Re: Re: не работают диспетчер задач и редактор реестра и т.д

[klara]

пишет что и файл слишком большой
буду делить
OTListIt logfile created on: 31.05.2009 23:27:29 — Run 1
OTListIt2 by OldTimer — Version 2.0.15.8 Folder = C:Documents and SettingsAdminРабочий столЗагрузки
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

1023,48 Mb Total Physical Memory | 485,66 Mb Available Physical Memory | 47,45% Memory free
2,41 Gb Paging File | 1,99 Gb Available in Paging File | 82,66% Paging File free
Paging file location(s): C:pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 30,01 Gb Total Space | 20,04 Gb Free Space | 66,79% Space Free | Partition Type: NTFS
Drive D: | 30,01 Gb Total Space | 29,91 Gb Free Space | 99,68% Space Free | Partition Type: NTFS
Drive E: | 89,04 Gb Total Space | 86,00 Gb Free Space | 96,59% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICROSOF-D884A0
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC — [2008.04.15 16:00:00 | 00,050,688 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32smss.exe
PRC — [2008.06.21 08:27:07 | 00,509,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32winlogon.exe
PRC — [2009.02.09 15:18:41 | 00,111,104 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe
PRC — [2008.06.21 08:47:25 | 01,721,344 | —- | M] (Корпорация Майкрософт) — C:WINDOWSExplorer.EXE
PRC — [2008.04.15 16:00:00 | 00,033,280 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32RUNDLL32.EXE
PRC — [2008.04.10 18:52:10 | 16,861,184 | —- | M] (Realtek Semiconductor Corp.) — C:WINDOWSRTHDCPL.EXE
PRC — [2009.05.07 02:42:41 | 06,210,744 | —- | M] (Mail.Ru) — C:Program FilesMail.RuAgentMAgent.exe
PRC — [2006.12.10 21:52:38 | 00,049,152 | —- | M] (Hewlett-Packard Co.) — C:Program FilesHPHP Software UpdateHPWuSchd2.exe
PRC — [2008.04.15 16:00:00 | 00,033,280 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32rundll32.exe
PRC — [2009.03.19 11:44:28 | 02,029,640 | —- | M] (ESET) — C:Program FilesESETESET NOD32 Antivirusegui.exe
PRC — [2008.01.02 14:52:02 | 00,132,096 | —- | M] () — C:Program FilesVistaDriveIconVistaDrv.exe
PRC — [2008.05.05 14:20:28 | 00,255,600 | —- | M] (Auslogics) — C:Program FilesAuslogicsAusLogics BoostSpeedboostspeed.exe
PRC — [2007.11.14 15:46:02 | 00,201,728 | —- | M] (Punto.Ru) — C:Program FilesPunto Switcherps.exe
PRC — [2007.01.02 21:40:10 | 00,210,520 | —- | M] (Hewlett-Packard Co.) — C:Program FilesHPDigital Imagingbinhpqtra08.exe
PRC — [2009.03.19 11:44:50 | 00,731,840 | —- | M] (ESET) — C:Program FilesESETESET NOD32 Antivirusekrn.exe
PRC — [2003.06.19 23:25:00 | 00,322,120 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
PRC — [2007.12.05 05:41:00 | 00,155,716 | —- | M] (NVIDIA Corporation) — C:WINDOWSsystem32nvsvc32.exe
PRC — [2006.12.10 21:51:08 | 00,271,960 | —- | M] (Hewlett-Packard Co.) — C:Program FilesHPDigital ImagingbinhpqSTE08.exe
PRC — [2009.05.08 16:51:18 | 00,307,704 | —- | M] (Mozilla Corporation) — C:Program FilesMozilla Firefoxfirefox.exe
PRC — [2009.05.31 23:26:39 | 00,501,248 | —- | M] (OldTimer Tools) — C:Documents and SettingsAdminРабочий столЗагрузкиOTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV — [2008.02.26 11:10:14 | 01,176,904 | —- | M] (Agnitum Ltd.) — C:Program FilesAgnitumOutpost Firewall Proacs.exe — (acssrv [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,171,008 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32appmgmts.dll — (AppMgmt [On_Demand | Stopped])
SRV — [2007.10.24 03:47:22 | 00,033,800 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe — (aspnet_state [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,409,088 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32qmgr.dll — (BITS [On_Demand | Stopped])
SRV — [2007.10.24 03:47:40 | 00,070,144 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dhcpcsvc.dll — (Dhcp [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,024,064 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dmserver.dll — (dmserver [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,045,568 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dnsrslvr.dll — (Dnscache [Auto | Running])
SRV — [2009.03.19 11:48:08 | 00,020,680 | —- | M] (ESET) — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe — (EhttpSrv [On_Demand | Stopped])
SRV — [2009.03.19 11:44:50 | 00,731,840 | —- | M] (ESET) — C:Program FilesESETESET NOD32 Antivirusekrn.exe — (ekrn [Auto | Running])
SRV — [2009.02.09 15:18:41 | 00,111,104 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe — (Eventlog [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (FastUserSwitchingCompatibility [On_Demand | Running])
SRV — [2008.04.15 16:00:00 | 00,038,400 | —- | M] (Microsoft Corporation) — C:WINDOWSPCHealthHelpCtrBinariespchsvc.dll — (helpsvc [Auto | Running])
SRV — [2007.01.19 23:44:40 | 00,225,280 | —- | M] (Hewlett-Packard Co.) — C:Program FilesHPDigital Imagingbinhpqcxs08.dll — (hpqcxs08 [On_Demand | Running])
SRV — [2007.01.19 23:44:40 | 00,131,072 | —- | M] (Hewlett-Packard Co.) — C:Program FilesHPDigital Imagingbinhpqddsvc.dll — (hpqddsvc [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,150,528 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32imapi.exe — (ImapiService [On_Demand | Stopped])
SRV — [2003.06.19 23:25:00 | 00,322,120 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE — (MDM [Auto | Running])
SRV — [2006.11.08 16:35:36 | 00,043,520 | —- | M] (Hewlett-Packard) — C:WINDOWSsystem32HPZinw12.dll — (Net Driver HPZ12 [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32netdde.exe — (NetDDE [Disabled | Stopped])
SRV — [2008.04.15 16:00:00 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32netdde.exe — (NetDDEdsdm [Disabled | Stopped])
SRV — [2008.04.15 16:00:00 | 00,198,144 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32netman.dll — (Netman [On_Demand | Running])
SRV — [2008.06.20 21:48:23 | 00,247,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32mswsock.dll — (Nla [On_Demand | Running])
SRV — [2008.04.15 16:00:00 | 00,436,736 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32ntmssvc.dll — (NtmsSvc [On_Demand | Stopped])
SRV — [2007.12.05 05:41:00 | 00,155,716 | —- | M] (NVIDIA Corporation) — C:WINDOWSsystem32nvsvc32.exe — (NVSvc [Auto | Running])
SRV — [2003.07.28 20:28:22 | 00,089,136 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
SRV — [2009.02.09 15:18:41 | 00,111,104 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe — (PlugPlay [Auto | Running])
SRV — [2006.11.08 16:35:38 | 00,053,248 | —- | M] (Hewlett-Packard) — C:WINDOWSsystem32HPZipm12.dll — (Pml Driver HPZ12 [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,141,824 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32sessmgr.exe — (RDSessMgr [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,096,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32SCardSvr.exe — (SCardSvr [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,193,024 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32schedsvc.dll — (Schedule [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,018,944 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32seclogon.dll — (seclogon [Auto | Running])
SRV — [2008.06.21 08:26:58 | 00,330,752 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32ipnathlp.dll — (SharedAccess [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (ShellHWDetection [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,171,008 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32srsvc.dll — (srservice [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,333,824 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32wiaservc.dll — (stisvc [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,091,648 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32smlogsvc.exe — (SysmonLog [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,249,856 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32tapisrv.dll — (TapiSrv [On_Demand | Running])
SRV — [2008.04.15 16:00:00 | 00,295,936 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32termsrv.dll — (TermService [On_Demand | Running])
SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (Themes [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,073,216 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32tlntsvr.exe — (TlntSvr [Disabled | Stopped])
SRV — [2008.04.15 16:00:00 | 00,186,368 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32upnphost.dll — (upnphost [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,290,304 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32vssvc.exe — (VSS [On_Demand | Stopped])
SRV — [2008.06.21 08:26:51 | 00,175,616 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32w32time.dll — (W32Time [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,145,408 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32wbemWMIsvc.dll — (winmgmt [Auto | Running])
SRV — [2009.02.10 19:27:08 | 00,687,616 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32advapi32.dll — (Wmi [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32wbemwmiapsrv.exe — (WmiApSrv [On_Demand | Stopped])
SRV — [2006.10.18 21:05:24 | 00,913,408 | —- | M] (Microsoft Corporation) — C:Program FilesWindows Media Playerwmpnetwk.exe — (WMPNetworkSvc [On_Demand | Stopped])
SRV — [2008.06.21 08:35:21 | 00,483,328 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wzcsvc.dll — (WZCSVC [Auto | Running])

========== Driver Services (SafeList) ==========

DRV — [2008.04.15 16:00:00 | 00,188,288 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSACPI.sys — (ACPI [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,011,776 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversacpiec.sys — (ACPIEC [Disabled | Stopped])
DRV — [2008.02.21 16:22:00 | 00,206,224 | —- | M] (Agnitum Ltd.) — C:WINDOWSsystem32DRIVERSafw.sys — (afw [On_Demand | Running])
DRV — [2008.02.06 17:22:10 | 00,033,024 | —- | M] (Agnitum Ltd.) — C:WINDOWSsystem32FiltASWFilt.dll — (ASWFilt [On_Demand | Stopped])
DRV — [2008.06.14 21:40:32 | 00,272,512 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DriversBTHport.sys — (BTHPORT [On_Demand | Stopped])
DRV — [2009.03.19 11:41:38 | 00,113,960 | —- | M] (ESET) — C:WINDOWSsystem32DRIVERSeamon.sys — (eamon [Auto | Running])
DRV — [2009.03.19 11:44:34 | 00,107,256 | —- | M] (ESET) — C:WINDOWSsystem32DRIVERSehdrv.sys — (ehdrv [System | Running])
DRV — [2009.03.19 11:45:38 | 00,093,848 | —- | M] (ESET) — C:WINDOWSsystem32DRIVERSepfwtdir.sys — (epfwtdir [System | Running])
DRV — [2008.04.15 16:00:00 | 00,044,544 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversfips.sys — (Fips [System | Running])
DRV — [2008.04.15 16:00:00 | 00,125,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSftdisk.sys — (Ftdisk [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,144,384 | —- | M] (Windows (R) Server 2003 DDK provider) — C:WINDOWSsystem32DRIVERSHDAudBus.sys — (HDAudBus [On_Demand | Running])
DRV — [2006.12.06 10:02:28 | 00,049,920 | R— | M] (HP) — C:WINDOWSsystem32DRIVERSHPZid412.sys — (HPZid412 [On_Demand | Stopped])
DRV — [2006.12.06 10:02:28 | 00,016,496 | R— | M] (HP) — C:WINDOWSsystem32DRIVERSHPZipr12.sys — (HPZipr12 [On_Demand | Stopped])
DRV — [2006.12.06 10:02:29 | 00,021,568 | R— | M] (HP) — C:WINDOWSsystem32DRIVERSHPZius12.sys — (HPZius12 [On_Demand | Stopped])
DRV — [2008.04.15 16:00:00 | 00,053,120 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSi8042prt.sys — (i8042prt [System | Running])
DRV — [2008.04.17 18:33:26 | 04,707,328 | —- | M] (Realtek Semiconductor Corp.) — C:WINDOWSsystem32driversRtkHDAud.sys — (IntcAzAudAddService [On_Demand | Running])
DRV — [2008.04.15 16:00:00 | 00,037,504 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSisapnp.sys — (isapnp [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,024,832 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSkbdclass.sys — (Kbdclass [System | Running])
DRV — [2008.06.21 08:35:21 | 00,030,208 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversmodem.sys — (Modem [On_Demand | Stopped])
DRV — [2008.06.21 08:35:21 | 00,023,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSmouclass.sys — (Mouclass [System | Running])
DRV — [2007.12.05 05:41:00 | 07,435,392 | —- | M] (NVIDIA Corporation) — C:WINDOWSsystem32DRIVERSnv4_mini.sys — (nv [On_Demand | Running])
DRV — [2006.07.11 22:38:28 | 00,057,856 | —- | M] (NVIDIA Corporation) — C:WINDOWSsystem32DRIVERSNVENETFD.sys — (NVENETFD [On_Demand | Running])
DRV — [2006.07.11 22:38:30 | 00,020,480 | —- | M] (NVIDIA Corporation) — C:WINDOWSsystem32DRIVERSnvnetbus.sys — (nvnetbus [On_Demand | Running])
DRV — [2008.06.21 08:35:21 | 00,080,128 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSparport.sys — (Parport [On_Demand | Running])
DRV — [2008.04.15 16:00:00 | 00,006,912 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversparvdm.sys — (ParVdm [Auto | Running])
DRV — [2008.04.15 16:00:00 | 00,068,480 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSpci.sys — (PCI [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,003,328 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSpciide.sys — (PCIIde [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,120,192 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driverspcmcia.sys — (Pcmcia [Disabled | Stopped])
DRV — [2008.04.15 16:00:00 | 00,017,792 | —- | M] (Parallel Technologies, Inc.) — C:WINDOWSsystem32DRIVERSptilink.sys — (Ptilink [On_Demand | Running])
DRV — [2008.06.21 12:28:08 | 00,058,368 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSredbook.sys — (redbook [System | Running])
DRV — [2008.02.06 17:20:24 | 00,446,336 | —- | M] (Agnitum Ltd.) — C:WINDOWSsystem32DRIVERSSandBox.sys — (SandBox [System | Running])
DRV — [2008.04.15 16:00:00 | 00,020,480 | —- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) — C:WINDOWSsystem32DRIVERSsecdrv.sys — (Secdrv [On_Demand | Stopped])
DRV — [2008.04.15 16:00:00 | 00,065,024 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSserial.sys — (Serial [System | Running])
DRV — [2009.05.07 02:08:16 | 00,717,296 | —- | M] () — C:WINDOWSSystem32Driverssptd.sys — (sptd [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,073,472 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSsr.sys — (sr [Boot | Running])
DRV — [2007.05.02 11:11:16 | 00,083,592 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32DRIVERSss_bus.sys — (ss_bus [On_Demand | Stopped])
DRV — [2007.05.02 11:11:18 | 00,015,112 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32DRIVERSss_mdfl.sys — (ss_mdfl [On_Demand | Stopped])
DRV — [2007.05.02 11:11:18 | 00,109,704 | —- | M] (MCCI Corporation) — C:WINDOWSsystem32DRIVERSss_mdm.sys — (ss_mdm [On_Demand | Stopped])
DRV — [2009.05.10 18:11:50 | 00,005,632 | —- | M] () — C:WINDOWSSystem32driversStarOpen.sys — (StarOpen [System | Running])
DRV — [2008.04.15 16:00:00 | 00,051,968 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversvolsnap.sys — (VolSnap [Boot | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Secondary_Page_URL = [binary data]
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:NoAdd-ons
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:SecurityRisk
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE — HKU.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE — HKU.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE — HKU.DEFAULT.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

IE — HKUS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE — HKUS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE — HKUS-1-5-18S-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

IE — HKUS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru
IE — HKUS-1-5-19S-1-5-19SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

IE — HKUS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru
IE — HKUS-1-5-20S-1-5-20SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

IE — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru
IE — URLSearchHook: {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
IE — HKUS-1-5-21-1659004503-1647877149-1801674531-500S-1-5-21-1659004503-1647877149-1801674531-500SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

========== FireFox ==========

FF — prefs.js..browser.search.defaultenginename: «РЇРЅРґРµРєСЃ»
FF — prefs.js..browser.search.selectedEngine: «Google»
FF — prefs.js..browser.startup.homepage: «http://www.yandex.ru/?clid=40795»
FF — prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.4.2
FF — prefs.js..extensions.enabledItems: {99042a7d-fa95-463d-932c-9458c7991794}:1.0
FF — prefs.js..extensions.enabledItems: {37964A3C-4EE8-47b1-8321-34DE2C39BA4D}:2.0.1.20
FF — prefs.js..extensions.enabledItems: yasearch@yandex.ru:4.1.0
FF — prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF — prefs.js..keyword.URL: «http://search.qip.ru/search?query=»

FF — HKLMsoftwaremozillaMozilla Firefox 3.0.10extensions\Components: C:PROGRAM FILESMOZILLA FIREFOXCOMPONENTS [2009.05.08 16:51:22 | 00,000,000 | —D | M]
FF — HKLMsoftwaremozillaMozilla Firefox 3.0.10extensions\Plugins: C:PROGRAM FILESMOZILLA FIREFOXPLUGINS [2009.05.21 01:25:36 | 00,000,000 | —D | M]
FF — HKLMsoftwaremozillaThunderbirdExtensions\eplgTb@eset.com: C:PROGRAM FILESESETESET NOD32 ANTIVIRUSMOZILLA THUNDERBIRD [2009.05.24 18:13:25 | 00,000,000 | —D | M]

[2009.05.07 02:41:48 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaExtensions
[2009.05.07 02:41:48 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaExtensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.05.30 23:59:10 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaFirefoxProfilesuu9c8wzu.defaultextensions
[2009.05.07 02:42:40 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaFirefoxProfilesuu9c8wzu.defaultextensions{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
[2009.05.07 21:38:48 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaFirefoxProfilesuu9c8wzu.defaultextensions{99042a7d-fa95-463d-932c-9458c7991794}
[2009.05.07 03:21:18 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaFirefoxProfilesuu9c8wzu.defaultextensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.05.25 23:33:20 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaFirefoxProfilesuu9c8wzu.defaultextensions{e001c731-5e37-4538-a5cb-8168736a2360}
[2009.05.30 00:58:46 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaFirefoxProfilesuu9c8wzu.defaultextensionsQip.Bar@qip.ru
[2009.05.07 03:33:31 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaFirefoxProfilesuu9c8wzu.defaultextensionsyasearch@yandex.ru
[2009.05.07 03:33:30 | 00,000,000 | —D | M] — C:Documents and SettingsAdminApplication DatamozillaFirefoxProfilesuu9c8wzu.defaultextensionsyasearch@yandex.ruchromeskinextensions-hacks
[2009.05.24 18:45:30 | 00,000,000 | —D | M] — C:Program Filesmozilla firefoxextensions
[2009.05.08 16:51:18 | 00,000,000 | —D | M] — C:Program Filesmozilla firefoxextensions{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.05.08 16:51:18 | 00,023,032 | —- | M] (Mozilla Foundation) — C:Program Filesmozilla firefoxcomponentsbrowserdirprovider.dll
[2009.05.08 16:51:18 | 00,134,648 | —- | M] (Mozilla Foundation) — C:Program Filesmozilla firefoxcomponentsbrwsrcmp.dll
[2008.04.16 08:08:20 | 00,001,706 | —- | M] () — C:Program Filesmozilla firefoxsearchpluginsgoogle.xml
[2009.05.07 02:42:45 | 00,001,435 | —- | M] () — C:Program Filesmozilla firefoxsearchpluginsmailru.xml
[2008.02.22 20:20:12 | 00,001,122 | —- | M] () — C:Program Filesmozilla firefoxsearchpluginspriceru.xml
[2008.02.10 16:18:02 | 00,002,395 | —- | M] () — C:Program Filesmozilla firefoxsearchpluginsrambler.xml
[2008.04.08 19:54:28 | 00,001,945 | —- | M] () — C:Program Filesmozilla firefoxsearchpluginstorgmailru.xml
[2008.03.29 19:24:40 | 00,001,304 | —- | M] () — C:Program Filesmozilla firefoxsearchpluginswikipedia-ru.xml
[2008.01.09 23:49:44 | 00,004,072 | —- | M] () — C:Program Filesmozilla firefoxsearchpluginsyandex-slovari.xml
[2008.10.22 20:58:02 | 00,004,244 | —- | M] () — C:Program Filesmozilla firefoxsearchpluginsyandex.xml

O1 HOSTS File: (792 bytes) — C:WINDOWSSystem32driversetcHosts
O1 — Hosts: 127.0.0.1 localhost
O1 — Hosts: 81.177.17.70 nod32
O2 — BHO: (MailRuBHO Class) — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
O2 — BHO: (Java(tm) Plug-In 2 SSV Helper) — {DBC80044-A445-435b-BC74-9C25C1C588A9} — Reg Error: Value error. File not found
O3 — HKLM..Toolbar: (Спутник@Mail.Ru) — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
O3 — HKUS-1-5-21-1659004503-1647877149-1801674531-500..ToolbarShellBrowser: (no name) — {01E04581-4EEE-11D0-BFE9-00AA005B4383} — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
O3 — HKUS-1-5-21-1659004503-1647877149-1801674531-500..ToolbarWebBrowser: (no name) — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent File not found
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice (ESET)
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe (Hewlett-Packard Co.)
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM (Mail.Ru)
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe (Nero AG)
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 — HKLM..Run: [nwiz] nwiz.exe /install File not found
O4 — HKLM..Run: [OutpostFeedBack] «C:Program FilesAgnitumOutpost Firewall Profeedback.exe» /dump:os_startup (Agnitum Ltd.)
O4 — HKLM..Run: [OutpostMonitor] C:PROGRA~1AgnitumOutpost Firewall Proop_mon.exe /tray /noservice (Agnitum Ltd.)
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 — HKU.DEFAULT..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
O4 — HKUS-1-5-18..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
O4 — HKUS-1-5-21-1659004503-1647877149-1801674531-500..Run: [Auslogics BoostSpeed 4] C:Program FilesAuslogicsAusLogics BoostSpeedboostspeed.exe (Auslogics)
O4 — HKUS-1-5-21-1659004503-1647877149-1801674531-500..Run: [KillCopy] «C:WINDOWSsystem32killcopy.exe» /kcresume /startup (Killer{R})
O4 — HKUS-1-5-21-1659004503-1647877149-1801674531-500..Run: [Punto Switcher] C:Program FilesPunto Switcherps.exe (Punto.Ru)
O4 — HKUS-1-5-21-1659004503-1647877149-1801674531-500..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
O4 — HKU.DEFAULT..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (Корпорация Майкрософт)
O4 — HKU.DEFAULT..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N File not found
O4 — HKU.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 File not found
O4 — HKUS-1-5-18..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (Корпорация Майкрософт)
O4 — HKUS-1-5-18..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N File not found
O4 — HKUS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 File not found
O4 — Startup: C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаHP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe (Hewlett-Packard Co.)
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: dontdisplaylastusername = 0
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: legalnoticecaption =
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: legalnoticetext =
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: shutdownwithoutlogon = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: undockwithoutlogon = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: NoInternetOpenWith = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DisableRegistryTools = 0
O7 — HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSharedDocuments = 1
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O7 — HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSharedDocuments = 1
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O7 — HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSharedDocuments = 1
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKUS-1-5-19_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSharedDocuments = 1
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKUS-1-5-20_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSharedDocuments = 1
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O7 — HKUS-1-5-21-1659004503-1647877149-1801674531-500_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000 (Microsoft Corporation)
O8 — Extra context menu item: Поиск@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/282 (@Mail.Ru)
O8 — Extra context menu item: Словари@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/283 (@Mail.Ru)
O9 — Extra Button: Быстрая настройка Outpost Firewall Pro — {44627E97-789B-40d4-B5C2-58BD171129A1} — C:Program FilesAgnitumOutpost Firewall Proie_bar.dll (Agnitum Ltd.)
O9 — Extra Button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe (Mail.Ru)
O9 — Extra ‘Tools’ menuitem : Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe (Mail.Ru)
O9 — Extra Button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:Program FilesMicrosoft OfficeOFFICE11REFIEBAR.DLL (Microsoft Corporation)
O9 — Extra ‘Tools’ menuitem : @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe (Microsoft Corporation)
O10 — NameSpace_Catalog5Catalog_Entries00000000001 [TCP/IP] — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — NameSpace_Catalog5Catalog_Entries00000000003 [Пространство имен службы сетевого расположения (NLA)] — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — NameSpace_Catalog5Catalog_Entries00000000004 [Пространство имен Bluetooth] — C:WINDOWSsystem32wshbth.dll (Microsoft Corporation)
O10 — Protocol_Catalog9Catalog_Entries00000000001 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000002 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000003 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000004 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000005 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000006 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000007 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000008 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000009 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000010 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000011 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000012 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000013 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000014 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000015 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000016 — C:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerdvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} — C:WINDOWSsystem32msvidctl.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerhttpx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttpoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttpsx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttpsoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlermsdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlermsdaippoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerms-itss {0A9007C0-4076-11D3-8789-0000F8105754} — C:Program FilesCommon FilesMicrosoft SharedInformation RetrievalMSITSS.DLL (Microsoft Corporation)
O18 — ProtocolHandlermso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} — C:Program FilesCommon FilesMicrosoft SharedWeb Components10OWC10.DLL (Microsoft Corporation)
O18 — ProtocolHandlermso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} — C:Program FilesCommon FilesMicrosoft SharedWeb Components11OWC11.DLL (Microsoft Corporation)
O18 — ProtocolHandlertv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} — C:WINDOWSsystem32msvidctl.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — text/webviewhtml — C:WINDOWSsystem32SHELL32.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — text/xml — C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL (Microsoft Corporation)
O20 — AppInit_DLLs: (c:progra~1agnitumoutpost) — File not found
O20 — AppInit_DLLs: (firewall) — File not found
O20 — AppInit_DLLs: (prowl_hook.dll) — File not found
O20 — HKLM Winlogon: Shell — (Explorer.exe) — C:WINDOWSExplorer.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: UserInit — (C:WINDOWSsystem32userinit.exe) — C:WINDOWSsystem32userinit.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: UIHost — (logonui.exe) — C:WINDOWSsystem32logonui.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: VMApplet — (rundll32 shell32) — C:WINDOWSSystem32shell32.dll (Корпорация Майкрософт)
O20 — HKLM Winlogon: VMApplet — (Control_RunDLL «sysdm.cpl») — C:WINDOWSsystem32sysdm.cpl (Корпорация Майкрософт)
O20 — WinlogonNotifycrypt32chain: DllName — crypt32.dll — C:WINDOWSsystem32crypt32.dll (Корпорация Майкрософт)
O20 — WinlogonNotifycscdll: DllName — cscdll.dll — C:WINDOWSsystem32cscdll.dll (Корпорация Майкрософт)
O20 — WinlogonNotifyScCertProp: DllName — wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifySchedule: DllName — wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifysclgntfy: DllName — sclgntfy.dll — C:WINDOWSsystem32sclgntfy.dll (Корпорация Майкрософт)
O20 — WinlogonNotifySensLogn: DllName — WlNotify.dll — C:WINDOWSsystem32WlNotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifytermsrv: DllName — wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifywlballoon: DllName — wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
O21 — SSODL: CDBurn — {fbeb8a05-beee-4442-804e-409d6c4515e9} — C:WINDOWSsystem32SHELL32.dll (Корпорация Майкрософт)
O21 — SSODL: PostBootReminder — {7849596a-48ea-486e-8937-a2a3009f31a9} — C:WINDOWSsystem32SHELL32.dll (Корпорация Майкрософт)
O21 — SSODL: SysTray — {35CEC8A3-2BE6-11D2-8773-92E220524153} — C:WINDOWSsystem32stobject.dll (Корпорация Майкрософт)
O22 — SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} — Предзагрузчик Browseui — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
O22 — SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} — Демон кэша категорий компонентов — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
O24 — Desktop Components:0 (Моя текущая домашняя страница) — About:Home
O29 — HKLM SecurityProviders — (digest.dll) — C:WINDOWSsystem32digest.dll (Корпорация Майкрософт)
O29 — HKLM SecurityProviders — (msnsspc.dll) — C:WINDOWSsystem32msnsspc.dll (Корпорация Майкрософт)
O31 — SafeBoot: AlternateShell — cmd.exe
O32 — HKLM CDRom: AutoRun — 1
O32 — AutoRun File — [2009.05.07 02:05:16 | 00,000,000 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]
O32 — AutoRun File — [2009.05.24 23:46:38 | 00,000,000 | RHSD | M] — C:autorun.inf — [ NTFS ]
O32 — AutoRun File — [2009.05.03 07:08:17 | 00,000,000 | RHSD | M] — D:autorun.inf — [ NTFS ]
O32 — AutoRun File — [2009.05.03 07:08:17 | 00,000,000 | RHSD | M] — E:autorun.inf — [ NTFS ]
O34 — HKLM BootExecute: (autocheck) — File not found
O34 — HKLM BootExecute: (autochk) — C:WINDOWSSystem32autochk.exe (Microsoft Corporation)
O34 — HKLM BootExecute: (*) — * [2009.05.31 22:58:18 | 00,000,000 | —D | M]