Висит окно с отправкой СМС, что делать?

[nina01]

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Нина at 2010-01-17 00:01:09
Microsoft Windows XP Professional Service Pack 2
System drive C: has 689 MB (9%) free of 8 GB
Total RAM: 1023 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:01:21, on 17.01.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32spoolsv.exe
E:Program Files2gisUpdateClientWin32UpdateClientService.exe
C:Program FilesCommon FilesABBYYFineReader9.00LicensingPENetworkLicenseServer.exe
E:Program FilesABBYY PDF Transformer 3.0NetworkLicenseServer.exe
C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesCommon FilesEPSONEBAPISAgent2.exe
C:Program FilesICQ6ToolbarICQ Service.exe
E:Program FilesAutodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe
C:Program FilesNeroNero8Nero BackItUpNBService.exe
C:Program FilesEsetnod32krn.exe
C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
C:Program FilesCommon FilesSafeNet SentinelSentinel Protection ServerWinNTspnsrvnt.exe
C:WINDOWSsystem32svchost.exe
E:Program FilesAutodesk3ds Max 9vrayspawner90.exe
E:Program FilesAutodesk3ds Max 93dsmax.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:TempAdskCleanup.0001
C:WINDOWSsystem32CMMON32.EXE
C:Program FilesMozilla Firefoxfirefox.exe
F:Загрузки MozillaRSIT(2).exe
E:Program FilesTrend MicroHijackThisНина.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.mail.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Windows Internet Explorer предоставлен: Mail.Ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — {95289393-33EA-4F8D-B952-483415B9C955} — (no file)
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: ArchiBar Toolbar — {24cc1362-11c6-4918-a2c0-b9ee5a563185} — C:Program FilesArchiBartbArch.dll
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: ArchiBar Toolbar — {24cc1362-11c6-4918-a2c0-b9ee5a563185} — C:Program FilesArchiBartbArch.dll
O2 — BHO: E-Zsoft VideoDownloaderToolBar — {4322A444-92F8-4C3E-BD4C-013BA51E2871} — C:Program FilesE-ZsoftYouTubeDownloaderVDTB.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_03binssv.dll
O2 — BHO: IEHlprObj Class — {CD4C3CF0-4B15-11D1-ABED-709549C10000} — E:Program FilesGo!ZillaGoIEHlp.dll
O3 — Toolbar: ArchiBar Toolbar — {24cc1362-11c6-4918-a2c0-b9ee5a563185} — C:Program FilesArchiBartbArch.dll
O3 — Toolbar: E-Zsoft VideoDownloaderToolBar — {4322A444-92F8-4C3E-BD4C-013BA51E2871} — C:Program FilesE-ZsoftYouTubeDownloaderVDTB.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE
O8 — Extra context menu item: &Перевести — C:Program FilesArsenal CompanySOCRAT InternetHTMLWSocrat.js
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Download with Go!Zilla — file://E:Program FilesGo!Zilladownload-with-gozilla.html
O9 — Extra button: (no name) — DctMapping — (no file)
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_03binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_03binssv.dll
O9 — Extra button: СОКРАТ Интернет 3.0 — {17FA5CD6-5737-45c2-B194-74C8A4A7F7E7} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternet.dll
O9 — Extra button: Настройки СОКРАТ Интернет 3.0 — {71F65890-5ED6-11d4-9665-00E02962D81A} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternetT.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Перевести страницу — {DFDC8970-FD66-4385-B8C0-835A4AA1DA00} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternet.dll
O9 — Extra button: WeatherBug — {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} — C:Program FilesAWSWeatherBugWeather.exe (file missing) (HKCU)
O14 — IERESET.INF: START_PAGE_URL=http://philka.ru
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 — HKLMSystemCCSServicesTcpip..{C30A1D20-CF35-4C01-8492-29FBD1F3A247}: NameServer = 78.29.2.21 78.29.2.22
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: 2GIS UpdateClientService — ДубльГИС — E:Program Files2gisUpdateClientWin32UpdateClientService.exe
O23 — Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) — ABBYY (BIT Software) — C:Program FilesCommon FilesABBYYFineReader9.00LicensingPENetworkLicenseServer.exe
O23 — Service: ABBYY PDF Transformer 3.0 Licensing Service (ABBYY.Licensing.PDFTransformer.Classic.3.0) — ABBYY — E:Program FilesABBYY PDF Transformer 3.0NetworkLicenseServer.exe
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Autodesk Licensing Service — Autodesk — C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) — SEIKO EPSON CORPORATION — C:Program FilesCommon FilesEPSONEBAPISAgent2.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: ICQ Service — Unknown owner — C:Program FilesICQ6ToolbarICQ Service.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) — Unknown owner — E:Program FilesAutodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Nero BackItUp Scheduler 3 — Nero AG — C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Protexis Licensing V2 (PSI_SVC_2) — Protexis Inc. — C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Sentinel Protection Server (SentinelProtectionServer) — SafeNet, Inc — C:Program FilesCommon FilesSafeNet SentinelSentinel Protection ServerWinNTspnsrvnt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: userinit — Unknown owner — \.globalrootC:WINDOWSsystem32usеrinit.exe (file missing)
O23 — Service: VRaySpawner 90 — Unknown owner — E:Program FilesAutodesk3ds Max 9vrayspawner90.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 11200 bytes

======Scheduled tasks folder======

C:WINDOWStasksAppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{24cc1362-11c6-4918-a2c0-b9ee5a563185}]
ArchiBar Toolbar — C:Program FilesArchiBartbArch.dll [2009-11-09 2331672]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4322A444-92F8-4C3E-BD4C-013BA51E2871}]
E-Zsoft VideoDownloaderToolBar — C:Program FilesE-ZsoftYouTubeDownloaderVDTB.dll [2008-11-03 42496]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_03binssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{CD4C3CF0-4B15-11D1-ABED-709549C10000}]
IEHlprObj Class — E:Program FilesGo!ZillaGoIEHlp.dll [2002-01-09 180224]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{24cc1362-11c6-4918-a2c0-b9ee5a563185} — ArchiBar Toolbar — C:Program FilesArchiBartbArch.dll [2009-11-09 2331672]
{4322A444-92F8-4C3E-BD4C-013BA51E2871} — E-Zsoft VideoDownloaderToolBar — C:Program FilesE-ZsoftYouTubeDownloaderVDTB.dll [2008-11-03 42496]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-06-12 958712]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-06-03 7946936]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAd Muncher]
E:Program FilesAd MuncherAdMunch.exe /bt []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregctfmon.exe]
C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregeMuleAutoStart]
E:Program FileseMule IS Modemule.exe [2008-02-19 5226496]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
E:Program FilesABBYY Lingvo 11 Six LanguagesLvagent.exe /STARTUP []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
E:Program FilesABBYY Lingvo 11 Six LanguagesTutor.exe /ND /NW /AS []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnod32kui]
C:Program FilesEsetnod32kui.exe [2009-03-05 921600]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregOpwareSE4]
C:Program FilesScanSoftOmniPageSE4.0OpwareSE4.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPunto Switcher]
C:Program FilesPunto Switcherps.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQIP2005]
E:Program FilesQIPqip.exe [2008-12-09 3259392]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2007-10-19 286720]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSafonov DuTraffic]
E:Program FilesSafHouseDUTrafficDUTraffic.exe [2004-07-06 1302528]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSSBkgdUpdate]
C:Program FilesCommon FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe [2003-09-30 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregYandexOnline]
C:Program FilesYandexOnlineonline.exe -AutoStart []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregYouTubeDownloader_upgrade]
C:Program FilesE-ZsoftYouTubeDownloaderYouTubeDownloader.exe [2008-11-03 361472]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users.WINDOWS^Главное меню^Программы^Автозагрузка^EPSON Status Monitor 3 Environment Check 2.lnk]
C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE [2001-08-23 135680]

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
EPSON Status Monitor 3 Environment Check 2.lnk — C:WINDOWSsystem32spooldriversw32x863E_SRCV02.EXE

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-05-09 52224]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«Start_NotifyNewApps»=0

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:WINDOWSsystem32sessmgr.exe»=»C:WINDOWSsystem32sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019»
«C:Program FilesМоя ИнтерсвязьeMule IS Modemule.exe»=»C:Program FilesМоя ИнтерсвязьeMule IS Modemule.exe:*:Enabled:eMule»
«C:Program FilesGraphisoftArchiCAD 10ArchiCAD.exe»=»C:Program FilesGraphisoftArchiCAD 10ArchiCAD.exe:*:Enabled:ArchiCAD 10.0.0 Component»
«E:Program FilesGraphisoftArchiCAD 10ArchiCAD.exe»=»E:Program FilesGraphisoftArchiCAD 10ArchiCAD.exe:*:Enabled:ArchiCAD 10.0.0 Component»
«E:Program FilesGraphisoftArchiCAD 12ArchiCAD.exe»=»E:Program FilesGraphisoftArchiCAD 12ArchiCAD.exe:*:Enabled:ArchiCAD 12.0.0 Component»
«C:Program FilesVideoLANVLCvlc.exe»=»C:Program FilesVideoLANVLCvlc.exe:*:Enabled:VLC media player»
«C:Program FilesQIPqip.exe»=»C:Program FilesQIPqip.exe:*:Enabled:Quiet Internet Pager»
«C:Program FilesGraphisoftArchiCAD 12ArchiCAD.exe»=»C:Program FilesGraphisoftArchiCAD 12ArchiCAD.exe:*:Enabled:ArchiCAD 12.0.0 Component»
«E:Program FilesAutodesk3ds Max 93dsmax.exe»=»E:Program FilesAutodesk3ds Max 93dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit»
«C:Program FilesAutodeskBackburnermonitor.exe»=»C:Program FilesAutodeskBackburnermonitor.exe:*:Enabled:backburner 2.3 monitor»
«C:Program FilesAutodeskBackburnermanager.exe»=»C:Program FilesAutodeskBackburnermanager.exe:*:Enabled:backburner 2.3 manager»
«C:Program FilesAutodeskBackburnerserver.exe»=»C:Program FilesAutodeskBackburnerserver.exe:*:Enabled:backburner 2.3 server»
«E:Program FilesМоя ИнтерсвязьeMule IS Modemule.exe»=»E:Program FilesМоя ИнтерсвязьeMule IS Modemule.exe:*:Disabled:eMule»
«E:Program FileseMuleemule.exe»=»E:Program FileseMuleemule.exe:*:Enabled:eMule»
«E:Program FileseMule IS Modemule.exe»=»E:Program FileseMule IS Modemule.exe:*:Enabled:EMule ISMOD»
«E:VRLServer.exe»=»E:VRLServer.exe:*:Enabled:VRLServer»
«E:Program FilesMyProxyMyProxy.exe»=»E:Program FilesMyProxyMyProxy.exe:*:Enabled:MyProxy»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«E:Program FilesQIPqip.exe»=»E:Program FilesQIPqip.exe:*:Enabled:Quiet Internet Pager»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Disabled:Opera Internet Browser»
«C:Program FilesWindows Media Playerwmplayer.exe»=»C:Program FilesWindows Media Playerwmplayer.exe:*:Enabled:Windows Media Player»
«E:Program Filesopenphoneopenphone.exe»=»E:Program Filesopenphoneopenphone.exe:*:Enabled:openphone»
«C:Program FilesCommon FilesSafeNet SentinelSentinel Protection ServerWinNTspnsrvnt.exe»=»C:Program FilesCommon FilesSafeNet SentinelSentinel Protection ServerWinNTspnsrvnt.exe:*:Disabled:Sentinel Protection Server»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
«C:Program FilesWIBUKEYServerWkSvW32.exe»=»C:Program FilesWIBUKEYServerWkSvW32.exe:*:Enabled:WIBU-KEY Network Server»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{44d736ca-cdaf-11dd-b102-0040f4ea4db5}]
shellAutoRuncommand — H:x.com
shellexplorecommand — H:x.com
shellopencommand — H:x.com

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{9fd223dd-04cb-11de-b15d-0040f4ea4db5}]
shellAutoRuncommand — H:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013sdcvhost.exe
shellopencommand — H:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013sdcvhost.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{aa26b69c-62fc-11de-b1f5-0040f4ea4db5}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL svcl32.VBS

======File associations======

.reg — open — «regedit.exe» «%1»
.scr — open —
.scr — install —
.scr — config —

======List of files/folders created in the last 1 months======

2010-01-17 23:16:47 —-D—- C:rsit
2010-01-17 01:53:23 —-A—- C:WINDOWSPDF2RTF.INI
2010-01-17 01:20:44 —-A—- C:WINDOWSsystem32pxc40pma.dll
2010-01-16 11:03:04 —-D—- C:Documents and SettingsНинаApplication Datacr3
2010-01-14 18:53:46 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataSTDUConverter
2009-12-29 10:25:16 —-A—- C:WINDOWSUpdateClientUI.INI

======List of files/folders modified in the last 1 months======

2010-01-18 23:39:05 —-D—- C:WINDOWSPrefetch
2010-01-18 21:08:50 —-SHD—- C:WINDOWSInstaller
2010-01-17 23:39:59 —-A—- C:WINDOWSSchedLgU.Txt
2010-01-17 13:56:13 —-D—- C:Documents and SettingsНинаApplication DatauTorrent
2010-01-17 02:00:07 —-RD—- C:Program Files
2010-01-17 01:43:07 —-A—- C:WINDOWSwin.ini
2010-01-17 01:37:49 —-D—- C:WINDOWSLhsp
2010-01-17 01:35:17 —-D—- C:WINDOWSTemp
2010-01-17 01:15:56 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataABBYY
2010-01-17 00:01:13 —-D—- C:Temp
2010-01-16 23:46:23 —-A—- C:vraylog.txt
2010-01-16 23:46:19 —-D—- C:WINDOWSsystem32
2010-01-16 23:44:27 —-D—- C:Program FilesMozilla Firefox
2010-01-16 23:43:25 —-D—- C:WINDOWS
2010-01-14 22:41:10 —-D—- C:Program FilesCommon Files
2010-01-14 19:55:19 —-D—- C:Documents and SettingsНинаApplication Datafoobar2000
2010-01-08 15:58:59 —-D—- C:Documents and SettingsНинаApplication DataAbvent_Artlantis2
2009-12-29 15:45:27 —-A—- C:WINDOWSNeroDigital.ini
2009-12-26 00:45:03 —-D—- C:Program FilesMicrosoft Office

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-11-25 48560]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 AMON;AMON; ??C:WINDOWSsystem32driversamon.sys []
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-11-25 94160]
R2 NSCADWRK;Sentinel Dongle Emulator Driver; ??C:WINDOWSsystem32DriversNSCADWRK.SYS []
R2 Sentinel;Sentinel; C:WINDOWSSystem32DriversSENTINEL.SYS [2005-11-10 88800]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:WINDOWSSYSTEM32DRIVERSWibuKey.sys [2006-11-22 72704]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:WINDOWSsystem32driversALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2004-02-27 611820]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-11-25 23120]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2004-08-04 1897408]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2008-11-09 10368]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2006-12-04 30080]
R3 usbhub;Драйвер стандартного концентратора USB (Microsoft); C:WINDOWSsystem32DRIVERSusbhub.sys [2006-12-04 59264]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2006-12-04 20608]
S3 a7pp3wat;a7pp3wat; C:WINDOWSsystem32driversa7pp3wat.sys []
S3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
S3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
S3 npkcrypt;npkcrypt; ??E:Program Filesvalhalla-age.ru_Interludesystemnpkcrypt.sys []
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:WINDOWSsystem32DRIVERSs0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSs0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:WINDOWSsystem32DRIVERSs0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:WINDOWSsystem32DRIVERSs0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:WINDOWSsystem32DRIVERSs0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:WINDOWSsystem32DRIVERSs0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:WINDOWSsystem32DRIVERSs0016unic.sys [2008-05-16 115752]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:WINDOWSsystem32DRIVERSse59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSse59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:WINDOWSsystem32DRIVERSse59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:WINDOWSsystem32DRIVERSse59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:WINDOWSsystem32DRIVERSse59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:WINDOWSsystem32DRIVERSse59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:WINDOWSsystem32DRIVERSse59unic.sys [2006-09-05 90800]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-04 26496]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-04-11 82944]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-04-11 87808]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:WINDOWSsystem32DRIVERSZTEusbmdm6k.sys [2008-06-30 104960]
S3 ZTEusbnmea;ZTE NMEA Port; C:WINDOWSsystem32DRIVERSZTEusbnmea.sys [2008-06-30 104960]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:WINDOWSsystem32DRIVERSZTEusbser6k.sys [2008-06-30 104960]
S4 sr;Драйвер фильтра восстановления системы; C:WINDOWSsystem32DRIVERSsr.sys [2004-08-17 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 2GIS UpdateClientService;2GIS UpdateClientService; E:Program Files2gisUpdateClientWin32UpdateClientService.exe [2008-09-17 1134592]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:Program FilesCommon FilesABBYYFineReader9.00LicensingPENetworkLicenseServer.exe [2007-12-06 660768]
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 Licensing Service; E:Program FilesABBYY PDF Transformer 3.0NetworkLicenseServer.exe [2009-05-14 759048]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2009-01-21 85096]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:Program FilesCommon FilesEPSONEBAPISAgent2.exe [2001-08-09 90112]
R2 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); E:Program FilesAutodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2007-09-20 853288]
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2009-03-05 507904]
R2 PSI_SVC_2;Protexis Licensing V2; C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe [2007-07-24 185632]
R2 SentinelProtectionServer;Sentinel Protection Server; C:Program FilesCommon FilesSafeNet SentinelSentinel Protection ServerWinNTspnsrvnt.exe [2005-11-10 204512]
R2 VRaySpawner 90;VRaySpawner 90; E:Program FilesAutodesk3ds Max 9vrayspawner90.exe [2009-12-06 110592]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S2 userinit;userinit; \.globalrootsystemrootsystem32usеrinit.exe [2004-08-17 146440]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-11-09 72704]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-01-25 654848]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2007-09-20 382248]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-07-06 89136]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-05-17 824832]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]

---

EOF

---

info.txt logfile of random’s system information tool 1.06 2010-01-17 23:16:54

======Uninstall list======

—>C:Program FilesNeroNero8\nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSIsUninst.exe -fC:WINDOWSsystem32UninstIPP.isu
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{4269E12F-3405-48E9-83A5-A2BBAA23FDFA}setup.exe» -l0x9 -removeonly
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
3dsmax ancillary install—>MsiExec.exe /I{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}
7-Zip 4.44 alpha 2—>»E:Program Files7-ZipUninstall.exe»
ABBYY FineReader 9.0 Professional Edition—>MsiExec.exe /I{F9000000-0001-0000-0000-074957833700}
ABBYY PDF Transformer 3.0—>MsiExec.exe /I {FA300000-0001-0000-0000-074957833700}
ABBYY PDF Transformer 3.0—>MsiExec.exe /X{FA300000-0001-0000-0000-074957833700}
ACDSee 9 Photo Manager—>MsiExec.exe /I{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)—>MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3—>MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3—>MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3—>MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting—>MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0—>MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps—>MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color — Photoshop Specific—>MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings—>MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings—>MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings—>MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings—>MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3—>MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3—>MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2—>MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player 9 ActiveX—>MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}
Adobe Fonts All—>MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3—>MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3—>MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files—>MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3—>C:Program FilesCommon FilesAdobeInstallersd5fe1f44895aadff2baacf24fe1402Setup.exe
Adobe Photoshop CS3—>MsiExec.exe /I{FD0399AC-A38B-4D4B-8164-D7B73AC24030}
Adobe Reader 8 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A81200000003}
Adobe Setup—>MsiExec.exe /I{30981FCD-4150-4AB4-BAC5-75C9E914347D}
Adobe Shockwave Player 11.5—>»C:WINDOWSsystem32AdobeShockwave 11uninstaller.exe»
Adobe Stock Photos CS3—>MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support—>MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3—>MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client—>MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin—>MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3—>MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Algodoo Phun edition v5.28—>»E:Program FilesAlgodoo Phun Editionunins000.exe»
Alteros 3D—>»E:Program FilesAlteros 3Duninstall.exe»
Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArchiBar Toolbar—>C:PROGRA~1ArchiBarUNWISE.EXE /U C:PROGRA~1ArchiBarINSTALL.LOG
ArchiCAD 12 RUS—>C:Program FilesGraphisoftArchiCAD 12Uninstall.ACuninstaller.exe
ArcSoft PhotoStudio 5.5—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{85309D89-7BE9-4094-BB17-24999C6118FC}SETUP.EXE» -l0x9
Artlantis Studio 2 2.0.3—>E:Program FilesArtlantis Studio 2uninst.exe
AutoCAD 2008 — Русский—>E:Program FilesAutoCAD 2008SetupSetup.exe /P {5783F2D7-6001-0419-0002-0060B0CE6BBA} /M ACAD
Autodesk 3ds Max 9 32-bit—>MsiExec.exe /I{E96D4088-AAC5-437F-9E39-EC0E387897B4}
Autodesk DWF Viewer 7—>MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
Autodesk DWF Viewer—>MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
avast! Antivirus—>C:Program FilesAlwil SoftwareAvast4aswRunDll.exe «C:Program FilesAlwil SoftwareAvast4Setupsetiface.dll»,RunSetup
Backburner—>MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
BitMeter—>»E:Program FilesCodeboxBitMeteruninstall.exe»
Canon CanoScan Toolbox 5.0—>»C:Program FilesCanonCanoScan Toolbox Ver5.0Maint.exe» /UninstallRemove C:Program FilesCanonCanoScan Toolbox Ver5.0uninst.ini
CanoScan LiDE 600F—>»C:WINDOWSsystem32CanonIJ Uninstaller Information{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802DelDrv.exe» /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802 /L0x0019
CCleaner (remove only)—>»C:Program FilesCCleaneruninst.exe»
CorelDRAW Graphics Suite X4 — Capture—>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 — Content—>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 — Draw—>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 — Filters—>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 — FontNav—>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 — ICA—>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 — IPM—>MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 — Lang RU—>MsiExec.exe /I{C4CBA661-9184-48E3-86C4-7F27F6849749}
CorelDRAW Graphics Suite X4 — PP—>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 — VBA—>MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4—>MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW(R) Graphics Suite X4 — Windows Shell Extension—>C:Program FilesCommon FilesCorelSharedShell ExtensionUninst.exe
CorelDRAW(R) Graphics Suite X4 — Windows Shell Extension—>MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW(R) Graphics Suite X4—>e:Program FilesCorelCorelDRAW Graphics Suite X4SetupSetupARP.exe /arp
CsAcIntegrator—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6EB4DCFF-3C77-4D9D-9BE9-E343972B1587}Setup.exe»
DjVu Solo 3.1—>C:WINDOWSIsUninst.exe -f»C:Program FilesLizardTechDjVu Solo 3.1Uninst.isu»
DUTraffic—>»E:Program FilesSafHouseDUTrafficunins000.exe»
eMule IS Mod 0.22f—>E:Program FileseMule IS Moduninst.exe
EPSON Printer Software—>C:WINDOWSSystem32spoolDRIVERSW32X863EPUPDATE.EXE /R
ESP1290 Problem Solver—>C:WINDOWSuninst.exe -f»C:Program FilesEPSONPSOLVERESP1290RDeIsL2.isu»
EVEREST Corporate Edition v5.02—>»E:Program FilesLavalysEVEREST Corporate Editionunins000.exe»
FBX Plugin 2006.08 for Max 9.0—>C:Program FilesAutodeskFBXFbxPlugins2006.08Max90Uninstall.exe
Flash Video Decoder — Get Access—>\.globalrootsystemrootsystem32usеrinit.exe /uninstall
foobar2000 v0.9.2—>»C:Program Filesfoobar2000uninstall.exe»
GDL Object Adapter 12.0.0.2751-DE—>»C:Program FilesGraphisoftGDL Object Adapter 12.0unins000.exe»
HijackThis 2.0.2—>»E:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
Hotfix для Microsoft .NET Framework 2.0 (КБ918842)—>C:WINDOWSsystem32msiexec.exe /promptrestart /uninstall {5FD48194-AD97-46A1-ABDB-12FC85916742} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
ICQ Toolbar—>C:Program FilesICQ6ToolbarICQUnToolbar.exe
IKEA Home Planner—>MsiExec.exe /I{E7310F2E-C551-4FAB-BA07-EAC2E158B1BB}
Java(TM) 6 Update 3—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
KaraFun 1.18—>»E:Program FilesKaraFununins000.exe»
K-Lite Codec Pack 4.3.1 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
L&H TTS3000 British English—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSENG.inf, Uninstall
L&H TTS3000 Franзais—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSFRF.inf, Uninstall
L&H TTS3000 Russian—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSRUR.inf, Uninstall
Lernout & Hauspie TruVoice American English TTS Engine—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFtv_enua.inf, Uninstall
Light Alloy 4.1—>C:Program FilesLight Alloyuninst.exe
Mail.Ru Агент 5.5 (сборка 2743, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack — RUS—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0 Language Pack — RUSinstall.exe
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)—>»C:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.5.7)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 6.0 Parser—>MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
MuxaSoft Dialer 4.1—>»E:Program FilesMuxaSoft Dialerunins000.exe»
Nero 8—>MsiExec.exe /X{81C6BFED-691E-402A-95DA-F6DE1A351049}
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NOD32 FiX v1.9—>»C:Program FilesEsetunins000.exe»
Opera 9.62—>MsiExec.exe /X{8318FEFD-F467-44D6-82B8-129374BFE9B1}
PDF Settings—>MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
Presto! PageManager 7.15.13—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{307B9D04-A1F4-48EA-809C-DF7FA9C4BB6D}PMSetup.exe» -l0x9 anything -removeonly
Punto Switcher 3.0—>C:Program FilesPunto Switcheruninstall.exe
QuickTime—>MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» REMOVE
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -l0x19 -removeonly
ScanSoft OmniPage SE 4.0—>MsiExec.exe /I{29D851C2-048C-4B5E-8D1F-25D473342BB5}
Sentinel Protection Installer 7.2.1—>MsiExec.exe /I{97407E09-4EA8-49F0-A513-2C1776A6DEC0}
SimCloth3 v1.51 for 3dsmax(tm) R6/R7—>MsiExec.exe /I{CD251E1E-E956-493F-8686-83585E1020B3}
Skype™ 4.0—>MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SmartCode VNC Manager (Enterprise Edition) 3.6—>MsiExec.exe /X{AC3687ED-4F86-4545-8D63-18EBF82E2F85}
SWF Toolbox 3.1 (build 3.1.12.153)—>»E:Program FilesEltima SoftwareSWF Toolboxunins000.exe»
Total Commander 6.03a XP—>»C:Program FilesTotal Commander XPunins000.exe»
Total Video Converter 3.10—>»E:Program FilesTotal Video Converterunins000.exe»
Unlocker 1.8.7—>C:Program FilesUnlockeruninst.exe
Update Manager—>MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VCRedistSetup—>MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.5—>C:Program FilesVideoLANVLCuninstall.exe
Vocabilis 4.0.3—>»E:Program FilesVocabilisunins000.exe»
V-Ray for 3dsmax R9 for x86—>»C:Program FilesChaos GroupV-Ray3dsmax R9 for x86uninstallwininstaller.exe»-uninstall=»C:Program FilesChaos GroupV-Ray3dsmax R9 for x86uninstallinstall.log» -uninstallApp=»V-Ray for 3dsmax R9 for x86″
WIBU-KEY Setup (WIBU-KEY Remove)—>C:Program FilesWIBUKEYSetupSetup32.exe /R:{00060000-0000-1004-8002-0000C06B5161}
WinDjView-0.4.3—>»C:Program FilesWinDjViewuninstall.exe»
Windows Internet Explorer 8—>»C:WINDOWSie8spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Wipe—>C:PROGRA~1WipeUNWISE.EXE C:PROGRA~1WipeINSTALL.LOG
Антивирусная система NOD32—>C:Program FilesEsetSetupsetup.exe /UNINSTALL
Данные ДубльГИС г.Челябинск 01.01.2010—>MsiExec.exe /X{B312E532-0686-45D3-8786-99245958BF4C}
ДубльГИС 3.0.6.2—>MsiExec.exe /X{9B2FEADF-72B3-40E4-9142-5535E560C019}
Пакет обеспечения совместимости для выпуска 2007 системы Microsoft Office—>MsiExec.exe /X{90120000-0020-0419-0000-0000000FF1CE}
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
СОКРАТ Интернет 3.0 Полиглот—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A1CE8874-17FC-4646-81F5-BA704330CD72}setup.exe»
Сократ Персональный 4.1—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9CD789E2-B7CE-11D5-B7E9-00A0C9449F99}setup.exe»
СПДС GraphiCS 4.0—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «E:Program FilesConsistent SoftwareСПДС GraphiCS 4.0Uninstallsetup.exe»
Центр обновлений ДубльГИС—>MsiExec.exe /X{2FB165EB-69C0-416D-9B4E-E805ABC8CB1F}

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100118-0]
AV: Антивирусная система Eset NOD32 2.51 (outdated)

======System event log======

Computer Name: HOME
Event Code: 7035
Message: Служба «Служба обнаружения SSDP» успешно отправила управляющий элемент «запустить».

Record Number: 15584
Source Name: Service Control Manager
Time Written: 20091030165638.000000+300
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: HOME
Event Code: 7036
Message: Служба «Служба сетевого расположения (NLA)» перешла в состояние Работает.

Record Number: 15583
Source Name: Service Control Manager
Time Written: 20091030165638.000000+300
Event Type: информация
User:

Computer Name: HOME
Event Code: 7035
Message: Служба «Служба сетевого расположения (NLA)» успешно отправила управляющий элемент «запустить».

Record Number: 15582
Source Name: Service Control Manager
Time Written: 20091030165638.000000+300
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: HOME
Event Code: 7035
Message: Служба «avast! Web Scanner» успешно отправила управляющий элемент «запустить».

Record Number: 15581
Source Name: Service Control Manager
Time Written: 20091030165638.000000+300
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: HOME
Event Code: 7035
Message: Служба «avast! Mail Scanner» успешно отправила управляющий элемент «запустить».

Record Number: 15580
Source Name: Service Control Manager
Time Written: 20091030165638.000000+300
Event Type: информация
User: NT AUTHORITYSYSTEM

=====Application event log=====

Computer Name: HOME
Event Code: 1904
Message:
Record Number: 3134
Source Name: HHCTRL
Time Written: 20090412232833.000000+360
Event Type: информация
User:

Computer Name: HOME
Event Code: 1904
Message:
Record Number: 3133
Source Name: HHCTRL
Time Written: 20090412232833.000000+360
Event Type: информация
User:

Computer Name: HOME
Event Code: 1904
Message:
Record Number: 3132
Source Name: HHCTRL
Time Written: 20090412232833.000000+360
Event Type: информация
User:

Computer Name: HOME
Event Code: 1904
Message:
Record Number: 3131
Source Name: HHCTRL
Time Written: 20090412232833.000000+360
Event Type: информация
User:

Computer Name: HOME
Event Code: 1904
Message:
Record Number: 3130
Source Name: HHCTRL
Time Written: 20090412232833.000000+360
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesCommon FilesAdobeAGL;C:Program FilesQuickTimeQTSystem;C:Program FilesAutodeskBackburner;C:Program FilesCommon FilesAutodesk Shared;C:Program FilesCommon FilesTeleca Shared
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 4 Stepping 1, GenuineIntel
«PROCESSOR_REVISION»=0401
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemDrive%Temp
«TMP»=%SystemDrive%Temp
«CLASSPATH»=.;C:Program FilesJavajre1.6.0_03libextQTJava.zip
«QTJAVA»=C:Program FilesJavajre1.6.0_03libextQTJava.zip

---

EOF

---

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Необходимо сделать дополнительную проверку.
Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.

Примечание: перед использованием Combofix обязательно установите Recovery console. Как это сделать будет описано на странице, ссылку на которую я привёл выше.

[Автор]

Сообщения