DDS (Ver_09-05-14.01) - NTFSx86 Run by Admin at 17:25:36,62 on 12.06.2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2039.1557 [GMT 11:00] AV: Doctor Web Anti-Virus *On-access scanning enabled* (Updated) {3454C8F1-ECBC-4180-A6F4-04632FBA762B} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\DrWeb\spidernt.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\TrafficCompressor\TCompres.exe C:\Program Files\DrWeb\SpIDerAgent.exe C:\Program Files\DrWeb\spiderml.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\DrWeb\spidergate.exe C:\PROGRA~1\DrWeb\spiderui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\VistaDriveIcon\VistaDrv.exe C:\Program Files\RocketDock\RocketDock.exe C:\Documents and Settings\Admin\Рабочий стол\Новая папка\winsent.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKP.EXE E:\Съемный диск (M)\удаление вир\dds.scr ============== Pseudo HJT Report =============== uStart Page = www.beeline.ru uInternet Settings,ProxyServer = http=localhost:9999 mWinlogon: Userinit=c:\windows\system32\userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Яндекс.Бар: {91397d20-1446-11d4-8af4-0040ca1127b6} - c:\program files\yandex\yandexbarie\yndbar.dll TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [VistaIcon] c:\program files\vistadriveicon\VistaDrv.exe uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe" uRun: [WinSent] c:\documents and settings\admin\рабочий стол\новая папка\winsent.exe uRun: [EPSON Stylus Photo R290 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatickp.exe /fu "c:\docume~1\admin\locals~1\temp\E_S21.tmp" /EF "HKCU" uRun: [WebCompressor] c:\program files\webpixel\webcompressor\WebCompressor.exe mRun: [HControl] c:\windows\atk0100\HControl.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [TrafficCompressor] c:\program files\trafficcompressor\TCompres.exe /Autorun mRun: [SpIDerAgent] "c:\program files\drweb\SpIDerAgent.exe" mRun: [SpIDerMail] "c:\program files\drweb\spiderml.exe" mRun: [SpIDerGate] "c:\program files\drweb\spidergate.exe" -autorun mRun: [SpIDerNT] c:\progra~1\drweb\spiderui.exe /agent dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [VistaIcon] c:\program files\vistadriveicon\VistaDrv.exe dRunOnce: [IE8_01] regsvr32 /s /n /i:u shell32 dRunOnce: [IE8_02] rundll32 advpack.dll,LaunchINFSectionEx IE8int.inf,AfterUserStart,,4,N uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1) dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Закачать ВСЕ при помощи Download Master IE: Закачать при помощи Download Master IE: {8DAE90AD-4583-4977-9DD4-4360F7A45C74} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe LSP: c:\program files\drweb\drwebsp.dll LSP: c:\program files\trafficcompressor\TCompLsp.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll ============= SERVICES / DRIVERS =============== R0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys [2009-5-17 101496] R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine);c:\program files\common files\doctor web\scanning engine\dwengine.exe [2009-1-21 886072] R2 SPIDER;SpIDer Guard File System Monitor;c:\progra~1\drweb\spider.sys [2008-12-15 394184] R2 SPIDERNT;SpIDer Guard for Windows;c:\progra~1\drweb\spidernt.exe [2008-12-15 251144] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-5-16 1684736] =============== Created Last 30 ================ 2009-06-12 17:23 --d----- C:\antivir 2009-06-12 11:01 --d----- c:\docume~1\admin\applic~1\webcompressor 2009-06-12 10:06 --d-h--- c:\windows\PIF 2009-06-10 21:17 96,640 ac------ c:\windows\system32\dllcache\b57xp32.sys 2009-06-10 21:17 96,640 a------- c:\windows\system32\drivers\b57xp32.sys 2009-06-10 19:49 621,056 a------- c:\windows\system32\drivers\mod7700.sys 2009-06-10 19:49 113,664 a------- c:\windows\system32\drivers\ewusbnet.sys 2009-06-10 19:49 101,376 a------- c:\windows\system32\drivers\ewusbmdm.sys 2009-06-10 19:49 24,448 a------- c:\windows\system32\drivers\ewdcsc.sys 2009-06-08 10:12 --d----- c:\docume~1\alluse~1\applic~1\UDL 2009-06-08 09:44 --d----- c:\program files\EPSON 2009-06-08 09:43 25 a------- c:\windows\CDER290ERUKAR.ini 2009-06-08 09:42 --d----- c:\docume~1\alluse~1\applic~1\EPSON 2009-06-08 09:42 49,152 a------- c:\windows\system32\E_DCINST.DLL 2009-06-08 09:42 76,800 a------- c:\windows\system32\E_FLBCKP.DLL 2009-06-08 09:42 62,976 a------- c:\windows\system32\E_FD4BCKP.DLL 2009-06-08 09:41 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys 2009-06-08 09:41 25,856 a------- c:\windows\system32\drivers\usbprint.sys 2009-06-08 09:13 --d----- c:\program files\Flag of Russia 2009-06-08 09:12 508,928 -------- c:\windows\system32\Flag of Russia.scr 2009-06-07 18:07 6,144 a--sh--- c:\windows\system32\Thumbs.db 2009-06-06 23:04 2,792 a------- c:\windows\system32\System.sov 2009-06-06 23:04 285,184 a------- c:\windows\system32\Советник.scr 2009-06-06 23:04 35 a------- c:\windows\system32.ini 2009-06-06 08:46 --d----- c:\windows\pss 2009-06-05 21:05 --d----- c:\program files\Haali 2009-06-01 21:32 --d----- c:\program files\VideoLAN 2009-06-01 21:27 67,584 a------- c:\windows\system32\ff_vfw.dll 2009-06-01 21:27 60,273 a------- c:\windows\system32\pthreadGC2.dll 2009-06-01 21:27 --d----- c:\program files\K-Lite Codec Pack 2009-05-31 19:28 --d----- c:\program files\IVT Corporation 2009-05-31 17:31 5,632 a--sh--- c:\windows\Thumbs.db 2009-05-31 17:30 7,552 ac------ c:\windows\system32\dllcache\sonypvu1.sys 2009-05-31 17:30 7,552 a------- c:\windows\system32\drivers\SONYPVU1.SYS 2009-05-29 07:00 --d----- c:\program files\LanTricks 2009-05-28 18:03 --d-h--- c:\windows\system32\GroupPolicy 2009-05-27 21:35 158 a------- c:\windows\DjVuPro.INI 2009-05-27 19:53 45,568 a----r-- c:\windows\system32\drivers\rimmptsk.sys 2009-05-27 19:52 90,112 a----r-- c:\windows\system32\snymsico.dll 2009-05-27 19:52 43,008 a----r-- c:\windows\system32\drivers\rimsptsk.sys 2009-05-27 19:51 1,698,880 a----r-- c:\windows\system32\drivers\athwx.sys 2009-05-27 19:50 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys 2009-05-27 19:50 16,128 a------- c:\windows\system32\drivers\MODEMCSA.sys 2009-05-27 19:50 175,104 ac------ c:\windows\system32\dllcache\csamsp.dll 2009-05-27 19:50 175,104 a------- c:\windows\system32\csamsp.dll 2009-05-27 19:50 1,203,776 a----r-- c:\windows\system32\drivers\AGRSM.sys 2009-05-27 19:50 54,824 a----r-- c:\windows\agrsmdel.exe 2009-05-27 19:50 13,312 a----r-- c:\windows\system32\agrsmsvc.exe 2009-05-27 19:50 13,312 a----r-- c:\windows\system32\agrscoin.dll 2009-05-24 08:34 --d----- c:\program files\Flash Player Pro 2009-05-23 20:41 --d----- c:\program files\common files\EZB Systems 2009-05-23 20:41 --d----- c:\program files\UltraISO 2009-05-23 17:46 --d----- c:\program files\Everest 2009-05-23 17:46 --d----- c:\program files\FsCapture 2009-05-23 09:17 --d----- c:\program files\Liquid Metal 2009-05-23 09:11 --d----- c:\program files\DeskBar 2009-05-22 19:52 23 a--sh--- c:\windows\system32\aeaea1_r.dll 2009-05-22 19:52 23 a------- c:\windows\system32\aceecbdd_r.ocx 2009-05-22 17:44 --d----- c:\program files\PocketDivXEncoder 2009-05-20 20:28 --d----- c:\program files\Mobile Action 2009-05-20 20:26 43,264 a----r-- c:\windows\system32\drivers\ser2pl.sys 2009-05-20 20:26 --d----- c:\windows\Application Data 2009-05-19 22:31 9,200 -------- c:\windows\system32\drivers\cdralw2k.sys 2009-05-19 22:31 9,072 -------- c:\windows\system32\drivers\cdr4_xp.sys 2009-05-19 22:30 --d----- c:\windows\system32\IOSUBSYS 2009-05-17 09:30 101,496 a------- c:\windows\system32\drivers\dwprot.sys 2009-05-17 09:29 --d----- c:\documents and settings\admin\DoctorWeb 2009-05-17 09:29 --d----- c:\program files\common files\Doctor Web 2009-05-17 09:29 --d----- c:\docume~1\alluse~1\applic~1\Doctor Web 2009-05-17 09:29 --d----- c:\program files\DrWeb 2009-05-16 11:27 58,368 a------- c:\windows\system32\drivers\redbook.sys 2009-05-16 11:27 13,952 a------- c:\windows\system32\drivers\CmBatt.sys 2009-05-16 11:27 10,240 a------- c:\windows\system32\drivers\compbatt.sys 2009-05-16 11:27 14,208 a------- c:\windows\system32\drivers\battc.sys 2009-05-16 11:27 76,800 a------- c:\windows\system32\usbui.dll 2009-05-16 11:27 --d----- c:\windows\ATK0100 2009-05-16 11:26 --d----- c:\program files\common files\ODBC 2009-05-16 11:26 --d----- c:\program files\common files\SpeechEngines 2009-05-16 11:25 --d-h--- c:\documents and settings\all users\Шаблоны 2009-05-16 11:25 --d--r-- c:\documents and settings\all users\Главное меню 2009-05-16 11:25 --d--r-- c:\documents and settings\all users\Документы 2009-05-16 11:25 --d----- c:\documents and settings\all users\Рабочий стол 2009-05-16 11:25 --d----- c:\documents and settings\all users\Избранное 2009-05-16 11:25 144,484 ac------ c:\windows\system32\dllcache\netfx.cat 2009-05-16 11:24 4,813,824 a------- c:\windows\system32\drivers\RtkHDAud.sys 2009-05-16 11:23 266,240 a------- c:\windows\system32\RTSndMgr.CPL 2009-05-16 11:23 278,528 a------- c:\windows\system32\ALSNDMGR.CPL 2009-05-16 11:23 118,656 a------- c:\windows\system32\drivers\Rtnicxp.sys 2009-05-16 11:23 73,728 a------- c:\windows\system32\RtNicProp32.dll 2009-05-16 11:23 5,760 a------- c:\windows\system32\drivers\ATKACPI.sys 2009-05-16 11:23 --d----- c:\windows\system32\CatRoot2 2009-05-16 11:23 --d----- c:\windows\system32\CatRoot 2009-05-16 11:22 --d----- C:\Documents and Settings 2009-05-16 11:22 1,219 a------- c:\windows\system32\$winnt$.inf 2009-05-16 09:00 --d----- c:\program files\TrafficCompressor 2009-05-16 08:33 --d----- c:\program files\Huawei E160G 2009-05-16 08:14 --d----- c:\program files\RocketDock 2009-05-16 08:05 --d----- c:\docume~1\admin\applic~1\URSoft 2009-05-16 08:05 --d----- c:\program files\Your Uninstaller 2008 2009-05-16 08:04 --d----- c:\program files\Total Commander 2009-05-16 08:04 --d----- c:\program files\jv16 PowerTools 2007 2009-05-16 08:04 --d----- c:\program files\Библиотека 2009-05-16 08:03 --d----- c:\program files\Yandex 2009-05-16 08:03 --d----- c:\program files\common files\Yandex 2009-05-16 08:03 --d----- c:\docume~1\admin\applic~1\Yandex 2009-05-16 08:03 --d----- c:\program files\Download Master 2009-05-16 08:03 --d----- c:\program files\Alcohol Soft 2009-05-16 07:52 --dsh--- c:\documents and settings\admin\PrivacIE 2009-05-16 07:49 --d----- c:\program files\Realtek 2009-05-16 07:38 --dsh--- c:\documents and settings\admin\IETldCache 2009-05-16 07:38 --d-h--- c:\documents and settings\admin\Шаблоны 2009-05-16 07:38 --d--r-- c:\documents and settings\admin\Мои документы 2009-05-16 07:38 --d--r-- c:\documents and settings\admin\Главное меню 2009-05-16 07:38 --d--r-- c:\documents and settings\admin\Избранное 2009-05-16 07:38 --d----- c:\documents and settings\admin\Рабочий стол 2009-05-16 07:35 --d----- c:\program files\msn gaming zone 2009-05-16 07:35 --d----- c:\program files\VistaDriveIcon 2009-05-16 07:35 a-d----- c:\program files\Paint.NET 2009-05-16 07:31 --dsh--- c:\documents and settings\all users\DRM 2009-05-16 07:31 --d-h--- c:\program files\WindowsUpdate 2009-05-16 07:31 --d----- c:\program files\Online Services 2009-05-16 07:31 --d----- c:\program files\common files\MSSoap 2009-05-16 07:29 --d----- c:\program files\Windows Media Connect 2 2009-05-16 07:29 --d----- c:\program files\Windows NT ==================== Find3M ==================== 2009-06-10 08:32 484,934 a------- c:\windows\system32\perfh019.dat 2009-06-10 08:32 84,458 a------- c:\windows\system32\perfc019.dat 2009-05-19 22:16 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-05-16 07:49 319,488 a------- c:\windows\HideWin.exe 2009-05-16 07:35 721,904 a------- c:\windows\system32\drivers\sptd.sys 2009-05-16 07:35 410,984 a------- c:\windows\system32\deploytk.dll 2009-05-16 07:30 22,564 a------- c:\windows\system32\emptyregdb.dat 2009-04-28 09:49 3,366,912 a------- c:\windows\system32\GPhotos.scr 2009-04-25 07:02 23,040 a------- c:\windows\system32\setup.exe 2009-04-25 07:01 1,571,840 a------- c:\windows\system32\sfcfiles.dll 2009-04-25 06:59 675,840 a------- c:\windows\system32\shdoclc.dll 2009-04-25 06:58 4,096 a------- c:\windows\system32\wmvdmoe2.dll 2009-04-25 06:57 48,128 a------- c:\windows\system32\mshtmler.dll 2009-04-25 06:57 45,568 a------- c:\windows\system32\mshta.exe 2009-04-25 06:57 43,008 a------- c:\windows\system32\licmgr10.dll 2009-04-25 06:57 71,680 a------- c:\windows\system32\iesetup.dll 2009-04-25 06:57 72,704 a------- c:\windows\system32\admparse.dll 2009-04-25 06:57 18,944 a------- c:\windows\system32\corpol.dll 2009-04-25 06:52 288,768 a------- c:\windows\system32\ulib.dll 2009-04-25 06:51 2,147,328 a------- c:\windows\system32\ntoskrnl.exe 2009-04-21 04:42 9,482 a------- c:\windows\system32\OEMINFO.CMD 2009-04-15 15:32 3,072 a------- c:\windows\system32\xpsp4res.dll 2009-03-20 02:52 23,552 a------- c:\windows\system32\normaliz.dll 2009-03-20 02:51 24,576 a------- c:\windows\system32\nlsdl.dll 2009-03-20 02:51 265,720 a------- c:\windows\system32\msdbg2.dll 2009-03-20 02:49 26,112 a------- c:\windows\system32\idndl.dll 2009-03-18 00:07 122,880 a------- c:\windows\RtkAudioService.exe 2009-03-17 22:44 36,352 a------- c:\windows\system32\RtkCoInstXP.dll 2009-03-16 22:18 517,448 a------- c:\windows\system32\XAudio2_4.dll 2009-03-16 22:18 235,352 a------- c:\windows\system32\xactengine3_4.dll 2009-03-16 22:18 69,448 a------- c:\windows\system32\XAPOFX1_3.dll 2009-03-16 22:18 22,360 a------- c:\windows\system32\X3DAudio1_6.dll ============= FINISH: 17:25:53,70 ===============