• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало
Adguard
 

kyud

  • Профиль
  • Начатые темы
  • Созданные ответы
  • Engagements
  • Избранное

Созданные ответы форума

Просмотр 6 сообщений - с 1 по 6 (из 6 всего)
  • Автор
    Сообщения
  • 27 июня, 2009 в 9:13 пп в ответ на: зависание системы (правая клавиша мышки) #24386
    kyud
    Participant
    • Темы:1
    • Сообщений:7
    • ☆

    Валерий, добрый день!
    Наконец проблема решена, зависание вызывала программа Snagit 9. При помощи программы shexview, по вашему совету, отключил все что касается контекстного меню и по очереди включал.Таким образом определил что это Snagit 9. Сейчас все работает! Спасибо огромное за помощь, за внимание к чужим проблемам!!!
    Удачи!

    24 июня, 2009 в 2:40 пп в ответ на: зависание системы (правая клавиша мышки) #24384
    kyud
    Participant
    • Темы:1
    • Сообщений:7
    • ☆

    А теперь Extras
    OTL Extras logfile created on: 24.06.2009 18:17:49 — Run 1
    OTL by OldTimer — Version 3.0.5.2 Folder = C:Documents and SettingsAdminРабочий стол
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

    1023,23 Mb Total Physical Memory | 544,86 Mb Available Physical Memory | 53,25% Memory free
    2,40 Gb Paging File | 1,91 Gb Available in Paging File | 79,54% Paging File free
    Paging file location(s): C:pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
    Drive C: | 100,27 Gb Total Space | 91,92 Gb Free Space | 91,66% Space Free | Partition Type: NTFS
    Drive D: | 100,03 Gb Total Space | 90,41 Gb Free Space | 90,39% Space Free | Partition Type: NTFS
    Drive E: | 48,77 Gb Total Space | 17,08 Gb Free Space | 35,03% Space Free | Partition Type: NTFS
    Drive F: | 365,72 Gb Total Space | 35,14 Gb Free Space | 9,61% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MICROSOF-299232
    Current User Name: Admin
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: On
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========

    ========== File Associations ==========

    [HKEY_LOCAL_MACHINESOFTWAREClasses]
    .chm [@ = chm.file] — C:WINDOWShh.exe (Microsoft Corporation)
    .cpl [@ = cplfile] — C:WINDOWSSystem32shell32.DLL (Корпорация Майкрософт)
    .hlp [@ = hlpfile] — C:WINDOWSSystem32winhlp32.exe (Корпорация Майкрософт)
    .html [@ = Opera.HTML] — C:Program FilesOperaopera.exe (Opera Software)
    .inf [@ = inffile] — C:WINDOWSSystem32NOTEPAD.EXE (Корпорация Майкрософт)
    .ini [@ = inifile] — C:WINDOWSSystem32NOTEPAD.EXE (Корпорация Майкрософт)
    .reg [@ = regfile] — C:WINDOWSregedit.exe (Корпорация Майкрософт)
    .txt [@ = txtfile] — C:WINDOWSSystem32NOTEPAD.EXE (Корпорация Майкрософт)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
    «FirstRunDisabled» = 1
    «FirewallDisableNotify» = 0
    «FirewallOverride» = 1
    «UpdatesDisableNotify» = 1
    «UpdatesOverride» = 1
    «AntiVirusDisableNotify» = 0
    «AntiVirusOverride» = 1

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall]

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
    «EnableFirewall» = 0

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
    «EnableFirewall» = 0

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
    [2008.04.15 16:00:00 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [2008.04.15 16:00:00 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
    [2008.04.15 16:00:00 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [2008.04.15 16:00:00 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
    «{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}» = Nokia N73 highlights
    «{0A65A3BD-54B5-4d0d-B084-7688507813F5}» = SlideShow
    «{15095BF3-A3D7-4DDF-B193-3A496881E003}» = Microsoft .NET Framework 3.0
    «{15C0AF59-4877-49B6-B8C6-A61CE54515F5}» = cp_OnlineProjectsConfig
    «{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}» = c5100_Help
    «{1CA7ACD6-B21B-4240-AA05-4FC55F6E1049}» = Nero 8
    «{212748BB-0DA5-46DE-82A1-403736DC9F27}» = MSVC80_x86
    «{2376813B-2E5A-4641-B7B3-A0D5ADB55229}» = HPPhotoSmartExpress
    «{26A24AE4-039D-4CA4-87B4-2F83216012FF}» = Java(TM) 6 Update 12
    «{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}» = Microsoft .NET Framework 1.1 Russian Language Pack
    «{2F58D60D-2BFD-4467-9B4D-64E7355C329D}» = Sonic_PrimoSDK
    «{307BD415-B3E6-4E60-962A-FEF793237322}» = PowerDVD
    «{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}» = SkinsHP1
    «{350C9419-3D7C-4EE8-BAA9-00BCB3D54227}» = WebFldrs XP
    «{363790D2-DA98-41DD-9C9F-69FA36B169DE}» = PanoStandAlone
    «{388E4B09-3E71-4649-8921-F44A3A2954A7}» = Microsoft Visual Studio 2005 Tools for Office Runtime
    «{3921A67A-5AB1-4E48-9444-C71814CF3027}» = VCRedistSetup
    «{41E776A5-9B12-416D-9A12-B4F7B044EBED}» = CP_Package_Basic1
    «{45B8A76B-57EC-4242-B019-066400CD8428}» = BufferChm
    «{491DD792-AD81-429C-9EB4-86DD3D22E333}» = Windows Communication Foundation
    «{4EA684E9-5C81-4033-A696-3019EC57AC3A}» = HPProductAssistant
    «{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}» = FullDPAppQFolder
    «{55A29068-F2CE-456C-9148-C869879E2357}» = TuneUp Utilities 2009
    «{56C049BE-79E9-4502-BEA7-9754A3E60F9B}» = neroxml
    «{59359B3D-ABE7-46BF-AB55-43B67A64DC68}» = Nokia MTP driver
    «{66910000-8B30-4973-A159-6371345AFFA5}» = WebReg
    «{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}» = RandMap
    «{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}» = eSupportQFolder
    «{68763C27-235D-4165-A961-FDEA228CE504}» = AiOSoftwareNPI
    «{6909F917-5499-482e-9AA1-FAD06A99F231}» = Toolbox
    «{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}» = CustomerResearchQFolder
    «{7299052b-02a4-4627-81f2-1818da5d550d}» = Microsoft Visual C++ 2005 Redistributable
    «{736C803C-DD3B-4015-BC51-AFB9E67B9076}» = Readme
    «{73E30715-9EC4-4DAE-BE67-64500AEB8012}» = Nokia Nseries Skin for Microsoft Windows Media Player
    «{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}» = Nokia PC Suite
    «{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}» = Nokia themes for your device
    «{7C03270C-4FAB-4F5C-B10D-52FEDA190790}» = DocumentViewerQFolder
    «{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}» = Windows Workflow Foundation
    «{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}» = ProductContextNPI
    «{82427977-8776-4087-90CA-9F65174D3C4D}» = Nokia Connectivity Cable Driver
    «{8331C3EA-0C91-43AA-A4D4-27221C631139}» = Status
    «{87E2B986-07E8-477a-93DC-AF0B6758B192}» = DocProcQFolder
    «{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}» = DocProc
    «{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}» = Unload
    «{8DF56C91-281F-4C15-B954-F45FDC919568}» = AVerTV
    «{90110419-6000-11D3-8CFE-0150048383C9}» = Microsoft Office — профессиональный выпуск версии 2003
    «{90120000-0020-0419-0000-0000000FF1CE}» = Пакет обеспечения совместимости для выпуска 2007 системы Microsoft Office
    «{996512CF-F35B-48DE-9291-557FA5316967}» = ScannerCopy
    «{9A25302D-30C0-39D9-BD6F-21E6EC160475}» = Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.17
    «{9FD06147-BA7E-44F5-B5E8-B4F562A62098}» = Sun xVM VirtualBox
    «{A29800BA-0BF1-4E63-9F31-DF05A87F4104}» = InstantShareDevices
    «{A4F761F7-FBC8-49BF-BC37-15550C3EAA85}» = PROMT Expert 8 Giant Try-Buy
    «{AB5D51AE-EBC3-438D-872C-705C7C2084B0}» = DeviceManagementQFolder
    «{AC76BA86-7AD7-1049-7B44-A91000000001}» = Adobe Reader 9.1.1 — Russian
    «{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}» = cp_PosterPrintConfig
    «{B3B9BC18-2A09-4728-9B46-12E85FF3F628}» = C5100
    «{B508B3F1-A24A-32C0-B310-85786919EF28}» = Microsoft .NET Framework 2.0 Service Pack 1
    «{B6286A44-7505-471A-A72B-04EC2DB2F442}» = CueTour
    «{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}» = CP_Panorama1Config
    «{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}» = PC Connectivity Solution
    «{BAF78226-3200-4DB4-BE33-4D922A799840}» = Windows Presentation Foundation
    «{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}» = HP Software Update
    «{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}» = HP Photosmart, Officejet and Deskjet 7.0.A
    «{C1C6767D-B395-43CB-BF99-051B58B86DA6}» = PhotoGallery
    «{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}» = SolutionCenter
    «{C8753E28-2680-49BF-BD48-DD38FD086EFE}» = AiO_Scan_CDA
    «{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}» = Microsoft .NET Framework 1.1
    «{DBC20735-34E6-4E97-A9E5-2066B66B243D}» = TrayApp
    «{E1B80DEE-A795-4258-8445-074C06AE3AB8}» = MarketResearch
    «{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}» = CP_CalendarTemplates1
    «{F0A37341-D692-11D4-A984-009027EC0A9C}» = SoundMAX
    «{F157460F-720E-482f-8625-AD7843891E5F}» = InstantShareDevicesMFC
    «{F20A984B-9B30-4A9E-A3AC-918AF0D85A48}» = Snagit 9.1.1
    «{F3760724-B29D-465B-BC53-E5D72095BCC4}» = Scan
    «{F4D0F248-2BF7-4912-814E-4FD751923838}» = Microsoft .NET Framework 2.0 Language Pack — RUS
    «{F530581E-12FE-43B4-A28D-E5257AAD63E6}» = O&O Defrag Professional
    «{F6076EF9-08E1-442F-B6A2-BFB61B295A14}» = Fax_CDA
    «{F9000000-0001-0000-0000-074957833700}» = ABBYY FineReader 9.0 Professional Edition
    «{FB15E224-67C3-491F-9F5C-F257BC418412}» = Destinations
    «{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}» = NewCopy_CDA
    «{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}» = DocumentViewer
    «{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}» = Microsoft Visual C++ 2008 Redistributable — x86 9.0.21022
    «504244733D18C8F63FF584AEB290E3904E791693» = Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)
    «Adobe Flash Player ActiveX» = Adobe Flash Player 10 ActiveX
    «Adobe Flash Player Plugin» = Adobe Flash Player 10 Plugin
    «Agnitum Outpost Security Suite Pro_is1» = Outpost Security Suite Pro
    «Ashampoo Burning Studio 2009_is1» = Ashampoo Burning Studio 2009
    «CDClose» = CDClose
    «D978F69D5F15B845BD6BC6F8BF9BCD36982A2087» = Пакет драйверов Windows — Nokia Modem (02/24/2009 4.0)
    «Download Master_is1» = Download Master 5.5.9.1157
    «DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1» = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.5.0
    «E7F682214B951640C9C539C41FDA1A7F836FF7B6» = Пакет драйверов Windows — Nokia Modem (02/23/2009 7.01.0.2)
    «Easy CD-DA Extractor 12» = Easy CD-DA Extractor 12
    «Everest» = Everest
    «foobar2000» = foobar2000 v0.9.6.1
    «HashTab» = HashTab 2.1.0
    «HP Document Viewer» = HP Document Viewer 7.0
    «HP Imaging Device Functions» = HP Imaging Device Functions 7.0
    «HP Photo & Imaging» = HP Photosmart Premier Software 6.5
    «HP Solution Center & Imaging Support Tools» = HP Solution Center 7.0
    «HPExtendedCapabilities» = HP Customer Participation Program 7.0
    «HPOCR» = OCR Software by I.R.I.S 7.0
    «InstallShield_{307BD415-B3E6-4E60-962A-FEF793237322}» = CyberLink PowerDVD 8
    «InstallShield_{8DF56C91-281F-4C15-B954-F45FDC919568}» = AVerTV
    «jv16 PowerTools 2009_is1» = jv16 PowerTools 2009
    «KC Softwares VideoInspector_is1» = KC Softwares VideoInspector
    «KLiteCodecPack_is1» = K-Lite Mega Codec Pack 4.8.0
    «LHTTSFRF» = L&H TTS3000 Franзais
    «LHTTSGED» = L&H TTS3000 Deutsch
    «LHTTSITI» = L&H TTS3000 Italiano
    «LHTTSRUR» = L&H TTS3000 Russian
    «LHTTSSPE» = L&H TTS3000 Espaсol
    «Light Alloy» = Light Alloy 4.4 (build 794)
    «MailRuSputnik» = Mail.Ru Спутник 2.0.1.90
    «MediaInfo» = MediaInfo 0.7.11
    «Microsoft .NET Framework 1.1 (1033)» = Microsoft .NET Framework 1.1
    «Microsoft .NET Framework 3.0» = Microsoft .NET Framework 3.0
    «Microsoft Visual Studio 2005 Tools for Office Runtime» = еда выполнения Visual Studio 2005 Tools for Office, второй выпуск
    «MRA» = Mail.Ru Агент 5.4 (сборка 2645, для всех пользователей)
    «Nokia PC Suite» = Nokia PC Suite
    «NVIDIA Drivers» = NVIDIA Drivers
    «Opera 9.63» = Opera 9.63
    «PROSet» = Intel(R) PRO Network Connections Drivers
    «Skype» = Skype
    «TeamViewer 4.0.5543» = TeamViewer 4.0.5543
    «Total Commander7.04a» = Total Commander7.04a
    «tv_enua» = Lernout & Hauspie TruVoice American English TTS Engine
    «UltraISO_is1» = UltraISO Premium V9.33
    «Uninstall Tool_is1» = Uninstall Tool 2.7.1.4932
    «Unlocker» = Unlocker
    «uTorrent» = uTorrent 1.8.2 b14458
    «Vista Drive Icon_addon» = Vista Drive Icon
    «Wdf01007» = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    «WinAVI Video Converter_is1» = WinAVI Video Converter
    «WinRAR archiver» = Архиватор WinRAR
    «XnView_is1» = XnView 1.95.4
    «XpsEPSC» = XML Paper Specification Shared Components Pack 1.0
    «Дополнительные апплеты_is1» = Дополнительные апплеты

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]
    «uTorrent» = µTorrent

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error — 12.05.2009 9:17:54 | Computer Name = MICROSOF-299232 | Source = .NET Runtime Optimization Service | ID = 1111
    Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
    — Service reached limit of transient errors. Will shut down. Last error returned
    from Service Manager: 0x800736b1.

    Error — 12.05.2009 9:17:54 | Computer Name = MICROSOF-299232 | Source = PerfNet | ID = 2004
    Description = Не удалось открыть службу сервера. Данные производительности сервера
    не будут возвращены. В данных находится возвращенный код ошибки — в DWORD 0.

    Error — 17.05.2009 6:06:15 | Computer Name = MICROSOF-299232 | Source = MsiInstaller | ID = 11931
    Description = Product: MSXML 6.0 Parser (KB925673) — Error 1931. The Windows Installer
    service cannot update the system file c:WINDOWSsystem32msxml6r.dll because the
    file is protected by Windows. You may need to update your operating system for
    this program to work correctly. Package version: 6.0.3883.0, OS Protected version:
    6.0.3883.0

    [ System Events ]
    Error — 17.05.2009 7:13:24 | Computer Name = MICROSOF-299232 | Source = DCOM | ID = 10005
    Description = Ошибка DCOM «%1058» при попытке запуска службы wuauserv с аргументами
    «» для запуска сервера: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    Error — 17.05.2009 7:14:07 | Computer Name = MICROSOF-299232 | Source = DCOM | ID = 10005
    Description = Ошибка DCOM «%1058» при попытке запуска службы wuauserv с аргументами
    «» для запуска сервера: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    Error — 17.05.2009 7:18:57 | Computer Name = MICROSOF-299232 | Source = DCOM | ID = 10005
    Description = Ошибка DCOM «%1058» при попытке запуска службы wuauserv с аргументами
    «» для запуска сервера: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    Error — 18.05.2009 1:12:13 | Computer Name = MICROSOF-299232 | Source = DCOM | ID = 10005
    Description = Ошибка DCOM «%1058» при попытке запуска службы wuauserv с аргументами
    «» для запуска сервера: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    Error — 18.05.2009 1:13:00 | Computer Name = MICROSOF-299232 | Source = Service Control Manager | ID = 7006
    Description = Сбой при вызове ScRegSetValueExW для DeleteFlag из-за ошибки %%5

    Error — 20.05.2009 10:29:23 | Computer Name = MICROSOF-299232 | Source = DCOM | ID = 10005
    Description = Ошибка DCOM «%1058» при попытке запуска службы wuauserv с аргументами
    «» для запуска сервера: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    Error — 20.05.2009 10:45:58 | Computer Name = MICROSOF-299232 | Source = Service Control Manager | ID = 7034
    Description = Служба «HP Port Resolver» неожиданно прервана. Это произошло (раз):
    1.

    Error — 27.05.2009 11:39:05 | Computer Name = MICROSOF-299232 | Source = DCOM | ID = 10005
    Description = Ошибка DCOM «%1058» при попытке запуска службы wuauserv с аргументами
    «» для запуска сервера: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    Error — 27.05.2009 15:05:15 | Computer Name = MICROSOF-299232 | Source = Cdrom | ID = 262151
    Description = Неверный блок на устройстве DeviceCdRom2.

    Error — 28.05.2009 6:31:46 | Computer Name = MICROSOF-299232 | Source = DCOM | ID = 10005
    Description = Ошибка DCOM «%1058» при попытке запуска службы wuauserv с аргументами
    «» для запуска сервера: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    24 июня, 2009 в 2:37 пп в ответ на: зависание системы (правая клавиша мышки) #24383
    kyud
    Participant
    • Темы:1
    • Сообщений:7
    • ☆

    Валерий добрый день! Спасибо за ответ! Вставляю лог
    OTL logfile created on: 24.06.2009 18:17:49 — Run 1
    OTL by OldTimer — Version 3.0.5.2 Folder = C:Documents and SettingsAdminРабочий стол
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

    1023,23 Mb Total Physical Memory | 544,86 Mb Available Physical Memory | 53,25% Memory free
    2,40 Gb Paging File | 1,91 Gb Available in Paging File | 79,54% Paging File free
    Paging file location(s): C:pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
    Drive C: | 100,27 Gb Total Space | 91,92 Gb Free Space | 91,66% Space Free | Partition Type: NTFS
    Drive D: | 100,03 Gb Total Space | 90,41 Gb Free Space | 90,39% Space Free | Partition Type: NTFS
    Drive E: | 48,77 Gb Total Space | 17,08 Gb Free Space | 35,03% Space Free | Partition Type: NTFS
    Drive F: | 365,72 Gb Total Space | 35,14 Gb Free Space | 9,61% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MICROSOF-299232
    Current User Name: Admin
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: On
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC — [2008.04.15 16:00:00 | 00,050,688 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32smss.exe
    PRC — [2008.04.15 16:00:00 | 00,509,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32winlogon.exe
    PRC — [2008.04.15 16:00:00 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32services.exe
    PRC — [2008.12.19 18:09:52 | 01,926,144 | —- | M] (Корпорация Майкрософт) — C:WINDOWSExplorer.EXE
    PRC — [2007.11.02 18:58:38 | 00,566,560 | —- | M] (ABBYY (BIT Software)) — C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe
    PRC — [2009.05.13 00:40:21 | 00,152,984 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjqs.exe
    PRC — [2003.06.19 23:25:00 | 00,322,120 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
    PRC — [2008.12.02 15:29:52 | 00,877,864 | —- | M] (Nero AG) — C:Program FilesNeroNero8Nero BackItUpNBService.exe
    PRC — [2009.02.09 13:18:00 | 00,163,908 | —- | M] (NVIDIA Corporation) — C:WINDOWSSystem32nvsvc32.exe
    PRC — [2009.02.25 21:59:06 | 01,352,960 | —- | M] (O&O Software GmbH) — C:WINDOWSSystem32oodag.exe
    PRC — [2007.02.07 16:29:50 | 00,173,616 | —- | M] () — C:Program FilesCyberLinkShared filesRichVideo.exe
    PRC — [2007.05.28 20:57:54 | 00,275,968 | —- | M] (Rocket Division Software) — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
    PRC — [2009.06.17 10:03:17 | 00,603,904 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TUProgSt.exe
    PRC — [2005.05.20 05:11:06 | 00,925,696 | R— | M] (Analog Devices, Inc.) — C:Program FilesAnalog DevicesCoresmax4pnp.exe
    PRC — [2008.04.15 16:00:00 | 00,033,280 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32RUNDLL32.EXE
    PRC — [2009.05.13 00:40:21 | 00,148,888 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjusched.exe
    PRC — [2009.05.16 22:49:13 | 06,210,744 | —- | M] (Mail.Ru) — C:Program FilesMail.RuAgentMAgent.exe
    PRC — [2009.02.25 21:58:04 | 02,553,088 | —- | M] (O&O Software GmbH) — C:WINDOWSSystem32oodtray.exe
    PRC — [2008.03.20 20:23:22 | 00,083,240 | —- | M] (Cyberlink Corp.) — C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
    PRC — [2008.06.27 16:50:38 | 00,091,432 | —- | M] (cyberlink) — C:Program FilesCyberlinkShared Filesbrs.exe
    PRC — [2008.03.23 17:18:06 | 00,132,096 | —- | M] () — C:Program FilesVistaDriveIconVistaDrv.exe
    PRC — [2008.10.30 13:56:42 | 00,734,504 | —- | M] (ООО Яндекс) — C:Program FilesPunto Switcherpunto.exe
    PRC — [2009.03.20 14:32:32 | 01,312,256 | —- | M] (Nokia) — C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
    PRC — [2008.12.12 08:31:10 | 01,840,424 | —- | M] (Nero AG) — C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
    PRC — [2008.12.13 13:30:31 | 00,157,952 | —- | M] (TuneUp Software GmbH) — C:Program FilesTuneUp Utilities 2009MemOptimizer.exe
    PRC — [2006.02.21 14:11:02 | 00,401,408 | —- | M] (AVerMedia Technologies, Inc.) — C:Program FilesAVerTVQuickTV.exe
    PRC — [2008.12.12 08:31:10 | 00,537,896 | —- | M] (Nero AG) — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
    PRC — [2009.03.04 11:25:12 | 00,621,056 | —- | M] (Nokia.) — C:Program FilesPC Connectivity SolutionServiceLayer.exe
    PRC — [2009.03.09 13:44:12 | 00,130,560 | —- | M] () — C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
    PRC — [2008.11.26 12:35:00 | 00,119,808 | —- | M] () — C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
    PRC — [2008.04.15 16:00:00 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wbemwmiapsrv.exe
    PRC — [2006.02.19 05:24:52 | 00,239,320 | —- | M] (Hewlett-Packard Development Company, L.P.) — C:Program FilesHPDigital ImagingbinhpqSTE08.exe
    PRC — [2006.09.15 23:30:06 | 00,142,848 | —- | M] (Microsoft Corporation) — C:WINDOWSSystem32wudfhost.exe
    PRC — [2009.03.11 13:06:20 | 00,159,744 | —- | M] (Nokia) — C:Program FilesNokiaNokia PC Suite 7OneTouchAccess.exe
    PRC — [2008.12.10 22:32:46 | 00,098,816 | —- | M] (Opera Software) — C:Program FilesOperaopera.exe
    PRC — [2009.06.24 18:15:20 | 00,512,512 | —- | M] (OldTimer Tools) — C:Documents and SettingsAdminРабочий столOTL.exe

    ========== Win32 Services (SafeList) ==========

    SRV — [2007.11.02 18:58:38 | 00,566,560 | —- | M] (ABBYY (BIT Software)) — C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe — (ABBYY.Licensing.FineReader.Professional.9.0 [Auto | Running])
    SRV — [2009.04.14 19:31:08 | 01,605,976 | —- | M] (Agnitum Ltd.) — C:Program FilesAgnitumOutpost Security Suite Proacs.exe — (acssrv [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,171,008 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32appmgmts.dll — (AppMgmt [On_Demand | Stopped])
    SRV — [2007.10.24 03:47:22 | 00,033,800 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe — (aspnet_state [On_Demand | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,409,088 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32qmgr.dll — (BITS [On_Demand | Stopped])
    SRV — [2007.10.24 03:47:40 | 00,070,144 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dhcpcsvc.dll — (Dhcp [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,024,064 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dmserver.dll — (dmserver [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,045,568 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dnsrslvr.dll — (Dnscache [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32services.exe — (Eventlog [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (FastUserSwitchingCompatibility [On_Demand | Running])
    SRV — [2006.10.20 21:21:24 | 00,036,864 | —- | M] (Microsoft Corporation) — c:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe — (FontCache3.0.0.0 [On_Demand | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,038,400 | —- | M] (Microsoft Corporation) — C:WINDOWSPCHealthHelpCtrBinariespchsvc.dll — (helpsvc [Auto | Running])
    SRV — [2005.05.20 10:37:12 | 00,081,920 | —- | M] (Hewlett-Packard Company) — C:WINDOWSSystem32spooldriversw32x863HPBPRO.EXE — (HP Port Resolver [On_Demand | Stopped])
    SRV — [2004.10.16 05:31:06 | 00,073,728 | —- | M] (Hewlett-Packard Company) — C:WINDOWSSystem32spooldriversw32x863HPBOID.EXE — (HP Status Server [On_Demand | Stopped])
    SRV — [2006.10.30 03:33:58 | 00,741,376 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe — (idsvc [Unknown | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,150,528 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32imapi.exe — (ImapiService [On_Demand | Stopped])
    SRV — [2009.05.13 00:40:21 | 00,152,984 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjqs.exe — (JavaQuickStarterService [Auto | Running])
    SRV — [2003.06.19 23:25:00 | 00,322,120 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE — (MDM [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,032,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32mnmsrvc.exe — (mnmsrvc [Disabled | Stopped])
    SRV — [2008.12.02 15:29:52 | 00,877,864 | —- | M] (Nero AG) — C:Program FilesNeroNero8Nero BackItUpNBService.exe — (Nero BackItUp Scheduler 3 [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32netdde.exe — (NetDDE [Disabled | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32netdde.exe — (NetDDEdsdm [Disabled | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,198,144 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32netman.dll — (Netman [On_Demand | Running])
    SRV — [2006.10.30 03:34:02 | 00,122,880 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe — (NetTcpPortSharing [Disabled | Stopped])
    SRV — [2008.12.19 18:01:25 | 00,247,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32mswsock.dll — (Nla [On_Demand | Running])
    SRV — [2008.12.12 08:31:10 | 00,537,896 | —- | M] (Nero AG) — C:Program FilesCommon FilesNeroLibNMIndexingService.exe — (NMIndexingService [On_Demand | Running])
    SRV — [2008.04.15 16:00:00 | 00,436,736 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32ntmssvc.dll — (NtmsSvc [On_Demand | Stopped])
    SRV — [2009.02.09 13:18:00 | 00,163,908 | —- | M] (NVIDIA Corporation) — C:WINDOWSSystem32nvsvc32.exe — (NVSvc [Auto | Running])
    SRV — [2009.02.25 21:59:06 | 01,352,960 | —- | M] (O&O Software GmbH) — C:WINDOWSSystem32oodag.exe — (O&O Defrag [Auto | Running])
    SRV — [2003.07.28 20:28:22 | 00,089,136 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32services.exe — (PlugPlay [Auto | Running])
    SRV — [2006.03.03 21:03:10 | 00,069,632 | —- | M] (HP) — C:WINDOWSSystem32HPZipm12.exe — (Pml Driver HPZ12 [Unknown | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,141,824 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32sessmgr.exe — (RDSessMgr [Disabled | Stopped])
    SRV — [2007.02.07 16:29:50 | 00,173,616 | —- | M] () — C:Program FilesCyberLinkShared filesRichVideo.exe — (RichVideo [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,096,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32SCardSvr.exe — (SCardSvr [On_Demand | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,193,024 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32schedsvc.dll — (Schedule [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,018,944 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32seclogon.dll — (seclogon [On_Demand | Stopped])
    SRV — [2009.03.04 11:25:12 | 00,621,056 | —- | M] (Nokia.) — C:Program FilesPC Connectivity SolutionServiceLayer.exe — (ServiceLayer [On_Demand | Running])
    SRV — [2008.12.19 18:01:15 | 00,330,752 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32ipnathlp.dll — (SharedAccess [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (ShellHWDetection [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,171,008 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32srsvc.dll — (srservice [Auto | Running])
    SRV — [2007.05.28 20:57:54 | 00,275,968 | —- | M] (Rocket Division Software) — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe — (StarWindServiceAE [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,333,824 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wiaservc.dll — (stisvc [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,091,648 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32smlogsvc.exe — (SysmonLog [On_Demand | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,249,856 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32tapisrv.dll — (TapiSrv [On_Demand | Running])
    SRV — [2008.04.15 16:00:00 | 00,295,936 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32termsrv.dll — (TermService [On_Demand | Running])
    SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (Themes [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,073,216 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32tlntsvr.exe — (TlntSvr [Disabled | Stopped])
    SRV — [2009.06.17 10:03:15 | 00,360,192 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TuneUpDefragService.exe — (TuneUp.Defrag [On_Demand | Stopped])
    SRV — [2009.06.17 10:03:17 | 00,603,904 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TUProgSt.exe — (TuneUp.ProgramStatisticsSvc [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,186,368 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32upnphost.dll — (upnphost [On_Demand | Stopped])
    SRV — [2008.12.11 13:31:36 | 00,027,904 | —- | M] (TuneUp Software) — C:WINDOWSSystem32uxtuneup.dll — (UxTuneUp [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,290,304 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32vssvc.exe — (VSS [On_Demand | Stopped])
    SRV — [2008.12.19 18:01:52 | 00,175,616 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32w32time.dll — (W32Time [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,145,408 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wbemWMIsvc.dll — (winmgmt [Auto | Running])
    SRV — [2008.04.15 16:00:00 | 00,687,616 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32advapi32.dll — (Wmi [On_Demand | Stopped])
    SRV — [2008.04.15 16:00:00 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wbemwmiapsrv.exe — (WmiApSrv [On_Demand | Running])
    SRV — [2006.10.18 21:05:24 | 00,913,408 | —- | M] (Microsoft Corporation) — C:Program FilesWindows Media Playerwmpnetwk.exe — (WMPNetworkSvc [On_Demand | Stopped])
    SRV — [2008.12.19 18:06:26 | 00,483,840 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wzcsvc.dll — (WZCSVC [Auto | Running])

    ========== Driver Services (SafeList) ==========

    DRV — [2008.04.15 16:00:00 | 00,188,288 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSACPI.sys — (ACPI [Boot | Running])
    DRV — [2008.04.15 16:00:00 | 00,011,776 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversacpiec.sys — (ACPIEC [Disabled | Stopped])
    DRV — [2005.09.15 08:56:48 | 00,141,312 | R— | M] (Analog Devices, Inc.) — C:WINDOWSSystem32driversADIHdAud.sys — (ADIHdAudAddService [On_Demand | Running])
    DRV — [2005.03.04 16:53:00 | 00,127,872 | R— | M] (Andrea Electronics Corporation) — C:WINDOWSSystem32driversAEAudio.sys — (AEAudioService [On_Demand | Running])
    DRV — [2009.02.18 17:30:56 | 00,031,128 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32DRIVERSafw.sys — (afw [On_Demand | Running])
    DRV — [2009.02.10 16:15:42 | 00,257,432 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32driversafwcore.sys — (afwcore [On_Demand | Running])
    DRV — [2007.05.15 01:38:22 | 00,009,216 | R— | M] (A4Tech Co.,Ltd.) — C:WINDOWSSystem32DRIVERSAmfilter.sys — (Amfilter [System | Running])
    DRV — [2007.05.15 01:41:46 | 00,014,336 | R— | M] (A4Tech Co.,Ltd.) — C:WINDOWSSystem32DRIVERSAmusbprt.sys — (Amusbprt [On_Demand | Stopped])
    DRV — [2009.04.06 11:37:46 | 00,033,888 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32FiltASWFilt.dll — (ASWFilt [On_Demand | Running])
    DRV — [2009.05.12 17:54:32 | 00,409,120 | —- | M] (AVerMedia TECHNOLOGIES, Inc.) — C:WINDOWSSystem32DRIVERSAVerM15x.sys — (Cap7134 [On_Demand | Running])
    DRV — [2004.11.22 06:38:40 | 00,176,128 | R— | M] (Intel Corporation) — C:WINDOWSSystem32DRIVERSe1000325.sys — (E1000 [On_Demand | Stopped])
    DRV — [2008.04.15 16:00:00 | 00,044,544 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversfips.sys — (Fips [System | Running])
    DRV — [2008.04.15 16:00:00 | 00,125,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSftdisk.sys — (Ftdisk [Boot | Running])
    DRV — [2008.04.15 16:00:00 | 00,144,384 | —- | M] (Windows (R) Server 2003 DDK provider) — C:WINDOWSSystem32DRIVERSHDAudBus.sys — (HDAudBus [On_Demand | Running])
    DRV — [2006.04.13 04:04:39 | 00,049,664 | —- | M] (HP) — C:WINDOWSSystem32DRIVERSHPZid412.sys — (HPZid412 [On_Demand | Stopped])
    DRV — [2006.04.13 04:04:39 | 00,016,496 | —- | M] (HP) — C:WINDOWSSystem32DRIVERSHPZipr12.sys — (HPZipr12 [On_Demand | Stopped])
    DRV — [2006.04.13 04:04:39 | 00,021,568 | —- | M] (HP) — C:WINDOWSSystem32DRIVERSHPZius12.sys — (HPZius12 [On_Demand | Stopped])
    DRV — [2008.04.15 16:00:00 | 00,053,120 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSi8042prt.sys — (i8042prt [System | Running])
    DRV — [2008.04.15 01:16:18 | 00,005,504 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSintelide.sys — (IntelIde [Boot | Running])
    DRV — [2008.04.14 21:17:16 | 00,037,504 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSisapnp.sys — (isapnp [Boot | Running])
    DRV — [2008.04.15 16:00:00 | 00,024,832 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSkbdclass.sys — (Kbdclass [System | Running])
    DRV — [2008.12.19 18:06:26 | 00,030,208 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversmodem.sys — (Modem [On_Demand | Running])
    DRV — [2008.12.19 18:06:26 | 00,023,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSmouclass.sys — (Mouclass [System | Running])
    DRV — [2009.02.09 07:37:46 | 00,017,664 | —- | M] (Nokia) — C:WINDOWSSystem32driversccdcmb.sys — (nmwcd [On_Demand | Running])
    DRV — [2009.02.09 07:37:46 | 00,022,016 | —- | M] (Nokia) — C:WINDOWSSystem32driversccdcmbo.sys — (nmwcdc [On_Demand | Running])
    DRV — [2009.02.09 13:18:00 | 06,307,328 | —- | M] (NVIDIA Corporation) — C:WINDOWSSystem32DRIVERSnv4_mini.sys — (nv [On_Demand | Running])
    DRV — [2008.12.19 18:06:26 | 00,080,128 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSparport.sys — (Parport [On_Demand | Running])
    DRV — [2008.04.15 16:00:00 | 00,006,912 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversparvdm.sys — (ParVdm [Auto | Running])
    DRV — [2008.08.26 10:26:12 | 00,018,816 | —- | M] (Nokia) — C:WINDOWSSystem32DRIVERSpccsmcfd.sys — (pccsmcfd [On_Demand | Running])
    DRV — [2008.04.14 21:22:30 | 00,068,480 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSpci.sys — (PCI [Boot | Running])
    DRV — [2001.10.19 20:32:14 | 00,003,328 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSpciide.sys — (PCIIde [Boot | Running])
    DRV — [2008.04.15 16:00:00 | 00,120,192 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driverspcmcia.sys — (Pcmcia [Disabled | Stopped])
    DRV — [2009.05.13 10:40:29 | 00,047,360 | —- | M] (VSO Software) — C:WINDOWSSystem32Driverspcouffin.sys — (pcouffin [On_Demand | Running])
    DRV — [2009.05.12 17:54:32 | 00,060,704 | —- | M] (AVerMedia TECHNOLOGIES, Inc.) — C:WINDOWSSystem32DRIVERSM15xTune.sys — (PhTVTune [On_Demand | Running])
    DRV — [2008.04.15 16:00:00 | 00,017,792 | —- | M] (Parallel Technologies, Inc.) — C:WINDOWSSystem32DRIVERSptilink.sys — (Ptilink [On_Demand | Running])
    DRV — [2005.08.19 03:00:00 | 00,046,080 | —- | M] (Sonic Solutions) — C:WINDOWSSystem32DriversPxHelp20.sys — (PxHelp20 [Boot | Running])
    DRV — [2008.04.15 01:11:48 | 00,058,368 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSredbook.sys — (redbook [System | Running])
    DRV — [2009.04.06 11:37:12 | 00,704,384 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32driversSandBox.sys — (SandBox [System | Running])
    DRV — [2008.04.15 16:00:00 | 00,020,480 | —- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) — C:WINDOWSSystem32DRIVERSsecdrv.sys — (Secdrv [On_Demand | Stopped])
    DRV — [2005.08.11 09:49:28 | 00,393,088 | R— | M] (Sensaura) — C:WINDOWSSystem32driversSenfilt.sys — (SenFiltService [On_Demand | Running])
    DRV — [2008.04.15 16:00:00 | 00,065,024 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSserial.sys — (Serial [System | Running])
    DRV — [2009.05.12 17:17:24 | 00,717,296 | —- | M] () — C:WINDOWSSystem32Driverssptd.sys — (sptd [Boot | Running])
    DRV — [2008.04.15 16:00:00 | 00,073,472 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSsr.sys — (sr [Boot | Running])
    DRV — [2009.02.09 07:37:48 | 00,007,808 | —- | M] (Nokia) — C:WINDOWSSystem32DRIVERSusbser_lowerflt.sys — (upperdev [On_Demand | Running])
    DRV — [2008.04.14 00:15:38 | 00,026,112 | —- | M] (Microsoft Corporation) — C:WINDOWSSystem32driversusbser.sys — (usbser [On_Demand | Running])
    DRV — [2009.02.09 07:37:56 | 00,007,808 | —- | M] (Nokia) — C:WINDOWSSystem32DRIVERSusbser_lowerfltj.sys — (UsbserFilt [On_Demand | Running])
    DRV — [2009.04.03 15:23:32 | 01,175,256 | —- | M] (VirusBuster Kft.) — C:WINDOWSSystem32driversVBEngNT.sys — (VBEngNT [On_Demand | Running])
    DRV — [2009.04.06 11:37:40 | 00,234,304 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32FiltVBFilt.dll — (VBFilt [On_Demand | Running])
    DRV — [2009.02.16 17:46:56 | 00,100,560 | —- | M] () — C:WINDOWSSystem32DRIVERSVBoxDrv.sys — (VBoxDrv [System | Running])
    DRV — [2009.02.16 17:47:00 | 00,087,568 | —- | M] (Windows (R) Server 2003 DDK provider) — C:WINDOWSSystem32DRIVERSVBoxNetFlt.sys — (VBoxNetFlt [On_Demand | Running])
    DRV — [2009.02.16 17:47:00 | 00,041,744 | —- | M] (Sun Microsystems, Inc.) — C:WINDOWSSystem32DRIVERSVBoxUSBMon.sys — (VBoxUSBMon [System | Running])
    DRV — [2008.04.15 16:00:00 | 00,051,968 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversvolsnap.sys — (VolSnap [Boot | Running])
    DRV — [2008.06.27 16:50:32 | 00,061,424 | —- | M] (Cyberlink Corp.) — C:Program FilesCyberLinkPowerDVD800.fcl — ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} [Auto | Running])

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Secondary_Page_URL = [binary data]
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:NoAdd-ons
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:SecurityRisk
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

    IE — HKU.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE — HKU.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    IE — HKU.DEFAULT.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

    IE — HKUS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE — HKUS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    IE — HKUS-1-5-18S-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

    IE — HKUS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
    IE — HKUS-1-5-19S-1-5-19SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

    IE — HKUS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
    IE — HKUS-1-5-20S-1-5-20SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

    IE — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WINDOWSsystem32blank.htm
    IE — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
    IE — URLSearchHook: {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
    IE — HKUS-1-5-21-1715567821-1292428093-1177238915-500S-1-5-21-1715567821-1292428093-1177238915-500SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

    FF — HKLMsoftwaremozillaFirefoxextensions\jqs@sun.com: C:Program FilesJavajre6libdeployjqsff [2009.05.13 00:40:21 | 00,000,000 | —D | M]
    FF — HKLMsoftwaremozillaFirefoxextensions\bkmrksync@nokia.com: C:Program FilesNokiaNokia PC Suite 7bkmrksync [2009.05.16 17:44:13 | 00,000,000 | —D | M]

    O1 HOSTS File: (27 bytes) — C:WINDOWSSystem32driversetcHosts
    O1 — Hosts: 127.0.0.1 localhost
    O2 — BHO: (SnagIt Toolbar Loader) — {00C6482D-C502-44C8-8409-FCE54AD9C208} — C:Program FilesTechSmithSnagit 9SnagitBHO.dll (TechSmith Corporation)
    O2 — BHO: (Adobe PDF Link Helper) — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 — BHO: (MailRuBHO Class) — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
    O2 — BHO: (IE 4.x-6.x BHO for Download Master) — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:Program FilesDownload Masterdmiehlp.dll (WestByte)
    O2 — BHO: (Java(tm) Plug-In 2 SSV Helper) — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll (Sun Microsystems, Inc.)
    O2 — BHO: (JQSIEStartDetectorImpl Class) — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll (Sun Microsystems, Inc.)
    O3 — HKLM..Toolbar: (Спутник@Mail.Ru) — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
    O3 — HKLM..Toolbar: (Snagit) — {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — C:Program FilesTechSmithSnagit 9SnagitIEAddin.dll (TechSmith Corporation)
    O3 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..ToolbarShellBrowser: (&Адрес) — {01E04581-4EEE-11D0-BFE9-00AA005B4383} — C:WINDOWSSystem32browseui.dll (Корпорация Майкрософт)
    O4 — HKLM..Run: [BDRegion] C:Program FilesCyberlinkShared Filesbrs.exe (cyberlink)
    O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe (Mail.Ru)
    O4 — HKLM..Run: [NvCplDaemon] C:WINDOWSSystem32NvCpl.DLL (NVIDIA Corporation)
    O4 — HKLM..Run: [NvMediaCenter] C:WINDOWSSystem32NvMcTray.DLL (NVIDIA Corporation)
    O4 — HKLM..Run: [nwiz] C:WINDOWSSystem32nwiz.exe ()
    O4 — HKLM..Run: [OODefragTray] C:WINDOWSSystem32oodtray.exe (O&O Software GmbH)
    O4 — HKLM..Run: [OutpostFeedBack] C:Program FilesAgnitumOutpost Security Suite Profeedback.exe (Agnitum Ltd.)
    O4 — HKLM..Run: [OutpostMonitor] C:Program FilesAgnitumOutpost Security Suite Proop_mon.exe (Agnitum Ltd.)
    O4 — HKLM..Run: [PDVD8LanguageShortcut] C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe ()
    O4 — HKLM..Run: [RemoteControl8] C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe (Cyberlink Corp.)
    O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe (Analog Devices, Inc.)
    O4 — HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre6binjusched.exe (Sun Microsystems, Inc.)
    O4 — HKU.DEFAULT..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
    O4 — HKUS-1-5-18..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
    O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [AlcoholAutomount] C:Program FilesAlcohol SoftAlcohol 120axcmd.exe (Alcohol Soft Development Team)
    O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe (Nero AG)
    O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [PC Suite Tray] C:Program FilesNokiaNokia PC Suite 7PCSuite.exe (Nokia)
    O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe (ООО Яндекс)
    O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [TuneUp MemOptimizer] C:Program FilesTuneUp Utilities 2009MemOptimizer.exe (TuneUp Software GmbH)
    O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
    O4 — HKU.DEFAULT..RunOnce: [IE7_011] File not found
    O4 — HKU.DEFAULT..RunOnce: [IE7_012] C:WINDOWSSystem32advpack.DLL (Microsoft Corporation)
    O4 — HKU.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] C:WINDOWSSystem32advpack.DLL (Microsoft Corporation)
    O4 — HKUS-1-5-18..RunOnce: [IE7_011] File not found
    O4 — HKUS-1-5-18..RunOnce: [IE7_012] C:WINDOWSSystem32advpack.DLL (Microsoft Corporation)
    O4 — HKUS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] C:WINDOWSSystem32advpack.DLL (Microsoft Corporation)
    O4 — Startup: C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаQuickTV.lnk = C:Program FilesAVerTVQuickTV.exe (AVerMedia Technologies, Inc.)
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108607
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: dontdisplaylastusername = 0
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: legalnoticecaption =
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: legalnoticetext =
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: shutdownwithoutlogon = 1
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: undockwithoutlogon = 1
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: NoInternetOpenWith = 1
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DisableRegistryTools = 0
    O7 — HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
    O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
    O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
    O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
    O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
    O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
    O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
    O7 — HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
    O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
    O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
    O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
    O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
    O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
    O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
    O7 — HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
    O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
    O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
    O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
    O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
    O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
    O7 — HKUS-1-5-19_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
    O7 — HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
    O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
    O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
    O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
    O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
    O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
    O7 — HKUS-1-5-20_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108543
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DisableRegistryTools = 0
    O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
    O10 — NameSpace_Catalog5Catalog_Entries00000000001 [] — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — NameSpace_Catalog5Catalog_Entries00000000003 [] — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000001 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000002 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000003 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000004 — C:WINDOWSSystem32rsvpsp.dll (Microsoft Corporation)
    O10 — Protocol_Catalog9Catalog_Entries00000000005 — C:WINDOWSSystem32rsvpsp.dll (Microsoft Corporation)
    O10 — Protocol_Catalog9Catalog_Entries00000000006 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000007 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000008 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000009 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000010 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000011 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000012 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000013 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000014 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000015 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000016 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O10 — Protocol_Catalog9Catalog_Entries00000000017 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
    O16 — DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
    O16 — DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
    O16 — DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
    O18 — ProtocolHandlerdvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} — C:WINDOWSSystem32msvidctl.dll (Корпорация Майкрософт)
    O18 — ProtocolHandlerhttpx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
    O18 — ProtocolHandlerhttpoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
    O18 — ProtocolHandlerhttpsx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
    O18 — ProtocolHandlerhttpsoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
    O18 — ProtocolHandleripp — No CLSID value found
    O18 — ProtocolHandlerippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
    O18 — ProtocolHandlermsdaipp — No CLSID value found
    O18 — ProtocolHandlermsdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
    O18 — ProtocolHandlermsdaippoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
    O18 — ProtocolHandlerms-itss {0A9007C0-4076-11D3-8789-0000F8105754} — C:Program FilesCommon FilesMicrosoft SharedInformation RetrievalMSITSS.DLL (Microsoft Corporation)
    O18 — ProtocolHandlermso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} — C:Program FilesCommon FilesMicrosoft SharedWeb Components10OWC10.DLL (Microsoft Corporation)
    O18 — ProtocolHandlermso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} — C:Program FilesCommon FilesMicrosoft SharedWeb Components11OWC11.DLL (Microsoft Corporation)
    O18 — ProtocolHandlertv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} — C:WINDOWSSystem32msvidctl.dll (Корпорация Майкрософт)
    O18 — ProtocolFilter: — text/webviewhtml — C:WINDOWSSystem32SHELL32.dll (Корпорация Майкрософт)
    O18 — ProtocolFilter: — text/xml — C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL (Microsoft Corporation)
    O20 — HKLM Winlogon: Shell — (Explorer.exe) — C:WINDOWSExplorer.exe (Корпорация Майкрософт)
    O20 — HKLM Winlogon: UserInit — (C:WINDOWSsystem32userinit.exe) — C:WINDOWSSystem32userinit.exe (Корпорация Майкрософт)
    O20 — HKLM Winlogon: UIHost — (logonui.exe) — C:WINDOWSSystem32logonui.exe (Корпорация Майкрософт)
    O20 — HKLM Winlogon: VMApplet — (rundll32 shell32) — C:WINDOWSSystem32shell32.dll (Корпорация Майкрософт)
    O20 — HKLM Winlogon: VMApplet — (Control_RunDLL «sysdm.cpl») — C:WINDOWSSystem32sysdm.cpl (Корпорация Майкрософт)
    O20 — WinlogonNotifycrypt32chain: DllName — crypt32.dll — C:WINDOWSSystem32crypt32.dll (Корпорация Майкрософт)
    O20 — WinlogonNotifycscdll: DllName — cscdll.dll — C:WINDOWSSystem32cscdll.dll (Корпорация Майкрософт)
    O20 — WinlogonNotifyScCertProp: DllName — wlnotify.dll — C:WINDOWSSystem32wlnotify.dll (Корпорация Майкрософт)
    O20 — WinlogonNotifySchedule: DllName — wlnotify.dll — C:WINDOWSSystem32wlnotify.dll (Корпорация Майкрософт)
    O20 — WinlogonNotifysclgntfy: DllName — sclgntfy.dll — C:WINDOWSSystem32sclgntfy.dll (Корпорация Майкрософт)
    O20 — WinlogonNotifySensLogn: DllName — WlNotify.dll — C:WINDOWSSystem32WlNotify.dll (Корпорация Майкрософт)
    O20 — WinlogonNotifytermsrv: DllName — wlnotify.dll — C:WINDOWSSystem32wlnotify.dll (Корпорация Майкрософт)
    O20 — WinlogonNotifywlballoon: DllName — wlnotify.dll — C:WINDOWSSystem32wlnotify.dll (Корпорация Майкрософт)
    O21 — SSODL: CDBurn — {fbeb8a05-beee-4442-804e-409d6c4515e9} — C:WINDOWSSystem32SHELL32.dll (Корпорация Майкрософт)
    O21 — SSODL: SysTray — {35CEC8A3-2BE6-11D2-8773-92E220524153} — C:WINDOWSSystem32stobject.dll (Корпорация Майкрософт)
    O22 — SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} — Предзагрузчик Browseui — C:WINDOWSSystem32browseui.dll (Корпорация Майкрософт)
    O22 — SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} — Демон кэша категорий компонентов — C:WINDOWSSystem32browseui.dll (Корпорация Майкрософт)
    O24 — Desktop Components:0 (Моя текущая домашняя страница) — About:Home
    O28 — HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} — Reg Error: Key error. File not found
    O29 — HKLM SecurityProviders — (digest.dll) — C:WINDOWSSystem32digest.dll (Корпорация Майкрософт)
    O29 — HKLM SecurityProviders — (msnsspc.dll) — C:WINDOWSSystem32msnsspc.dll (Корпорация Майкрософт)
    O31 — SafeBoot: AlternateShell — cmd.exe
    O32 — HKLM CDRom: AutoRun — 1
    O32 — AutoRun File — [2009.05.12 17:13:46 | 00,000,000 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]
    O34 — HKLM BootExecute: (autocheck) — File not found
    O34 — HKLM BootExecute: (autochk) — C:WINDOWSSystem32autochk.exe (Microsoft Corporation)
    O34 — HKLM BootExecute: (*) — File not found
    O34 — HKLM BootExecute: (OODBS) — C:WINDOWSSystem32OODBS.exe (O&O Software GmbH)

    ========== Files/Folders — Created Within 30 Days ==========

    [1 C:WINDOWSSystem32*.tmp files]
    [3 C:WINDOWS*.tmp files]
    [2009.06.24 18:15:07 | 00,512,512 | —- | C] (OldTimer Tools) — C:Documents and SettingsAdminРабочий столOTL.exe
    [2009.06.23 12:48:40 | 00,666,391 | —- | C] () — C:Documents and SettingsAdminРабочий столoldiprr.zip
    [2009.06.19 17:57:01 | 00,780,411 | —- | C] () — C:Documents and SettingsAdminРабочий столСистема непрерывной подачи чернил с раздельными картриджами.rar
    [2009.06.19 17:10:47 | 00,092,816 | —- | C] () — C:Documents and SettingsAdminРабочий столСистема непрерывной подачи чернил Hewlett packard.rar
    [2009.06.19 00:14:42 | 00,000,000 | -HSD | C] — C:RECYCLER
    [2009.06.18 13:06:50 | 00,000,000 | —D | C] — C:WINDOWSERDNT
    [2009.06.17 18:56:52 | 00,000,308 | —- | C] () — C:WINDOWStasksWebReg Photosmart C5100 series.job
    [2009.06.17 10:08:05 | 00,000,506 | —- | C] () — C:WINDOWStasksБыстрое решение проблем.job
    [2009.06.17 10:03:17 | 00,603,904 | —- | C] (TuneUp Software) — C:WINDOWSSystem32TUProgSt.exe
    [2009.06.17 10:03:15 | 00,360,192 | —- | C] (TuneUp Software) — C:WINDOWSSystem32TuneUpDefragService.exe
    [2009.06.17 10:03:15 | 00,027,904 | —- | C] (TuneUp Software) — C:WINDOWSSystem32uxtuneup.dll
    [2009.06.17 10:03:14 | 00,000,486 | —- | C] () — C:WINDOWStasks1-Click Maintenance.job
    [2009.06.17 10:03:12 | 00,000,000 | —D | C] — C:Documents and SettingsAdminApplication DataTuneUp Software
    [2009.06.17 10:03:10 | 00,001,617 | —- | C] () — C:Documents and SettingsAll UsersРабочий столTuneUp 1-Click Maintenance.lnk
    [2009.06.17 10:03:10 | 00,001,545 | —- | C] () — C:Documents and SettingsAll UsersРабочий столTuneUp Utilities 2009.lnk
    [2009.06.17 10:02:43 | 00,000,000 | —D | C] — C:Documents and SettingsAll UsersApplication DataTuneUp Software
    [2009.06.17 10:02:41 | 00,000,000 | —D | C] — C:Program FilesTuneUp Utilities 2009
    [2009.06.17 10:02:27 | 00,000,000 | -HSD | C] — C:Documents and SettingsAll UsersApplication Data{55A29068-F2CE-456C-9148-C869879E2357}
    [2009.06.16 00:57:05 | 00,812,344 | —- | C] (Trend Micro Inc.) — C:Documents and SettingsAdminРабочий столHJTInstall.exe
    [2009.06.15 12:55:53 | 00,000,000 | —D | C] — C:Documents and SettingsAdminМои документыМои альбомы
    [2009.06.14 01:32:25 | 00,000,000 | —D | C] — C:Program Filestrend micro
    [2009.06.12 15:34:11 | 00,000,000 | —D | C] — C:Documents and SettingsAll UsersApplication DataCrystalIdea Software
    [2009.06.12 13:06:45 | 00,000,000 | —D | C] — C:Documents and SettingsAdminLocal SettingsApplication DataNero
    [2009.06.12 13:03:29 | 00,000,000 | —D | C] — C:Documents and SettingsAdminМои документыNeroVision
    [2009.06.07 16:32:49 | 00,000,000 | —D | C] — C:WINDOWSSystem32appmgmt
    [2009.06.07 16:25:29 | 00,000,000 | —D | C] — C:Documents and SettingsAdminApplication DataBinarySense
    [2009.06.07 16:25:20 | 00,000,000 | —D | C] — C:Program FilesCommon FilesBinarySense
    [2009.06.07 16:25:20 | 00,000,000 | —D | C] — C:Program FilesBinarySense
    [2009.06.07 14:31:07 | 00,000,000 | —D | C] — C:Documents and SettingsAdminApplication DataLavasoft
    [2009.06.07 11:26:19 | 00,010,368 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32drivershidusb.sys
    [2009.05.28 14:39:18 | 01,175,256 | —- | C] (VirusBuster Kft.) — C:WINDOWSSystem32driversVBEngNT.sys
    [2009.05.28 14:39:17 | 00,704,384 | —- | C] (Agnitum Ltd.) — C:WINDOWSSystem32driversSandBox.sys
    [2009.05.28 14:39:10 | 00,257,432 | —- | C] (Agnitum Ltd.) — C:WINDOWSSystem32driversafwcore.sys
    [2009.05.28 14:38:57 | 00,000,049 | —- | C] () — C:WINDOWStransp.gif
    [2009.05.28 14:38:52 | 00,031,128 | —- | C] (Agnitum Ltd.) — C:WINDOWSSystem32driversafw.sys
    [2009.05.28 14:38:48 | 00,000,000 | —D | C] — C:WINDOWSSystem32Filt
    [2009.05.28 14:38:48 | 00,000,000 | —D | C] — C:Program FilesAgnitum
    [2009.05.28 14:38:48 | 00,000,000 | —D | C] — C:Documents and SettingsAdminApplication DataAgnitum
    [2009.05.28 14:38:12 | 00,000,000 | —D | C] — C:Documents and SettingsAll UsersApplication DataAgnitum
    [2009.05.27 19:41:45 | 00,000,846 | —- | C] () — C:Documents and SettingsAll UsersРабочий столAshampoo Burning Studio 2009.lnk
    [2009.05.27 19:41:37 | 00,000,000 | —D | C] — C:Program FilesAshampoo
    [2009.05.27 13:25:04 | 00,000,000 | —D | C] — C:Documents and SettingsAdminМои документыФайлы Mail.Ru Агента
    [2009.05.18 00:53:31 | 00,000,069 | —- | C] () — C:WINDOWSNeroDigital.ini
    [2009.05.13 00:16:09 | 00,100,560 | —- | C] () — C:WINDOWSSystem32driversVBoxDrv.sys
    [2009.05.12 19:45:19 | 00,000,394 | —- | C] () — C:WINDOWSODBC.INI
    [2009.05.12 18:43:03 | 00,168,448 | —- | C] () — C:WINDOWSSystem32unrar.dll
    [2009.05.12 18:43:01 | 00,795,648 | —- | C] () — C:WINDOWSSystem32xvidcore.dll
    [2009.05.12 18:43:00 | 03,596,288 | —- | C] () — C:WINDOWSSystem32qt-dx331.dll
    [2009.05.12 18:43:00 | 00,130,048 | —- | C] () — C:WINDOWSSystem32xvidvfw.dll
    [2009.05.12 18:42:59 | 00,084,480 | —- | C] () — C:WINDOWSSystem32ff_vfw.dll
    [2009.05.12 18:42:59 | 00,000,547 | —- | C] () — C:WINDOWSSystem32ff_vfw.dll.manifest
    [2009.05.12 17:28:34 | 00,015,327 | —- | C] () — C:WINDOWSAscd_tmp.ini
    [2009.05.12 17:28:31 | 00,005,824 | —- | C] () — C:WINDOWSSystem32driversASUSHWIO.SYS
    [2009.05.12 17:17:23 | 00,717,296 | —- | C] () — C:WINDOWSSystem32driverssptd.sys
    [2009.05.12 17:17:19 | 00,000,951 | —- | C] () — C:WINDOWSSystem32oeminfo.ini
    [2009.05.12 17:14:23 | 00,271,264 | —- | C] () — C:WINDOWSSystem32vbrun100.dll
    [2009.05.12 17:14:23 | 00,210,944 | —- | C] () — C:WINDOWSSystem32msvcrt10.dll
    [2009.05.12 17:14:23 | 00,059,904 | —- | C] () — C:WINDOWSSystem32zlib1.dll
    [2008.04.15 16:00:00 | 00,000,658 | —- | C] () — C:WINDOWSwin.ini
    [2008.04.15 16:00:00 | 00,000,227 | —- | C] () — C:WINDOWSsystem.ini
    [2007.03.12 21:31:28 | 01,732,608 | —- | C] () — C:WINDOWSSystem32BCGPStyle2007Luna.dll
    [2006.01.04 13:12:04 | 00,077,824 | —- | C] () — C:WINDOWSSystem32HPZIDS01.dll
    [2005.09.02 10:45:36 | 00,008,366 | —- | C] () — C:WINDOWSAVerTV.ini
    [2005.06.16 05:20:00 | 01,724,416 | —- | C] () — C:WINDOWSSystem32nvwdmcpl.dll
    [2005.06.16 05:20:00 | 01,507,328 | —- | C] () — C:WINDOWSSystem32nview.dll
    [2005.06.16 05:20:00 | 01,101,824 | —- | C] () — C:WINDOWSSystem32nvwimg.dll
    [2005.06.16 05:20:00 | 00,540,672 | —- | C] () — C:WINDOWSSystem32nvhwvid.dll
    [2005.06.16 05:20:00 | 00,466,944 | —- | C] () — C:WINDOWSSystem32nvshell.dll
    [2003.04.10 13:43:32 | 00,005,412 | —- | C] () — C:WINDOWSSystem32OUTLPERF.INI
    [2001.07.07 03:00:02 | 00,003,249 | —- | C] () — C:WINDOWSSystem32HPTCPMON.INI

    ========== Files — Modified Within 30 Days ==========

    [1 C:WINDOWSSystem32*.tmp files]
    [3 C:WINDOWS*.tmp files]
    [2009.06.24 18:15:20 | 00,512,512 | —- | M] (OldTimer Tools) — C:Documents and SettingsAdminРабочий столOTL.exe
    [2009.06.24 18:00:01 | 00,000,506 | —- | M] () — C:WINDOWStasksБыстрое решение проблем.job
    [2009.06.24 18:00:01 | 00,000,486 | —- | M] () — C:WINDOWStasks1-Click Maintenance.job
    [2009.06.24 13:51:26 | 00,000,027 | —- | M] () — C:WINDOWSSystem32driversetchosts
    [2009.06.24 12:41:20 | 00,200,866 | —- | M] () — C:WINDOWSSystem32nvapps.xml
    [2009.06.24 12:41:15 | 00,008,366 | —- | M] () — C:WINDOWSAVerTV.ini
    [2009.06.24 12:40:58 | 00,000,006 | -H— | M] () — C:WINDOWStasksSA.DAT
    [2009.06.24 12:40:56 | 00,002,206 | —- | M] () — C:WINDOWSSystem32wpa.dbl
    [2009.06.24 12:40:54 | 00,002,048 | —S- | M] () — C:WINDOWSbootstat.dat
    [2009.06.24 12:40:51 | 00,155,794 | —- | M] () — C:WINDOWSSystem32oodbs.lor
    [2009.06.23 22:05:06 | 00,077,824 | —- | M] () — C:Documents and SettingsAdminLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.06.23 13:43:50 | 00,000,069 | —- | M] () — C:WINDOWSNeroDigital.ini
    [2009.06.23 12:53:13 | 00,666,391 | —- | M] () — C:Documents and SettingsAdminРабочий столoldiprr.zip
    [2009.06.23 00:55:17 | 00,000,051 | —- | M] () — C:Documents and SettingsAdminApplication Datadefault.pls
    [2009.06.19 17:57:10 | 00,780,411 | —- | M] () — C:Documents and SettingsAdminРабочий столСистема непрерывной подачи чернил с раздельными картриджами.rar
    [2009.06.19 17:10:47 | 00,092,816 | —- | M] () — C:Documents and SettingsAdminРабочий столСистема непрерывной подачи чернил Hewlett packard.rar
    [2009.06.18 13:18:54 | 00,000,227 | —- | M] () — C:WINDOWSsystem.ini
    [2009.06.17 18:56:53 | 00,000,308 | —- | M] () — C:WINDOWStasksWebReg Photosmart C5100 series.job
    [2009.06.17 10:03:17 | 00,603,904 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TUProgSt.exe
    [2009.06.17 10:03:15 | 00,360,192 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TuneUpDefragService.exe
    [2009.06.17 10:03:10 | 00,001,617 | —- | M] () — C:Documents and SettingsAll UsersРабочий столTuneUp 1-Click Maintenance.lnk
    [2009.06.17 10:03:10 | 00,001,545 | —- | M] () — C:Documents and SettingsAll UsersРабочий столTuneUp Utilities 2009.lnk
    [2009.06.16 00:57:19 | 00,812,344 | —- | M] (Trend Micro Inc.) — C:Documents and SettingsAdminРабочий столHJTInstall.exe
    [2009.06.12 11:59:44 | 01,097,152 | —- | M] () — C:WINDOWSSystem32PerfStringBackup.INI
    [2009.06.12 11:59:44 | 00,485,242 | —- | M] () — C:WINDOWSSystem32perfh019.dat
    [2009.06.12 11:59:44 | 00,441,760 | —- | M] () — C:WINDOWSSystem32perfh009.dat
    [2009.06.12 11:59:44 | 00,084,660 | —- | M] () — C:WINDOWSSystem32perfc019.dat
    [2009.06.12 11:59:44 | 00,071,444 | —- | M] () — C:WINDOWSSystem32perfc009.dat
    [2009.05.28 14:32:27 | 00,005,709 | —- | M] () — C:WINDOWSSystem32CONFIG.NT
    [2009.05.27 19:41:45 | 00,000,846 | —- | M] () — C:Documents and SettingsAll UsersРабочий столAshampoo Burning Studio 2009.lnk

    ========== Alternate Data Streams ==========

    @Alternate Data Stream — 108 bytes -> C:Documents and SettingsAll UsersApplication DataTEMP:2BE9FEFC

    21 июня, 2009 в 10:56 дп в ответ на: зависание системы (правая клавиша мышки) #24381
    kyud
    Participant
    • Темы:1
    • Сообщений:7
    • ☆

    Добрый день, Валерий!
    Спасибо за ответ. Проблема осталась, только теперь если кликнуть правой клавишей на папку не на рабочем столе все также виснет, я снимаю задачу через диспетчера задач, появляется окно завершение процесса explorer.exe, я завершаю процесс. Процесс завершается и после этого все начинает работать, то есть навожу курсор на папку на рабочем столе, жму на правую клавишу и открывается контексное меню, все работает пробовал несколько раз. Но после выключения,при новом включении или после перезагрузки, проблема опять всплывает и снова пока не проделаешь вышеописанную процедуру система виснет.
    Сделал все как вы сказали, вставляю лог.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:46:01, on 21.06.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20935)
    Boot mode: Normal

    Running processes:
    C:WINDOWSSystem32smss.exe
    C:WINDOWSsystem32winlogon.exe
    C:WINDOWSsystem32services.exe
    C:WINDOWSsystem32lsass.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32svchost.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSExplorer.EXE
    C:WINDOWSsystem32spoolsv.exe
    C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe
    C:Program FilesJavajre6binjqs.exe
    C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
    C:Program FilesNeroNero8Nero BackItUpNBService.exe
    C:WINDOWSsystem32nvsvc32.exe
    C:WINDOWSsystem32oodag.exe
    C:WINDOWSsystem32HPZipm12.exe
    C:Program FilesCyberLinkShared filesRichVideo.exe
    C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32TUProgSt.exe
    C:Program FilesAnalog DevicesCoresmax4pnp.exe
    C:WINDOWSsystem32RUNDLL32.EXE
    C:Program FilesJavajre6binjusched.exe
    C:Program FilesMail.RuAgentMAgent.exe
    C:WINDOWSsystem32oodtray.exe
    C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
    C:Program FilesCyberlinkShared Filesbrs.exe
    C:Program FilesVistaDriveIconVistaDrv.exe
    C:Program FilesPunto Switcherpunto.exe
    C:WINDOWSsystem32ctfmon.exe
    C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
    C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
    C:Program FilesTuneUp Utilities 2009MemOptimizer.exe
    C:Program FilesAVerTVQuickTV.exe
    C:Program FilesCommon FilesNeroLibNMIndexingService.exe
    C:Program FilesPC Connectivity SolutionServiceLayer.exe
    C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
    C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
    C:WINDOWSsystem32wbemwmiapsrv.exe
    C:WINDOWSsystem32wuauclt.exe
    C:Program Filestrend microHijackThisHijackThis.exe

    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
    R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
    O2 — BHO: SnagIt Toolbar Loader — {00C6482D-C502-44C8-8409-FCE54AD9C208} — C:Program FilesTechSmithSnagit 9SnagitBHO.dll
    O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
    O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMailRuSputnik.dll
    O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
    O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
    O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
    O3 — Toolbar: Snagit — {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — C:Program FilesTechSmithSnagit 9SnagitIEAddin.dll
    O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
    O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe
    O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
    O4 — HKLM..Run: [nwiz] nwiz.exe /install
    O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
    O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
    O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
    O4 — HKLM..Run: [OODefragTray] C:WINDOWSsystem32oodtray.exe
    O4 — HKLM..Run: [RemoteControl8] «C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe»
    O4 — HKLM..Run: [PDVD8LanguageShortcut] «C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe»
    O4 — HKLM..Run: [BDRegion] C:Program FilesCyberlinkShared Filesbrs.exe
    O4 — HKLM..Run: [OutpostMonitor] C:PROGRA~1AgnitumOUTPOS~1op_mon.exe /tray /noservice
    O4 — HKLM..Run: [OutpostFeedBack] «C:Program FilesAgnitumOutpost Security Suite Profeedback.exe» /dump:os_startup
    O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
    O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
    O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    O4 — HKCU..Run: [PC Suite Tray] «C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
    O4 — HKCU..Run: [AlcoholAutomount] «C:Program FilesAlcohol SoftAlcohol 120axcmd.exe» /automount
    O4 — HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe» ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 — HKCU..Run: [TuneUp MemOptimizer] «C:Program FilesTuneUp Utilities 2009MemOptimizer.exe» autostart
    O4 — HKUSS-1-5-18..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User ‘SYSTEM’)
    O4 — HKUS.DEFAULT..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘Default user’)
    O4 — HKUS.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘Default user’)
    O4 — Global Startup: QuickTV.lnk = C:Program FilesAVerTVQuickTV.exe
    O23 — Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) — ABBYY (BIT Software) — C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe
    O23 — Service: Agnitum Client Security Service (acssrv) — Agnitum Ltd. — C:PROGRA~1AgnitumOUTPOS~1acs.exe
    O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: HP Port Resolver — Hewlett-Packard Company — C:WINDOWSsystem32spooldriversw32x863HPBPRO.EXE
    O23 — Service: HP Status Server — Hewlett-Packard Company — C:WINDOWSsystem32spooldriversw32x863HPBOID.EXE
    O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
    O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
    O23 — Service: Nero BackItUp Scheduler 3 — Nero AG — C:Program FilesNeroNero8Nero BackItUpNBService.exe
    O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
    O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
    O23 — Service: O&O Defrag — O&O Software GmbH — C:WINDOWSsystem32oodag.exe
    O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Pml Driver HPZ12 — HP — C:WINDOWSsystem32HPZipm12.exe
    O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:Program FilesCyberLinkShared filesRichVideo.exe
    O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
    O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
    O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
    O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
    O23 — Service: TuneUp Drive Defrag Service (TuneUp.Defrag) — TuneUp Software — C:WINDOWSSystem32TuneUpDefragService.exe
    O23 — Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) — TuneUp Software — C:WINDOWSSystem32TUProgSt.exe
    O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
    O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

    —
    End of file — 8926 bytes
    И подскажите как после использования правильно удалить HijackThis и RSIT. Заранее благодарен!

    18 июня, 2009 в 9:37 дп в ответ на: зависание системы (правая клавиша мышки) #24379
    kyud
    Participant
    • Темы:1
    • Сообщений:7
    • ☆

    Добрый день,Валерий!Спасибо за ответ!
    Если нажимаешь на пустом месте рабочего стола все работает как и должно работать,а также работает ярлык «Мой компьютер» кликаю правой клавишей все работает, а вот со всеми остальными ярлыками , файлами, папками -зависает!Если не с рабочего стола открываешь правой клавишей, тоже виснет, но там хоть через диспетчера задач снимаешь задачу и не нужно перегружаться. Прилагаю лог Combofix.

    ComboFix 09-06-17.02 — Admin 18.06.2009 13:10.1 — NTFSx86
    Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.1023.563 [GMT 4:00]
    Running from: c:documents and settingsAdminРабочий столComboFix.exe
    AV: Outpost Security Suite Pro *On-access scanning disabled* (Updated) {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
    FW: Outpost Security Suite Pro *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:windowssystem32IoctlSvc.exe
    c:documents and settingsAdminApplication Datainst.exe
    c:windowsIE4 Error Log.txt

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    Legacy_PLFlash_DeviceIoControl_Service

    Service_PLFlash DeviceIoControl Service

    ((((((((((((((((((((((((( Files Created from 2009-05-18 to 2009-06-18 )))))))))))))))))))))))))))))))
    .

    2009-06-17 06:03 . 2009-06-17 06:03 603904 —-a-w- c:windowssystem32TUProgSt.exe
    2009-06-17 06:03 . 2009-06-17 06:03 360192 —-a-w- c:windowssystem32TuneUpDefragService.exe
    2009-06-17 06:03 . 2008-12-11 09:31 27904 —-a-w- c:windowssystem32uxtuneup.dll
    2009-06-17 06:03 . 2009-06-17 06:03

    d

    w- c:documents and settingsAdminApplication DataTuneUp Software
    2009-06-17 06:02 . 2009-06-17 06:02

    d

    w- c:documents and settingsAll UsersApplication DataTuneUp Software
    2009-06-17 06:02 . 2009-06-17 06:05

    d

    w- c:program filesTuneUp Utilities 2009
    2009-06-17 06:02 . 2009-06-17 06:02

    d-sh—w- c:documents and settingsAll UsersApplication Data{55A29068-F2CE-456C-9148-C869879E2357}
    2009-06-13 21:32 . 2009-06-15 20:59

    d

    w- C:rsit
    2009-06-13 21:32 . 2009-06-15 20:57

    d

    w- c:program filestrend micro
    2009-06-12 11:34 . 2009-06-12 11:34

    d

    w- c:documents and settingsAll UsersApplication DataCrystalIdea Software
    2009-06-12 09:06 . 2009-06-12 09:06

    d

    w- c:documents and settingsAdminLocal SettingsApplication DataNero
    2009-06-07 12:25 . 2009-06-07 12:25

    d

    w- c:documents and settingsAdminApplication DataBinarySense
    2009-06-07 12:25 . 2009-06-08 03:51

    d

    w- c:program filesCommon FilesBinarySense
    2009-06-07 12:25 . 2009-06-07 12:25

    d

    w- c:program filesBinarySense
    2009-06-07 10:31 . 2009-06-08 19:02

    d

    w- c:documents and settingsAdminApplication DataLavasoft
    2009-06-07 07:26 . 2008-04-13 20:15 10368 —-a-w- c:windowssystem32drivershidusb.sys
    2009-06-05 10:49 . 2009-06-05 10:49

    d

    w- c:documents and settingsAdminDoctorWeb
    2009-05-28 10:39 . 2009-04-03 11:23 1175256 —-a-w- c:windowssystem32driversVBEngNT.sys
    2009-05-28 10:39 . 2009-04-06 07:37 704384 —-a-w- c:windowssystem32driversSandBox.sys
    2009-05-28 10:39 . 2009-02-10 12:15 257432 —-a-w- c:windowssystem32driversafwcore.sys
    2009-05-28 10:38 . 2009-02-18 13:30 31128 —-a-w- c:windowssystem32driversafw.sys
    2009-05-28 10:38 . 2009-06-17 19:34

    d

    w- c:windowssystem32Filt
    2009-05-28 10:38 . 2009-05-28 10:38

    d

    w- c:program filesAgnitum
    2009-05-28 10:38 . 2009-05-28 10:38

    d

    w- c:documents and settingsAdminApplication DataAgnitum
    2009-05-28 10:38 . 2009-05-28 10:38

    d

    w- c:documents and settingsAll UsersApplication DataAgnitum
    2009-05-27 15:41 . 2009-05-27 15:41

    d

    w- c:program filesAshampoo
    2009-05-20 14:51 . 2009-05-20 14:51

    d

    w- C:bin
    2009-05-20 14:50 . 2009-05-20 14:50

    d

    w- c:program filesCommon FilesSonic Shared
    2009-05-20 14:49 . 2009-05-20 14:50

    d

    w- c:program filesCommon FilesHP
    2009-05-20 14:47 . 2009-05-20 14:47

    d

    w- c:program filesHewlett-Packard
    2009-05-20 14:42 . 2009-05-20 14:53 118968 —-a-w- c:windowshpoins11.dat
    2009-05-20 14:19 . 2009-05-20 14:53

    d

    w- c:documents and settingsAdminApplication DataHP

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-06-15 08:49 . 2009-05-16 21:17

    d

    w- c:documents and settingsAdminApplication DataXnView
    2009-06-12 07:59 . 2008-04-15 12:00 84660 —-a-w- c:windowssystem32perfc019.dat
    2009-06-12 07:59 . 2008-04-15 12:00 485242 —-a-w- c:windowssystem32perfh019.dat
    2009-06-12 07:13 . 2009-05-12 13:54

    d

    w- c:program filesAVerTV
    2009-06-12 06:06 . 2009-05-17 12:39

    d

    w- c:documents and settingsAdminApplication Datafoobar2000
    2009-06-11 04:48 . 2009-05-12 15:46

    d

    w- c:documents and settingsAdminApplication DatauTorrent
    2009-06-08 19:15 . 2009-05-12 15:45

    d

    w- c:program filesCommon FilesWise Installation Wizard
    2009-06-07 15:42 . 2009-05-17 05:51

    d—a-w- c:documents and settingsAll UsersApplication DataTEMP
    2009-06-07 07:42 . 2009-05-12 13:12 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
    2009-06-04 20:39 . 2009-05-16 13:44

    d

    w- c:documents and settingsAdminApplication DataPC Suite
    2009-05-24 10:14 . 2009-05-17 05:28

    d

    w- c:documents and settingsAdminApplication DataSkype
    2009-05-20 14:54 . 2009-05-12 13:56 72576 —-a-w- c:documents and settingsAdminLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
    2009-05-20 14:53 . 2009-05-12 13:57

    d

    w- c:program filesHP
    2009-05-18 05:16 . 2009-05-18 05:16

    d

    w- c:program filesAlwil Software
    2009-05-18 03:50 . 2009-05-16 13:44

    d

    w- c:documents and settingsAdminApplication DataNokia
    2009-05-18 03:50 . 2009-05-16 13:44

    d

    w- c:documents and settingsAll UsersApplication DataPC Suite
    2009-05-18 03:49 . 2009-05-16 13:43

    d

    w- c:program filesNokia
    2009-05-18 03:44 . 2009-05-18 03:44 0 —ha-w- c:windowssystem32driversMsft_Kernel_ccdcmb_01007.Wdf
    2009-05-18 03:44 . 2009-05-18 03:44 0 —ha-w- c:windowssystem32driversMsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
    2009-05-17 12:39 . 2009-05-17 12:39

    d

    w- c:program filesfoobar2000
    2009-05-17 12:20 . 2009-05-17 05:54

    d

    w- c:documents and settingsAll UsersApplication DataDVD Shrink
    2009-05-17 12:19 . 2009-05-17 12:19

    d

    w- c:program filesDVD Shrink
    2009-05-17 12:07 . 2009-05-17 11:06

    d

    w- c:documents and settingsAdminApplication DataCyberLink
    2009-05-17 12:06 . 2009-05-17 12:06

    d

    w- c:program filesCommon FilesCyberLink
    2009-05-17 12:06 . 2009-05-12 13:32

    d—h—w- c:program filesInstallShield Installation Information
    2009-05-17 12:06 . 2009-05-17 11:02

    d

    w- c:program filesCyberLink
    2009-05-17 12:05 . 2009-05-17 12:05 29480 —-a-w- c:windowssystem32msxml3a.dll
    2009-05-17 12:05 . 2008-04-15 12:00 49448 —-a-w- c:windowssystem32msxml3r.dll
    2009-05-17 11:05 . 2009-05-17 11:04

    d

    w- c:documents and settingsAll UsersApplication DataCyberLink
    2009-05-17 10:25 . 2009-05-17 10:25

    d

    w- c:documents and settingsAdminApplication DataPRMT
    2009-05-17 10:15 . 2009-05-17 10:15

    d

    w- c:program filesPRMT8
    2009-05-17 10:15 . 2009-05-17 10:15

    d

    w- c:documents and settingsAll UsersApplication DataPRMT
    2009-05-17 10:09 . 2009-05-17 10:09

    d

    w- c:program filesMSBuild
    2009-05-17 10:09 . 2009-05-17 10:09 161328 —-a-w- c:documents and settingsLocalServiceLocal SettingsApplication DataFontCache3.0.0.0.dat
    2009-05-17 10:06 . 2009-05-17 10:06

    d

    w- c:program filesReference Assemblies
    2009-05-17 09:57 . 2009-05-13 06:38

    d

    w- c:program filesCommon FilesAdobe
    2009-05-17 09:55 . 2009-05-17 09:55

    d

    w- c:program filesKC Softwares
    2009-05-17 08:09 . 2009-05-17 08:09

    d

    w- c:documents and settingsAdminApplication DataNero
    2009-05-17 08:08 . 2009-05-17 08:06

    d

    w- c:program filesCommon FilesNero
    2009-05-17 08:07 . 2009-05-17 08:06

    d

    w- c:documents and settingsAll UsersApplication DataNero
    2009-05-17 08:06 . 2009-05-17 08:06

    d

    w- c:program filesNero
    2009-05-17 07:50 . 2009-05-17 07:41

    d

    w- c:program filesABBYY FineReader 9.0
    2009-05-17 07:46 . 2009-05-17 07:46

    d

    w- c:documents and settingsAdminApplication DataABBYY
    2009-05-17 07:41 . 2009-05-17 07:41

    d

    w- c:documents and settingsAll UsersApplication DataABBYY
    2009-05-17 05:58 . 2009-05-17 05:58

    d

    w- c:documents and settingsAdminApplication DataAltrixSoft
    2009-05-17 05:52 . 2009-05-17 05:50

    d

    w- c:program filesEasy CD-DA Extractor 12
    2009-05-17 05:51 . 2009-05-17 05:51

    d

    w- c:documents and settingsAll UsersApplication DataEasy CD-DA Extractor
    2009-05-17 05:43 . 2009-05-17 05:42

    d

    w- c:program filesWinAVI Video Converter
    2009-05-16 21:16 . 2009-05-16 21:16

    d

    w- c:program filesXnView
    2009-05-16 19:59 . 2009-05-16 19:47

    d

    w- c:program filesAlcohol Soft
    2009-05-16 19:34 . 2009-05-12 15:46

    d

    w- c:program filesUltraISO
    2009-05-16 19:34 . 2009-05-12 15:46

    d

    w- c:program filesCommon FilesEZB Systems
    2009-05-16 19:04 . 2009-05-16 19:04

    d

    w- c:program filesOO Software
    2009-05-16 18:49 . 2009-05-16 18:49

    d

    w- c:documents and settingsAdminApplication DataMra
    2009-05-16 18:49 . 2009-05-16 18:48

    d

    w- c:program filesMail.Ru
    2009-05-16 13:44 . 2009-05-16 13:44

    d

    w- c:program filesCommon FilesPCSuite
    2009-05-16 13:44 . 2009-05-16 13:44

    d

    w- c:program filesCommon FilesNokia
    2009-05-16 13:43 . 2009-05-16 13:43

    d

    w- c:program filesDIFX
    2009-05-16 13:43 . 2009-05-16 13:43

    d

    w- c:program filesPC Connectivity Solution
    2009-05-16 13:42 . 2009-05-16 13:42 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}InstallerCommonCustomActionsUninstCCD.exe
    2009-05-16 13:42 . 2009-05-16 13:42 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}InstallerCommonCustomActionsUninstPCSFEMsi.exe
    2009-05-16 13:42 . 2009-05-16 13:42 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}InstallerCommonCustomActionsUninstPCS.exe
    2009-05-16 13:42 . 2009-05-16 13:42

    d

    w- c:documents and settingsAll UsersApplication DataInstallations
    2009-05-16 03:24 . 2009-05-16 03:24

    d

    w- c:program filesMediaInfo
    2009-05-15 03:38 . 2009-05-15 03:38

    d

    w- c:documents and settingsAdminApplication DataAshampoo
    2009-05-15 03:37 . 2009-05-15 03:37

    d

    w- c:documents and settingsAll UsersApplication Dataashampoo
    2009-05-13 06:40 . 2009-05-13 06:40

    d

    w- c:documents and settingsAdminApplication DataVso
    2009-05-13 06:40 . 2009-05-13 06:40 47360 —-a-w- c:windowssystem32driverspcouffin.sys
    2009-05-13 06:40 . 2009-05-13 06:40 47360 —-a-w- c:documents and settingsAdminApplication Datapcouffin.sys
    2009-05-13 06:40 . 2009-05-13 06:40 47360 —-a-w- c:documents and settingsAdminApplication Datapcouffin.sys
    2009-05-13 06:40 . 2009-05-13 06:40

    d

    w- c:program filesDVDFab 5
    2009-05-12 21:28 . 2009-05-12 21:25

    d

    w- c:program filesjv16 PowerTools 2009
    2009-05-12 21:25 . 2009-05-12 21:25 23 —sha-w- c:windowssystem32cbbefbcaf2_x.dat
    2009-05-12 20:40 . 2009-05-12 13:17 410984 —-a-w- c:windowssystem32deploytk.dll
    2009-05-12 20:40 . 2009-05-12 20:40

    d

    w- c:program filesJava
    2009-05-12 20:38 . 2009-05-12 20:38

    d

    w- c:program filesMSECache
    2009-05-12 20:28 . 2009-05-12 20:28

    d

    w- c:program filesLight Alloy
    2009-05-12 20:16 . 2009-05-12 20:16

    d

    w- c:program filesTeamViewer
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesSun xVM VirtualBox
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesSkype
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesuTorrent
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:documents and settingsDefault UserApplication DatauTorrent
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesDownload Master
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:documents and settingsAdminApplication DataDownload Master
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesUnlocker
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesTotal Commander
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesEverest
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesOpera
    2009-05-12 15:46 . 2009-05-12 15:46

    d

    w- c:program filesUninstall Tool
    2009-05-12 15:45 . 2009-05-12 15:45

    d

    w- c:program filesTechSmith
    2009-05-12 15:45 . 2009-05-12 15:45

    d

    w- c:documents and settingsAll UsersApplication DataTechSmith
    2009-05-12 15:43 . 2009-05-12 15:43

    d

    w- c:program filesMicrosoft Works
    2009-05-12 15:43 . 2009-05-12 15:43

    d

    w- c:program filesMicrosoft.NET
    2009-05-12 15:42 . 2009-05-12 15:42

    d

    w- c:program filesPunto Switcher
    2009-05-12 15:42 . 2009-05-12 15:42

    d—a-w- c:documents and settingsAdminApplication DataYandex
    2009-05-12 14:43 . 2009-05-12 14:43

    d

    w- c:documents and settingsAdminApplication DataMedia Player Classic
    2009-05-12 14:43 . 2009-05-12 14:42

    d

    w- c:program filesK-Lite Codec Pack
    2009-05-12 14:34 . 2009-05-12 14:34 128 —-a-w- c:documents and settingsAdminLocal SettingsApplication Datafusioncache.dat
    2009-05-12 14:10 . 2009-05-12 14:10

    d

    w- c:documents and settingsAll UsersApplication DataHP
    2009-05-12 14:08 . 2009-05-12 14:08

    d

    w- c:documents and settingsAll UsersApplication DataSonic
    .

    Sigcheck


    [-] 2008-12-19 14:11 631808 A46326FFE00FF90CB9A372B94E571438 c:windowssystem32user32.dll

    [-] 2008-12-19 14:11 884224 9CA2A8437D6C26D64FCD860A94006401 c:windowssystem32wininet.dll

    [-] 2008-12-13 22:30 361600 EC936BB945F789C0B4DAE06397334430 c:windowssystem32driverstcpip.sys

    [-] 2008-12-19 14:06 2207232 FC64B5369E3F5A18668D529950ECC29B c:windowssystem32ntkrnlpa.exe

    [-] 2008-12-19 14:01 2330368 CE07EC9D1AD64289933C3D94EDEC3215 c:windowssystem32ntoskrnl.exe

    [-] 2008-12-19 14:09 1926144 E448E5836FEA2DE06AE6EE1D05874B3C c:windowsexplorer.exe

    [-] 2008-12-19 14:09 37376 0DE18690E4223998E471048889F09B8B c:windowssystem32ctfmon.exe

    [-] 2008-12-19 14:07 1571840 9C8FB3912BB3A20E7A9A079960EEC0A2 c:windowssystem32sfcfiles.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
    «VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-03-23 132096]
    «Punto Switcher»=»c:program filesPunto Switcherpunto.exe» [2008-10-30 734504]
    «ctfmon.exe»=»c:windowssystem32ctfmon.exe» [2008-12-19 37376]
    «PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-03-20 1312256]
    «AlcoholAutomount»=»c:program filesAlcohol SoftAlcohol 120axcmd.exe» [2008-09-02 205256]
    «IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesNeroLibNMIndexStoreSvr.exe» [2008-12-12 1840424]
    «TuneUp MemOptimizer»=»c:program filesTuneUp Utilities 2009MemOptimizer.exe» [2008-12-13 157952]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
    «SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2005-05-20 925696]
    «NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2009-02-09 13680640]
    «NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2009-02-09 86016]
    «SunJavaUpdateSched»=»c:program filesJavajre6binjusched.exe» [2009-05-12 148888]
    «MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2009-05-16 6210744]
    «OODefragTray»=»c:windowssystem32oodtray.exe» [2009-02-25 2553088]
    «RemoteControl8″=»c:program filesCyberLinkPowerDVD8PDVD8Serv.exe» [2008-03-20 83240]
    «PDVD8LanguageShortcut»=»c:program filesCyberLinkPowerDVD8LanguageLanguage.exe» [2007-12-14 50472]
    «BDRegion»=»c:program filesCyberlinkShared Filesbrs.exe» [2008-06-27 91432]
    «OutpostMonitor»=»c:progra~1AgnitumOUTPOS~1op_mon.exe» [2009-04-15 1289048]
    «OutpostFeedBack»=»c:program filesAgnitumOutpost Security Suite Profeedback.exe» [2009-04-14 433496]
    «nwiz»=»nwiz.exe» — c:windowssystem32nwiz.exe [2009-02-09 1657376]

    [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
    «VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-03-23 132096]

    [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
    «IE7_011″=»shell32» [X]
    «ZZZZ2_FirstLogonSetting»=»advpack.dll» — c:windowssystem32advpack.dll [2008-12-19 124928]
    «IE7_012″=»advpack.dll» — c:windowssystem32advpack.dll [2008-12-19 124928]

    c:documents and settingsAll Usersѓ« ў­®Ґ ¬Ґ­оЏа®Ја ¬¬лЂўв®§ Јаг§Є 
    QuickTV.lnk — c:program filesAVerTVQuickTV.exe [2006-2-21 401408]

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
    «NoSMConfigurePrograms»= 1 (0x1)
    «NoSMHelp»= 1 (0x1)

    [HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
    «NoSMConfigurePrograms»= 1 (0x1)
    «NoSMHelp»= 1 (0x1)

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager]
    BootExecute REG_MULTI_SZ autocheck autochk *0OODBS

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
    @=»Driver»

    [HKLM~startupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^HP Digital Imaging Monitor.lnk]
    path=c:documents and settingsAll UsersГлавное менюПрограммыАвтозагрузкаHP Digital Imaging Monitor.lnk
    backup=c:windowspssHP Digital Imaging Monitor.lnkCommon Startup

    [HKLM~startupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Быстрый запуск HP Photosmart Premier.lnk]
    path=c:documents and settingsAll UsersГлавное менюПрограммыАвтозагрузкаБыстрый запуск HP Photosmart Premier.lnk
    backup=c:windowspssБыстрый запуск HP Photosmart Premier.lnkCommon Startup

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-]
    «Adobe Reader Speed Launcher»=»c:program filesAdobeReader 9.0ReaderReader_sl.exe»

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
    «FirewallOverride»=dword:00000001
    «UpdatesDisableNotify»=dword:00000001
    «UpdatesOverride»=dword:00000001
    «AntiVirusOverride»=dword:00000001

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
    «EnableFirewall»= 0 (0x0)

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
    «%windir%\Network Diagnostic\xpnetdiag.exe»=
    «%windir%\system32\sessmgr.exe»=

    R1 SandBox;SandBox;c:windowssystem32driversSandBox.sys [28.05.2009 14:39 704384]
    R1 VBoxDrv;VirtualBox Service;c:windowssystem32driversVBoxDrv.sys [13.05.2009 0:16 100560]
    R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:windowssystem32driversVBoxUSBMon.sys [12.05.2009 19:46 41744]
    R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:program filesCyberLinkPowerDVD8000.fcl [27.06.2008 16:50 61424]
    R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:program filesABBYY FineReader 9.0NetworkLicenseServer.exe [02.11.2007 18:58 566560]
    R2 acssrv;Agnitum Client Security Service;c:progra~1AgnitumOUTPOS~1acs.exe [28.05.2009 14:38 1605976]
    R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:windowssystem32TUProgSt.exe [17.06.2009 10:03 603904]
    R3 afw;Agnitum firewall driver;c:windowssystem32driversafw.sys [28.05.2009 14:38 31128]
    R3 afwcore;afwcore;c:windowssystem32driversafwcore.sys [28.05.2009 14:39 257432]
    R3 ASWFilt;ASWFilt;c:windowssystem32FiltASWFilt.dll [28.05.2009 14:39 33888]
    R3 PhTVTune;Cap7134 TVTuner;c:windowssystem32driversM15xTune.sys [12.05.2009 17:54 60704]
    R3 VBEngNT;VBEngNT;c:windowssystem32driversVBEngNT.sys [28.05.2009 14:39 1175256]
    R3 VBFilt;VBFilt;c:windowssystem32FiltVBFilt.dll [28.05.2009 14:39 234304]
    R3 VBoxNetFlt;VBoxNetFlt Service;c:windowssystem32driversVBoxNetFlt.sys [13.05.2009 0:16 87568]

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSvchost — NetSvcs
    UxTuneUp
    .
    Contents of the ‘Scheduled Tasks’ folder

    2009-06-18 c:windowsTasks1-Click Maintenance.job
    — c:program filesTuneUp Utilities 2009OneClickStarter.exe [2008-12-11 17:36]

    2009-06-17 c:windowsTasksWebReg Photosmart C5100 series.job
    — c:program filesHPDigital Imagingbinhpqwrg.exe [2006-02-19 01:09]

    2009-06-18 c:windowsTasksБыстрое решение проблем.job
    — c:program filesTuneUp Utilities 2009OneClickStarter.exe [2008-12-11 17:36]
    .
    — — — — ORPHANS REMOVED — — — —

    MSConfigStartUp-HDInspector — (no file)

    .

    Supplementary Scan

    .
    uStart Page = hxxp://xtreme.ws/
    IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
    IE: Закачать ВСЕ при помощи Download Master — c:program filesDownload Masterdmieall.htm
    IE: Закачать при помощи Download Master — c:program filesDownload Masterdmie.htm
    IE: Поиск@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/282
    IE: Словари@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/283
    IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
    IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — c:program filesDownload Masterdmaster.exe
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-06-18 13:18
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINESystemControlSet001Services{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
    «ImagePath»=»??c:program filesCyberLinkPowerDVD8000.fcl»
    .

    DLLs Loaded Under Running Processes


    — — — — — — — > ‘winlogon.exe'(640)
    c:windowssystem32SETUPAPI.dll
    c:windowssystem32cscui.dll

    — — — — — — — > ‘lsass.exe'(696)
    c:windowssystem32SETUPAPI.dll

    — — — — — — — > ‘explorer.exe'(3744)
    c:windowssystem32SHDOCVW.dll
    c:windowssystem32COMRes.dll
    c:windowsSystem32cscui.dll
    c:program filesPunto Switcherpshook.dll
    c:windowssystem32msi.dll
    c:windowssystem32SETUPAPI.dll
    c:windowssystem32credui.dll
    c:windowssystem32MSVCP60.dll
    c:windowssystem32wpdshserviceobj.dll
    c:program filesNokiaNokia PC Suite 7PhoneBrowser.dll
    c:program filesNokiaNokia PC Suite 7NGSCM.DLL
    c:program filesNokiaNokia PC Suite 7LangPhoneBrowser_rus.nlr
    c:program filesNokiaNokia PC Suite 7ResourcePhoneBrowser_Nokia.ngr
    c:windowssystem32portabledevicetypes.dll
    c:windowssystem32portabledeviceapi.dll
    .

    Other Running Processes

    .
    c:program filesJavajre6binjqs.exe
    c:program filesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
    c:program filesNeroNero8Nero BackItUpNBService.exe
    c:windowssystem32nvsvc32.exe
    c:windowssystem32oodag.exe
    c:windowssystem32HPZipm12.exe
    c:program filesCyberLinkShared filesRichVideo.exe
    c:program filesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
    c:windowssystem32rundll32.exe
    c:program filesAgnitumOutpost Security Suite Proop_mon.exe
    c:program filesCommon FilesNeroLibNMIndexingService.exe
    c:program filesPC Connectivity SolutionServiceLayer.exe
    c:program filesPC Connectivity SolutionTransportsNclUSBSrv.exe
    c:program filesPC Connectivity SolutionTransportsNclRSSrv.exe
    c:windowssystem32WudfHost.exe
    c:windowssystem32wbemwmiapsrv.exe
    .
    **************************************************************************
    .
    Completion time: 2009-06-18 13:20 — machine was rebooted
    ComboFix-quarantined-files.txt 2009-06-18 09:20

    Pre-Run: 98 732 158 976 байт свободно
    Post-Run: 98 636 742 656 байт свободно

    327

    15 июня, 2009 в 9:10 пп в ответ на: зависание системы (правая клавиша мышки) #24376
    kyud
    Participant
    • Темы:1
    • Сообщений:7
    • ☆

    Valeri, спасибо что ответили!
    Сделал все как вы сказали,вставляю лог.
    Logfile of random’s system information tool 1.06 (written by random/random)
    Run by Admin at 2009-06-16 00:59:27
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 89 GB (87%) free of 103 GB
    Total RAM: 1023 MB (44% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 0:59:44, on 16.06.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20935)
    Boot mode: Normal

    Running processes:
    C:WINDOWSSystem32smss.exe
    C:WINDOWSsystem32winlogon.exe
    C:WINDOWSsystem32services.exe
    C:WINDOWSsystem32lsass.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32svchost.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSsystem32spoolsv.exe
    C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe
    C:Program FilesJavajre6binjqs.exe
    C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
    C:Program FilesNeroNero8Nero BackItUpNBService.exe
    C:WINDOWSsystem32nvsvc32.exe
    C:WINDOWSsystem32oodag.exe
    C:WINDOWSsystem32IoctlSvc.exe
    C:WINDOWSsystem32HPZipm12.exe
    C:Program FilesCyberLinkShared filesRichVideo.exe
    C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
    C:WINDOWSsystem32svchost.exe
    C:Program FilesAnalog DevicesCoresmax4pnp.exe
    C:Program FilesAnalog DevicesSoundMAXSmax4.exe
    C:WINDOWSsystem32RUNDLL32.EXE
    C:Program FilesJavajre6binjusched.exe
    C:Program FilesMail.RuAgentMAgent.exe
    C:WINDOWSsystem32oodtray.exe
    C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
    C:Program FilesCyberlinkShared Filesbrs.exe
    C:Program FilesVistaDriveIconVistaDrv.exe
    C:Program FilesPunto Switcherpunto.exe
    C:WINDOWSsystem32ctfmon.exe
    C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
    C:Program FilesAVerTVQuickTV.exe
    C:Program FilesCommon FilesNeroLibNMIndexingService.exe
    C:Program FilesPC Connectivity SolutionServiceLayer.exe
    C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
    C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
    C:WINDOWSsystem32wbemwmiapsrv.exe
    C:WINDOWSexplorer.exe
    C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
    C:Program FilesNokiaNokia PC Suite 7OneTouchAccess.exe
    C:Program FilesOperaopera.exe
    C:Documents and SettingsAdminРабочий столRSIT.exe
    C:Program FilesTrend MicroHijackThisAdmin.exe

    R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
    R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
    R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
    R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
    O2 — BHO: SnagIt Toolbar Loader — {00C6482D-C502-44C8-8409-FCE54AD9C208} — C:Program FilesTechSmithSnagit 9SnagitBHO.dll
    O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
    O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMailRuSputnik.dll
    O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
    O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
    O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
    O3 — Toolbar: Snagit — {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — C:Program FilesTechSmithSnagit 9SnagitIEAddin.dll
    O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
    O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe
    O4 — HKLM..Run: [SoundMAX] «C:Program FilesAnalog DevicesSoundMAXSmax4.exe» /tray
    O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
    O4 — HKLM..Run: [nwiz] nwiz.exe /install
    O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
    O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
    O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
    O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
    O4 — HKLM..Run: [OODefragTray] C:WINDOWSsystem32oodtray.exe
    O4 — HKLM..Run: [RemoteControl8] «C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe»
    O4 — HKLM..Run: [PDVD8LanguageShortcut] «C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe»
    O4 — HKLM..Run: [BDRegion] C:Program FilesCyberlinkShared Filesbrs.exe
    O4 — HKLM..Run: [OutpostMonitor] C:PROGRA~1AgnitumOUTPOS~1op_mon.exe /tray /noservice
    O4 — HKLM..Run: [OutpostFeedBack] «C:Program FilesAgnitumOutpost Security Suite Profeedback.exe» /dump:os_startup
    O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
    O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
    O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    O4 — HKCU..Run: [PC Suite Tray] «C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
    O4 — HKCU..Run: [AlcoholAutomount] «C:Program FilesAlcohol SoftAlcohol 120axcmd.exe» /automount
    O4 — HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe» ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,OnceFirstLogonInstall,0 (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
    O4 — HKUSS-1-5-20..RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,OnceFirstLogonInstall,0 (User ‘NETWORK SERVICE’)
    O4 — HKUSS-1-5-18..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘SYSTEM’)
    O4 — HKUS.DEFAULT..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘Default user’)
    O4 — HKUS.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘Default user’)
    O4 — Global Startup: QuickTV.lnk = C:Program FilesAVerTVQuickTV.exe
    O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
    O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
    O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
    O8 — Extra context menu item: Поиск@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/282
    O8 — Extra context menu item: Словари@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/283
    O9 — Extra button: Быстрая настройка Outpost Security Suite Pro — {44627E97-789B-40d4-B5C2-58BD171129A1} — C:Program FilesAgnitumOutpost Security Suite Proie_bar.dll
    O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
    O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
    O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
    O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
    O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
    O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O17 — HKLMSystemCCSServicesTcpip..{C4A8DA9D-27B0-4108-99B2-6C6055E662A4}: NameServer = 10.17.128.1 217.66.145.1
    O20 — AppInit_DLLs: c:progra~1agnitumoutpos~1wl_hook.dll
    O23 — Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) — ABBYY (BIT Software) — C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe
    O23 — Service: Agnitum Client Security Service (acssrv) — Agnitum Ltd. — C:PROGRA~1AgnitumOUTPOS~1acs.exe
    O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: HP Port Resolver — Hewlett-Packard Company — C:WINDOWSsystem32spooldriversw32x863HPBPRO.EXE
    O23 — Service: HP Status Server — Hewlett-Packard Company — C:WINDOWSsystem32spooldriversw32x863HPBOID.EXE
    O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
    O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
    O23 — Service: Nero BackItUp Scheduler 3 — Nero AG — C:Program FilesNeroNero8Nero BackItUpNBService.exe
    O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
    O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
    O23 — Service: O&O Defrag — O&O Software GmbH — C:WINDOWSsystem32oodag.exe
    O23 — Service: PLFlash DeviceIoControl Service — Prolific Technology Inc. — C:WINDOWSsystem32IoctlSvc.exe
    O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Pml Driver HPZ12 — HP — C:WINDOWSsystem32HPZipm12.exe
    O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:Program FilesCyberLinkShared filesRichVideo.exe
    O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
    O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
    O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
    O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
    O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
    O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

    —
    End of file — 11858 bytes

    ======Scheduled tasks folder======

    C:WINDOWStasksWebReg Photosmart C5100 series.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    SnagIt Toolbar Loader — C:Program FilesTechSmithSnagit 9SnagitBHO.dll [2009-01-22 68936]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
    MailRuBHO Class — c:program filesmail.rusputnikMailRuSputnik.dll [2009-05-16 680624]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
    IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-13 35840]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-05-13 73728]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — Snagit — C:Program FilesTechSmithSnagit 9SnagitIEAddin.dll [2009-01-22 211272]
    {09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll [2009-05-16 680624]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    «SoundMAXPnP»=C:Program FilesAnalog DevicesCoresmax4pnp.exe [2005-05-20 925696]
    «SoundMAX»=C:Program FilesAnalog DevicesSoundMAXSmax4.exe [2005-09-07 716800]
    «NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2009-02-09 13680640]
    «nwiz»=nwiz.exe /install []
    «NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2009-02-09 86016]
    «SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-13 148888]
    «Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2009-02-27 35696]
    «MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-05-16 6210744]
    «OODefragTray»=C:WINDOWSsystem32oodtray.exe [2009-02-25 2553088]
    «RemoteControl8″=C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe [2008-03-20 83240]
    «PDVD8LanguageShortcut»=C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe [2007-12-14 50472]
    «BDRegion»=C:Program FilesCyberlinkShared Filesbrs.exe [2008-06-27 91432]
    «OutpostMonitor»=C:PROGRA~1AgnitumOUTPOS~1op_mon.exe [2009-04-15 1289048]
    «OutpostFeedBack»=C:Program FilesAgnitumOutpost Security Suite Profeedback.exe [2009-04-14 433496]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    «VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-03-23 132096]
    «Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-30 734504]
    «ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-12-19 37376]
    «PC Suite Tray»=C:Program FilesNokiaNokia PC Suite 7PCSuite.exe [2009-03-20 1312256]
    «AlcoholAutomount»=C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2008-09-02 205256]
    «IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe [2008-12-12 1840424]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHDInspector.exe]
    []

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHP Software Update]
    C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2006-02-19 49152]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNBKeyScan]
    C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe [2008-12-02 2221352]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
    C:Program FilesCommon FilesNeroLibNeroCheck.exe [2008-11-06 570664]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^HP Digital Imaging Monitor.lnk]
    C:PROGRA~1HPDIGITA~1binhpqtra08.exe [2006-02-19 288472]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Быстрый запуск HP Photosmart Premier.lnk]
    C:PROGRA~1HPDIGITA~1binhpqthb08.exe [2006-02-10 73728]

    C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
    QuickTV.lnk — C:Program FilesAVerTVQuickTV.exe

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
    «AppInit_DLLS»=»c:progra~1agnitumoutpos~1wl_hook.dll»

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
    WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2007-06-18 133632]

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    «dontdisplaylastusername»=0
    «legalnoticecaption»=
    «legalnoticetext»=
    «shutdownwithoutlogon»=1
    «undockwithoutlogon»=1

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveTypeAutoRun»=145
    «NoSMConfigurePrograms»=1
    «NoSMHelp»=1

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{048d95f6-58b5-11de-8fe5-af55cdc9ec09}]
    shellAutocommand — RavMonE.exe e
    shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
    shellexplorecommand — RavMonE.exe e
    shellopencommand — RavMonE.exe e

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b84682a8-451f-11de-8f99-9b7c5d7362b1}]
    shellAutoRuncommand — K:Programsnu2menunu2menu.exe

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bd79c2d9-3f10-11de-8a4c-806d6172696f}]
    shellPlayWithPowerDVD8command — «C:Program FilesCyberLinkPowerDVD8PowerDVD8.exe» «%L»

    ======List of files/folders created in the last 1 months======

    2009-06-15 13:39:37 —-A—- C:audiodec.txt
    2009-06-14 01:32:25 —-D—- C:rsit
    2009-06-14 01:32:25 —-D—- C:Program Filestrend micro
    2009-06-12 15:34:11 —-D—- C:Documents and SettingsAll UsersApplication DataCrystalIdea Software
    2009-06-11 10:19:38 —-A—- C:WINDOWSntbtlog.txt
    2009-06-07 16:32:49 —-D—- C:WINDOWSsystem32appmgmt
    2009-06-07 16:25:29 —-D—- C:Documents and SettingsAdminApplication DataBinarySense
    2009-06-07 16:25:20 —-D—- C:Program FilesCommon FilesBinarySense
    2009-06-07 16:25:20 —-D—- C:Program FilesBinarySense
    2009-06-07 14:31:07 —-D—- C:Documents and SettingsAdminApplication DataLavasoft
    2009-06-07 09:41:09 —-A—- C:WINDOWSModemLog_Nokia N73 USB Modem #3.txt
    2009-05-28 14:38:48 —-D—- C:WINDOWSsystem32Filt
    2009-05-28 14:38:48 —-D—- C:Program FilesAgnitum
    2009-05-28 14:38:48 —-D—- C:Documents and SettingsAdminApplication DataAgnitum
    2009-05-28 14:38:12 —-D—- C:Documents and SettingsAll UsersApplication DataAgnitum
    2009-05-27 19:41:37 —-D—- C:Program FilesAshampoo
    2009-05-20 19:03:29 —-A—- C:WINDOWSModemLog_Nokia N73 USB Modem #2.txt
    2009-05-20 18:51:57 —-D—- C:bin
    2009-05-20 18:50:47 —-D—- C:Program FilesCommon FilesSonic Shared
    2009-05-20 18:49:10 —-D—- C:Program FilesCommon FilesHP
    2009-05-20 18:47:15 —-D—- C:Program FilesHewlett-Packard
    2009-05-20 18:19:58 —-D—- C:Documents and SettingsAdminApplication DataHP
    2009-05-18 09:16:55 —-D—- C:Program FilesAlwil Software
    2009-05-18 07:52:17 —-A—- C:WINDOWSModemLog_Nokia N73 USB Modem.txt
    2009-05-18 07:51:35 —-D—- C:WINDOWSsystem32LogFiles
    2009-05-18 07:51:33 —-N—- C:WINDOWSsystem32spmsg.dll
    2009-05-18 07:51:30 —-HDC—- C:WINDOWS$NtUninstallWudf01005$
    2009-05-18 07:49:56 —-SHD—- C:WINDOWSftpcache
    2009-05-18 07:48:12 —-D—- C:WINDOWSDownloaded Installations
    2009-05-18 07:44:34 —-N—- C:WINDOWSsystem32spmsgXP_2k3.dll
    2009-05-18 07:44:32 —-HDC—- C:WINDOWS$NtUninstallWdf01007$
    2009-05-18 00:53:31 —-A—- C:WINDOWSNeroDigital.ini
    2009-05-17 22:44:40 —-A—- C:WINDOWSsystem32hpz3l054.dll
    2009-05-17 16:39:44 —-D—- C:Documents and SettingsAdminApplication Datafoobar2000
    2009-05-17 16:39:36 —-D—- C:Program Filesfoobar2000
    2009-05-17 16:19:06 —-D—- C:Program FilesDVD Shrink
    2009-05-17 16:06:53 —-D—- C:Program FilesCommon FilesCyberLink
    2009-05-17 16:05:50 —-A—- C:WINDOWSsystem32msxml3a.dll
    2009-05-17 15:06:51 —-D—- C:Documents and SettingsAdminApplication DataCyberLink
    2009-05-17 15:04:54 —-D—- C:Documents and SettingsAll UsersApplication DataCyberLink
    2009-05-17 15:02:51 —-D—- C:Program FilesCyberLink
    2009-05-17 14:25:16 —-D—- C:Documents and SettingsAdminApplication DataPRMT
    2009-05-17 14:18:03 —-D—- C:WINDOWSspeech
    2009-05-17 14:15:03 —-D—- C:WINDOWSLhsp
    2009-05-17 14:15:03 —-D—- C:Program FilesPRMT8
    2009-05-17 14:15:03 —-D—- C:Documents and SettingsAll UsersApplication DataPRMT
    2009-05-17 14:09:40 —-D—- C:Program FilesMSBuild
    2009-05-17 14:07:18 —-D—- C:WINDOWSsystem32XPSViewer
    2009-05-17 14:07:16 —-D—- C:WINDOWSsystem32en-us
    2009-05-17 14:06:42 —-D—- C:Program FilesReference Assemblies
    2009-05-17 14:06:24 —-N—- C:WINDOWSsystem32spmsg2.dll
    2009-05-17 14:06:24 —-A—- C:WINDOWSsystem32spupdsvc.exe
    2009-05-17 13:55:46 —-D—- C:Program FilesKC Softwares
    2009-05-17 12:09:50 —-D—- C:Documents and SettingsAdminApplication DataNero
    2009-05-17 12:09:23 —-A—- C:WINDOWSsystem32MsiExec.exe.log
    2009-05-17 12:06:59 —-D—- C:Program FilesNero
    2009-05-17 12:06:59 —-D—- C:Program FilesCommon FilesNero
    2009-05-17 12:06:59 —-D—- C:Documents and SettingsAll UsersApplication DataNero
    2009-05-17 11:46:20 —-D—- C:Documents and SettingsAdminApplication DataABBYY
    2009-05-17 11:41:24 —-D—- C:Program FilesABBYY FineReader 9.0
    2009-05-17 11:41:24 —-D—- C:Documents and SettingsAll UsersApplication DataABBYY
    2009-05-17 11:39:13 —-D—- C:temp
    2009-05-17 09:58:57 —-D—- C:Documents and SettingsAdminApplication DataAltrixSoft
    2009-05-17 09:54:50 —-D—- C:Documents and SettingsAll UsersApplication DataDVD Shrink
    2009-05-17 09:51:09 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
    2009-05-17 09:51:02 —-D—- C:Documents and SettingsAll UsersApplication DataEasy CD-DA Extractor
    2009-05-17 09:50:54 —-D—- C:WINDOWSEasy CD-DA Extractor 12
    2009-05-17 09:50:54 —-D—- C:Program FilesEasy CD-DA Extractor 12
    2009-05-17 09:42:17 —-D—- C:Program FilesWinAVI Video Converter
    2009-05-17 09:28:58 —-D—- C:Documents and SettingsAdminApplication DataSkype
    2009-05-17 01:17:33 —-D—- C:Documents and SettingsAdminApplication DataXnView
    2009-05-17 01:16:44 —-D—- C:Program FilesXnView

    ======List of files/folders modified in the last 1 months======

    2009-06-15 20:44:54 —-D—- C:WINDOWSTemp
    2009-06-15 18:18:23 —-D—- C:WINDOWSPrefetch
    2009-06-15 13:12:56 —-D—- C:WINDOWS
    2009-06-15 12:55:55 —-D—- C:WINDOWSsystem32CatRoot2
    2009-06-15 12:45:22 —-A—- C:WINDOWSAVerTV.ini
    2009-06-15 12:43:00 —-A—- C:WINDOWSSchedLgU.Txt
    2009-06-14 15:39:56 —-D—- C:WINDOWSsystem32ShellExt
    2009-06-14 01:32:25 —-AD—- C:Program Files
    2009-06-12 15:34:19 —-D—- C:WINDOWSsystem32
    2009-06-12 11:59:44 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
    2009-06-12 11:13:16 —-D—- C:Program FilesAVerTV
    2009-06-11 08:48:55 —-D—- C:Documents and SettingsAdminApplication DatauTorrent
    2009-06-10 18:54:07 —-SD—- C:WINDOWSTasks
    2009-06-10 16:58:23 —-D—- C:WINDOWSRegistration
    2009-06-10 07:44:08 —-HD—- C:WINDOWSinf
    2009-06-10 00:23:09 —-D—- C:WINDOWSsystem32drivers
    2009-06-08 23:15:50 —-HD—- C:Config.Msi
    2009-06-08 23:15:50 —-D—- C:Program FilesCommon FilesWise Installation Wizard
    2009-06-08 23:15:49 —-SHD—- C:WINDOWSInstaller
    2009-06-08 23:02:48 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
    2009-06-07 16:25:20 —-AD—- C:Program FilesCommon Files
    2009-06-07 14:28:55 —-SD—- C:Documents and SettingsAdminApplication DataMicrosoft
    2009-06-06 01:52:42 —-A—- C:WINDOWSIE4 Error Log.txt
    2009-06-05 00:39:41 —-D—- C:Documents and SettingsAdminApplication DataPC Suite
    2009-05-29 07:20:00 —-D—- C:WINDOWSsystem32CPLDAPU
    2009-05-28 23:23:55 —-SHD—- C:RECYCLER
    2009-05-28 20:58:07 —-D—- C:WINDOWSsystem32config
    2009-05-28 14:39:13 —-D—- C:WINDOWSsystem32CatRoot
    2009-05-28 14:39:04 —-D—- C:WINDOWSWinSxS
    2009-05-25 07:33:50 —-D—- C:Documents and SettingsAdminApplication DataWinRAR
    2009-05-25 07:32:05 —-D—- C:Program FilesWinRAR
    2009-05-21 07:38:31 —-SH—- C:boot.ini
    2009-05-21 07:38:31 —-A—- C:WINDOWSwin.ini
    2009-05-21 07:38:31 —-A—- C:WINDOWSsystem.ini
    2009-05-20 18:53:10 —-D—- C:Program FilesHP
    2009-05-20 18:52:07 —-RSD—- C:WINDOWSassembly
    2009-05-20 18:50:44 —-RSD—- C:WINDOWSFonts
    2009-05-20 18:47:18 —-D—- C:WINDOWStwain_32
    2009-05-18 07:50:48 —-D—- C:Documents and SettingsAdminApplication DataNokia
    2009-05-18 07:50:47 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
    2009-05-18 07:49:34 —-D—- C:Program FilesNokia
    2009-05-18 07:49:07 —-D—- C:Program FilesWindows Media Player
    2009-05-18 07:44:44 —-A—- C:WINDOWSimsins.BAK
    2009-05-17 16:06:53 —-HD—- C:Program FilesInstallShield Installation Information
    2009-05-17 16:05:25 —-A—- C:WINDOWSsystem32msxml3r.dll
    2009-05-17 14:45:07 —-D—- C:WINDOWSMicrosoft.NET
    2009-05-17 14:17:29 —-D—- C:WINDOWSmsagent
    2009-05-17 14:17:29 —-D—- C:WINDOWSHelp
    2009-05-17 14:14:15 —-AD—- C:Program FilesCommon FilesMicrosoft Shared
    2009-05-17 14:06:30 —-D—- C:WINDOWSsystem32spool
    2009-05-17 14:06:26 —-RSHDC—- C:WINDOWSsystem32dllcache
    2009-05-17 13:57:17 —-D—- C:Program FilesCommon FilesAdobe
    2009-05-17 12:06:54 —-D—- C:WINDOWSCursors

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Amfilter;A4Tech Mouse Filter Driver; C:WINDOWSsystem32DRIVERSAmfilter.sys [2007-05-15 9216]
    R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
    R1 SandBox;SandBox; ??C:WINDOWSsystem32driversSandBox.sys []
    R1 VBoxDrv;VirtualBox Service; C:WINDOWSsystem32DRIVERSVBoxDrv.sys [2009-02-16 100560]
    R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:WINDOWSsystem32DRIVERSVBoxUSBMon.sys [2009-02-16 41744]
    R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; ??C:Program FilesCyberLinkPowerDVD800.fcl []
    R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-10-11 62848]
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversADIHdAud.sys [2005-09-15 141312]
    R3 AEAudioService;AEAudio Service; C:WINDOWSsystem32driversAEAudio.sys [2005-03-04 127872]
    R3 afw;Agnitum firewall driver; C:WINDOWSsystem32DRIVERSafw.sys [2009-02-18 31128]
    R3 afwcore;afwcore; C:WINDOWSsystem32driversafwcore.sys [2009-02-10 257432]
    R3 ASWFilt;ASWFilt; ??C:WINDOWSsystem32FiltASWFilt.dll []
    R3 Cap7134;Cap7134 Capture; C:WINDOWSsystem32DRIVERSAVerM15x.sys [2009-05-12 409120]
    R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
    R3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversccdcmb.sys [2009-02-09 17664]
    R3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversccdcmbo.sys [2009-02-09 22016]
    R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2009-02-09 6307328]
    R3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
    R3 pcouffin;VSO Software pcouffin; C:WINDOWSSystem32Driverspcouffin.sys [2009-05-13 47360]
    R3 PhTVTune;Cap7134 TVTuner; C:WINDOWSsystem32DRIVERSM15xTune.sys [2009-05-12 60704]
    R3 SenFiltService;SenFilt Service; C:WINDOWSsystem32driversSenfilt.sys [2005-08-11 393088]
    R3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2009-02-09 7808]
    R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
    R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
    R3 usbser;USB Modem Driver; C:WINDOWSsystem32driversusbser.sys [2008-04-14 26112]
    R3 UsbserFilt;UsbserFilt; C:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2009-02-09 7808]
    R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
    R3 VBEngNT;VBEngNT; ??C:WINDOWSsystem32driversVBEngNT.sys []
    R3 VBFilt;VBFilt; ??C:WINDOWSsystem32FiltVBFilt.dll []
    R3 VBoxNetFlt;VBoxNetFlt Service; C:WINDOWSsystem32DRIVERSVBoxNetFlt.sys [2009-02-16 87568]
    R3 Wdf01000;Kernel Mode Driver Frameworks service; C:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]
    R3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-15 82688]
    S3 a3kb87qc;a3kb87qc; C:WINDOWSsystem32driversa3kb87qc.sys []
    S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:WINDOWSsystem32DRIVERSAmusbprt.sys [2007-05-15 14336]
    S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
    S3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:WINDOWSsystem32DRIVERSe1000325.sys [2004-11-22 176128]
    S3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2006-04-13 49664]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2006-04-13 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2006-04-13 21568]
    S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
    S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
    S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
    S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
    S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
    S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
    S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
    S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
    S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
    S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe [2007-11-02 566560]
    R2 acssrv;Agnitum Client Security Service; C:PROGRA~1AgnitumOUTPOS~1acs.exe [2009-04-14 1605976]
    R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-05-13 152984]
    R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-19 322120]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2008-12-02 877864]
    R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2009-02-09 163908]
    R2 O&O Defrag;O&O Defrag; C:WINDOWSsystem32oodag.exe [2009-02-25 1352960]
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:WINDOWSsystem32IoctlSvc.exe [2006-12-19 81920]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSsystem32HPZipm12.exe [2006-03-03 69632]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:Program FilesCyberLinkShared filesRichVideo.exe [2007-02-07 173616]
    R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
    R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
    R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2008-12-12 537896]
    R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2009-03-04 621056]
    S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2006-10-20 36864]
    S3 HP Port Resolver;HP Port Resolver; C:WINDOWSsystem32spooldriversw32x863HPBPRO.EXE [2005-05-20 81920]
    S3 HP Status Server;HP Status Server; C:WINDOWSsystem32spooldriversw32x863HPBOID.EXE [2004-10-16 73728]
    S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2006-10-30 741376]
    S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2006-10-30 122880]

    EOF

  • Автор
    Сообщения
Просмотр 6 сообщений - с 1 по 6 (из 6 всего)

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Важные инструкции

Как удалить всплывающие окна
Сброс настроек Firefox
Как сбросить настройки Firefox (Инструкция)
Убрать рекламу в браузере (Chrome, Firefox, Opera, Yandex)
Удалить всплывающие окна, рекламу, уведомления в Chrome
Какой лучший антивирус ? Как выбрать антивирус ?

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)