Валерий добрый день! Спасибо за ответ! Вставляю лог
OTL logfile created on: 24.06.2009 18:17:49 — Run 1
OTL by OldTimer — Version 3.0.5.2 Folder = C:Documents and SettingsAdminРабочий стол
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy
1023,23 Mb Total Physical Memory | 544,86 Mb Available Physical Memory | 53,25% Memory free
2,40 Gb Paging File | 1,91 Gb Available in Paging File | 79,54% Paging File free
Paging file location(s): C:pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 100,27 Gb Total Space | 91,92 Gb Free Space | 91,66% Space Free | Partition Type: NTFS
Drive D: | 100,03 Gb Total Space | 90,41 Gb Free Space | 90,39% Space Free | Partition Type: NTFS
Drive E: | 48,77 Gb Total Space | 17,08 Gb Free Space | 35,03% Space Free | Partition Type: NTFS
Drive F: | 365,72 Gb Total Space | 35,14 Gb Free Space | 9,61% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MICROSOF-299232
Current User Name: Admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC — [2008.04.15 16:00:00 | 00,050,688 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32smss.exe
PRC — [2008.04.15 16:00:00 | 00,509,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32winlogon.exe
PRC — [2008.04.15 16:00:00 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32services.exe
PRC — [2008.12.19 18:09:52 | 01,926,144 | —- | M] (Корпорация Майкрософт) — C:WINDOWSExplorer.EXE
PRC — [2007.11.02 18:58:38 | 00,566,560 | —- | M] (ABBYY (BIT Software)) — C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe
PRC — [2009.05.13 00:40:21 | 00,152,984 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjqs.exe
PRC — [2003.06.19 23:25:00 | 00,322,120 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
PRC — [2008.12.02 15:29:52 | 00,877,864 | —- | M] (Nero AG) — C:Program FilesNeroNero8Nero BackItUpNBService.exe
PRC — [2009.02.09 13:18:00 | 00,163,908 | —- | M] (NVIDIA Corporation) — C:WINDOWSSystem32nvsvc32.exe
PRC — [2009.02.25 21:59:06 | 01,352,960 | —- | M] (O&O Software GmbH) — C:WINDOWSSystem32oodag.exe
PRC — [2007.02.07 16:29:50 | 00,173,616 | —- | M] () — C:Program FilesCyberLinkShared filesRichVideo.exe
PRC — [2007.05.28 20:57:54 | 00,275,968 | —- | M] (Rocket Division Software) — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
PRC — [2009.06.17 10:03:17 | 00,603,904 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TUProgSt.exe
PRC — [2005.05.20 05:11:06 | 00,925,696 | R— | M] (Analog Devices, Inc.) — C:Program FilesAnalog DevicesCoresmax4pnp.exe
PRC — [2008.04.15 16:00:00 | 00,033,280 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32RUNDLL32.EXE
PRC — [2009.05.13 00:40:21 | 00,148,888 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjusched.exe
PRC — [2009.05.16 22:49:13 | 06,210,744 | —- | M] (Mail.Ru) — C:Program FilesMail.RuAgentMAgent.exe
PRC — [2009.02.25 21:58:04 | 02,553,088 | —- | M] (O&O Software GmbH) — C:WINDOWSSystem32oodtray.exe
PRC — [2008.03.20 20:23:22 | 00,083,240 | —- | M] (Cyberlink Corp.) — C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
PRC — [2008.06.27 16:50:38 | 00,091,432 | —- | M] (cyberlink) — C:Program FilesCyberlinkShared Filesbrs.exe
PRC — [2008.03.23 17:18:06 | 00,132,096 | —- | M] () — C:Program FilesVistaDriveIconVistaDrv.exe
PRC — [2008.10.30 13:56:42 | 00,734,504 | —- | M] (ООО Яндекс) — C:Program FilesPunto Switcherpunto.exe
PRC — [2009.03.20 14:32:32 | 01,312,256 | —- | M] (Nokia) — C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
PRC — [2008.12.12 08:31:10 | 01,840,424 | —- | M] (Nero AG) — C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
PRC — [2008.12.13 13:30:31 | 00,157,952 | —- | M] (TuneUp Software GmbH) — C:Program FilesTuneUp Utilities 2009MemOptimizer.exe
PRC — [2006.02.21 14:11:02 | 00,401,408 | —- | M] (AVerMedia Technologies, Inc.) — C:Program FilesAVerTVQuickTV.exe
PRC — [2008.12.12 08:31:10 | 00,537,896 | —- | M] (Nero AG) — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
PRC — [2009.03.04 11:25:12 | 00,621,056 | —- | M] (Nokia.) — C:Program FilesPC Connectivity SolutionServiceLayer.exe
PRC — [2009.03.09 13:44:12 | 00,130,560 | —- | M] () — C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
PRC — [2008.11.26 12:35:00 | 00,119,808 | —- | M] () — C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
PRC — [2008.04.15 16:00:00 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wbemwmiapsrv.exe
PRC — [2006.02.19 05:24:52 | 00,239,320 | —- | M] (Hewlett-Packard Development Company, L.P.) — C:Program FilesHPDigital ImagingbinhpqSTE08.exe
PRC — [2006.09.15 23:30:06 | 00,142,848 | —- | M] (Microsoft Corporation) — C:WINDOWSSystem32wudfhost.exe
PRC — [2009.03.11 13:06:20 | 00,159,744 | —- | M] (Nokia) — C:Program FilesNokiaNokia PC Suite 7OneTouchAccess.exe
PRC — [2008.12.10 22:32:46 | 00,098,816 | —- | M] (Opera Software) — C:Program FilesOperaopera.exe
PRC — [2009.06.24 18:15:20 | 00,512,512 | —- | M] (OldTimer Tools) — C:Documents and SettingsAdminРабочий столOTL.exe
========== Win32 Services (SafeList) ==========
SRV — [2007.11.02 18:58:38 | 00,566,560 | —- | M] (ABBYY (BIT Software)) — C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe — (ABBYY.Licensing.FineReader.Professional.9.0 [Auto | Running])
SRV — [2009.04.14 19:31:08 | 01,605,976 | —- | M] (Agnitum Ltd.) — C:Program FilesAgnitumOutpost Security Suite Proacs.exe — (acssrv [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,171,008 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32appmgmts.dll — (AppMgmt [On_Demand | Stopped])
SRV — [2007.10.24 03:47:22 | 00,033,800 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe — (aspnet_state [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,409,088 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32qmgr.dll — (BITS [On_Demand | Stopped])
SRV — [2007.10.24 03:47:40 | 00,070,144 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dhcpcsvc.dll — (Dhcp [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,024,064 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dmserver.dll — (dmserver [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,045,568 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32dnsrslvr.dll — (Dnscache [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32services.exe — (Eventlog [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (FastUserSwitchingCompatibility [On_Demand | Running])
SRV — [2006.10.20 21:21:24 | 00,036,864 | —- | M] (Microsoft Corporation) — c:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe — (FontCache3.0.0.0 [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,038,400 | —- | M] (Microsoft Corporation) — C:WINDOWSPCHealthHelpCtrBinariespchsvc.dll — (helpsvc [Auto | Running])
SRV — [2005.05.20 10:37:12 | 00,081,920 | —- | M] (Hewlett-Packard Company) — C:WINDOWSSystem32spooldriversw32x863HPBPRO.EXE — (HP Port Resolver [On_Demand | Stopped])
SRV — [2004.10.16 05:31:06 | 00,073,728 | —- | M] (Hewlett-Packard Company) — C:WINDOWSSystem32spooldriversw32x863HPBOID.EXE — (HP Status Server [On_Demand | Stopped])
SRV — [2006.10.30 03:33:58 | 00,741,376 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe — (idsvc [Unknown | Stopped])
SRV — [2008.04.15 16:00:00 | 00,150,528 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32imapi.exe — (ImapiService [On_Demand | Stopped])
SRV — [2009.05.13 00:40:21 | 00,152,984 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjqs.exe — (JavaQuickStarterService [Auto | Running])
SRV — [2003.06.19 23:25:00 | 00,322,120 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE — (MDM [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,032,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32mnmsrvc.exe — (mnmsrvc [Disabled | Stopped])
SRV — [2008.12.02 15:29:52 | 00,877,864 | —- | M] (Nero AG) — C:Program FilesNeroNero8Nero BackItUpNBService.exe — (Nero BackItUp Scheduler 3 [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32netdde.exe — (NetDDE [Disabled | Stopped])
SRV — [2008.04.15 16:00:00 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32netdde.exe — (NetDDEdsdm [Disabled | Stopped])
SRV — [2008.04.15 16:00:00 | 00,198,144 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32netman.dll — (Netman [On_Demand | Running])
SRV — [2006.10.30 03:34:02 | 00,122,880 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe — (NetTcpPortSharing [Disabled | Stopped])
SRV — [2008.12.19 18:01:25 | 00,247,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32mswsock.dll — (Nla [On_Demand | Running])
SRV — [2008.12.12 08:31:10 | 00,537,896 | —- | M] (Nero AG) — C:Program FilesCommon FilesNeroLibNMIndexingService.exe — (NMIndexingService [On_Demand | Running])
SRV — [2008.04.15 16:00:00 | 00,436,736 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32ntmssvc.dll — (NtmsSvc [On_Demand | Stopped])
SRV — [2009.02.09 13:18:00 | 00,163,908 | —- | M] (NVIDIA Corporation) — C:WINDOWSSystem32nvsvc32.exe — (NVSvc [Auto | Running])
SRV — [2009.02.25 21:59:06 | 01,352,960 | —- | M] (O&O Software GmbH) — C:WINDOWSSystem32oodag.exe — (O&O Defrag [Auto | Running])
SRV — [2003.07.28 20:28:22 | 00,089,136 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,109,056 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32services.exe — (PlugPlay [Auto | Running])
SRV — [2006.03.03 21:03:10 | 00,069,632 | —- | M] (HP) — C:WINDOWSSystem32HPZipm12.exe — (Pml Driver HPZ12 [Unknown | Stopped])
SRV — [2008.04.15 16:00:00 | 00,141,824 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32sessmgr.exe — (RDSessMgr [Disabled | Stopped])
SRV — [2007.02.07 16:29:50 | 00,173,616 | —- | M] () — C:Program FilesCyberLinkShared filesRichVideo.exe — (RichVideo [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,096,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32SCardSvr.exe — (SCardSvr [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,193,024 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32schedsvc.dll — (Schedule [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,018,944 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32seclogon.dll — (seclogon [On_Demand | Stopped])
SRV — [2009.03.04 11:25:12 | 00,621,056 | —- | M] (Nokia.) — C:Program FilesPC Connectivity SolutionServiceLayer.exe — (ServiceLayer [On_Demand | Running])
SRV — [2008.12.19 18:01:15 | 00,330,752 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32ipnathlp.dll — (SharedAccess [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (ShellHWDetection [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,171,008 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32srsvc.dll — (srservice [Auto | Running])
SRV — [2007.05.28 20:57:54 | 00,275,968 | —- | M] (Rocket Division Software) — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe — (StarWindServiceAE [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,333,824 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wiaservc.dll — (stisvc [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,091,648 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32smlogsvc.exe — (SysmonLog [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,249,856 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32tapisrv.dll — (TapiSrv [On_Demand | Running])
SRV — [2008.04.15 16:00:00 | 00,295,936 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32termsrv.dll — (TermService [On_Demand | Running])
SRV — [2008.04.15 16:00:00 | 00,135,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32shsvcs.dll — (Themes [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,073,216 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32tlntsvr.exe — (TlntSvr [Disabled | Stopped])
SRV — [2009.06.17 10:03:15 | 00,360,192 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TuneUpDefragService.exe — (TuneUp.Defrag [On_Demand | Stopped])
SRV — [2009.06.17 10:03:17 | 00,603,904 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TUProgSt.exe — (TuneUp.ProgramStatisticsSvc [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,186,368 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32upnphost.dll — (upnphost [On_Demand | Stopped])
SRV — [2008.12.11 13:31:36 | 00,027,904 | —- | M] (TuneUp Software) — C:WINDOWSSystem32uxtuneup.dll — (UxTuneUp [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,290,304 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32vssvc.exe — (VSS [On_Demand | Stopped])
SRV — [2008.12.19 18:01:52 | 00,175,616 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32w32time.dll — (W32Time [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,145,408 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wbemWMIsvc.dll — (winmgmt [Auto | Running])
SRV — [2008.04.15 16:00:00 | 00,687,616 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32advapi32.dll — (Wmi [On_Demand | Stopped])
SRV — [2008.04.15 16:00:00 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wbemwmiapsrv.exe — (WmiApSrv [On_Demand | Running])
SRV — [2006.10.18 21:05:24 | 00,913,408 | —- | M] (Microsoft Corporation) — C:Program FilesWindows Media Playerwmpnetwk.exe — (WMPNetworkSvc [On_Demand | Stopped])
SRV — [2008.12.19 18:06:26 | 00,483,840 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32wzcsvc.dll — (WZCSVC [Auto | Running])
========== Driver Services (SafeList) ==========
DRV — [2008.04.15 16:00:00 | 00,188,288 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSACPI.sys — (ACPI [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,011,776 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversacpiec.sys — (ACPIEC [Disabled | Stopped])
DRV — [2005.09.15 08:56:48 | 00,141,312 | R— | M] (Analog Devices, Inc.) — C:WINDOWSSystem32driversADIHdAud.sys — (ADIHdAudAddService [On_Demand | Running])
DRV — [2005.03.04 16:53:00 | 00,127,872 | R— | M] (Andrea Electronics Corporation) — C:WINDOWSSystem32driversAEAudio.sys — (AEAudioService [On_Demand | Running])
DRV — [2009.02.18 17:30:56 | 00,031,128 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32DRIVERSafw.sys — (afw [On_Demand | Running])
DRV — [2009.02.10 16:15:42 | 00,257,432 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32driversafwcore.sys — (afwcore [On_Demand | Running])
DRV — [2007.05.15 01:38:22 | 00,009,216 | R— | M] (A4Tech Co.,Ltd.) — C:WINDOWSSystem32DRIVERSAmfilter.sys — (Amfilter [System | Running])
DRV — [2007.05.15 01:41:46 | 00,014,336 | R— | M] (A4Tech Co.,Ltd.) — C:WINDOWSSystem32DRIVERSAmusbprt.sys — (Amusbprt [On_Demand | Stopped])
DRV — [2009.04.06 11:37:46 | 00,033,888 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32FiltASWFilt.dll — (ASWFilt [On_Demand | Running])
DRV — [2009.05.12 17:54:32 | 00,409,120 | —- | M] (AVerMedia TECHNOLOGIES, Inc.) — C:WINDOWSSystem32DRIVERSAVerM15x.sys — (Cap7134 [On_Demand | Running])
DRV — [2004.11.22 06:38:40 | 00,176,128 | R— | M] (Intel Corporation) — C:WINDOWSSystem32DRIVERSe1000325.sys — (E1000 [On_Demand | Stopped])
DRV — [2008.04.15 16:00:00 | 00,044,544 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversfips.sys — (Fips [System | Running])
DRV — [2008.04.15 16:00:00 | 00,125,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSftdisk.sys — (Ftdisk [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,144,384 | —- | M] (Windows (R) Server 2003 DDK provider) — C:WINDOWSSystem32DRIVERSHDAudBus.sys — (HDAudBus [On_Demand | Running])
DRV — [2006.04.13 04:04:39 | 00,049,664 | —- | M] (HP) — C:WINDOWSSystem32DRIVERSHPZid412.sys — (HPZid412 [On_Demand | Stopped])
DRV — [2006.04.13 04:04:39 | 00,016,496 | —- | M] (HP) — C:WINDOWSSystem32DRIVERSHPZipr12.sys — (HPZipr12 [On_Demand | Stopped])
DRV — [2006.04.13 04:04:39 | 00,021,568 | —- | M] (HP) — C:WINDOWSSystem32DRIVERSHPZius12.sys — (HPZius12 [On_Demand | Stopped])
DRV — [2008.04.15 16:00:00 | 00,053,120 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSi8042prt.sys — (i8042prt [System | Running])
DRV — [2008.04.15 01:16:18 | 00,005,504 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSintelide.sys — (IntelIde [Boot | Running])
DRV — [2008.04.14 21:17:16 | 00,037,504 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSisapnp.sys — (isapnp [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,024,832 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSkbdclass.sys — (Kbdclass [System | Running])
DRV — [2008.12.19 18:06:26 | 00,030,208 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversmodem.sys — (Modem [On_Demand | Running])
DRV — [2008.12.19 18:06:26 | 00,023,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSmouclass.sys — (Mouclass [System | Running])
DRV — [2009.02.09 07:37:46 | 00,017,664 | —- | M] (Nokia) — C:WINDOWSSystem32driversccdcmb.sys — (nmwcd [On_Demand | Running])
DRV — [2009.02.09 07:37:46 | 00,022,016 | —- | M] (Nokia) — C:WINDOWSSystem32driversccdcmbo.sys — (nmwcdc [On_Demand | Running])
DRV — [2009.02.09 13:18:00 | 06,307,328 | —- | M] (NVIDIA Corporation) — C:WINDOWSSystem32DRIVERSnv4_mini.sys — (nv [On_Demand | Running])
DRV — [2008.12.19 18:06:26 | 00,080,128 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSparport.sys — (Parport [On_Demand | Running])
DRV — [2008.04.15 16:00:00 | 00,006,912 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversparvdm.sys — (ParVdm [Auto | Running])
DRV — [2008.08.26 10:26:12 | 00,018,816 | —- | M] (Nokia) — C:WINDOWSSystem32DRIVERSpccsmcfd.sys — (pccsmcfd [On_Demand | Running])
DRV — [2008.04.14 21:22:30 | 00,068,480 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSpci.sys — (PCI [Boot | Running])
DRV — [2001.10.19 20:32:14 | 00,003,328 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSpciide.sys — (PCIIde [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,120,192 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driverspcmcia.sys — (Pcmcia [Disabled | Stopped])
DRV — [2009.05.13 10:40:29 | 00,047,360 | —- | M] (VSO Software) — C:WINDOWSSystem32Driverspcouffin.sys — (pcouffin [On_Demand | Running])
DRV — [2009.05.12 17:54:32 | 00,060,704 | —- | M] (AVerMedia TECHNOLOGIES, Inc.) — C:WINDOWSSystem32DRIVERSM15xTune.sys — (PhTVTune [On_Demand | Running])
DRV — [2008.04.15 16:00:00 | 00,017,792 | —- | M] (Parallel Technologies, Inc.) — C:WINDOWSSystem32DRIVERSptilink.sys — (Ptilink [On_Demand | Running])
DRV — [2005.08.19 03:00:00 | 00,046,080 | —- | M] (Sonic Solutions) — C:WINDOWSSystem32DriversPxHelp20.sys — (PxHelp20 [Boot | Running])
DRV — [2008.04.15 01:11:48 | 00,058,368 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSredbook.sys — (redbook [System | Running])
DRV — [2009.04.06 11:37:12 | 00,704,384 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32driversSandBox.sys — (SandBox [System | Running])
DRV — [2008.04.15 16:00:00 | 00,020,480 | —- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) — C:WINDOWSSystem32DRIVERSsecdrv.sys — (Secdrv [On_Demand | Stopped])
DRV — [2005.08.11 09:49:28 | 00,393,088 | R— | M] (Sensaura) — C:WINDOWSSystem32driversSenfilt.sys — (SenFiltService [On_Demand | Running])
DRV — [2008.04.15 16:00:00 | 00,065,024 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32DRIVERSserial.sys — (Serial [System | Running])
DRV — [2009.05.12 17:17:24 | 00,717,296 | —- | M] () — C:WINDOWSSystem32Driverssptd.sys — (sptd [Boot | Running])
DRV — [2008.04.15 16:00:00 | 00,073,472 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32DRIVERSsr.sys — (sr [Boot | Running])
DRV — [2009.02.09 07:37:48 | 00,007,808 | —- | M] (Nokia) — C:WINDOWSSystem32DRIVERSusbser_lowerflt.sys — (upperdev [On_Demand | Running])
DRV — [2008.04.14 00:15:38 | 00,026,112 | —- | M] (Microsoft Corporation) — C:WINDOWSSystem32driversusbser.sys — (usbser [On_Demand | Running])
DRV — [2009.02.09 07:37:56 | 00,007,808 | —- | M] (Nokia) — C:WINDOWSSystem32DRIVERSusbser_lowerfltj.sys — (UsbserFilt [On_Demand | Running])
DRV — [2009.04.03 15:23:32 | 01,175,256 | —- | M] (VirusBuster Kft.) — C:WINDOWSSystem32driversVBEngNT.sys — (VBEngNT [On_Demand | Running])
DRV — [2009.04.06 11:37:40 | 00,234,304 | —- | M] (Agnitum Ltd.) — C:WINDOWSSystem32FiltVBFilt.dll — (VBFilt [On_Demand | Running])
DRV — [2009.02.16 17:46:56 | 00,100,560 | —- | M] () — C:WINDOWSSystem32DRIVERSVBoxDrv.sys — (VBoxDrv [System | Running])
DRV — [2009.02.16 17:47:00 | 00,087,568 | —- | M] (Windows (R) Server 2003 DDK provider) — C:WINDOWSSystem32DRIVERSVBoxNetFlt.sys — (VBoxNetFlt [On_Demand | Running])
DRV — [2009.02.16 17:47:00 | 00,041,744 | —- | M] (Sun Microsystems, Inc.) — C:WINDOWSSystem32DRIVERSVBoxUSBMon.sys — (VBoxUSBMon [System | Running])
DRV — [2008.04.15 16:00:00 | 00,051,968 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversvolsnap.sys — (VolSnap [Boot | Running])
DRV — [2008.06.27 16:50:32 | 00,061,424 | —- | M] (Cyberlink Corp.) — C:Program FilesCyberLinkPowerDVD800.fcl — ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} [Auto | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Secondary_Page_URL = [binary data]
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:NoAdd-ons
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:SecurityRisk
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE — HKU.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE — HKU.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE — HKU.DEFAULT.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0
IE — HKUS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE — HKUS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE — HKUS-1-5-18S-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0
IE — HKUS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
IE — HKUS-1-5-19S-1-5-19SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0
IE — HKUS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
IE — HKUS-1-5-20S-1-5-20SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0
IE — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WINDOWSsystem32blank.htm
IE — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
IE — URLSearchHook: {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
IE — HKUS-1-5-21-1715567821-1292428093-1177238915-500S-1-5-21-1715567821-1292428093-1177238915-500SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0
FF — HKLMsoftwaremozillaFirefoxextensions\jqs@sun.com: C:Program FilesJavajre6libdeployjqsff [2009.05.13 00:40:21 | 00,000,000 | —D | M]
FF — HKLMsoftwaremozillaFirefoxextensions\bkmrksync@nokia.com: C:Program FilesNokiaNokia PC Suite 7bkmrksync [2009.05.16 17:44:13 | 00,000,000 | —D | M]
O1 HOSTS File: (27 bytes) — C:WINDOWSSystem32driversetcHosts
O1 — Hosts: 127.0.0.1 localhost
O2 — BHO: (SnagIt Toolbar Loader) — {00C6482D-C502-44C8-8409-FCE54AD9C208} — C:Program FilesTechSmithSnagit 9SnagitBHO.dll (TechSmith Corporation)
O2 — BHO: (Adobe PDF Link Helper) — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 — BHO: (MailRuBHO Class) — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
O2 — BHO: (IE 4.x-6.x BHO for Download Master) — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:Program FilesDownload Masterdmiehlp.dll (WestByte)
O2 — BHO: (Java(tm) Plug-In 2 SSV Helper) — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll (Sun Microsystems, Inc.)
O2 — BHO: (JQSIEStartDetectorImpl Class) — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll (Sun Microsystems, Inc.)
O3 — HKLM..Toolbar: (Спутник@Mail.Ru) — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll (@Mail.Ru)
O3 — HKLM..Toolbar: (Snagit) — {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — C:Program FilesTechSmithSnagit 9SnagitIEAddin.dll (TechSmith Corporation)
O3 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..ToolbarShellBrowser: (&Адрес) — {01E04581-4EEE-11D0-BFE9-00AA005B4383} — C:WINDOWSSystem32browseui.dll (Корпорация Майкрософт)
O4 — HKLM..Run: [BDRegion] C:Program FilesCyberlinkShared Filesbrs.exe (cyberlink)
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe (Mail.Ru)
O4 — HKLM..Run: [NvCplDaemon] C:WINDOWSSystem32NvCpl.DLL (NVIDIA Corporation)
O4 — HKLM..Run: [NvMediaCenter] C:WINDOWSSystem32NvMcTray.DLL (NVIDIA Corporation)
O4 — HKLM..Run: [nwiz] C:WINDOWSSystem32nwiz.exe ()
O4 — HKLM..Run: [OODefragTray] C:WINDOWSSystem32oodtray.exe (O&O Software GmbH)
O4 — HKLM..Run: [OutpostFeedBack] C:Program FilesAgnitumOutpost Security Suite Profeedback.exe (Agnitum Ltd.)
O4 — HKLM..Run: [OutpostMonitor] C:Program FilesAgnitumOutpost Security Suite Proop_mon.exe (Agnitum Ltd.)
O4 — HKLM..Run: [PDVD8LanguageShortcut] C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe ()
O4 — HKLM..Run: [RemoteControl8] C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe (Cyberlink Corp.)
O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe (Analog Devices, Inc.)
O4 — HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre6binjusched.exe (Sun Microsystems, Inc.)
O4 — HKU.DEFAULT..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
O4 — HKUS-1-5-18..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [AlcoholAutomount] C:Program FilesAlcohol SoftAlcohol 120axcmd.exe (Alcohol Soft Development Team)
O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe (Nero AG)
O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [PC Suite Tray] C:Program FilesNokiaNokia PC Suite 7PCSuite.exe (Nokia)
O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe (ООО Яндекс)
O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [TuneUp MemOptimizer] C:Program FilesTuneUp Utilities 2009MemOptimizer.exe (TuneUp Software GmbH)
O4 — HKUS-1-5-21-1715567821-1292428093-1177238915-500..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe ()
O4 — HKU.DEFAULT..RunOnce: [IE7_011] File not found
O4 — HKU.DEFAULT..RunOnce: [IE7_012] C:WINDOWSSystem32advpack.DLL (Microsoft Corporation)
O4 — HKU.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] C:WINDOWSSystem32advpack.DLL (Microsoft Corporation)
O4 — HKUS-1-5-18..RunOnce: [IE7_011] File not found
O4 — HKUS-1-5-18..RunOnce: [IE7_012] C:WINDOWSSystem32advpack.DLL (Microsoft Corporation)
O4 — HKUS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] C:WINDOWSSystem32advpack.DLL (Microsoft Corporation)
O4 — Startup: C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаQuickTV.lnk = C:Program FilesAVerTVQuickTV.exe (AVerMedia Technologies, Inc.)
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108607
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: dontdisplaylastusername = 0
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: legalnoticecaption =
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: legalnoticetext =
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: shutdownwithoutlogon = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: undockwithoutlogon = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: NoInternetOpenWith = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DisableRegistryTools = 0
O7 — HKU.DEFAULTSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O7 — HKUS-1-5-18SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O7 — HKUS-1-5-19SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
O7 — HKUS-1-5-19_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-20SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
O7 — HKUS-1-5-20_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMConfigurePrograms = 1
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoSMHelp = 1
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108543
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DisableRegistryTools = 0
O7 — HKUS-1-5-21-1715567821-1292428093-1177238915-500_ClassesSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O10 — NameSpace_Catalog5Catalog_Entries00000000001 [] — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — NameSpace_Catalog5Catalog_Entries00000000003 [] — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000001 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000002 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000003 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000004 — C:WINDOWSSystem32rsvpsp.dll (Microsoft Corporation)
O10 — Protocol_Catalog9Catalog_Entries00000000005 — C:WINDOWSSystem32rsvpsp.dll (Microsoft Corporation)
O10 — Protocol_Catalog9Catalog_Entries00000000006 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000007 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000008 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000009 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000010 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000011 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000012 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000013 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000014 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000015 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000016 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000017 — C:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O16 — DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 — DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 — DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O18 — ProtocolHandlerdvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} — C:WINDOWSSystem32msvidctl.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerhttpx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttpoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttpsx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttpsoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandleripp — No CLSID value found
O18 — ProtocolHandlerippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlermsdaipp — No CLSID value found
O18 — ProtocolHandlermsdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlermsdaippoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — C:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerms-itss {0A9007C0-4076-11D3-8789-0000F8105754} — C:Program FilesCommon FilesMicrosoft SharedInformation RetrievalMSITSS.DLL (Microsoft Corporation)
O18 — ProtocolHandlermso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} — C:Program FilesCommon FilesMicrosoft SharedWeb Components10OWC10.DLL (Microsoft Corporation)
O18 — ProtocolHandlermso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} — C:Program FilesCommon FilesMicrosoft SharedWeb Components11OWC11.DLL (Microsoft Corporation)
O18 — ProtocolHandlertv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} — C:WINDOWSSystem32msvidctl.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — text/webviewhtml — C:WINDOWSSystem32SHELL32.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — text/xml — C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL (Microsoft Corporation)
O20 — HKLM Winlogon: Shell — (Explorer.exe) — C:WINDOWSExplorer.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: UserInit — (C:WINDOWSsystem32userinit.exe) — C:WINDOWSSystem32userinit.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: UIHost — (logonui.exe) — C:WINDOWSSystem32logonui.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: VMApplet — (rundll32 shell32) — C:WINDOWSSystem32shell32.dll (Корпорация Майкрософт)
O20 — HKLM Winlogon: VMApplet — (Control_RunDLL «sysdm.cpl») — C:WINDOWSSystem32sysdm.cpl (Корпорация Майкрософт)
O20 — WinlogonNotifycrypt32chain: DllName — crypt32.dll — C:WINDOWSSystem32crypt32.dll (Корпорация Майкрософт)
O20 — WinlogonNotifycscdll: DllName — cscdll.dll — C:WINDOWSSystem32cscdll.dll (Корпорация Майкрософт)
O20 — WinlogonNotifyScCertProp: DllName — wlnotify.dll — C:WINDOWSSystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifySchedule: DllName — wlnotify.dll — C:WINDOWSSystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifysclgntfy: DllName — sclgntfy.dll — C:WINDOWSSystem32sclgntfy.dll (Корпорация Майкрософт)
O20 — WinlogonNotifySensLogn: DllName — WlNotify.dll — C:WINDOWSSystem32WlNotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifytermsrv: DllName — wlnotify.dll — C:WINDOWSSystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifywlballoon: DllName — wlnotify.dll — C:WINDOWSSystem32wlnotify.dll (Корпорация Майкрософт)
O21 — SSODL: CDBurn — {fbeb8a05-beee-4442-804e-409d6c4515e9} — C:WINDOWSSystem32SHELL32.dll (Корпорация Майкрософт)
O21 — SSODL: SysTray — {35CEC8A3-2BE6-11D2-8773-92E220524153} — C:WINDOWSSystem32stobject.dll (Корпорация Майкрософт)
O22 — SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} — Предзагрузчик Browseui — C:WINDOWSSystem32browseui.dll (Корпорация Майкрософт)
O22 — SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} — Демон кэша категорий компонентов — C:WINDOWSSystem32browseui.dll (Корпорация Майкрософт)
O24 — Desktop Components:0 (Моя текущая домашняя страница) — About:Home
O28 — HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} — Reg Error: Key error. File not found
O29 — HKLM SecurityProviders — (digest.dll) — C:WINDOWSSystem32digest.dll (Корпорация Майкрософт)
O29 — HKLM SecurityProviders — (msnsspc.dll) — C:WINDOWSSystem32msnsspc.dll (Корпорация Майкрософт)
O31 — SafeBoot: AlternateShell — cmd.exe
O32 — HKLM CDRom: AutoRun — 1
O32 — AutoRun File — [2009.05.12 17:13:46 | 00,000,000 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]
O34 — HKLM BootExecute: (autocheck) — File not found
O34 — HKLM BootExecute: (autochk) — C:WINDOWSSystem32autochk.exe (Microsoft Corporation)
O34 — HKLM BootExecute: (*) — File not found
O34 — HKLM BootExecute: (OODBS) — C:WINDOWSSystem32OODBS.exe (O&O Software GmbH)
========== Files/Folders — Created Within 30 Days ==========
[1 C:WINDOWSSystem32*.tmp files]
[3 C:WINDOWS*.tmp files]
[2009.06.24 18:15:07 | 00,512,512 | —- | C] (OldTimer Tools) — C:Documents and SettingsAdminРабочий столOTL.exe
[2009.06.23 12:48:40 | 00,666,391 | —- | C] () — C:Documents and SettingsAdminРабочий столoldiprr.zip
[2009.06.19 17:57:01 | 00,780,411 | —- | C] () — C:Documents and SettingsAdminРабочий столСистема непрерывной подачи чернил с раздельными картриджами.rar
[2009.06.19 17:10:47 | 00,092,816 | —- | C] () — C:Documents and SettingsAdminРабочий столСистема непрерывной подачи чернил Hewlett packard.rar
[2009.06.19 00:14:42 | 00,000,000 | -HSD | C] — C:RECYCLER
[2009.06.18 13:06:50 | 00,000,000 | —D | C] — C:WINDOWSERDNT
[2009.06.17 18:56:52 | 00,000,308 | —- | C] () — C:WINDOWStasksWebReg Photosmart C5100 series.job
[2009.06.17 10:08:05 | 00,000,506 | —- | C] () — C:WINDOWStasksБыстрое решение проблем.job
[2009.06.17 10:03:17 | 00,603,904 | —- | C] (TuneUp Software) — C:WINDOWSSystem32TUProgSt.exe
[2009.06.17 10:03:15 | 00,360,192 | —- | C] (TuneUp Software) — C:WINDOWSSystem32TuneUpDefragService.exe
[2009.06.17 10:03:15 | 00,027,904 | —- | C] (TuneUp Software) — C:WINDOWSSystem32uxtuneup.dll
[2009.06.17 10:03:14 | 00,000,486 | —- | C] () — C:WINDOWStasks1-Click Maintenance.job
[2009.06.17 10:03:12 | 00,000,000 | —D | C] — C:Documents and SettingsAdminApplication DataTuneUp Software
[2009.06.17 10:03:10 | 00,001,617 | —- | C] () — C:Documents and SettingsAll UsersРабочий столTuneUp 1-Click Maintenance.lnk
[2009.06.17 10:03:10 | 00,001,545 | —- | C] () — C:Documents and SettingsAll UsersРабочий столTuneUp Utilities 2009.lnk
[2009.06.17 10:02:43 | 00,000,000 | —D | C] — C:Documents and SettingsAll UsersApplication DataTuneUp Software
[2009.06.17 10:02:41 | 00,000,000 | —D | C] — C:Program FilesTuneUp Utilities 2009
[2009.06.17 10:02:27 | 00,000,000 | -HSD | C] — C:Documents and SettingsAll UsersApplication Data{55A29068-F2CE-456C-9148-C869879E2357}
[2009.06.16 00:57:05 | 00,812,344 | —- | C] (Trend Micro Inc.) — C:Documents and SettingsAdminРабочий столHJTInstall.exe
[2009.06.15 12:55:53 | 00,000,000 | —D | C] — C:Documents and SettingsAdminМои документыМои альбомы
[2009.06.14 01:32:25 | 00,000,000 | —D | C] — C:Program Filestrend micro
[2009.06.12 15:34:11 | 00,000,000 | —D | C] — C:Documents and SettingsAll UsersApplication DataCrystalIdea Software
[2009.06.12 13:06:45 | 00,000,000 | —D | C] — C:Documents and SettingsAdminLocal SettingsApplication DataNero
[2009.06.12 13:03:29 | 00,000,000 | —D | C] — C:Documents and SettingsAdminМои документыNeroVision
[2009.06.07 16:32:49 | 00,000,000 | —D | C] — C:WINDOWSSystem32appmgmt
[2009.06.07 16:25:29 | 00,000,000 | —D | C] — C:Documents and SettingsAdminApplication DataBinarySense
[2009.06.07 16:25:20 | 00,000,000 | —D | C] — C:Program FilesCommon FilesBinarySense
[2009.06.07 16:25:20 | 00,000,000 | —D | C] — C:Program FilesBinarySense
[2009.06.07 14:31:07 | 00,000,000 | —D | C] — C:Documents and SettingsAdminApplication DataLavasoft
[2009.06.07 11:26:19 | 00,010,368 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32drivershidusb.sys
[2009.05.28 14:39:18 | 01,175,256 | —- | C] (VirusBuster Kft.) — C:WINDOWSSystem32driversVBEngNT.sys
[2009.05.28 14:39:17 | 00,704,384 | —- | C] (Agnitum Ltd.) — C:WINDOWSSystem32driversSandBox.sys
[2009.05.28 14:39:10 | 00,257,432 | —- | C] (Agnitum Ltd.) — C:WINDOWSSystem32driversafwcore.sys
[2009.05.28 14:38:57 | 00,000,049 | —- | C] () — C:WINDOWStransp.gif
[2009.05.28 14:38:52 | 00,031,128 | —- | C] (Agnitum Ltd.) — C:WINDOWSSystem32driversafw.sys
[2009.05.28 14:38:48 | 00,000,000 | —D | C] — C:WINDOWSSystem32Filt
[2009.05.28 14:38:48 | 00,000,000 | —D | C] — C:Program FilesAgnitum
[2009.05.28 14:38:48 | 00,000,000 | —D | C] — C:Documents and SettingsAdminApplication DataAgnitum
[2009.05.28 14:38:12 | 00,000,000 | —D | C] — C:Documents and SettingsAll UsersApplication DataAgnitum
[2009.05.27 19:41:45 | 00,000,846 | —- | C] () — C:Documents and SettingsAll UsersРабочий столAshampoo Burning Studio 2009.lnk
[2009.05.27 19:41:37 | 00,000,000 | —D | C] — C:Program FilesAshampoo
[2009.05.27 13:25:04 | 00,000,000 | —D | C] — C:Documents and SettingsAdminМои документыФайлы Mail.Ru Агента
[2009.05.18 00:53:31 | 00,000,069 | —- | C] () — C:WINDOWSNeroDigital.ini
[2009.05.13 00:16:09 | 00,100,560 | —- | C] () — C:WINDOWSSystem32driversVBoxDrv.sys
[2009.05.12 19:45:19 | 00,000,394 | —- | C] () — C:WINDOWSODBC.INI
[2009.05.12 18:43:03 | 00,168,448 | —- | C] () — C:WINDOWSSystem32unrar.dll
[2009.05.12 18:43:01 | 00,795,648 | —- | C] () — C:WINDOWSSystem32xvidcore.dll
[2009.05.12 18:43:00 | 03,596,288 | —- | C] () — C:WINDOWSSystem32qt-dx331.dll
[2009.05.12 18:43:00 | 00,130,048 | —- | C] () — C:WINDOWSSystem32xvidvfw.dll
[2009.05.12 18:42:59 | 00,084,480 | —- | C] () — C:WINDOWSSystem32ff_vfw.dll
[2009.05.12 18:42:59 | 00,000,547 | —- | C] () — C:WINDOWSSystem32ff_vfw.dll.manifest
[2009.05.12 17:28:34 | 00,015,327 | —- | C] () — C:WINDOWSAscd_tmp.ini
[2009.05.12 17:28:31 | 00,005,824 | —- | C] () — C:WINDOWSSystem32driversASUSHWIO.SYS
[2009.05.12 17:17:23 | 00,717,296 | —- | C] () — C:WINDOWSSystem32driverssptd.sys
[2009.05.12 17:17:19 | 00,000,951 | —- | C] () — C:WINDOWSSystem32oeminfo.ini
[2009.05.12 17:14:23 | 00,271,264 | —- | C] () — C:WINDOWSSystem32vbrun100.dll
[2009.05.12 17:14:23 | 00,210,944 | —- | C] () — C:WINDOWSSystem32msvcrt10.dll
[2009.05.12 17:14:23 | 00,059,904 | —- | C] () — C:WINDOWSSystem32zlib1.dll
[2008.04.15 16:00:00 | 00,000,658 | —- | C] () — C:WINDOWSwin.ini
[2008.04.15 16:00:00 | 00,000,227 | —- | C] () — C:WINDOWSsystem.ini
[2007.03.12 21:31:28 | 01,732,608 | —- | C] () — C:WINDOWSSystem32BCGPStyle2007Luna.dll
[2006.01.04 13:12:04 | 00,077,824 | —- | C] () — C:WINDOWSSystem32HPZIDS01.dll
[2005.09.02 10:45:36 | 00,008,366 | —- | C] () — C:WINDOWSAVerTV.ini
[2005.06.16 05:20:00 | 01,724,416 | —- | C] () — C:WINDOWSSystem32nvwdmcpl.dll
[2005.06.16 05:20:00 | 01,507,328 | —- | C] () — C:WINDOWSSystem32nview.dll
[2005.06.16 05:20:00 | 01,101,824 | —- | C] () — C:WINDOWSSystem32nvwimg.dll
[2005.06.16 05:20:00 | 00,540,672 | —- | C] () — C:WINDOWSSystem32nvhwvid.dll
[2005.06.16 05:20:00 | 00,466,944 | —- | C] () — C:WINDOWSSystem32nvshell.dll
[2003.04.10 13:43:32 | 00,005,412 | —- | C] () — C:WINDOWSSystem32OUTLPERF.INI
[2001.07.07 03:00:02 | 00,003,249 | —- | C] () — C:WINDOWSSystem32HPTCPMON.INI
========== Files — Modified Within 30 Days ==========
[1 C:WINDOWSSystem32*.tmp files]
[3 C:WINDOWS*.tmp files]
[2009.06.24 18:15:20 | 00,512,512 | —- | M] (OldTimer Tools) — C:Documents and SettingsAdminРабочий столOTL.exe
[2009.06.24 18:00:01 | 00,000,506 | —- | M] () — C:WINDOWStasksБыстрое решение проблем.job
[2009.06.24 18:00:01 | 00,000,486 | —- | M] () — C:WINDOWStasks1-Click Maintenance.job
[2009.06.24 13:51:26 | 00,000,027 | —- | M] () — C:WINDOWSSystem32driversetchosts
[2009.06.24 12:41:20 | 00,200,866 | —- | M] () — C:WINDOWSSystem32nvapps.xml
[2009.06.24 12:41:15 | 00,008,366 | —- | M] () — C:WINDOWSAVerTV.ini
[2009.06.24 12:40:58 | 00,000,006 | -H— | M] () — C:WINDOWStasksSA.DAT
[2009.06.24 12:40:56 | 00,002,206 | —- | M] () — C:WINDOWSSystem32wpa.dbl
[2009.06.24 12:40:54 | 00,002,048 | —S- | M] () — C:WINDOWSbootstat.dat
[2009.06.24 12:40:51 | 00,155,794 | —- | M] () — C:WINDOWSSystem32oodbs.lor
[2009.06.23 22:05:06 | 00,077,824 | —- | M] () — C:Documents and SettingsAdminLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.23 13:43:50 | 00,000,069 | —- | M] () — C:WINDOWSNeroDigital.ini
[2009.06.23 12:53:13 | 00,666,391 | —- | M] () — C:Documents and SettingsAdminРабочий столoldiprr.zip
[2009.06.23 00:55:17 | 00,000,051 | —- | M] () — C:Documents and SettingsAdminApplication Datadefault.pls
[2009.06.19 17:57:10 | 00,780,411 | —- | M] () — C:Documents and SettingsAdminРабочий столСистема непрерывной подачи чернил с раздельными картриджами.rar
[2009.06.19 17:10:47 | 00,092,816 | —- | M] () — C:Documents and SettingsAdminРабочий столСистема непрерывной подачи чернил Hewlett packard.rar
[2009.06.18 13:18:54 | 00,000,227 | —- | M] () — C:WINDOWSsystem.ini
[2009.06.17 18:56:53 | 00,000,308 | —- | M] () — C:WINDOWStasksWebReg Photosmart C5100 series.job
[2009.06.17 10:03:17 | 00,603,904 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TUProgSt.exe
[2009.06.17 10:03:15 | 00,360,192 | —- | M] (TuneUp Software) — C:WINDOWSSystem32TuneUpDefragService.exe
[2009.06.17 10:03:10 | 00,001,617 | —- | M] () — C:Documents and SettingsAll UsersРабочий столTuneUp 1-Click Maintenance.lnk
[2009.06.17 10:03:10 | 00,001,545 | —- | M] () — C:Documents and SettingsAll UsersРабочий столTuneUp Utilities 2009.lnk
[2009.06.16 00:57:19 | 00,812,344 | —- | M] (Trend Micro Inc.) — C:Documents and SettingsAdminРабочий столHJTInstall.exe
[2009.06.12 11:59:44 | 01,097,152 | —- | M] () — C:WINDOWSSystem32PerfStringBackup.INI
[2009.06.12 11:59:44 | 00,485,242 | —- | M] () — C:WINDOWSSystem32perfh019.dat
[2009.06.12 11:59:44 | 00,441,760 | —- | M] () — C:WINDOWSSystem32perfh009.dat
[2009.06.12 11:59:44 | 00,084,660 | —- | M] () — C:WINDOWSSystem32perfc019.dat
[2009.06.12 11:59:44 | 00,071,444 | —- | M] () — C:WINDOWSSystem32perfc009.dat
[2009.05.28 14:32:27 | 00,005,709 | —- | M] () — C:WINDOWSSystem32CONFIG.NT
[2009.05.27 19:41:45 | 00,000,846 | —- | M] () — C:Documents and SettingsAll UsersРабочий столAshampoo Burning Studio 2009.lnk
========== Alternate Data Streams ==========
@Alternate Data Stream — 108 bytes -> C:Documents and SettingsAll UsersApplication DataTEMP:2BE9FEFC
