 0xc0000005, fault offset 0x0000000000003237, process id 0xc, application start time 0x01cac59c0260dfdc.
Record Number: 6650
Source Name: Application Error
Time Written: 20100317091329.000000-000
Event Type: Error
User:=====Security event log=====
Computer Name: PIONER-PC
Event Code: 4634
Message: An account was logged off.Subject:
Security ID: S-1-5-21-1049547293-2946452347-4184033027-1000
Account Name: PIONER
Account Domain: PIONER-PC
Logon ID: 0x27c3d14Logon Type: 7
This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 29415
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100317153004.983600-000
Event Type: Audit Success
User:Computer Name: PIONER-PC
Event Code: 4624
Message: An account was successfully logged on.Subject:
Security ID: S-1-5-18
Account Name: PIONER-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7Logon Type: 7
New Logon:
Security ID: S-1-5-21-1049547293-2946452347-4184033027-1000
Account Name: PIONER
Account Domain: PIONER-PC
Logon ID: 0x27c3d07
Logon GUID: {00000000-0000-0000-0000-000000000000}Process Information:
Process ID: 0x384
Process Name: C:WindowsSystem32winlogon.exeNetwork Information:
Workstation Name: PIONER-PC
Source Network Address: 127.0.0.1
Source Port: 0Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: —
Package Name (NTLM only): —
Key Length: 0This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
— Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
— Transited services indicate which intermediate services have participated in this logon request.
— Package name indicates which sub-protocol was used among the NTLM protocols.
— Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 29416
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100317153004.983600-000
Event Type: Audit Success
User:Computer Name: PIONER-PC
Event Code: 4634
Message: An account was logged off.Subject:
Security ID: S-1-5-21-1049547293-2946452347-4184033027-1000
Account Name: PIONER
Account Domain: PIONER-PC
Logon ID: 0x27c3d07Logon Type: 7
This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 29417
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100317153004.983600-000
Event Type: Audit Success
User:Computer Name: PIONER-PC
Event Code: 4624
Message: An account was successfully logged on.Subject:
Security ID: S-1-5-18
Account Name: PIONER-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7Logon Type: 7
New Logon:
Security ID: S-1-5-21-1049547293-2946452347-4184033027-1000
Account Name: PIONER
Account Domain: PIONER-PC
Logon ID: 0x27c3d14
Logon GUID: {00000000-0000-0000-0000-000000000000}Process Information:
Process ID: 0x384
Process Name: C:WindowsSystem32winlogon.exeNetwork Information:
Workstation Name: PIONER-PC
Source Network Address: 127.0.0.1
Source Port: 0Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: —
Package Name (NTLM only): —
Key Length: 0This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
— Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
— Transited services indicate which intermediate services have participated in this logon request.
— Package name indicates which sub-protocol was used among the NTLM protocols.
— Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 29418
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100317153004.983600-000
Event Type: Audit Success
User:Computer Name: PIONER-PC
Event Code: 4672
Message: Special privileges assigned to new logon.Subject:
Security ID: S-1-5-21-1049547293-2946452347-4184033027-1000
Account Name: PIONER
Account Domain: PIONER-PC
Logon ID: 0x27c3d07Privileges: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 29419
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100317153004.983600-000
Event Type: Audit Success
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program Files (x86)ATI TechnologiesATI.ACECore-Static
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
«PROCESSOR_ARCHITECTURE»=AMD64
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«USERNAME»=SYSTEM
«windir»=%SystemRoot%
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
«PROCESSOR_REVISION»=170a
«NUMBER_OF_PROCESSORS»=4
«TRACE_FORMAT_SEARCH_PATH»=\NTREL202.ntdev.corp.microsoft.com34FB5F65-FFEB-4B61-BF0E-A6A76C450FAATraceFormat
«DFSTRACINGON»=FALSE
EOF
После 2й проверки ничего не изменилось..Забыл добавить при загрузке компа на рабочем столе появляется две табличьки: «Error louding C:Windowssystem32NvCpl.dll The specified module could not be found. и «Error louding C:Windowssystem32NvMcTray.dll The specified module could not be found. Вобсчем ето кокраз те файлы.Как их удолить.Прошу подскажите..
Да еще,при первом сканировании «SuperAntiSpywarom» обнаружил 7 -Adware,2-Trojan.Agent/Gen-RogueAV и 1 -antivirus.soft. После завершения процедуры удаления — restart. «Antispyware Vista» не пропал, я запустил по новой и он сра обнаружил 2-Trojan.Agent/Gen-RogueAV,хот должен был удалить их впрошлый раз.
