Logfile of random's system information tool 1.07 (written by random/random)
Run by Владелец at 2011-10-04 11:33:38
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 33 GB (85%) free of 38 GB
Total RAM: 503 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:47, on 04.10.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\БСЗ\avz4\avz.exe
C:\БСЗ\RSIT.exe
C:\Program Files\trend micro\Владелец.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O22 - SharedTaskScheduler: Предзагрузчик Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Демон кэша категорий компонентов - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 3876 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc7ce365fe8060.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-02-21 281768]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2002-12-31 159232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2002-12-31 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2004-06-18 67584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-01-27 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2002-12-31 239616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF
"NoActiveDesktop"=0
"NoDesktopCleanupWizard"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2011-10-04 11:33:39 ----D---- C:\Program Files\trend micro
2011-10-04 11:33:38 ----D---- C:\rsit
2011-09-30 09:36:34 ----D---- C:\Documents and Settings\Владелец.K-4\Application Data\Avira
2011-09-26 14:52:59 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-08-31 16:32:21 ----D---- C:\Копия Realty2
2011-08-25 15:04:26 ----D---- C:\Program Files\Common Files\DESIGNER
2011-08-25 15:04:11 ----D---- C:\WINDOWS\SHELLNEW
2011-08-25 15:04:06 ----D---- C:\Program Files\Microsoft.NET
2011-08-25 15:04:05 ----D---- C:\Program Files\Common Files\ODBC
2011-08-25 11:38:27 ----D---- C:\WINDOWS\TEMP
2011-08-25 11:03:58 ----D---- C:\Documents and Settings\Владелец.K-4\Application Data\Macromedia
2011-08-25 10:59:52 ----D---- C:\Program Files\Pothos

======List of files/folders modified in the last 3 months======

2011-10-04 11:33:39 ----RD---- C:\Program Files
2011-10-04 11:21:23 ----D---- C:\БСЗ
2011-10-04 11:11:24 ----ASH---- C:\boot.ini
2011-10-04 11:11:24 ----A---- C:\WINDOWS\win.ini
2011-10-04 11:11:24 ----A---- C:\WINDOWS\system.ini
2011-10-04 10:50:53 ----D---- C:\Realty2
2011-10-04 10:40:00 ----D---- C:\WINDOWS\system32\drivers
2011-10-04 09:59:18 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-03 11:21:25 ----SD---- C:\Documents and Settings\Владелец.K-4\Application Data\Microsoft
2011-09-28 12:00:12 ----D---- C:\Program Files\Mozilla Firefox
2011-09-27 10:02:32 ----SHD---- C:\WINDOWS\Installer
2011-09-27 10:02:19 ----SD---- C:\WINDOWS\Tasks
2011-09-26 14:52:59 ----D---- C:\WINDOWS
2011-09-23 10:50:39 ----D---- C:\Documents and Settings\Владелец.K-4\Application Data\PhotoScape
2011-08-31 09:25:03 ----SHD---- C:\System Volume Information
2011-08-31 09:25:03 ----D---- C:\WINDOWS\system32\Restore
2011-08-30 14:53:37 ----D---- C:\Program Files\FreeSpacer
2011-08-25 15:06:12 ----RSD---- C:\WINDOWS\Fonts
2011-08-25 15:06:07 ----D---- C:\Program Files\Microsoft Office
2011-08-25 15:06:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-08-25 15:05:37 ----A---- C:\WINDOWS\ODBC.INI
2011-08-25 15:05:18 ----RSD---- C:\WINDOWS\assembly
2011-08-25 15:04:30 ----D---- C:\WINDOWS\system32
2011-08-25 15:04:26 ----D---- C:\Program Files\Common Files
2011-08-25 15:04:25 ----HD---- C:\WINDOWS\inf
2011-08-25 15:04:06 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-08-25 15:03:57 ----D---- C:\Program Files\Common Files\System
2011-08-25 15:01:37 ----D---- C:\WINDOWS\system
2011-08-25 14:51:29 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-25 14:46:27 ----D---- C:\WINDOWS\pchealth
2011-08-25 11:52:33 ----D---- C:\Documents and Settings\Владелец.K-4\Application Data\Mozilla
2011-08-25 11:38:29 ----D---- C:\WINDOWS\system32\spool
2011-08-25 11:38:29 ----D---- C:\WINDOWS\SoftwareDistribution
2011-08-25 11:22:39 ----D---- C:\Program Files\Google
2011-08-25 11:03:58 ----D---- C:\Documents and Settings\Владелец.K-4\Application Data\Adobe
2011-08-25 11:03:17 ----D---- C:\WINDOWS\system32\wbem
2011-08-25 11:03:14 ----D---- C:\Program Files\Map
2011-08-25 11:03:13 ----D---- C:\bin
2011-08-25 11:03:05 ----D---- C:\WINDOWS\WinSxS
2011-08-25 11:03:05 ----D---- C:\WINDOWS\system32\oobe
2011-08-25 11:03:05 ----D---- C:\WINDOWS\system32\NtmsData
2011-08-25 11:03:05 ----D---- C:\WINDOWS\system32\mui
2011-08-25 11:03:05 ----D---- C:\WINDOWS\security
2011-08-25 11:03:05 ----D---- C:\WINDOWS\repair
2011-08-25 11:03:05 ----D---- C:\WINDOWS\Registration
2011-08-25 11:03:04 ----D---- C:\WINDOWS\ime
2011-08-25 11:03:04 ----D---- C:\WINDOWS\Debug
2011-08-25 11:03:04 ----D---- C:\Program Files\Windows Media Player
2011-08-25 11:03:04 ----D---- C:\Program Files\Tile3D
2011-08-25 11:03:04 ----D---- C:\Program Files\LGGSM
2011-08-25 11:03:04 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-06-29 138192]
R1 intelppm;Драйвер Intel процессора; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2002-12-31 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 uzeyodey;AVZ-RK Kernel Driver; \??\C:\WINDOWS\system32\Drivers\uzeyodey.sys []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-06-29 66616]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2004-05-17 41984]
R2 irda;ИК-протокол IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 Rasirda;Минипорт WAN (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2002-12-31 26624]
R3 usbhub;USB2 концентратор; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2002-12-31 57600]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204]
S3 Arp1394;Протокол клиента 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2002-12-31 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-01-27 669696]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2009-01-19 85969]
S3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;Сетевой драйвер 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2002-12-31 61824]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-20 3198368]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
S3 PortTalk;PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [2002-01-12 3567]
S3 RivaTunerEx;RivaTunerEx; \??\C:\Program Files\RivaTuner\RivaTunerEx.sys []
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2002-12-31 17024]
S3 usbprint;Класс принтеров Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 ZTEGsmDataCard;ZTE USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\zteusbgser.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-06-29 269480]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-04 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-04 136176]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-01-27 397312]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-01-27 512000]
S4 Irmon;Монитор инфракрасной связи; C:\WINDOWS\system32\svchost.exe [2002-12-31 14336]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-20 127043]

-----------------EOF-----------------