Владислав спросил 7 лет назад
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 0:52:26, on 27.11.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\User\Desktop\steam\Steam.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hostless Modem\3G Tele2\CheckNDISPort_df.exe
C:\Program Files (x86)\Hostless Modem\3G Tele2\CancelAutoPlay_df.exe
C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
C:\Users\User\Downloads\HijackThis.exe
R1 — HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 — HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yandex.ru/?win=307&clid=2307717
R1 — HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = babyuser.net/
R1 — HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 — HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 — HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 — HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 — HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 — REG:system.ini: UserInit=userinit.exe,
O2 — BHO: True Key Helper — {0F4B8786-5502-4803-8EBC-F652A1153BB6} — C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 — BHO: Kino-Filmov.Net Toolbar — {1a894269-562d-459e-b17e-efd8de428e41} — (no file)
O2 — BHO: ScriptInjectionPluginBrowserHelperObject — {2E38825B-8815-42CF-9126-C58BC28D4591} — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O3 — Toolbar: Kino-Filmov.Net Toolbar — {1a894269-562d-459e-b17e-efd8de428e41} — (no file)
O3 — Toolbar: True Key — {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} — C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O3 — Toolbar: Kaspersky Protection Toolbar — {093F479D-712E-46CD-9E06-62E734A05F68} — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O4 — HKLM\..\Run: [Adobe ARM] «c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe»
O4 — HKLM\..\Run: [SunJavaUpdateSched] «C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe»
O4 — HKLM\..\Run: [CheckNDISPort50ac64] C:\Program Files (x86)\Hostless Modem\3G Tele2\CheckNDISPort_df.exe
O4 — HKLM\..\Run: [CancelAutoPlay_df] «C:\Program Files (x86)\Hostless Modem\3G Tele2\CancelAutoPlay_df.exe» run
O4 — HKCU\..\Run: [moreskidki] «C:\Users\User\AppData\Local\moreskidki\stub.exe» /run «C:\Users\User\AppData\Local\moreskidki\config.json»
O4 — HKCU\..\Run: [SyncManPath] «C:\Program Files\Yandex\YandexDisk\bin\YandexDisk.exe» -autostart
O4 — HKCU\..\Run: [DAEMON Tools Ultra Agent] «C:\Program Files\DAEMON Tools Ultra\DTAgent.exe» -autorun
O4 — HKCU\..\Run: [uTorrent] «C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe» /MINIMIZED
O4 — HKCU\..\Run: [Steam] «C:\Users\User\Desktop\steam\steam.exe» -silent
O4 — HKCU\..\Run: [Discord] C:\Users\User\AppData\Local\Discord\app-0.0.297\Discord.exe
O4 — Startup: MorphVOX.lnk = C:\bro\MorphVOXPro.exe
O4 — Startup: PUSH Wallpaper.lnk = C:\Program Files\PUSH Entertainment\Video Wallpaper\pushvideowallpaper.exe
O4 — Global Startup: Bluetooth.lnk = ?
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 — Extra context menu item: Se&nd to OneNote — res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: Se&nd to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 — Extra button: OneNote Lin&ked Notes — {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 — Extra ‘Tools’ menuitem: OneNote Lin&ked Notes — {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 — Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 — Protocol: dssrequest — {5513F07E-936B-4E52-9B00-067394E91CC5} — (no file)
O18 — Protocol: osf — {D924BDC6-C83A-4BD5-90D0-095128A113D1} — C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 — Protocol: sacore — {5513F07E-936B-4E52-9B00-067394E91CC5} — (no file)
O23 — Service: Adobe Acrobat Update Service (AdobeARMservice) — Adobe Systems Incorporated — c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 — Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) — Adobe Systems Incorporated — C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 — Service: Adobe Genuine Software Integrity Service (AGSService) — Adobe Systems, Incorporated — C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 — Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) — Unknown owner — C:\WINDOWS\System32\alg.exe (file missing)
O23 — Service: Kaspersky Anti-Virus Service 17.0.0 (AVP17.0.0) — AO Kaspersky Lab — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
O23 — Service: @oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) — Unknown owner — C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 — Service: BattlEye Service (BEService) — Unknown owner — C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 — Service: Bluetooth Service (btwdins) — Broadcom Corporation. — C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 — Service: CCDMonitorService — Acer Incorporated — C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
O23 — Service: Chistilka — Unknown owner — C:\ProgramData\Чистилка\Чистилка.exe
O23 — Service: Intel(R) Content Protection HECI Service (cphs) — Intel Corporation — C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 — Service: Disc Soft Ultra Bus Service — Disc Soft Ltd — C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
O23 — Service: EasyAntiCheat — EasyAntiCheat Ltd — C:\WINDOWS\system32\EasyAntiCheat.exe
O23 — Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) — Unknown owner — C:\WINDOWS\System32\lsass.exe (file missing)
O23 — Service: ePower Service (ePowerSvc) — Acer Incorporated — C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 — Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) — Unknown owner — C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 — Service: GamesAppIntegrationService — TODO: <Company name> — C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 — Service: GamesAppService — WildTangent, Inc. — C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 — Service: Служба Google Update (gupdate) (gupdate) — Google Inc. — C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 — Service: Служба Google Update (gupdatem) (gupdatem) — Google Inc. — C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 — Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) — Unknown owner — C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 — Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) — Unknown owner — C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 — Service: Intel(R) Capability Licensing Service Interface — Intel(R) Corporation — C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 — Service: Intel(R) Capability Licensing Service TCP IP Interface — Intel(R) Corporation — C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 — Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) — Intel Corporation — C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:\WINDOWS\system32\lsass.exe (file missing)
O23 — Service: klvssbrigde64 — AO Kaspersky Lab — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
O23 — Service: Kaspersky Secure Connection Service 1.0.0 (KSDE1.0.0) — AO Kaspersky Lab — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
O23 — Service: Lenovo EasyPlus Hotspot — Lenovo — C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
O23 — Service: Intel(R) Management and Security Application Local Management Service (LMS) — Intel Corporation — C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 — Service: Launch Manager Service (LMSvc) — Acer Incorporate — C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 — Service: Malwarebytes Service (MBAMService) — Malwarebytes — C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 — Service: Mobile Broadband HL Service — Unknown owner — C:\ProgramData\MobileBrServ\mbbservice.exe
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:\WINDOWS\System32\msdtc.exe (file missing)
O23 — Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) — Nero AG — C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 — Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) — Unknown owner — C:\WINDOWS\system32\lsass.exe (file missing)
O23 — Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) — NVIDIA Corporation — C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 — Service: NVIDIA NetworkService Container (NvContainerNetworkService) — NVIDIA Corporation — C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 — Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) — NVIDIA Corporation — C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 — Service: NVIDIA Telemetry Container (NvTelemetryContainer) — NVIDIA Corporation — C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 — Service: PnkBstrA — Unknown owner — C:\WINDOWS\system32\PnkBstrA.exe
O23 — Service: Quick Access Service (QASvc) — Acer Incorporate — C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 — Service: Quick Access RadioMgr Service (RMSvc) — Acer Incorporate — C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
O23 — Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) — Unknown owner — C:\WINDOWS\system32\locator.exe (file missing)
O23 — Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) — Unknown owner — C:\WINDOWS\system32\lsass.exe (file missing)
O23 — Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 — Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) — Unknown owner — C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 — Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) — Unknown owner — C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 — Service: Steam Client Service — Valve Corporation — C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 — Service: Intel Security True Key (TrueKey) — McAfee, Inc. — C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 — Service: Intel Security True Key Scheduler (TrueKeyScheduler) — McAfee, Inc. — C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 — Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) — McAfee, Inc. — C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 — Service: User Experience Improvement Program (UEIPSvc) — acer — C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 — Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) — Unknown owner — C:\WINDOWS\system32\lsass.exe (file missing)
O23 — Service: @%SystemRoot%\system32\vds.exe,-100 (vds) — Unknown owner — C:\WINDOWS\System32\vds.exe (file missing)
O23 — Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) — Unknown owner — C:\WINDOWS\system32\vssvc.exe (file missing)
O23 — Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) — Unknown owner — C:\WINDOWS\system32\wbengine.exe (file missing)
O23 — Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) — Unknown owner — C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 — Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) — Unknown owner — C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 — Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 — Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
—
End of file — 14216 bytes
