Лог утилиты random's system information tool 1.09 (автор: random/random) Run by Андрей at 2013-05-02 09:27:14 Microsoft Windows 7 Максимальная Системный раздел C: размер 18 GB (47%) Свободно 38 GB Total RAM: 2047 MB (39% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:28:11, on 02.05.2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16968) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\ProgramData\DatacardService\DCSHelper.exe D:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe C:\Program Files\MegaFon Internet\MegaFon Internet.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\System32\SupportAppXL\AutoDect.exe C:\ProgramData\VKSaver\VKSaver.exe C:\Windows\System32\HotFixQ0306270.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\OdinDoma\bin\a\ChildGUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\taskhost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Users\Андрей\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Андрей\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Андрей\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Андрей\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\WinRAR\WinRAR.exe C:\Users\A4F7~1\AppData\Local\Temp\Rar$EXa0.151\avz4\avz.exe C:\Users\Андрей\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Users\Андрей\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Андрей\AppData\Local\Google\Chrome\Application\chrome.exe D:\Program Files\Download Master\dmaster.exe C:\Users\Андрей\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Андрей\Downloads\Программы\RSIT.exe C:\Program Files\trend micro\Андрей.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?clid=46240 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - (no file) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file) O2 - BHO: IE 4.x-6.x BHO for Download Master - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - D:\PROGRA~1\DOWNLO~1\dmiehlp.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Визуальные Закладки - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll O3 - Toolbar: Яндекс.Бар - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll O3 - Toolbar: (no name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - (no file) O4 - HKLM\..\Run: [actx.exe] "D:\Program Files\MegaFon\MultiFon\actx.exe" /dontstart O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [autodetect] C:\Windows\system32\SupportAppXL\AutoDect.exe O4 - HKLM\..\Run: [VKSaver] C:\ProgramData\VKSaver\VKSaver.exe O4 - HKLM\..\Run: [PLFFAP] C:\Windows\system32\HotFixQ0306270.exe O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Один дома] C:\Program Files\OdinDoma\OdinDomaGUI.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Google Update] "C:\Users\Андрей\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [HW_OPENEYE_OUC_] "C:\Program Files\MegaFon Internet\UpdateDog\ouc.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Закачать ВСЕ при помощи Download Master - D:\Program Files\Download Master\dmieall.htm O8 - Extra context menu item: Закачать при помощи Download Master - D:\Program Files\Download Master\dmie.htm O8 - Extra context menu item: Передать на удаленную закачку DM - D:\Program Files\Download Master\remdown.htm O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - D:\Program Files\Download Master\dmaster.exe O9 - Extra 'Tools' menuitem: &Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - D:\Program Files\Download Master\dmaster.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{0B030BAC-F801-4B02-BAA9-0C8D5F5640BE}: NameServer = 10.163.182.8 10.163.182.11 O17 - HKLM\System\CCS\Services\Tcpip\..\{58541D12-59A0-4471-80B7-7B146A573043}: NameServer = 10.163.182.8 10.163.182.11 O17 - HKLM\System\CCS\Services\Tcpip\..\{7C116A34-9862-435B-96DB-0978FFFE8674}: NameServer = 10.163.182.8 10.163.182.11 O17 - HKLM\System\CCS\Services\Tcpip\..\{BA3010C4-09C5-4E67-B4D8-854A8AB0B3D1}: NameServer = 10.163.182.9 10.163.182.10 O17 - HKLM\System\CCS\Services\Tcpip\..\{D729E29C-4BFF-4CD8-B834-4F444F813202}: NameServer = 10.163.182.9 10.163.182.10 O17 - HKLM\System\CCS\Services\Tcpip\..\{E7C289C1-E25C-4BF6-813E-6FCA15F4BC12}: NameServer = 10.163.182.8 10.163.182.11 O17 - HKLM\System\CCS\Services\Tcpip\..\{F935D0F6-E79E-4632-AD1D-A0F4D026D812}: NameServer = 10.163.182.9 10.163.182.10 O17 - HKLM\System\CS1\Services\Tcpip\..\{0B030BAC-F801-4B02-BAA9-0C8D5F5640BE}: NameServer = 10.163.182.8 10.163.182.11 O17 - HKLM\System\CS2\Services\Tcpip\..\{0B030BAC-F801-4B02-BAA9-0C8D5F5640BE}: NameServer = 10.163.182.8 10.163.182.11 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll O20 - AppInit_DLLs: C:\PROGRA~2\Mozilla\ztlrhia.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: OdinDomaSRV - Unknown owner - C:\Program.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 9899 bytes ======Папка назначеных зданий====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1741688597-986822383-1107422506-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1741688597-986822383-1107422506-1000UA.job =========Mozilla firefox========= ProfilePath - C:\Users\Андрей\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "http://www.yandex.ru/?clid=46240" prefs.js - "keyword.URL" - "http://go.mail.ru/search?utf8in=1&fr=fftbUFix&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.6.602.180 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\searchplugins\ google.xml mailru.xml ozonru.xml priceru.xml wikipedia-ru.xml yandex-slovari.xml yandex.xml C:\Users\Андрей\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\ yasearch@yandex.ru {37964A3C-4EE8-47b1-8321-34DE2C39BA4D} C:\Users\Андрей\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\ mailru---.xml mailru.xml ======Снимок реестра====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}] SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 69760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9961627E-4059-41B4-8E0E-A7D6B3854ADF}] IE 4.x-6.x BHO for Download Master - D:\PROGRA~1\DOWNLO~1\dmiehlp.dll [2011-04-22 165184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}] Визуальные Закладки - C:\Program Files\Yandex\YandexBarIE\fastdial.dll [2011-05-05 2391864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {91397D20-1446-11D4-8AF4-0040CA1127B6} - Яндекс.Бар - C:\Program Files\Yandex\YandexBarIE\yndbar.dll [2011-05-05 13471544] {09900DE8-1DCA-443F-9243-26FF581438AF} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "actx.exe"=D:\Program Files\MegaFon\MultiFon\actx.exe [2009-05-27 5458432] "ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2011-02-24 98304] "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "autodetect"=C:\Windows\system32\SupportAppXL\AutoDect.exe [2009-05-26 122368] "VKSaver"=C:\ProgramData\VKSaver\VKSaver.exe [2013-02-03 224768] "PLFFAP"=C:\Windows\system32\HotFixQ0306270.exe [2003-08-05 45056] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-05-31 10082920] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 3117344] "Один дома"=C:\Program Files\OdinDoma\OdinDomaGUI.exe [2011-07-18 44544] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 641704] "AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504] "RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616] "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928] "Google Update"=C:\Users\Андрей\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-23 136176] "HW_OPENEYE_OUC_"=C:\Program Files\MegaFon Internet\UpdateDog\ouc.exe [2009-04-14 110592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\Mozilla\ztlrhia.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x91000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x91000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.l3fhg"=mp3fhg.acm "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm "VIDC.FFDS"=ff_vfw.dll "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "VIDC.FPS1"=frapsvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======Ассоциации файлов====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======Список файлов и папок, созданных за последние 3 месяца====== 2013-05-02 09:27:15 ----D---- C:\Program Files\trend micro 2013-05-02 09:27:14 ----D---- C:\rsit 2013-05-01 17:54:36 ----A---- C:\Windows\system32\drivers\ujexntq2.sys 2013-05-01 17:54:08 ----A---- C:\Windows\system32\drivers\utexntq2.sys 2013-04-25 19:20:35 ----D---- C:\ProgramData\Mozilla 2013-04-07 19:10:31 ----D---- C:\Program Files\domashku 2013-04-05 19:07:14 ----D---- C:\ProgramData\ATI 2013-04-05 19:07:12 ----D---- C:\Program Files\AMD AVT 2013-04-05 19:07:06 ----D---- C:\Program Files\AMD APP 2013-04-05 19:04:40 ----SHD---- C:\Config.Msi 2013-04-05 18:24:48 ----ASH---- C:\pagefile.sys 2013-03-31 13:11:39 ----D---- C:\Users\Андрей\AppData\Roaming\InstallShield 2013-03-23 12:39:00 ----A---- C:\Windows\101_asb.ini 2013-03-08 01:03:46 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2013-02-20 19:46:57 ----D---- C:\Program Files\power inverters, radar 2013-02-08 00:34:36 ----D---- C:\Program Files\OdinDoma ======Список файлов и папок, измененных за последние 3 месяца====== 2013-05-02 09:28:01 ----AD---- C:\ProgramData\TEMP 2013-05-02 09:27:51 ----D---- C:\Windows\Prefetch 2013-05-02 09:27:22 ----D---- C:\Windows\Temp 2013-05-02 09:27:15 ----D---- C:\Program Files 2013-05-02 09:02:39 ----D---- C:\Windows\System32 2013-05-02 09:02:39 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-05-02 08:55:47 ----D---- C:\Windows\system32\drivers 2013-05-01 18:51:02 ----D---- C:\Windows\system32\config 2013-05-01 18:36:32 ----D---- C:\Windows\Tasks 2013-05-01 18:36:32 ----D---- C:\Windows\system32\wfp 2013-05-01 18:36:32 ----D---- C:\Windows\system32\wbem 2013-05-01 18:36:32 ----D---- C:\Windows\system32\DriverStore 2013-05-01 18:36:32 ----D---- C:\Windows\system32\catroot2 2013-05-01 18:36:31 ----D---- C:\Windows\system32\CodeIntegrity 2013-05-01 18:36:30 ----D---- C:\Windows\inf 2013-05-01 18:36:30 ----D---- C:\Windows\AppCompat 2013-05-01 18:36:29 ----D---- C:\Windows\registration 2013-05-01 18:36:22 ----D---- C:\Users\Андрей\AppData\Roaming\Skype 2013-05-01 18:36:18 ----D---- C:\Program Files\koasols 2013-05-01 18:27:13 ----SHD---- C:\System Volume Information 2013-05-01 17:56:33 ----D---- C:\Windows 2013-05-01 17:49:28 ----D---- C:\Windows\system32\drivers\etc 2013-05-01 16:02:20 ----D---- C:\Users\Андрей\AppData\Roaming\skypePM 2013-04-25 19:20:35 ----HD---- C:\ProgramData 2013-04-25 19:20:35 ----D---- C:\Windows\system32\Tasks 2013-04-24 14:41:48 ----RD---- C:\Documents 2013-04-19 21:06:02 ----A---- C:\Windows\dirsaver.ini 2013-04-18 13:27:47 ----D---- C:\Windows\Minidump 2013-04-06 21:56:11 ----D---- C:\Windows\system32\catroot 2013-04-06 16:26:01 ----D---- C:\ProgramData\Microsoft Help 2013-04-05 19:07:13 ----SHD---- C:\Windows\Installer 2013-04-05 19:07:13 ----D---- C:\ProgramData\AMD 2013-04-05 19:06:31 ----D---- C:\Program Files\ATI Technologies 2013-04-05 18:13:46 ----D---- C:\Users\Андрей\AppData\Roaming\Auslogics 2013-04-05 18:10:08 ----RD---- C:\Users 2013-03-31 13:34:38 ----HD---- C:\Program Files\InstallShield Installation Information 2013-03-31 13:26:40 ----D---- C:\Program Files\Common Files\Adobe 2013-03-31 13:26:38 ----D---- C:\ProgramData\Adobe 2013-03-31 13:11:35 ----D---- C:\Program Files\Common Files\InstallShield 2013-03-24 21:06:10 ----D---- C:\Program Files\Google 2013-03-10 17:28:17 ----D---- C:\Windows\debug 2013-03-08 17:40:47 ----D---- C:\Users\Андрей\AppData\Roaming\ICQ 2013-03-05 18:46:50 ----D---- C:\ServerEmulator 2013-02-05 16:30:13 ----D---- C:\Windows\system32\NDF 2013-02-03 17:50:09 ----D---- C:\ProgramData\VKSaver ======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)====== R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 50624] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-16 691696] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584] R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152] R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 33656] R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2009-02-10 82320] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 148504] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 10070016] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-04 290304] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-02-23 86544] R3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-04-30 206336] R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-05-22 70656] R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-05-31 3511080] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 NVENETFD;Драйвер сетевого контроллера NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264] R3 PLFF;USB Flash Disk Driver; C:\Windows\System32\DRIVERS\plff.sys [2003-08-04 7040] S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-03-03 48640] S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352] S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2004-12-03 20544] S0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\Windows\System32\drivers\sfsync04.sys [2006-08-11 59776] S3 ag5cl9gw;ag5cl9gw; C:\Windows\system32\drivers\ag5cl9gw.sys [] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 10070016] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504] S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2009-11-02 9216] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224] S3 ujexntq2;AVZ-SG Kernel Driver; \??\C:\Windows\system32\Drivers\ujexntq2.sys [2013-05-02 10240] S3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 utexntq2;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utexntq2.sys [2013-05-02 7168] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-11-02 105088] S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2009-11-02 105088] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2009-11-02 105088] ======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-04 217088] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 291840] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-05-08 229376] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144] R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968] S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-31 136176] S2 OdinDomaSRV;OdinDomaSRV; C:\Program Files\OdinDoma\OdinDomaSRV [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 253656] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-31 136176] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] -----------------EOF-----------------