Не открываются сайты , просит отправить смс.

[Elisium]

Не открываются вконтакте и майл.ру, просит отправить смс. В файле хостс ничего о них нет.

info.txt

info.txt logfile of random’s system information tool 1.06 2010-11-21 17:48:25

======Uninstall list======

—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
—>MsiExec /X{F9835182-794B-4F24-902A-E2CA9D43380F}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
µTorrent—>»C:Program FilesuTorrentuTorrent.exe» /UNINSTALL
7-Zip 4.65—>»C:Program Files7-ZipUninstall.exe»
ABBYY FineReader 9.0 Professional Edition—>MsiExec.exe /I{F9000000-0001-0000-0000-074957833700}
ACDSee Pro 2.5—>MsiExec.exe /I{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}
Acrobat.com—>MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR—>c:Program FilesCommon FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashFlashUtil10l_Plugin.exe -maintain plugin
Adobe Reader 9.1—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
AIMP2—>C:Program FilesAIMP2Uninstall.exe
AkelPad 4.1.5—>C:WINDOWSsystem32AkelFilesUninstall.exe
AnVir Task Manager—>»C:Program FilesAnVir Task ManagerAnVir.exe» Uninstall
Apple Application Support—>MsiExec.exe /I{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
Apple Mobile Device Support—>MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}
Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASUSUpdate—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{587178E7-B1DF-494E-9838-FA4DD36E873C}setup.exe» -l0x9
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver—>»C:Program FilesInstallShield Installation Information{3108C217-BE83-42E4-AE9E-A56A2A92E549}Setup.exe» -runfromtemp -l0x0009 -removeonly
Atheros Ethernet Utility—>»C:Program FilesInstallShield Installation Information{FB686487-C637-4EEF-BCB1-C92463F2CC05}setup.exe» -runfromtemp -l0x0009 -removeonly
Atomic Alarm Clock 5.85—>»C:Program FilesAtomic Alarm Clockunins000.exe»
BlueSoleil—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}Setup.exe» -l0x19
Bonjour—>MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
Bred3.0.3—>C:Program FilesBred3uninst.exe
Classic Menu 3.x for Office 2007—>»C:Program FilesClassic Menu for Officeunins000.exe»
DivX Setup—>C:Documents and SettingsAll UsersApplication DataDivXSetupDivXSetup.exe /uninstall /bundleGroupId divx.com
Driver Genius Professional Edition—>»C:Program FilesDriver-SoftDriverGeniusunins000.exe»
EPU-4 Engine—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}setup.exe» -l0x9
Express Gate—>MsiExec.exe /X{99AD9D6D-A456-49EE-8360-F22EE7AA1272}
FaceFilter Studio 2—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}SETUP.EXE» -l0x9 /uninstall
FastStone Image Viewer 3.9—>C:Program FilesFastStone Image Vieweruninst.exe
Foxit Creator—>C:Program FilesFoxit SoftwarePDF Creatoruninstall.exe
Foxit PDF Editor—>C:Program FilesFoxit SoftwarePDF Editoruninstall.exe
Foxit Reader—>C:Program FilesFoxit SoftwareFoxit ReaderUninstall.exe
Free PS Convert driver 8.15—>»C:Program Filespsconvertunins000.exe»
Glary Utilities 2.14.0.711—>»C:Program FilesGlary Utilitiesunins000.exe»
Google Chrome—>»C:Program FilesGoogleChromeApplication7.0.517.44Installersetup.exe» —uninstall —system-level
Google Update Helper—>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HashTab 3.0.0—>C:Program FilesHashTab Shell Extensionuninst.exe
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=»»
IconChanger—>C:Program FilesIconChangerInstall.exe uninstall
IconSaver v2.01—>C:Program FilesRM-SoftIconSaveruninstall.exe
ICQ7.2—>»C:Program FilesInstallShield Installation Information{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}ICQ7.exe» -runfromtemp -l0x0009 -removeonly
iTunes—>MsiExec.exe /I{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}
Java(TM) 6 Update 14—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
JMicron JMB36X Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}setup.exe» -l0x19 -removeonly
Media Player Classic — Home Cinema v. 1.3.1249.0—>»C:Program FilesMPC HomeCinemaunins000.exe»
MediaCoder 0.6.1—>C:Program FilesMediaCoderuninst.exe
Medieval CUE Splitter—>MsiExec.exe /I{B96D2269-568B-4CBF-9332-12FAE8B158F7}
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{736D8DEB-66C6-3655-9D59-DF6493A81F77}
Microsoft .NET Framework 2.0 Service Pack 2—>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{6CF6A814-CE65-39FC-BBBC-6CB340A4028B}
Microsoft .NET Framework 3.0 Service Pack 2—>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 — rus—>MsiExec.exe /I{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}
Microsoft .NET Framework 3.5 SP1—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 SP1setup.exe
Microsoft .NET Framework 3.5 SP1—>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWdf01007$spuninstspuninst.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
ModernForex—>C:Program FilesFxClubModernForexuninstall.exe
Mozilla Firefox (3.0.11)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero Micro 9.2.6.0 Build.2.3—>»C:Program FilesNeroUninstalluninstall.exe» «/U:C:Program FilesNeroUninstalluninstall.xml»
Nokia Connectivity Cable Driver—>MsiExec.exe /I{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}
Nokia Lifeblog 2.1—>MsiExec.exe /I{EE565795-2776-415A-B31C-EB3A8D7C6FA4}
Nokia PC Suite—>MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
Nokia Software Launcher—>MsiExec.exe /I{5CCABD37-479D-4304-B1A5-67952C25F8F2}
Nokia Software Updater—>MsiExec.exe /X{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}
NVIDIA Drivers—>C:WINDOWSsystem32nvuninst.exe UninstallGUI
NVIDIA PhysX—>MsiExec.exe /X{F9835182-794B-4F24-902A-E2CA9D43380F}
Opera 10.63—>MsiExec.exe /X{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}
Paint.NET v3.36—>MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
Path2Clipboard 1.0.8 (Remove only)—>»C:Program FilesVDSoftPath2Clipboardunins000.exe»
PC Connectivity Solution—>MsiExec.exe /I{7397EDED-F38A-4654-B669-BF61065803D0}
PC Probe II—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F7338FA3-DAB5-49B2-900D-0AFB5760C166}setup.exe» -l0x9
PhotoInstrument 2.4—>»C:Program FilesPhotoInstrumentunins000.exe»
Prio v1.9.8.1536—>C:Program FilesPrioprio_uninstall.exe
Process Killer (Только удаление)—>C:Program FilesProcess Killeruninstall.exe
Punto Switcher 3.1—>C:Program FilesYandexPunto Switcheruninstall.exe
QuickTime—>MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
Rainy Screensaver 2.2.10—>C:Program FilesRainy ScreensaverUninstall.exe C:WINDOWSsystem32RainySs.scr /uninstall
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -l0x19 -removeonly
Safari—>MsiExec.exe /I{2EEC2A94-7204-45C6-93BB-67EAEB19E4D6}
Skype™ 4.2—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Snagit 10—>MsiExec.exe /I{542FE221-0FF1-494E-A534-380FB9F486D4}
StarCraft II—>»D:GamesStarCraft IIunins000.exe»
STDU Viewer version 1.5.270.0—>»C:Program FilesSTDU Viewerunins000.exe»
Teorex Inpaint—>C:WINDOWSsystem32GKSUI20.EXE C:Program FilesTeorex InpaintUninstall1AD5.DAT
The KMPlayer (remove only)—>»C:Program FilesThe KMPlayeruninstall.exe»
Total Commander 7.04 PowerPack—>»C:Program FilesTotal Commanderuninstall.exe»
Turbo Key—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}setup.exe» -l0x9
Unlocker 1.8.7—>C:Program FilesUnlockeruninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=»»
VC80CRTRedist — 8.0.50727.4053—>MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Visual Task Tips—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVTTips3.inf,Uninstall
WebMoney Advisor—>regsvr32 /u /s «C:Program FilesWebMoney Advisortbu06031wmadvisor.dll»
WebMoney Agent—>C:Program FilesWebMoney Agentuninst_wmagent.exe
WebMoney Keeper Classic 3.8.0.0—>»C:Program FilesWebMoneyUninstall.exe» «C:Program FilesWebMoneyinstall.log» -u
Windows Driver Package — Nokia Modem (06/12/2006 6.81.0.21)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_62A340731F8930057B44B8864F236850B0D49D65nokbtmdm.inf
Windows Internet Explorer 8—>»C:WINDOWSie8spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Player Firefox Plugin—>MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Word to PDF Converter 3.0—>»C:Program FilesPDF-Convertdoc2pdfunins000.exe»
Xilisoft AVI to DVD Converter—>C:Program FilesXilisoftAVI to DVD ConverterUninstall.exe
xStarter—>»C:Program FilesxStarterunins000.exe»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Надстройка Microsoft для сохранения в формате PDF или XPS для программ выпуска 2007 системы Microsoft Office—>MsiExec.exe /X{90120000-00B2-0419-0000-0000000FF1CE}
Обновление безопасности для Windows Internet Explorer 7 (KB938127-v2)—>»C:WINDOWSie7updatesKB938127-v2-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB961260)—>»C:WINDOWSie7updatesKB961260-IE7spuninstspuninst.exe»
Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)—>C:PROGRA~1DIFXB4723E9A0713E5B1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294pccsmcfd.inf
Программа удаления hp LaserJet 3300—>C:Program FilesHewlett-PackardLaserJet 33xxUninstallsetup.exe uninst.ini
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS—>c:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 Language Pack SP1 — russetup.exe

======Hosts File======

127.0.0.1 serial.alcohol-soft.com
127.0.0.1 http://www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com

======System event log======

Computer Name: MEGA
Event Code: 7035
Message: Служба «Диспетчер подключений удаленного доступа» успешно отправила управляющий элемент «запустить».

Record Number: 6099
Source Name: Service Control Manager
Time Written: 20100919130717.000000+360
Event Type: информация
User: MEGAADMIN

Computer Name: MEGA
Event Code: 7036
Message: Служба «Телефония» перешла в состояние Работает.

Record Number: 6098
Source Name: Service Control Manager
Time Written: 20100919130717.000000+360
Event Type: информация
User:

Computer Name: MEGA
Event Code: 7036
Message: Служба «Совместимость быстрого переключения пользователей» перешла в состояние Работает.

Record Number: 6097
Source Name: Service Control Manager
Time Written: 20100919130639.000000+360
Event Type: информация
User:

Computer Name: MEGA
Event Code: 7035
Message: Служба «Совместимость быстрого переключения пользователей» успешно отправила управляющий элемент «запустить».

Record Number: 6096
Source Name: Service Control Manager
Time Written: 20100919130639.000000+360
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: MEGA
Event Code: 7036
Message: Служба «Служба шлюза уровня приложения» перешла в состояние Работает.

Record Number: 6095
Source Name: Service Control Manager
Time Written: 20100919130532.000000+360
Event Type: информация
User:

=====Application event log=====

Computer Name: MEGA
Event Code: 105
Message:
Record Number: 2714
Source Name: DvmMDES
Time Written: 20100821144931.000000+360
Event Type: информация
User:

Computer Name: MEGA
Event Code: 100
Message: Service started

Record Number: 2713
Source Name: Bonjour Service
Time Written: 20100821144931.000000+360
Event Type: информация
User:

Computer Name: MEGA
Event Code: 1000
Message: Ошибка приложения printcard.exe, версия 2.0.1.1, модуль kernel32.dll, версия 5.1.2600.5781, адрес 0x00012afb.

Record Number: 2712
Source Name: Application Error
Time Written: 20100820130749.000000+360
Event Type: ошибка
User:

Computer Name: MEGA
Event Code: 1000
Message: Ошибка приложения printcard.exe, версия 2.0.1.1, модуль kernel32.dll, версия 5.1.2600.5781, адрес 0x00012afb.

Record Number: 2711
Source Name: Application Error
Time Written: 20100820130747.000000+360
Event Type: ошибка
User:

Computer Name: MEGA
Event Code: 100
Message: 420: ERROR: read_msg errno 10054 (Удаленный хост принудительно разорвал существующее подключение.)

Record Number: 2710
Source Name: Bonjour Service
Time Written: 20100820120919.000000+360
Event Type: ошибка
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesNVIDIA CorporationPhysXCommon;C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesPrio;C:Program FilesQuickTimeQTSystem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 23 Stepping 6, GenuineIntel
«PROCESSOR_REVISION»=1706
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«asl.log»=Destination=file;OnFirstLog=command,environment,parent
«CLASSPATH»=.;C:Program FilesJavajre6libextQTJava.zip
«QTJAVA»=C:Program FilesJavajre6libextQTJava.zip

---

EOF

---

log.txt

Logfile of random’s system information tool 1.06 (written by random/random)
Run by ADMIN at 2010-11-21 17:44:28
Microsoft Windows XP Professional Service Pack 3
System drive C: has 773 MB (3%) free of 25 GB
Total RAM: 2047 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:23, on 21.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesABBYYFineReader9.00LicensingPENetworkLicenseServer.exe
C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
C:Program FilesASUSAsSysCtrlService1.00.02AsSysCtrlService.exe
C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
C:Program FilesBonjourmDNSResponder.exe
C:ASUS.SYSconfigDVMExportService.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:WINDOWSExplorer.EXE
C:Program FilesProcess Killerprkiller.exe
C:Program FilesLifeView TVRRecSche.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSRTHDCPL.EXE
C:Program FilesASUSEPU-4 EngineFourEngine.exe
C:Program FilesASUSTurbo KeyTurboKey.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesDivXDivX UpdateDivXUpdate.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesAtomic Alarm ClockAtomicAlarmClock.exe
C:Program FilesRocketDockRocketDock.exe
C:Program FilesLouderItLouderIt.exe
C:Program FilesICQ7.2ICQ.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
C:Program FilesHewlett-PackardLaserJet 33xxhppdirector.exe
C:Program FilesYandexPunto Switcherpunto.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSsystem32hppapml0.exe
C:Program FilesOperaopera.exe
C:WINDOWSExplorer.EXE
C:Program FilesTechSmithSnagit 10SnagitEditor.exe
C:Documents and SettingsADMINРабочий столRSIT.exe
C:Program Filestrend microADMIN.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: TBSB03223 Class — {B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl Class — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 — Toolbar: QT Breadcrumbs Address Bar — {af83e43c-dd2b-4787-826b-31b17dee52ed} — mscoree.dll (file missing)
O3 — Toolbar: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O4 — HKLM..Run: [Process Killer] C:Program FilesProcess Killerprkiller.exe
O4 — HKLM..Run: [RecSche] «C:Program FilesLifeView TVRRecSche.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Six Engine] «C:Program FilesASUSEPU-4 EngineFourEngine.exe» -b
O4 — HKLM..Run: [JMB36X IDE Setup] C:WINDOWSRaidToolxInsIDE.exe
O4 — HKLM..Run: [ASUS Update Checker] C:Program FilesASUSASUSUpdateUpdateCheckerUpdateChecker.exe
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [Turbo Key] «C:Program FilesASUSTurbo KeyTurboKey.exe»
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [HP SchedIndexer] C:Program FilesHewlett-PackardLaserJet 33xxhppschedindexer.exe
O4 — HKLM..Run: [HP AutoIndexer] C:Program FilesHewlett-PackardLaserJet 33xxhppautoindexer.exe
O4 — HKLM..Run: [DivXUpdate] «C:Program FilesDivXDivX UpdateDivXUpdate.exe» /CHECKNOW
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [SkinClock] C:Program FilesAtomic Alarm ClockAtomicAlarmClock.exe
O4 — HKCU..Run: [RocketDock] «C:Program FilesRocketDockRocketDock.exe»
O4 — HKCU..Run: [louderit.exe] C:Program FilesLouderItLouderIt.exe
O4 — HKCU..Run: [AlcoholAutomount] «C:Program FilesAlcohol SoftAlcohol 120AxAutoMntSrv.exe» -automount
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ7.2ICQ.exe» silent loginmode=4
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Punto Switcher.lnk = C:Program FilesYandexPunto Switcherpunto.exe
O4 — Global Startup: BlueSoleil.lnk = ?
O4 — Global Startup: HP LaserJet Director.lnk = C:Program FilesHewlett-PackardLaserJet 33xxhppdirector.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 — Extra button: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra ‘Tools’ menuitem: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra button: ICQ7.2 — {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} — C:Program FilesICQ7.2ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ7.2 — {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} — C:Program FilesICQ7.2ICQ.exe
O9 — Extra button: (no name) — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — (no file)
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{43A7BD9E-0F6B-42D7-AE53-98B38F12759F}: NameServer = 195.226.220.30,195.226.220.31
O17 — HKLMSystemCCSServicesTcpip..{855CA890-1D9E-4C55-B6D0-1D28398FF706}: NameServer = 195.226.220.30,195.226.220.31
O17 — HKLMSystemCCSServicesTcpip..{9B0531B0-32A4-46E0-9096-A0B9EB700685}: NameServer = 195.226.220.30,195.226.220.31
O17 — HKLMSystemCCSServicesTcpip..{A2476F3A-CB69-4586-B565-5D78ADB5CB99}: NameServer = 195.226.220.30,195.226.220.31
O17 — HKLMSystemCCSServicesTcpip..{C5E6DEF0-FA58-405E-8DBF-43E971B796B4}: NameServer = 195.226.220.30,195.226.220.31
O17 — HKLMSystemCS1ServicesTcpip..{43A7BD9E-0F6B-42D7-AE53-98B38F12759F}: NameServer = 195.226.220.30,195.226.220.31
O17 — HKLMSystemCS2ServicesTcpip..{43A7BD9E-0F6B-42D7-AE53-98B38F12759F}: NameServer = 195.226.220.30,195.226.220.31
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 — AppInit_DLLs: prio.dll
O23 — Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) — ABBYY (BIT Software) — C:Program FilesCommon FilesABBYYFineReader9.00LicensingPENetworkLicenseServer.exe
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
O23 — Service: ASUS System Control Service (AsSysCtrlService) — Unknown owner — C:Program FilesASUSAsSysCtrlService1.00.02AsSysCtrlService.exe
O23 — Service: BlueSoleil Hid Service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
O23 — Service: Служба Bonjour (Bonjour Service) — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: DeviceVM Meta Data Export Service (DvmMDES) — DeviceVM, Inc. — C:ASUS.SYSconfigDVMExportService.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба Google Update (gupdate) (gupdate) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: ServiceLayer — Nokia — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — StarWind Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe

—
End of file — 10347 bytes

======Scheduled tasks folder======

C:WINDOWStasksAppleSoftwareUpdate.job
C:WINDOWStasksGlaryInitialize.job
C:WINDOWStasksGoogleUpdateTaskMachineCore1cb855f3460e506.job
C:WINDOWStasksUser_Feed_Synchronization-{13B27689-B110-4F63-9DBA-7A6F093A6C81}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10}]
TBSB03223 Class — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-06-30 41368]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-06-30 73728]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{af83e43c-dd2b-4787-826b-31b17dee52ed} — QT Breadcrumbs Address Bar — C:WINDOWSsystem32mscoree.dll [2008-07-25 282112]
{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — WebMoney Advisor — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Process Killer»=C:Program FilesProcess Killerprkiller.exe [2005-07-30 38400]
«RecSche»=C:Program FilesLifeView TVRRecSche.exe [2006-08-17 454656]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2009-04-30 13750272]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2009-05-01 86016]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2009-08-14 18702336]
«Six Engine»=C:Program FilesASUSEPU-4 EngineFourEngine.exe [2009-10-15 5822464]
«JMB36X IDE Setup»=C:WINDOWSRaidToolxInsIDE.exe [2007-03-20 36864]
«ASUS Update Checker»=C:Program FilesASUSASUSUpdateUpdateCheckerUpdateChecker.exe [2008-12-11 114688]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2009-02-27 35696]
«Turbo Key»=C:Program FilesASUSTurbo KeyTurboKey.exe [2009-06-02 1769472]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2010-07-21 141608]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2010-08-10 421888]
«HP SchedIndexer»=C:Program FilesHewlett-PackardLaserJet 33xxhppschedindexer.exe [2002-01-03 94208]
«HP AutoIndexer»=C:Program FilesHewlett-PackardLaserJet 33xxhppautoindexer.exe [2002-01-03 90112]
«DivXUpdate»=C:Program FilesDivXDivX UpdateDivXUpdate.exe [2010-09-17 1164584]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 37376]
«SkinClock»=C:Program FilesAtomic Alarm ClockAtomicAlarmClock.exe [2008-09-24 527360]
«RocketDock»=C:Program FilesRocketDockRocketDock.exe [2007-09-02 495616]
«louderit.exe»=C:Program FilesLouderItLouderIt.exe [2008-02-19 41472]
«AlcoholAutomount»=C:Program FilesAlcohol SoftAlcohol 120AxAutoMntSrv.exe [2009-11-15 33120]
«ICQ»=C:Program FilesICQ7.2ICQ.exe [2010-11-14 133432]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDownload Master]
C:Program FilesDownload Masterdmaster.exe -autorun []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNSLauncher]
C:Program FilesNokiaNokia Software LauncherNSLauncher.exe [2006-11-28 2658304]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPcSync]
C:Program FilesNokiaNokia PC Suite 6PcSync2.exe [2006-06-27 1449984]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPunto Switcher]
C:Program FilesPunto Switcherpunto.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2010-08-10 421888]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkype\PhoneSkype.exe [2010-09-02 13351304]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched]
C:Program FilesJavajre6binjusched.exe [2009-06-30 148888]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregUnlockerAssistant]
C:Program FilesUnlockerUnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregwmagent.exe]
C:Program FilesWebMoney Agentwmagent.exe [2009-10-19 210400]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«WMPNetworkSvc»=3
«WmiApSrv»=3
«VSS»=3
«SysmonLog»=3
«SCardSvr»=3
«RDSessMgr»=3
«ImapiService»=3
«idsvc»=3

C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
HP LaserJet Director.lnk — C:Program FilesHewlett-PackardLaserJet 33xxhppdirector.exe

C:Documents and SettingsADMINГлавное менюПрограммыАвтозагрузка
Punto Switcher.lnk — C:Program FilesYandexPunto Switcherpunto.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»prio.dll»

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
C:WINDOWSsystem32WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=255
«NoUserNameInStartMenu»=1
«NoDriveAutoRun»=67108863
«HonorAutorunSetting»=1
«NoRecentDocsNetHood»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesTeamViewer 4TeamViewer 4.exe»=»C:Program FilesTeamViewer 4TeamViewer 4.exe:*:Enabled:Приложение для удаленного управления TeamViewer»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesSkypePlugin ManagerskypePM.exe»=»C:Program FilesSkypePlugin ManagerskypePM.exe:*:Enabled:Skype Extras Manager»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe»=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe:*:Enabled:BlueSoleil»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Служба Bonjour»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
«C:Program FilesICQ7.2ICQ.exe»=»C:Program FilesICQ7.2ICQ.exe:*:Enabled:ICQ7.2»
«C:Program FilesICQ7.2aolload.exe»=»C:Program FilesICQ7.2aolload.exe:*:Enabled:aolload.exe»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesICQ7.2ICQ.exe»=»C:Program FilesICQ7.2ICQ.exe:*:Enabled:ICQ7.2»
«C:Program FilesICQ7.2aolload.exe»=»C:Program FilesICQ7.2aolload.exe:*:Enabled:aolload.exe»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2E]
shellAutoRuncommand — E:Setup.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{26a8ff5c-9626-11df-b295-000a9417f4d7}]
shellAutoRuncommand — F:RECYCLERS-51-9-25-3434476501-1644491934-602326628-1214Zsnkstm.exe
shellopencommand — F:RECYCLERS-51-9-25-3434476501-1644491934-602326628-1214Zsnkstm.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{8a57e004-9360-11df-b285-806d6172696f}]
shellAutoRuncommand — E:Setup.exe

======File associations======

.bat — edit — C:Program FilesBred3Bred3_2k.exe «%1»
.cmd — edit — C:Program FilesBred3Bred3_2k.exe «%1»
.inf — open — C:Program FilesBred3Bred3_2k.exe «%1»
.ini — open — notepad.exe %1
.js — edit — C:Program FilesBred3Bred3_2k.exe «%1»
.reg — edit — C:Program FilesBred3Bred3_2k.exe «%1»
.txt — open — notepad.exe %1
.vbs — edit — C:Program FilesBred3Bred3_2k.exe «%1»

======List of files/folders created in the last 1 months======

2010-11-21 17:44:28 —-D—- C:rsit
2010-11-21 17:44:28 —-D—- C:Program Filestrend micro
2010-11-21 16:10:48 —-D—- C:WINDOWSLastGood
2010-11-21 16:10:37 —-SHD—- C:Config.Msi
2010-11-15 22:33:40 —-D—- C:Documents and SettingsADMINApplication DataDivX
2010-11-15 22:33:32 —-N—- C:WINDOWSsystem32pxinsi64.exe
2010-11-15 22:33:32 —-N—- C:WINDOWSsystem32pxcpyi64.exe
2010-11-15 22:33:22 —-D—- C:Program FilesCommon FilesDivX Shared
2010-11-15 22:29:21 —-D—- C:Program FilesGoogle
2010-11-15 22:29:02 —-D—- C:Program FilesDivX
2010-11-15 22:27:59 —-D—- C:Documents and SettingsAll UsersApplication DataDivX
2010-11-15 22:23:46 —-D—- C:Program FilesCommon FilesCreative
2010-11-14 22:03:03 —-A—- C:WINDOWSwinamp.ini
2010-11-14 19:23:02 —-D—- C:Program FilesICQ7.2
2010-11-14 17:12:12 —-D—- C:Program FilesTechSmith
2010-11-14 17:12:12 —-D—- C:Documents and SettingsAll UsersApplication DataTechSmith
2010-11-13 00:21:53 —-A—- C:WINDOWSsystem32usbinst32.dll
2010-11-13 00:21:39 —-D—- C:Program FilesHewlett-Packard
2010-11-12 19:53:00 —-D—- C:Program FilesDriver-Soft
2010-10-29 10:45:01 —-D—- C:Documents and SettingsADMINApplication DataBSS

======List of files/folders modified in the last 1 months======

2016-06-30 04:06:25 —-D—- C:Program FilesSTDU Viewer
2016-06-30 04:06:24 —-D—- C:Program FilesCommon FilesSTDUtility
2010-11-21 17:44:28 —-RD—- C:Program Files
2010-11-21 17:11:21 —-D—- C:WINDOWSTemp
2010-11-21 17:11:21 —-D—- C:WINDOWS
2010-11-21 16:11:50 —-SHD—- C:WINDOWSInstaller
2010-11-21 16:11:28 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2010-11-21 16:11:08 —-D—- C:WINDOWSsystem32
2010-11-21 16:10:58 —-D—- C:WINDOWSinf
2010-11-21 16:10:57 —-D—- C:WINDOWSsystem32drivers
2010-11-21 12:12:09 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-11-21 12:11:58 —-D—- C:WINDOWSsystem32CatRoot2
2010-11-21 12:11:03 —-A—- C:Documents and SettingsADMINApplication DataAtomicAlarmClock.ini
2010-11-20 20:51:51 —-D—- C:Documents and SettingsADMINApplication DataICQ
2010-11-19 17:19:14 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2010-11-19 08:50:49 —-D—- C:Documents and SettingsADMINApplication DatauTorrent
2010-11-18 20:05:20 —-D—- C:Program FilesuTorrent
2010-11-18 19:57:22 —-D—- C:Documents and SettingsADMINApplication DataAIMP
2010-11-16 14:20:20 —-D—- C:WINDOWSsystem32CatRoot
2010-11-16 12:23:45 —-SD—- C:WINDOWSTasks
2010-11-15 22:33:22 —-D—- C:Program FilesCommon Files
2010-11-15 17:45:13 —-D—- C:Program FilesWinFlip
2010-11-14 23:00:35 —-D—- C:Program FilesLifeView TVR
2010-11-14 22:46:08 —-D—- C:Program FilesAIMP2
2010-11-14 19:23:24 —-HD—- C:Program FilesInstallShield Installation Information
2010-11-14 17:12:12 —-D—- C:Documents and SettingsADMINApplication DataMicrosoft
2010-11-14 17:01:59 —-A—- C:WINDOWShpbafd.ini
2010-11-13 13:50:28 —-A—- C:Log.txt
2010-11-13 13:32:17 —-SHD—- C:System Volume Information
2010-11-13 02:27:11 —-D—- C:Documents and SettingsADMINApplication DataSkype
2010-11-13 02:03:32 —-D—- C:Program FilesПечать ценников
2010-11-13 02:02:58 —-D—- C:Documents and SettingsAll UsersApplication DataNorton
2010-11-13 00:22:48 —-A—- C:WINDOWSwin.ini
2010-11-13 00:22:48 —-A—- C:WINDOWSFMTMSAM.INI
2010-11-13 00:21:54 —-D—- C:IST
2010-11-12 22:44:53 —-D—- C:Documents and SettingsADMINApplication DataskypePM
2010-10-31 06:56:47 —-HD—- C:ASUS.000

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:WINDOWSsystem32driversAsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:WINDOWSsystem32driversAsUpIO.sys [2009-07-06 11448]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32driversKbdHid.sys [2008-04-15 14720]
R1 Prio;Prio; C:WINDOWSSystem32driversprio.sys [2008-03-31 34576]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-15 60800]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2005-04-30 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:WINDOWSsystem32DRIVERSvbtenum.sys [2005-04-30 11860]
R3 Cap7134;GOTVIEW SAA7134 Capture; C:WINDOWSsystem32DRIVERSCap7134.sys [2006-11-16 308736]
R3 Dot4;MS IEEE-1284.4 Driver; C:WINDOWSsystem32DRIVERSDot4.sys [2008-04-14 206976]
R3 Dot4Print;Драйвер класса принтеров для IEEE-1284.4; C:WINDOWSsystem32DRIVERSDot4Prt.sys [2001-08-17 12928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32driversHidUsb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2009-08-18 5884416]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:WINDOWSsystem32DRIVERSl1e51x86.sys [2009-08-05 39424]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32driversMouHid.sys [2001-10-20 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-14 5810]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-15 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2009-05-01 8055584]
R3 PhTVTune;GOTVIEW SAA7134 TVTuner; C:WINDOWSsystem32DRIVERSPhTVTune.sys [2006-11-16 24864]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:WINDOWSsystem32DRIVERSpoint32.sys [2008-06-10 31048]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2008-04-15 5888]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32driversusbccgp.sys [2008-04-14 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32driversusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32driversUSBHub.sys [2008-04-14 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32driversusbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2005-03-25 82148]
R4 KL1;kl1; C:WINDOWSsystem32DRIVERSkl1.sys []
R4 kl2;kl2; C:WINDOWSsystem32DRIVERSkl2.sys []
R4 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys []
S1 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32driversusbohci.sys [2008-04-14 17152]
S3 adebrdn2;adebrdn2; C:WINDOWSsystem32driversadebrdn2.sys []
S3 Ambfilt;Ambfilt; C:WINDOWSsystem32driversAmbfilt.sys [2008-08-05 1684736]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2005-04-06 23000]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:WINDOWSsystem32DRIVERSdot4usb.sys [2001-10-19 23936]
S3 Monfilt;Monfilt; C:WINDOWSsystem32driversMonfilt.sys [2006-01-04 1389056]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversccdcmbo.sys [2009-12-30 22016]
S3 NtApm;Драйвер интерфейса NT Apm/Legacy; C:WINDOWSsystem32DRIVERSNtApm.sys [2001-10-20 9472]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 PCnet;AMD PCNET совместимый адаптер, драйвер; C:WINDOWSsystem32DRIVERSpcntpci5.sys [2001-08-17 35328]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2008-10-31 117888]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:WINDOWSsystem32DRIVERSSymIM.sys [2010-07-26 36400]
S3 SymIMMP;SymIMMP; C:WINDOWSsystem32DRIVERSSymIM.sys [2010-07-26 36400]
S3 tosrfbd;Bluetooth RFBUS; C:WINDOWSsystem32DRIVERStosrfbd.sys [2008-04-23 131712]
S3 Tosrfhid;Bluetooth RFHID; C:WINDOWSsystem32DRIVERSTosrfhid.sys [2008-03-19 74112]
S3 tosrfusb;Bluetooth USB Controller; C:WINDOWSsystem32DRIVERStosrfusb.sys [2008-05-22 41856]
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2009-12-30 7936]
S3 USBAAPL;Apple Mobile USB Driver; C:WINDOWSSystem32Driversusbaapl.sys [2010-04-19 41984]
S3 usbaudio;Аудио драйвер USB (WDM); C:WINDOWSsystem32driversusbaudio.sys [2008-04-14 60032]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
S3 usbser;USB Modem Driver; C:WINDOWSsystem32driversusbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2009-12-30 7936]
S3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys []
S4 sr;Драйвер фильтра восстановления системы; C:WINDOWSsystem32DRIVERSsr.sys [2008-04-15 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:Program FilesCommon FilesABBYYFineReader9.00LicensingPENetworkLicenseServer.exe [2007-12-06 660768]
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [2010-06-10 144176]
R2 AsSysCtrlService;ASUS System Control Service; C:Program FilesASUSAsSysCtrlService1.00.02AsSysCtrlService.exe [2009-04-02 90112]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:Program FilesIVT CorporationBlueSoleilBTNtService.exe [2005-04-06 110592]
R2 Bonjour Service;Служба Bonjour; C:Program FilesBonjourmDNSResponder.exe [2010-05-18 345376]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:ASUS.SYSconfigDVMExportService.exe [2009-07-17 319488]
R2 nvsvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2009-05-01 168004]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2009-12-24 370688]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2010-07-21 540968]
S02000000 OMSCAN;OMSCAN; Sys []
S2 gupdate;Служба Google Update (gupdate); C:Program FilesGoogleUpdateGoogleUpdate.exe [2010-11-15 135664]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2010-01-26 652800]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
S4 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S4 idsvc;Windows CardSpace; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S4 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-06-30 152984]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]
S4 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-03 914944]

---

EOF

---

[Автор]

Сообщения