Лог утилиты random's system information tool 1.08 (автор: random/random) Run by Alex at 2012-01-08 13:31:45 Microsoft Windows 7 Домашняя расширенная Service Pack 1 Системный раздел C: размер 202 GB (72%) Свободно 281 GB Total RAM: 4014 MB (58% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:31:48, on 08.01.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Users\Alex\AppData\Local\Yandex\Updater\praetorian.exe C:\Program Files (x86)\RocketDock\RocketDock.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe C:\Games\World_of_Tanks\worldoftanks.exe C:\Program Files\trend micro\Alex.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?clid=40316 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Помощник по входу с помощью идентификатора Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Визуальные закладки - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing) O3 - Toolbar: Яндекс.Бар - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [msi LED Manager] C:\Program Files (x86)\msi\msi LED Manager\SLM.exe O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [Praetorian] C:\Users\Alex\AppData\Local\Yandex\Updater\praetorian.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Adobe Updater.lnk = C:\Windows\System32\cmd.exe O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10898 bytes ======Список процессов====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k RPCSS winlogon.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\nvvsvc.exe -session -first C:\windows\system32\svchost.exe -k NetworkService "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\windows\system32\WLANExt.exe 22924528 \??\C:\windows\system32\conhost.exe "87114908-3762452146209758011264806240-50687500-14102552492118177000-280124777 "C:\windows\system32\Dwm.exe" C:\windows\Explorer.EXE "C:\Users\Alex\AppData\Local\Yandex\Updater\praetorian.exe" "C:\Program Files (x86)\RocketDock\RocketDock.exe" "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe" "C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe" "C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" C:\windows\System32\spoolsv.exe "taskhost.exe" C:\windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe" "C:\Program Files (x86)\System Control Manager\MSIService.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" taskeng.exe {7B8A09A3-F72E-43FE-BDF1-B11376FE390D} "C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe" -UseTray C:\windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2876 "C:\Program Files\Motorola\Bluetooth\obexsrv.exe" C:\windows\system32\wbem\unsecapp.exe -Embedding C:\windows\system32\wbem\wmiprvse.exe "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" C:\windows\system32\wbem\unsecapp.exe -Embedding C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" C:\windows\system32\svchost.exe -k WindowsMobile C:\windows\System32\svchost.exe -k secsvcs "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Games\World_of_Tanks\worldoftanks.exe" wot_wait_for_mutex "C:\Users\Alex\Downloads\RSITx64.exe" C:\windows\system32\wbem\wmiprvse.exe ======Снимок реестра====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Помощник по входу с помощью идентификатора Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}] Визуальные закладки - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll [2011-10-06 2721080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {91397D20-1446-11D4-8AF4-0040CA1127B6} - Яндекс.Бар - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll [2011-10-06 12336440] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Praetorian"=C:\Users\Alex\AppData\Local\Yandex\Updater\praetorian.exe [2011-10-06 1515352] "RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552] "MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2010-03-18 2408448] "msi LED Manager"=C:\Program Files (x86)\msi\msi LED Manager\SLM.exe [2010-06-22 2793984] "NVIDIAOCAP"=C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe [2010-06-11 81408] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Adobe Updater.lnk - C:\Windows\System32\cmd.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\windows\System32\DreamScene.dll [2009-05-12 275360] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======Ассоциации файлов====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======Список файлов и папок, созданных за последние 3 месяца====== 2012-01-08 13:31:45 ----D---- C:\rsit 2012-01-07 16:31:06 ----D---- C:\Program Files\trend micro 2012-01-07 14:52:37 ----A---- C:\windows\system32\shell32.dll 2012-01-07 14:52:35 ----A---- C:\windows\SYSWOW64\shell32.dll 2011-12-31 10:54:58 ----A---- C:\windows\system32\DreamScene.dll 2011-12-31 10:54:51 ----A---- C:\windows\SYSWOW64\DreamScene.dll 2011-12-16 16:30:15 ----D---- C:\Program Files (x86)\NewFreeScreensavers 2011-12-14 17:36:31 ----A---- C:\windows\SYSWOW64\mshtmled.dll 2011-12-14 17:36:31 ----A---- C:\windows\system32\mshtmled.dll 2011-12-14 17:36:30 ----A---- C:\windows\SYSWOW64\iertutil.dll 2011-12-14 17:36:30 ----A---- C:\windows\system32\iertutil.dll 2011-12-14 17:36:29 ----A---- C:\windows\SYSWOW64\urlmon.dll 2011-12-14 17:36:29 ----A---- C:\windows\SYSWOW64\url.dll 2011-12-14 17:36:29 ----A---- C:\windows\SYSWOW64\ieui.dll 2011-12-14 17:36:29 ----A---- C:\windows\system32\urlmon.dll 2011-12-14 17:36:29 ----A---- C:\windows\system32\url.dll 2011-12-14 17:36:29 ----A---- C:\windows\system32\ieui.dll 2011-12-14 17:36:28 ----A---- C:\windows\system32\jsproxy.dll 2011-12-14 17:36:27 ----A---- C:\windows\SYSWOW64\wininet.dll 2011-12-14 17:36:27 ----A---- C:\windows\system32\wininet.dll 2011-12-14 17:36:26 ----A---- C:\windows\system32\jscript9.dll 2011-12-14 17:36:25 ----A---- C:\windows\SYSWOW64\jsproxy.dll 2011-12-14 17:36:25 ----A---- C:\windows\SYSWOW64\jscript9.dll 2011-12-14 17:36:25 ----A---- C:\windows\SYSWOW64\jscript.dll 2011-12-14 17:36:25 ----A---- C:\windows\system32\jscript.dll 2011-12-14 17:36:24 ----A---- C:\windows\SYSWOW64\mshtml.dll 2011-12-14 17:36:22 ----A---- C:\windows\system32\mshtml.dll 2011-12-14 17:36:21 ----A---- C:\windows\SYSWOW64\ieframe.dll 2011-12-14 17:36:20 ----A---- C:\windows\system32\ieframe.dll 2011-12-14 15:26:42 ----A---- C:\windows\system32\csrsrv.dll 2011-12-14 15:26:41 ----A---- C:\windows\system32\win32k.sys 2011-12-14 15:26:40 ----A---- C:\windows\SYSWOW64\EncDec.dll 2011-12-14 15:26:40 ----A---- C:\windows\system32\EncDec.dll 2011-12-14 15:26:36 ----A---- C:\windows\SYSWOW64\tzres.dll 2011-12-14 15:26:36 ----A---- C:\windows\system32\tzres.dll 2011-11-12 15:15:35 ----D---- C:\Users\Alex\AppData\Roaming\MicroST 2011-11-12 15:15:35 ----D---- C:\kBawvXSGcz0G4Ws 2011-11-10 15:34:19 ----D---- C:\Users\Alex\AppData\Roaming\InstallShield 2011-11-08 23:09:33 ----A---- C:\windows\system32\drivers\tcpip.sys 2011-10-20 14:07:42 ----A---- C:\windows\SYSWOW64\unrar.dll 2011-10-20 14:07:39 ----D---- C:\Program Files (x86)\K-Lite Codec Pack 2011-10-13 04:01:40 ----A---- C:\windows\SYSWOW64\psisdecd.dll 2011-10-13 04:01:40 ----A---- C:\windows\system32\psisdecd.dll 2011-10-13 04:01:22 ----A---- C:\windows\SYSWOW64\oleaut32.dll 2011-10-13 04:01:22 ----A---- C:\windows\SYSWOW64\oleacc.dll 2011-10-13 04:01:22 ----A---- C:\windows\system32\oleacc.dll 2011-10-13 04:01:21 ----A---- C:\windows\system32\oleaut32.dll ======Список файлов и папок, измененных за последние 3 месяца====== 2012-01-08 13:31:48 ----D---- C:\windows\Temp 2012-01-08 13:31:43 ----AD---- C:\ProgramData\TEMP 2012-01-08 13:29:46 ----D---- C:\windows\system32\drivers\etc 2012-01-08 12:13:22 ----D---- C:\windows\system32\config 2012-01-07 20:44:57 ----D---- C:\windows\System32 2012-01-07 20:44:57 ----D---- C:\windows\inf 2012-01-07 20:44:57 ----A---- C:\windows\system32\PerfStringBackup.INI 2012-01-07 18:36:35 ----D---- C:\Users\Alex\AppData\Roaming\Mumble 2012-01-07 18:13:05 ----D---- C:\windows\SYSWOW64\drivers 2012-01-07 16:31:06 ----RD---- C:\Program Files 2012-01-07 16:03:35 ----D---- C:\windows\Microsoft.NET 2012-01-07 16:03:16 ----RSD---- C:\windows\assembly 2012-01-07 15:07:50 ----D---- C:\Windows 2012-01-07 15:07:47 ----D---- C:\windows\winsxs 2012-01-07 15:05:34 ----D---- C:\windows\SysWOW64 2012-01-07 15:01:46 ----SHD---- C:\windows\Installer 2012-01-07 14:58:23 ----D---- C:\ProgramData\Microsoft Help 2012-01-07 14:55:22 ----D---- C:\windows\system32\drivers 2012-01-07 14:55:22 ----D---- C:\windows\system32\catroot 2012-01-07 14:55:21 ----D---- C:\windows\system32\DriverStore 2012-01-07 14:54:58 ----SHD---- C:\System Volume Information 2012-01-07 14:52:28 ----D---- C:\windows\system32\catroot2 2012-01-07 13:08:19 ----D---- C:\windows\system32\NDF 2011-12-31 15:55:06 ----D---- C:\Users\Alex\AppData\Roaming\Skype 2011-12-31 11:57:45 ----D---- C:\Users\Alex\AppData\Roaming\uTorrent 2011-12-31 11:09:05 ----SD---- C:\Users\Alex\AppData\Roaming\Microsoft 2011-12-31 11:01:04 ----D---- C:\windows\Prefetch 2011-12-31 10:56:29 ----D---- C:\windows\SYSWOW64\en-US 2011-12-31 10:54:58 ----D---- C:\windows\system32\en-US 2011-12-31 10:54:52 ----D---- C:\windows\Web 2011-12-31 09:58:24 ----RD---- C:\Program Files (x86) 2011-12-25 08:38:52 ----D---- C:\Program Files (x86)\Mozilla Firefox 2011-12-23 07:36:16 ----D---- C:\windows\rescache 2011-12-16 17:56:34 ----D---- C:\windows\debug 2011-12-15 12:39:42 ----D---- C:\windows\SYSWOW64\migration 2011-12-15 12:39:42 ----D---- C:\windows\system32\migration 2011-12-15 12:39:42 ----D---- C:\Program Files\Internet Explorer 2011-12-15 12:39:42 ----D---- C:\Program Files (x86)\Internet Explorer 2011-12-14 17:38:01 ----A---- C:\windows\system32\MRT.exe 2011-12-14 17:35:11 ----D---- C:\windows\SYSWOW64\ru-RU 2011-12-14 17:35:11 ----D---- C:\windows\system32\ru-RU 2011-12-05 11:14:09 ----A---- C:\ProgramData\CameraRecorder.ini 2011-12-04 23:16:55 ----D---- C:\windows\system32\wdi 2011-11-28 22:01:23 ----A---- C:\windows\SYSWOW64\aswBoot.exe 2011-11-28 22:01:14 ----A---- C:\windows\system32\aswBoot.exe 2011-11-25 10:32:21 ----D---- C:\Games 2011-11-12 22:27:20 ----D---- C:\Program Files (x86)\Yandex 2011-11-12 22:26:54 ----RD---- C:\Program Files (x86)\Skype 2011-11-10 21:59:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2011-11-10 12:38:48 ----D---- C:\Program Files (x86)\Common Files 2011-11-10 07:30:59 ----D---- C:\Program Files\Common Files\System 2011-11-04 21:25:55 ----D---- C:\Program Files (x86)\uTorrent 2011-11-01 22:46:42 ----D---- C:\windows\Tasks 2011-11-01 22:46:42 ----D---- C:\windows\system32\wfp 2011-11-01 22:46:42 ----D---- C:\windows\system32\wbem 2011-11-01 22:46:41 ----D---- C:\windows\system32\CodeIntegrity 2011-11-01 22:46:37 ----D---- C:\windows\AppCompat 2011-11-01 22:46:33 ----D---- C:\windows\registration 2011-11-01 22:42:37 ----D---- C:\windows\system32\LogFiles 2011-11-01 21:52:53 ----D---- C:\ProgramData\FLEXnet 2011-10-20 14:03:25 ----D---- C:\Users\Alex\AppData\Roaming\COWON 2011-10-20 14:02:58 ----D---- C:\Program Files (x86)\JetVideo 2011-10-15 16:03:22 ----D---- C:\windows\system32\Tasks 2011-10-14 07:39:48 ----D---- C:\windows\ehome 2011-10-14 07:39:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight ======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)====== R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-09-05 828912] R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-11-28 42328] R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-11-28 591192] R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-11-28 304472] R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-11-28 58712] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408] R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-26 254528] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-05-10 2363936] R3 NETw5s64;Драйвер адаптера Intel(R) Wireless WiFi Link серии 5000 для Windows 7 64 Bit ; C:\windows\system32\DRIVERS\NETw5s64.sys [2010-03-17 7680512] R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824] R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224] R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-01-07 302128] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S2 Vcs;Vcs support; \??\C:\windows\system32\Drivers\Vcs.sys [] S3 ASNDIS4;ASNDIS4 Protocol Driver; \??\C:\windows\syswow64\ASNDIS4.SYS [] S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656] S3 awynaser;awynaser; C:\windows\system32\drivers\awynaser.sys [] S3 BthEnum;Драйвер блока запроса Bluetooth; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984] S3 BthPan;Устройства Bluetooth (личной сети); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Драйвер порта Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 552960] S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-09 52736] S3 BTMHID;BTMHID; C:\windows\system32\DRIVERS\btmhid.sys [2010-03-22 34048] S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-04-15 3231104] S3 EUCR;EUCR; C:\windows\system32\DRIVERS\EUCR6SK.SYS [2009-12-05 87888] S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [] S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 usb_rndisx;Адаптер USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968] S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768] R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-03-05 1425168] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768] R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2010-03-09 393320] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 27136] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-03-05 831760] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 27136] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-04-15 4170504] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-14 1028096] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-04-15 1096456] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-14 647680] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-03-05 340240] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-26 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------