Logfile of random's system information tool 1.08 (written by random/random)
Run by Sasha at 2011-02-11 12:02:13
Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (31%) free of 31 GB
Total RAM: 2039 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:24, on 11.02.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WebMoney Agent\wmagent.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Sasha\Рабочий стол\RSIT.exe
C:\Program Files\trend micro\Sasha.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WebMoney Advisor\WMStatusbarSync.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.download.windowsupdate.com/msdownload/update/software/secu/2008/06/windowsxp-kb951376-v2-x86-rus_dc05e41e01c61233d61889439b0413308e7ee43d.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Sasha\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
O1 - Hosts: 195.82.146.114 torrents.ru
O1 - Hosts: 195.82.146.120 bt.torrents.ru
O1 - Hosts: 195.82.146.121 bt2.torrents.ru
O1 - Hosts: 195.82.146.122 bt3.torrents.ru
O1 - Hosts: 195.82.146.123 bt4.torrents.ru
O1 - Hosts: 195.82.146.124 bt5.torrents.ru
O1 - Hosts: 195.82.146.115 dl.torrents.ru
O1 - Hosts: 195.82.146.50 blog.torrents.ru
O1 - Hosts: 195.82.146.50 ns.torrents.ru
O1 - Hosts: 195.82.147.50 ns1.torrents.ru
O1 - Hosts: 195.82.146.50 mail.torrents.ru
O1 - Hosts: 195.82.146.30 wiki.torrents.ru
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MultiShop v2.0 - {39AA6D29-4236-4F25-A36A-3410EF5283D9} - C:\PROGRA~1\PIVIMM~1\MULTIS~1.DLL
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DepositFiles.com BHO - {9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F} - C:\PROGRA~1\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Sasha\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: TBSB03374 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\WebMoney Advisor\tbcore3.dll
O3 - Toolbar: WebMoney Advisor - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney Advisor\tbcore3.dll
O3 - Toolbar: Deposit IE Toolbar - {6AA40521-14E7-4B1D-B1B4-98528C1388C9} - C:\PROGRA~1\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "c:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "c:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] c:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [wmagent.exe] "C:\Program Files\WebMoney Agent\wmagent.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PCHDPlayer] C:\Program Files\pchd\PCHDPlayer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Append Link Target to Existing PDF - res://c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Статистика защиты веб-трафика - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: MultiShop v2.0 - {39AA6D29-4236-4F25-A36A-3410EF5283D9} - C:\PROGRA~1\PIVIMM~1\MULTIS~1.DLL
O9 - Extra 'Tools' menuitem: MultiShop v2.0 - {39AA6D29-4236-4F25-A36A-3410EF5283D9} - C:\PROGRA~1\PIVIMM~1\MULTIS~1.DLL
O9 - Extra button: WebMoney Advisor - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney Advisor\tbcore3.dll
O9 - Extra 'Tools' menuitem: WebMoney Advisor - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney Advisor\tbcore3.dll
O9 - Extra button: Быстрая настройка Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Скачать все с помощью DF Manager - {D5AD327A-A089-4F04-89FD-4EA9812B3913} - C:\PROGRA~1\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Sasha\Главное меню\Программы\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2155023-36E3-41B2-A913-7CC9F0F49B1F}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll, C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O22 - SharedTaskScheduler: Предзагрузчик Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Демон кэша категорий компонентов - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - c:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Служба Google Update (gupdate1ca7267cc189de6) (gupdate1ca7267cc189de6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Корпорация Майкрософт - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Служба сетевого DDE (NetDDE) - Корпорация Майкрософт - C:\WINDOWS\system32\netdde.exe
O23 - Service: Диспетчер сетевого DDE (NetDDEdsdm) - Корпорация Майкрософт - C:\WINDOWS\system32\netdde.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) - Корпорация Майкрософт - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Корпорация Майкрософт - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 13606 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39AA6D29-4236-4F25-A36A-3410EF5283D9}]
MultiShop v2.0 - C:\PROGRA~1\PIVIMM~1\MULTIS~1.DLL [2009-09-08 893440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F}]
DepositFiles IE BHO - C:\PROGRA~1\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL [2009-05-15 829440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Sasha\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2010-09-29 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
WebMoney Advisor - BHO Helper - C:\Program Files\WebMoney Advisor\tbcore3.dll [2010-02-24 2559608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - WebMoney Advisor - C:\Program Files\WebMoney Advisor\tbcore3.dll [2010-02-24 2559608]
{6AA40521-14E7-4B1D-B1B4-98528C1388C9} - Deposit IE Toolbar - C:\PROGRA~1\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL [2009-05-15 829440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe [2009-02-13 433480]
"AdobeCS4ServiceManager"=c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"=c:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=c:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"Adobe_ID0ENQBO"=c:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-08-09 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-08-09 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-08-09 137752]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"wmagent.exe"=C:\Program Files\WebMoney Agent\wmagent.exe [2009-10-19 210400]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-05-04 14396416]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-08-07 208616]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-02-13 1225032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AdobeBridge"= []
"PCHDPlayer"=C:\Program Files\pchd\PCHDPlayer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChristmasTree]
D:\Christmas.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lingvo Launcher]
C:\Program Files\ABBYY Lingvo 9.0 Popular Dictionary\Lvagent.exe [2003-12-08 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll, C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-08-09 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoInstrumentation"=1
"NoSMMyDocs"=1
"NoSMMyPictures"=1
"NoSMConfigurePrograms"=1
"NoResolveTrack"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\QIP 2010\qip.exe"="C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2011-02-11 12:02:26 ----D---- C:\Program Files\trend micro
2011-02-11 12:02:13 ----D---- C:\rsit
2011-02-11 11:09:10 ----A---- C:\WINDOWS\system32\drivers\uzi0ndix.sys
2011-02-11 00:12:43 ----A---- C:\WINDOWS\system32\setup_xp.ini
2011-02-11 00:04:25 ----A---- C:\WINDOWS\ntbtlog.txt
2011-02-10 18:04:54 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-10 18:04:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-10 18:04:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-10 17:12:10 ----D---- C:\Documents and Settings\Sasha\Application Data\Malwarebytes
2011-02-10 17:10:11 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-02-10 13:12:33 ----SHD---- C:\Config.Msi
2011-02-09 01:12:37 ----ASH---- C:\pagefile.sys
2011-02-08 12:38:10 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-31 01:53:23 ----A---- C:\WINDOWS\system32\kbdkor.dll
2011-01-31 01:53:23 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2011-01-31 01:53:23 ----A---- C:\WINDOWS\system32\kbd103.dll
2011-01-31 01:53:23 ----A---- C:\WINDOWS\system32\kbd101c.dll
2011-01-31 01:53:12 ----A---- C:\WINDOWS\system32\kbd101b.dll
2011-01-31 01:53:10 ----A---- C:\WINDOWS\system32\kbd106.dll
2011-01-30 23:33:01 ----D---- C:\Program Files\DepositFiles
2011-01-30 23:17:06 ----D---- C:\Program Files\FinalWire
2011-01-29 20:14:14 ----D---- C:\Program Files\epson
2011-01-29 20:14:12 ----A---- C:\WINDOWS\system32\eswiaml.dll
2011-01-29 20:14:12 ----A---- C:\WINDOWS\system32\eswia30.dll
2011-01-29 20:14:12 ----A---- C:\WINDOWS\system32\esint30.dll
2011-01-29 00:06:20 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2011-01-28 21:33:29 ----D---- C:\Documents and Settings\Sasha\Application Data\WebMoney
2011-01-28 21:26:30 ----D---- C:\Temp
2011-01-28 21:26:30 ----D---- C:\Documents and Settings\All Users\Application Data\Toolbar4
2011-01-28 21:26:29 ----D---- C:\Program Files\WebMoney Advisor
2011-01-28 21:24:36 ----D---- C:\Program Files\WebMoney Agent
2011-01-28 21:23:22 ----D---- C:\Program Files\WebMoney
2011-01-27 04:01:12 ----D---- C:\Program Files\=Copy to work=
2011-01-13 11:41:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2010-12-23 20:36:48 ----D---- C:\Documents and Settings\Sasha\Application Data\Yandex
2010-12-23 20:36:47 ----D---- C:\Documents and Settings\Sasha\Application Data\Opera
2010-12-16 10:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-16 10:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-16 10:02:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-16 10:02:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-16 10:02:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-16 10:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-16 10:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2010-12-12 10:49:21 ----D---- C:\Documents and Settings\Sasha\Application Data\Google
2010-12-10 16:25:07 ----D---- C:\Program Files\Common Files\Skype
2010-11-26 17:10:54 ----D---- C:\Documents and Settings\Sasha\Application Data\ZoomBrowser EX
2010-11-26 17:03:50 ----D---- C:\Documents and Settings\Sasha\Application Data\CANON INC
2010-11-26 17:01:24 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-11-26 17:01:23 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-11-26 16:50:35 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2010-11-26 16:48:06 ----D---- C:\Program Files\Common Files\Canon
2010-11-21 00:11:27 ----D---- C:\Program Files\QIP 2010
2010-11-21 00:01:11 ----HD---- C:\WINDOWS\PIF
2010-11-15 17:08:39 ----D---- C:\Documents and Settings\Sasha\Application Data\Leadertech
2010-11-15 17:04:19 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2010-11-15 17:02:47 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2010-11-15 17:02:39 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2010-11-15 17:02:38 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2010-11-15 17:02:36 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2010-11-15 17:02:34 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2010-11-15 17:02:32 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2010-11-15 17:02:23 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2010-11-15 17:02:14 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2010-11-15 17:02:04 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-11-15 17:02:04 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-11-15 17:01:59 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys

======List of files/folders modified in the last 3 months======

2011-02-11 12:02:26 ----RD---- C:\Program Files
2011-02-11 12:00:04 ----A---- C:\WINDOWS\wincmd.ini
2011-02-11 11:58:37 ----D---- C:\WINDOWS\Temp
2011-02-11 11:58:35 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2011-02-11 11:58:32 ----D---- C:\WINDOWS\system32\ias
2011-02-11 11:58:13 ----D---- C:\WINDOWS\system32\Lang
2011-02-11 11:55:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-11 11:55:45 ----D---- C:\WINDOWS\system32\drivers
2011-02-11 11:50:04 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-11 11:08:50 ----D---- C:\WINDOWS\Prefetch
2011-02-11 11:02:43 ----D---- C:\WINDOWS\system32\Filt
2011-02-11 10:59:04 ----D---- C:\WINDOWS\system32
2011-02-11 10:59:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-11 00:06:30 ----D---- C:\Documents and Settings
2011-02-11 00:04:25 ----D---- C:\WINDOWS
2011-02-10 18:12:12 ----SHD---- C:\WINDOWS\CSC
2011-02-10 16:43:13 ----D---- C:\Documents and Settings\Sasha\Application Data\uTorrent
2011-02-10 13:41:01 ----SHD---- C:\WINDOWS\Installer
2011-02-10 13:40:57 ----D---- C:\Program Files\Common Files
2011-02-10 13:14:13 ----D---- C:\Documents and Settings\All Users\Application Data\VMware
2011-02-10 13:13:26 ----HD---- C:\WINDOWS\inf
2011-02-10 13:09:39 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-10 12:55:35 ----SH---- C:\boot.ini
2011-02-10 12:55:35 ----N---- C:\WINDOWS\win.ini
2011-02-10 12:55:35 ----N---- C:\WINDOWS\system.ini
2011-02-08 16:30:28 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-02-08 12:38:10 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-02-08 00:13:43 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-07 18:56:28 ----D---- C:\WINDOWS\Help
2011-02-07 18:39:19 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-02-07 18:23:59 ----A---- C:\WINDOWS\system32\PQ_DEBUG.TXT
2011-02-06 11:10:02 ----D---- C:\WINDOWS\system32\RTCOM
2011-02-06 11:09:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-02-05 16:59:47 ----D---- C:\Program Files\Google
2011-02-05 00:15:22 ----RSD---- C:\WINDOWS\Fonts
2011-01-31 01:53:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-29 20:14:12 ----D---- C:\WINDOWS\twain_32
2011-01-29 00:25:12 ----D---- C:\Program Files\totalcmd
2011-01-28 19:30:14 ----D---- C:\Documents and Settings\Sasha\Application Data\Skype
2011-01-28 16:41:23 ----D---- C:\Documents and Settings\Sasha\Application Data\skypePM
2011-01-26 15:45:46 ----D---- C:\Program Files\Driver Checker
2011-01-22 13:33:48 ----D---- C:\Program Files\Microsoft Baseline Security Analyzer 2
2011-01-22 13:13:21 ----SD---- C:\Documents and Settings\Sasha\Application Data\Microsoft
2011-01-22 13:13:21 ----D---- C:\Program Files\Microsoft Virtual PC
2011-01-12 11:21:56 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-04 17:20:14 ----A---- C:\WINDOWS\system32\MRT.exe
2010-12-16 10:03:31 ----A---- C:\WINDOWS\imsins.BAK
2010-12-16 10:03:05 ----D---- C:\Program Files\Internet Explorer
2010-12-16 10:02:59 ----D---- C:\WINDOWS\ie8updates
2010-12-16 10:01:22 ----D---- C:\Program Files\Outlook Express
2010-12-11 09:54:16 ----D---- C:\Program Files\Mozilla Firefox
2010-12-10 16:28:18 ----RD---- C:\Program Files\Skype
2010-12-10 16:25:00 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-11-26 16:51:25 ----D---- C:\Program Files\Canon
2010-11-18 20:15:44 ----A---- C:\WINDOWS\system32\isign32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iteraid;ITERAID_Service_Install; C:\WINDOWS\system32\drivers\iteraid.sys [2005-03-17 25423]
R0 kl1;Kl1; C:\WINDOWS\system32\drivers\kl1.sys [2008-07-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver; C:\WINDOWS\system32\drivers\klbg.sys [2009-03-19 33808]
R1 intelppm;Драйвер Intel процессора; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40704]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-03-19 226832]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2001-08-10 3252]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 uzi0ndix;AVZ-RK Kernel Driver; \??\C:\WINDOWS\system32\Drivers\uzi0ndix.sys []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2008-06-20 30864]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-02-10 257432]
R3 ASWFilt;ASWFilt; \??\C:\WINDOWS\system32\Filt\ASWFilt.dll []
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Драйвер класса HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-08-09 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-05-04 2951680]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 mouhid;Драйвер мыши HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-19 12160]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S3 CCDECODE;Closed Caption декодер; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys []
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys []
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys []
S3 LVUVC;Logitech Webcam 250(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys []
S3 MBAMProtector;MBAMProtector; C:\WINDOWS\system32\drivers\MBAMProtector.sys []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Аудио драйвер USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Класс принтеров Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Драйвер USB-сканера; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB-видеоустройство (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 WSTCODEC;World Standard Teletext кодек; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-02-13 1267016]
R2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-08-07 208616]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
S2 gupdate1ca7267cc189de6;Служба Google Update (gupdate1ca7267cc189de6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-01 133104]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; c:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-23 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------