﻿Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Mishke at 2014-01-15 20:42:07
Microsoft Windows XP Professional Service Pack 3
Системный раздел C: размер 11 GB (18%) Свободно 60 GB
Total RAM: 1023 MB (50% free)

HijackThis download failed

======Папка назначеных зданий======

C:\WINDOWS\tasks\Резервная копия реестра.job

======Снимок реестра======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"zlock_tray"=C:\Program Files\SecurIT\Zlock\zlock_tray.exe [2012-02-21 143624]
"zcrashsend15"=C:\Program Files\Common Files\SecurIT\zcrashsend15.exe [2012-02-21 680200]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-03-17 1040384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VistaIcon]
C:\Program Files\VistaDriveIcon\VistaDrv.exe [2008-01-02 132096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ярлык для страницы свойств High Definition Audio]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2010-03-12 219736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallTheme"=%WinDir%\Resources\Themes\OpusOS.Theme
"InstallVisualStyle"=%WinDir%\Resources\Themes\OpusOS\OpusOS.msstyles
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=255
"NoDriveTypeAutoRun_KL_saved"=253

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Mishke\Рабочий стол\аыва\opera.exe"="C:\Documents and Settings\Mishke\Рабочий стол\аыва\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======Список файлов и папок, созданных за последние 1 месяц======

2014-01-15 20:40:14 ----D---- C:\rsit
2014-01-15 20:40:14 ----D---- C:\Program Files\trend micro
2014-01-15 20:35:27 ----A---- C:\WINDOWS\system32\drivers\uti3mtk2.sys
2014-01-15 20:28:25 ----D---- C:\WINDOWS\pss
2014-01-15 13:15:19 ----D---- C:\Documents and Settings\Mishke\Application Data\Help
2014-01-15 12:35:17 ----D---- C:\Program Files\avz4
2014-01-15 07:01:17 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-14 08:05:46 ----D---- C:\Documents and Settings\Mishke\Application Data\ATI
2014-01-14 08:05:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2014-01-14 08:01:30 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2014-01-14 08:00:30 ----D---- C:\Program Files\ATI Technologies
2014-01-14 07:59:27 ----D---- C:\Program Files\Common Files\InstallShield
2014-01-14 07:58:53 ----D---- C:\ATI
2014-01-14 07:56:51 ----A---- C:\WINDOWS\WININIT.INI
2014-01-11 11:36:52 ----D---- C:\Program Files\Adobe Media Player
2014-01-11 11:33:29 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-01-11 11:29:36 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2014-01-11 10:59:38 ----D---- C:\AdobeCS4
2014-01-11 10:54:34 ----D---- C:\Program Files\Adobe
2014-01-09 22:02:22 ----A---- C:\WINDOWS\system32\capicom.dll
2014-01-09 22:01:33 ----A---- C:\EMPTY MFG.txt
2014-01-06 20:18:01 ----A---- C:\WINDOWS\system32\ptpusb.dll
2014-01-06 20:17:56 ----A---- C:\WINDOWS\system32\ptpusd.dll
2014-01-06 20:17:48 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2014-01-06 17:31:33 ----D---- C:\НЕ ТРОГАТЬ!!!!
2014-01-06 13:15:48 ----A---- C:\WINDOWS\sbsystem.dat
2014-01-06 12:47:04 ----D---- C:\Program Files\Galaxy
2014-01-06 12:46:52 ----D---- C:\Program Files\Games
2014-01-04 18:58:58 ----D---- C:\Documents and Settings\Mishke\Application Data\Nero
2014-01-03 09:24:19 ----D---- C:\Documents and Settings\Mishke\Application Data\Durbetsel 7.1
2014-01-03 09:24:05 ----D---- C:\Program Files\Durbetsel
2014-01-03 09:12:40 ----D---- C:\Program Files\Millioner
2013-12-30 11:03:27 ----D---- C:\Documents and Settings\Mishke\Application Data\Ashampoo
2013-12-27 12:30:07 ----D---- C:\Documents and Settings\Mishke\Application Data\Ahead
2013-12-23 15:19:19 ----D---- C:\WINDOWS\system32\ShadowCopy
2013-12-23 15:16:49 ----A---- C:\WINDOWS\system32\drivers\klin.dat
2013-12-23 15:16:49 ----A---- C:\WINDOWS\system32\drivers\klick.dat
2013-12-23 15:15:45 ----D---- C:\Program Files\Kaspersky Lab
2013-12-23 15:15:27 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2013-12-23 15:13:55 ----D---- C:\Program Files\SecurIT
2013-12-23 15:13:55 ----D---- C:\Program Files\Common Files\SecurIT
2013-12-18 10:34:09 ----SHD---- C:\RECYCLER

======Список файлов и папок, измененных за последние 1 месяц======

2014-01-15 20:40:14 ----RD---- C:\Program Files
2014-01-15 20:37:18 ----D---- C:\WINDOWS\Prefetch
2014-01-15 20:35:27 ----D---- C:\WINDOWS\system32\drivers
2014-01-15 20:28:25 ----RD---- C:\WINDOWS
2014-01-15 20:24:04 ----D---- C:\WINDOWS\Temp
2014-01-15 17:47:56 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-15 17:38:42 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2014-01-15 14:21:33 ----SH---- C:\WINDOWS\desktop.ini
2014-01-15 14:21:33 ----SH---- C:\Program Files\Desktop.ini
2014-01-15 14:02:23 ----D---- C:\Documents and Settings\Mishke\Application Data\Media Player Classic
2014-01-15 12:35:24 ----HD---- C:\WINDOWS\inf
2014-01-15 10:32:43 ----D---- C:\Documents and Settings\Mishke\Application Data\vlc
2014-01-15 07:01:41 ----D---- C:\WINDOWS\ERDNT
2014-01-15 07:01:17 ----AD---- C:\WINDOWS\system32
2014-01-15 00:13:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-14 22:46:05 ----D---- C:\WINDOWS\Minidump
2014-01-14 08:05:48 ----D---- C:\WINDOWS\system32\config
2014-01-14 08:03:35 ----SHD---- C:\WINDOWS\Installer
2014-01-14 08:03:34 ----RSD---- C:\WINDOWS\assembly
2014-01-14 08:03:21 ----D---- C:\WINDOWS\WinSxS
2014-01-14 08:01:49 ----HD---- C:\Program Files\InstallShield Installation Information
2014-01-14 08:01:38 ----SD---- C:\Documents and Settings\Mishke\Application Data\Microsoft
2014-01-14 07:59:27 ----D---- C:\Program Files\Common Files
2014-01-11 13:27:27 ----D---- C:\Program Files\Common Files\Adobe
2014-01-11 13:20:20 ----D---- C:\Documents and Settings\Mishke\Application Data\Adobe
2014-01-11 11:36:10 ----ASD---- C:\WINDOWS\Fonts
2014-01-10 11:16:09 ----D---- C:\DPS
2014-01-09 22:02:24 ----D---- C:\SysInfo
2014-01-09 22:02:24 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-01-06 20:18:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-06 12:26:40 ----D---- C:\WINDOWS\system32\wbem
2014-01-06 12:26:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-06 10:06:13 ----D---- C:\Program Files\Total Commander
2013-12-27 08:34:42 ----D---- C:\WINDOWS\Help
2013-12-25 21:42:09 ----RD---- C:\WINDOWS\Web
2013-12-24 19:06:40 ----D---- C:\WINDOWS\system32\Restore
2013-12-23 15:19:17 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2013-12-23 15:15:45 ----SHD---- C:\System Volume Information
2013-12-23 15:14:23 ----SD---- C:\WINDOWS\Tasks
2013-12-20 22:11:13 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-12-18 18:46:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-12-18 18:42:42 ----D---- C:\WINDOWS\repair
2013-12-16 12:22:39 ----D---- C:\Program Files\VistaDriveIcon

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 mv61xxmm;mv61xxmm; C:\WINDOWS\system32\drivers\mv61xxmm.sys [2008-04-15 13616]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-12-05 477240]
R0 zlock_drv;zlock_drv; C:\WINDOWS\system32\Drivers\zlock_drv.sys [2012-02-21 568704]
R0 zntf_drv;Znotify driver; C:\WINDOWS\system32\Drivers\zntf_drv.sys [2012-02-21 41808]
R1 intelppm;Драйвер Intel процессора; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40704]
R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2013-12-23 226320]
R2 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-04-15 133632]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-04-15 62848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-03-24 331264]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2009-09-03 24848]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-15 20608]
S1 kbdhid;Драйвер клавиатуры HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 HdAudAddService;Драйвер функции Microsoft UAA для службы High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Драйвер класса HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Драйвер мыши HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-19 12160]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Драйвер USB-сканера; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 uti3mtk2;AVZ Kernel Driver; \??\C:\WINDOWS\system32\Drivers\uti3mtk2.sys []
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2012-03-27 299424]
S3 zlock_tdi;zlock_tdi; \??\C:\WINDOWS\system32\Drivers\zlock_tdi.sys []

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [2010-03-12 311680]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 zservice15;Zservice 1.5; C:\Program Files\Common Files\SecurIT\zservice15.exe [2012-02-21 48904]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 ICM_UpdaterService;ICM_UpdaterService Disp; C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 914944]

-----------------EOF-----------------
