Цифры в некторых числах (похожих на ключи) я заменил звездочками; надеюсь это не имеет большого значения (прим. автора)
---------------------------------------------------------------------- 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:12:29, on 13.11.2007
Platform: Windows XP SP2 (WinNT *.**.****)
MSIE: Internet Explorer v7.00 (*.**.****.*****)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Punto Switcher\ps.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
C:\Program Files\A!K Research Labs\NotesHolder\NotesHolder.exe
C:\Program Files\Rezerv-Copy\RezervCopy.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ru/ig?hl=ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {*****E*F-C*D*-*D**-B**D-***B*D*BE*B*} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {******BB-D*F*-***C-B*EB-D*DAF*D**D**} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: IE 4.x-6.x BHO for Download Master - {*******E-****-**B*-*E*E-A*D*B****ADF} - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll
O2 - BHO: &Google Notebook - {CCCCCCD*-***F-*F**-*B**-***DE*F*D***} - C:\Program Files\Google\Google Notebook\gnotes*.*.*.**--*********.dll
O3 - Toolbar: XTRANS - {DBBABB**-DDBC-**CA-B*BE-*F**E**D*FC*} - C:\Program Files\X-Translator PLATINUM\PRMTET\PrmtETru.dll
O3 - Toolbar: блокнот Google - {CCCCCCDB-*DDB-****-**D*-DD*C******BF} - C:\Program Files\Google\Google Notebook\gnotes*.*.*.**--*********.dll
O3 - Toolbar: DM Bar - {*E****F*-EA**-**A*-***C-D**ABC*EED*C} - C:\Program Files\Download Master\dmbar.dll
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ACROMOUSE] C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Punto Switcher] C:\Program Files\Punto Switcher\ps.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-*-*-**-*********-**********-*********-****\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Чистюля')
O4 - HKUS\S-*-*-**-*********-**********-*********-****\..\Run: [Punto Switcher] C:\Program Files\Punto Switcher\ps.exe (User 'Чистюля')
O4 - HKUS\S-*-*-**-*********-**********-*********-***7\..\Run: [StatistXP] C:\Program Files\StatistXP\StatistXP.exe (User 'Чистюля')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-*-*-**-*********-**********-*********-**** Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'Чистюля')
O4 - S-*-*-**-*********-**********-*********-**** User Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'Чистюля')
O4 - Startup: Lex!.lnk = C:\Program Files\Lex!\Lex.exe
O4 - Startup: NotesHolder.lnk = C:\Program Files\A!K Research Labs\NotesHolder\NotesHolder.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: Rezerv-Copy [Home Edition].lnk = ?
O4 - Startup: Ярлык для Внимание !.lnk = ?
O4 - Startup: Ярлык для Сервисные работы_2.lnk = ?
O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
O4 - Global Startup: Watch.lnk = C:\Program Files\Mustek 1200 UB Plus\Driver\WATCH.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Закачать ВСЕ при помощи Download Master - C:\Program Files\Download Master\dmieall.htm
O8 - Extra context menu item: Закачать при помощи Download Master - C:\Program Files\Download Master\dmie.htm
O8 - Extra context menu item: Записать это (блокнот Google) - res://C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--675468969.dll/gn_menu2.html
O8 - Extra context menu item: Записать эту страницу (Блокнот Google) - res://C:\Program Files\Google\Google Notebook\gnotes*.*.*.**--*********.dll/gn_menu*.html
O9 - Extra button: (no name) - {**B*E*C*-*FCB-**CF-AAA*-*****C******} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {**B*E*C*-*FCB-**CF-AAA*-*****C******} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Download Master - {*DAE**AD-****-****-*DD*-****F*A**C**} - C:\Program Files\Download Master\dmaster.exe
O9 - Extra 'Tools' menuitem: &Download Master - {*DAE**AD-****-****-*DD*-****F*A**C**} - C:\Program Files\Download Master\dmaster.exe
O9 - Extra button: (no name) - {e*e*dd**-d***-****-**b*-f*ba********} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e*e*dd**-d***-****-**b*-f*ba********} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB*F****-F***-**d*-BB*E-**C**F******} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB*F****-F***-**d*-BB*E-**C**F******} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Конвертировать в PDF - {***C**C*-***A-****-***E-F*D***D**C*F} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: Конвертировать в PDF с помощью HTML2PDF Pilot... - {***C**C*-***A-****-***E-F*D***D**C*F} - C:\WINDOWS\system**\shdocvw.dll (HKCU)
O9 - Extra button: IE Screenshot - {**A**D**-****-**ed-BF**-**F*FAF****F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Make a Screenshot - {8*A**D**-****-**ed-BF**-**F*FAF****F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)
O16 - DPF: {*******B-B***-***D-A*D*-FCFDF**E***C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180424961828
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BOCore - Unknown owner - C:\Program Files\Comodo\CBOClean\BOCORE.exe (file missing)
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) - Корпорация Майкрософт - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 10814 bytes