Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:11:13, on 18.11.2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)


Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera_crashreporter.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Program Files\Opera\36.0.2130.80\opera.exe
C:\Documents and Settings\Светлана\Local Settings\Application Data\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Светлана\Local Settings\Application Data\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Светлана\Local Settings\Application Data\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Светлана\Local Settings\Application Data\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Светлана\Local Settings\Application Data\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Светлана\Local Settings\Application Data\Yandex\YandexBrowser\Application\browser.exe
C:\Documents and Settings\Светлана\Мои документы\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yandex.ru/?win=255&clid=2256844-103
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1844237615-838170752-1644491937-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O22 - SharedTaskScheduler: Предзагрузчик Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Демон кэша категорий компонентов - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Kaspersky Anti-Virus Service 17.0.0 (AVP17.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
O23 - Service: Kaspersky Secure Connection Service 1.0.0 (KSDE1.0.0) - AO Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Корпорация Майкрософт - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) - Корпорация Майкрософт - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 7112 bytes