Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2011-03-11 10:14:29
Microsoft Windows XP Professional Service Pack 3
System drive C: has 29 GB (48%) free of 61 GB
Total RAM: 1023 MB (60% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Dr.Web Daily scan.job
C:\WINDOWS\tasks\Dr.Web Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1163E531-B58E-4BB9-B877-0906A0A22AEC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E28339B-7A2A-47B6-AEB2-46BA53782379}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2010-01-22 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll [2007-07-20 152064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-22 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA01CDE-DB63-4EC4-9073-0E3C658A9C36}]
C:\WINDOWS\system32\IVAJ.dll [2008-04-15 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-22 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"SpIDerAgent"=C:\Program Files\DrWeb\SpIDerAgent.exe [2010-03-10 1314032]
"SpIDerMail"=C:\Program Files\DrWeb\spiderml.exe [2010-06-03 1541360]
"Dr.Web Firewall"=C:\Program Files\DrWeb\frwl_notify.exe [2010-03-15 2600200]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LClock"=C:\Program Files\LClock\LClock.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2007-02-26 1254912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-08-21 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-03-02 133632]
nkv - {18b5c62f-903d-e582-a14e-903d4ea7d502}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
csiddll - {C4560D12-CE25-4A2E-A5D4-B5070FCBE282}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\.Autorun\835694854683549385398626893468946\Autorun.exe"="G:\.Autorun\835694854683549385398626893468946\Autorun.exe:*:Enabled:Microsoft Intranet Patcher"
"C:\Program Files\Common Files\SafeDrv.exe"="C:\Program Files\Common Files\SafeDrv.exe:*:Enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2011-03-11 10:14:29 ----D---- C:\rsit
2011-03-11 10:00:00 ----A---- C:\WINDOWS\system32\drivers\uzm5ntgz.sys
2011-03-11 09:48:13 ----D---- C:\Documents and Settings\Admin\Application Data\Opera
2011-03-11 09:47:59 ----D---- C:\Program Files\Opera
2011-03-11 09:47:47 ----A---- C:\WINDOWS\WPI_Log_2011.03.11_09.47.47.txt
2011-03-10 18:16:24 ----D---- C:\Program Files\Trend Micro
2011-03-10 13:02:45 ----D---- C:\Program Files\Messenger
2011-03-09 21:17:03 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2011-03-09 21:17:00 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2011-03-09 21:16:58 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2011-03-09 21:16:56 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2011-03-09 21:16:55 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2011-03-09 21:16:53 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2011-03-09 21:16:51 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2011-03-09 21:16:27 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2011-03-09 21:13:31 ----A---- C:\WINDOWS\system32\Remover.ini
2011-03-09 21:13:31 ----A---- C:\WINDOWS\system32\Remove.exe
2011-03-09 21:13:31 ----A---- C:\WINDOWS\system32\drivers\PAC7302.SYS
2011-03-09 21:13:31 ----A---- C:\WINDOWS\system32\CoInst_071029.dll
2011-03-09 21:13:30 ----D---- C:\WINDOWS\PixArt
2011-03-09 21:13:30 ----D---- C:\Program Files\PixArt
2011-03-09 21:13:30 ----D---- C:\Program Files\Common Files\PAC7302
2011-03-09 21:13:30 ----A---- C:\WINDOWS\system32\SP7302.INI
2011-03-09 20:51:20 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2011-03-09 20:40:51 ----D---- C:\Documents and Settings\Admin\Application Data\Skype
2011-03-09 20:40:30 ----D---- C:\Program Files\Skype
2011-03-09 20:40:13 ----A---- C:\WINDOWS\WPI_Log_2011.03.09_20.40.13.txt
2011-03-09 20:35:15 ----A---- C:\InstallLog.txt
2011-01-25 17:25:57 ----D---- C:\Documents and Settings\Admin\Application Data\FastStone
2011-01-25 17:22:10 ----D---- C:\Program Files\FastStone Image Viewer
2011-01-25 17:22:02 ----A---- C:\WINDOWS\WPI_Log_2011.01.25_17.22.02.txt

======List of files/folders modified in the last 3 months======

2011-03-11 10:12:35 ----D---- C:\WINDOWS\Temp
2011-03-11 10:12:32 ----D---- C:\WINDOWS\system32\drivers
2011-03-11 10:11:52 ----A---- C:\WINDOWS\CSTBox.INI
2011-03-11 10:11:06 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-11 10:10:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-11 09:47:59 ----AD---- C:\Program Files
2011-03-11 09:47:51 ----A---- C:\WINDOWS\NeroDigital.ini
2011-03-11 09:47:47 ----D---- C:\WINDOWS
2011-03-11 09:38:51 ----AD---- C:\WINDOWS\system32
2011-03-10 18:16:25 ----SHD---- C:\WINDOWS\Installer
2011-03-10 18:16:25 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft
2011-03-10 16:50:52 ----SHD---- C:\DrWeb Quarantine
2011-03-10 14:59:03 ----D---- C:\WINDOWS\system
2011-03-10 12:24:50 ----D---- C:\Program Files\DrWeb
2011-03-10 12:07:23 ----A---- C:\WINDOWS\win.ini
2011-03-10 12:07:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-09 21:45:50 ----D---- C:\Program Files\Mozilla Firefox
2011-03-09 21:16:15 ----HD---- C:\WINDOWS\inf
2011-03-09 21:13:30 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-09 21:13:30 ----AD---- C:\Program Files\Common Files
2011-03-09 21:12:23 ----D---- C:\WINDOWS\system32\drivers\etc
2011-03-01 10:07:01 ----D---- C:\Program Files\Common Files\Adobe
2011-03-01 10:06:58 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-03-01 10:06:38 ----D---- C:\Program Files\Adobe
2011-02-28 16:31:14 ----D---- C:\WINDOWS\muis
2011-01-27 01:00:04 ----HD---- C:\WINDOWS\system32\E6EF85
2011-01-27 01:00:03 ----D---- C:\WINDOWS\myhost

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DwProt;DrWeb Protection; C:\WINDOWS\system32\drivers\dwprot.sys [2010-04-20 119288]
R0 ibtpqr;ibtpqr; C:\WINDOWS\system32\drivers\mzezr.sys [2008-04-15 29504]
R0 nvata;nvata; C:\WINDOWS\system32\drivers\nvata.sys [2008-10-25 93568]
R0 nvata5;nvata5; C:\WINDOWS\system32\drivers\nvata5.sys [2008-10-25 100736]
R0 ohci1394;Texas Instruments OHCI-совместимый IEEE 1394 хост-контроллер; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-15 61696]
R0 si3114r5;SiI-3114 SoftRaid 5 Controller; C:\WINDOWS\system32\DRIVERS\Si3114r5.sys [2007-02-07 209200]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2004-11-01 10368]
R0 SiRemFil;SATALink External Device Filter; C:\WINDOWS\system32\DRIVERS\SiRemFil.sys [2006-10-19 5504]
R0 SpiderG3;DrWeb file system scanner; C:\WINDOWS\system32\drivers\spiderg3.sys [2010-05-23 75000]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-22 717296]
R1 DRWEBAF;DrWEB Firewall Application Filter; \??\C:\WINDOWS\system32\drivers\drwebaf.sys []
R1 uzm5ntgz;AVZ-RK Kernel Driver; \??\C:\WINDOWS\system32\Drivers\uzm5ntgz.sys []
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-15 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-10-11 62848]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-25 4127488]
R3 Arp1394;Протокол клиента 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-10-24 60800]
R3 DrWebPF;DrWeb Packet Filter Driver; C:\WINDOWS\system32\DRIVERS\DrWebPF.sys [2010-05-23 72184]
R3 HidUsb;Драйвер класса HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Драйвер мыши HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-19 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2006-02-26 5810]
R3 NIC1394;Сетевой драйвер 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-10-24 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-08-07 52736]
R3 nvmpu401;Service for NVIDIA(R) nForce(TM) MIDI UART; C:\WINDOWS\system32\drivers\nvmpu401.sys [2006-02-26 10240]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-08-07 18944]
R3 usbaudio;Аудио драйвер USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Класс принтеров Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Драйвер USB-сканера; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-08-18 290176]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-21 3299840]
S3 CCDECODE;Closed Caption декодер; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PAC7302;PC Camera; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2008-05-12 460544]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 WSTCODEC;World Standard Teletext кодек; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-03-02 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-03-02 82944]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-08-21 573440]
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2010-06-03 1504600]
R2 MediaCenter;MS Media Control Center; C:\WINDOWS\System32\svchost.exe [2008-04-15 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 yksvc;Marvell Yukon Service; ykx32mpcoinst,serviceStartProc []
S2 DescriptionHero2;·юОсНР№Ь Internet ГЬФїЅ»»»(IKE)єНЙн·ЭСйЦ¤ Internet Р­Тй(AuthIP)јьїШДЈїйЎЈHero2; C:\WINDOWS\system32\bajlk.exe []
S2 FiieFox;FiieFox Driver; C:\WINDOWS\system32\fiiefox.exe []
S2 Mster;MSstrol Center; C:\WINDOWS\System32\svchost.exe [2008-04-15 14336]
S2 WinHelp32;Windows Help System; C:\WINDOWS\system32\WinHelp32.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-22 152984]

-----------------EOF-----------------