Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

explorer.exe error not written memory

Started by valstoria , Dec 16 2010 01:58 AM

  • Please log in to reply

#1
valstoria
Posted 16 December 2010 - 01:58 AM

valstoria

    New Member

  • Member
  • Pip
  • 2 posts
hi.thats me again.i have started OTL scan succsesfull and logg is printed bellow.but i had problem with GMER scan.when i started scan with it Windows closed after few seconds of scan and computer shows blue window with something "beggining of physical dump memory bla bla something wrong" and closed that blue window immediately after that...
OTL Extras logfile created on: 16.12.2010 8:40:47 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\TRANSLATOR
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000419 | Country: Russia | Language: RUS | Date Format: dd.MM.yyyy

191,00 Mb Total Physical Memory | 13,00 Mb Available Physical Memory | 7,00% Memory free
747,00 Mb Paging File | 554,00 Mb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 18,63 Gb Total Space | 2,84 Gb Free Space | 15,24% Space Free | Partition Type: NTFS
Drive D: | 694,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JACK | User Name: Mano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-776561741-789336058-854245398-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- %1
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
""ja tools - ReAVR 3.2"_is1" = ja tools ReAVR 3.2.0 beta
"{1296CAF3-F007-4813-A95F-AD153F978DF1}" = AVRStudio4
"{13C4E8F0-B747-4C7C-9090-884832F9F90A}" = Proteus 7 Professional
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B4FAA72-82D6-440E-8AEA-230C4668074D}" = Socket Wi-Fi® Companion Software
"{2204AF25-80E5-468E-B46D-795685B35DEB}" = ESET NOD32 Antivirus
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{258FDE4E-EE80-4BD7-ACE1-BDAED5F22F09}" = REALTEK RTL8187 Wireless LAN Driver
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{2BC8CD09-ECEB-4F00-8F7C-0297F295E9C4}" = P-CAD 2006 Viewer
"{2F881B56-CBDF-4EC6-A8D2-6412A879C66A}_is1" = AMR Player 1.3
"{37460314-9261-48EB-A840-60988F9B3DA6}" = ALKONAS
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E59F17A-DA8E-47FF-A27E-C90D7B6B1C08}" = AGWTracker
"{6F716D8C-398F-11D3-85E1-005004838609}" = WebFldrs
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7E78FCC0-200B-4B45-9E03-3B6F158A2423}_is1" = CodeVisionAVR V1.24.8d
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4BF87C8-3EEC-4774-82A2-584F109187B1}" = USB 2.0 MMC/SD Card Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVRStudio4
"{DD8081B3-E5A2-4E1D-90D2-5FB95EA63C25}" = Media Web Page Creator 2001
"{E9CEE2F5-1B87-40DB-9AC7-370A613BE1D9}" = Juodos avys 2004
"{EA2F25DC-552B-4C83-B577-C0417CD8DD5E}" = MPLAB Tools v8.53
"{F266A90C-3F4A-4F65-9901-3DBBB0D77D80}" = 802.11g Wireless Adapter HW.15 V.1.00
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ahtwwdhoyujmpt" = Advanced Performance Platform Cashtitan.
"Applian FLV Player2.0.24" = Applian FLV Player
"Ask & Record Toolbar4.00" = Ask & Record Toolbar 4.00
"AVR Simulator IDE" = AVR Simulator IDE
"BASCOM-AVR DEMO Setup" = BASCOM-AVR DEMO Setup
"Blade Runner" = Blade Runner
"Cain & Abel v4.9.30" = Cain & Abel v4.9.30
"CCleaner" = CCleaner (remove only)
"CwGet_is1" = CwGet V1.65
"CwType_is1" = CwType V1.75
"DXE_v2" = DirectX Eradicator
"Easy WiFi Radar" = Easy WiFi Radar 1.0.3
"Engage Packet builder_is1" = Engage Packet builder v2.2.0
"Evidence Eliminator" = Evidence Eliminator
"Fallout2" = Fallout2
"Foxit Reader" = Foxit Reader
"FTDICOMM" = FTDI USB Serial Converter Drivers
"In Cold Blood" = In Cold Blood
"InstallShield_{EA2F25DC-552B-4C83-B577-C0417CD8DD5E}" = MPLAB Tools v8.53
"InstallShield_{F266A90C-3F4A-4F65-9901-3DBBB0D77D80}" = 802.11g Wireless Adapter HW.15 V.1.00
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Full)
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"mIRC" = mIRC
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"OpenAL" = OpenAL
"Orbitron_is1" = Orbitron - Satellite Tracking System
"PIC18 Disassembler" = PIC18 Disassembler
"PowerGraph 2.1" = PowerGraph 2.1
"Product_Name" = GeniusProgrammer
"RegCure" = RegCure 1.5.2.7
"S3 Gamma" = S3 Gamma Utility
"S3DUOVUE" = S3DuoView+ Utility
"SeaTTY_is1" = SeaTTY V2.20
"Softonic_English Toolbar" = Softonic_English Toolbar
"SstvPalMultiMode" = SstvPalMultiMode
"TMACv5.0R2" = Technitium MAC Address Changer v5.0 Release 2
"Total Video Converter 3.10_is1" = Total Video Converter 3.10
"TrueTTY_is1" = TrueTTY V2.75
"UISS_is1" = UISS Version 5.2.3
"Unofficial SP 5.1 for Microsoft® Windows®" = Unofficial SP 5.1 for Microsoft® Windows® 2000
"Visual C++ 6.0 Standard Edition" = Microsoft Visual C++ 6.0 Standard Edition
"Web Page Maker_is1" = Web Page Maker V3.21
"Winamp3" = Winamp3 (remove only)
"WinAVR-20100110" = WinAVR 20100110 (remove only)
"WinDjView" = WinDjView 1.0.3
"WinPcapInst" = WinPcap 3.1 beta4
"WinPic_is1" = WinPic
"WinRAR archiver" = WinRAR archiver
"Wireshark" = Wireshark 1.2.1
"WMP7" = Windows Media Player system update (9 Series)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-776561741-789336058-854245398-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Pilot Desktop" = Palm Desktop

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 07.12.2010 11:45:26 | Computer Name = JACK | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 13.12.2010 5:18:49 | Computer Name = JACK | Source = Perflib | ID = 1015
Description = The timeout waiting for the performance data collection function "PerfDisk"
in
the "C:\WINNT\system32\perfdisk.dll" Library to finish has expired. There may be
a problem with this extensible counter or the service it is collecting data from
or the system may have been very busy when this call was attempted.

Error - 13.12.2010 14:52:53 | Computer Name = JACK | Source = Perflib | ID = 1015
Description = The timeout waiting for the performance data collection function "PerfDisk"
in
the "C:\WINNT\system32\perfdisk.dll" Library to finish has expired. There may be
a problem with this extensible counter or the service it is collecting data from
or the system may have been very busy when this call was attempted.

Error - 11.12.2010 16:20:23 | Computer Name = JACK | Source = Userenv | ID = 1000
Description = Windows cannot unload your registry file. If you have a roaming profile,
your settings are not replicated. Contact your administrator. DETAIL - Access
is denied. , Build number ((2195)).

Error - 11.12.2010 16:24:59 | Computer Name = JACK | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 12.12.2010 11:32:39 | Computer Name = JACK | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 12.12.2010 17:26:11 | Computer Name = JACK | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 15.12.2010 13:06:37 | Computer Name = JACK | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 15.12.2010 15:14:22 | Computer Name = JACK | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

Error - 16.12.2010 2:28:54 | Computer Name = JACK | Source = Perflib | ID = 2002
Description = The open procedure for service "PerfDisk" in DLL "C:\WINNT\system32\perfdisk.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

[ System Events ]
Error - 09.12.2010 13:13:41 | Computer Name = JACK | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.105 on
the Network Card with network address 000215AD991F.

Error - 10.12.2010 2:35:45 | Computer Name = JACK | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.105 on
the Network Card with network address 000215AD991F.

Error - 10.12.2010 13:31:50 | Computer Name = JACK | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.105 on
the Network Card with network address 000215AD991F.

Error - 13.12.2010 5:18:23 | Computer Name = JACK | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.105 on
the Network Card with network address 000215AD991F.

Error - 12.12.2010 5:14:01 | Computer Name = JACK | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.105 on
the Network Card with network address 000215AD991F.

Error - 12.12.2010 8:35:14 | Computer Name = JACK | Source = Service Control Manager | ID = 7024
Description = The Messenger service terminated with service-specific error 2119.

Error - 12.12.2010 8:35:14 | Computer Name = JACK | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.105 on
the Network Card with network address 000215AD991F.

Error - 12.12.2010 11:23:00 | Computer Name = JACK | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.105 on
the Network Card with network address 000215AD991F.

Error - 14.12.2010 13:10:46 | Computer Name = JACK | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.105 on
the Network Card with network address 000215AD991F.

Error - 15.12.2010 15:17:22 | Computer Name = JACK | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.105 for the Network Card with network
address 000215AD991F has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).


< End of report >

OTL logfile created on: 16.12.2010 8:40:46 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\TRANSLATOR
Windows 2000 Professional Edition Service Pack 4 (Version = 5.0.2195) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000419 | Country: Russia | Language: RUS | Date Format: dd.MM.yyyy

191,00 Mb Total Physical Memory | 13,00 Mb Available Physical Memory | 7,00% Memory free
747,00 Mb Paging File | 554,00 Mb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files
Drive C: | 18,63 Gb Total Space | 2,84 Gb Free Space | 15,24% Space Free | Partition Type: NTFS
Drive D: | 694,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JACK | User Name: Mano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\TRANSLATOR\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited)
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\802.11 Wireless LAN\802.11g Wireless Adapter HW.15 V.1.00\WlanCU.exe ()
PRC - C:\WINNT\system32\mstask.exe (Microsoft Corporation)
PRC - C:\WINNT\explorer.exe (Microsoft Corporation)
PRC - C:\WINNT\system32\UMonit2K.exe (General)
PRC - C:\WINNT\system32\wbem\winmgmt.exe (Microsoft Corporation)
PRC - C:\WINNT\system32\regsvc.exe (Microsoft Corporation)
PRC - C:\WINNT\system32\WISPTIS.EXE (Microsoft Corporation)
PRC - C:\WINNT\system32\S3TRAY.exe (S3 Incorporated.)
PRC - C:\WINNT\system32\internat.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Mano\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll (Applian Technologies, Inc.)
MOD - C:\TRANSLATOR\OTL.exe (OldTimer Tools)
MOD - C:\WINNT\system32\wsock32.dll (Microsoft Corporation)
MOD - C:\WINNT\system32\lz32.dll (Microsoft Corporation)
MOD - C:\WINNT\system32\netrap.dll (Microsoft Corporation)
MOD - C:\WINNT\system32\indicdll.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (Autodata Limited License Service) -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodata Limited)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Schedule) -- C:\WINNT\system32\mstask.exe (Microsoft Corporation)
SRV - (WinMgmt) -- C:\WINNT\system32\wbem\winmgmt.exe (Microsoft Corporation)
SRV - (dmadmin) -- C:\WINNT\System32\dmadmin.exe (VERITAS Software Corp.)
SRV - (Fax) -- C:\WINNT\system32\faxsvc.exe (Microsoft Corporation)
SRV - (RemoteRegistry) -- C:\WINNT\system32\regsvc.exe (Microsoft Corporation)
SRV - (UtilMan) -- C:\WINNT\system32\utilman.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (PEEK5) -- C:\PROGRA~1\WILDPA~1\OmniPeek\PEEK5.SYS File not found
DRV - (esihdrv) -- C:\DOCUME~1\Mano\LOCALS~1\Temp\esihdrv.sys File not found
DRV - (DBGV) -- C:\Documents and Settings\Mano\Desktop\usb\sniff-bin-2k-1.5\sniff-bin-2k-1.5\DBGV.SYS File not found
DRV - (Cdr4_2K) -- C:\WINNT\System32\drivers\cdr4_2K.sys (Roxio)
DRV - (Cdralw2k) -- C:\WINNT\System32\drivers\cdralw2k.sys (Roxio)
DRV - (sptd) -- C:\WINNT\System32\Drivers\sptd.sys ()
DRV - (usbsnpys) -- C:\WINNT\system32\drivers\USBSnpys.sys (SnoopWare)
DRV - (usbsnoop) usbsnoop (display) -- C:\WINNT\system32\drivers\USBSnoop.sys (SnoopWare)
DRV - (WinDriver6) -- C:\WINNT\system32\drivers\windrvr6.sys (Jungo)
DRV - (RTLWUSB) -- C:\WINNT\system32\drivers\RTL8187.sys (Realtek Semiconductor Corporation )
DRV - (epfwtdir) -- C:\WINNT\system32\drivers\epfwtdir.sys ()
DRV - (easdrv) -- C:\WINNT\system32\drivers\easdrv.sys (ESET)
DRV - (eamon) -- C:\WINNT\system32\drivers\eamon.sys (ESET)
DRV - (STGPRO) -- C:\WINNT\system32\drivers\SiUSBXp.sys (Silicon Laboratories)
DRV - (DXSOFTIO) -- C:\WINNT\System32\drivers\DXSOFTIO.SYS ()
DRV - (NPF) -- C:\WINNT\system32\drivers\npf.sys (CACE Technologies)
DRV - (MPE) -- C:\WINNT\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (FTSER2K) -- C:\WINNT\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINNT\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (NSNDIS5) -- C:\WINNT\system32\nsndis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (dmio) -- C:\WINNT\System32\drivers\dmio.sys (VERITAS Software Corp.)
DRV - (uhcd) -- C:\WINNT\system32\drivers\uhcd.sys (Microsoft Corporation)
DRV - (Diskperf) -- C:\WINNT\System32\drivers\diskperf.sys (Microsoft Corporation)
DRV - (dmboot) -- C:\WINNT\system32\drivers\dmboot.sys (VERITAS Software Corp.)
DRV - (gameenum) -- C:\WINNT\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (Parallel) -- C:\WINNT\system32\drivers\parallel.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINNT\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (EFS) -- C:\WINNT\System32\drivers\efs.sys (Microsoft Corporation)
DRV - (dmload) -- C:\WINNT\system32\drivers\dmload.sys (VERITAS Software Corp.)
DRV - (SjyPkt) -- C:\WINNT\system32\drivers\SjyPkt.sys (Windows ® 2000 DDK provider)
DRV - (NetDetect) -- C:\WINNT\system32\drivers\netdtect.sys (Microsoft Corporation)
DRV - (S3GSavageMX) -- C:\WINNT\system32\drivers\s3gsavm.sys (S3 Graphics, Inc.)
DRV - (S3SavageMX) -- C:\WINNT\system32\drivers\s3savmxm.sys (S3 Incorporated)
DRV - (RCA) -- C:\WINNT\system32\drivers\rca.sys (Microsoft Corporation)
DRV - (ds1) Yamaha DS1 Audio Driver (WDM) -- C:\WINNT\system32\drivers\ds1wdm.sys (Microsoft Corporation)
DRV - (ltmodem5) -- C:\WINNT\system32\drivers\ltmdmntt.sys (LT)
DRV - (OBOE) -- C:\WINNT\system32\drivers\Tos4mo.sys (TOSHIBA Corporation)
DRV - (CBEN5) -- C:\WINNT\system32\drivers\cben5.sys (Xircom, Inc.)
DRV - (WinDriver) -- C:\WINNT\System32\Drivers\windrvr.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-776561741-789336058-854245398-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT1142338
IE - HKU\S-1-5-21-776561741-789336058-854245398-1000\..\URLSearchHook: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-776561741-789336058-854245398-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-776561741-789336058-854245398-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.1:8080

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic_English Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Softonic_English Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.condui...earchSource=13"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.41
FF - prefs.js..extensions.enabledItems: {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}:0.8.17
FF - prefs.js..extensions.enabledItems: {930f1200-f5f1-4870-bac6-e233ec8e7023}:2.0.0.59
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - prefs.js..network.proxy.ftp: "212.59.0.1"
FF - prefs.js..network.proxy.ftp_port: 139
FF - prefs.js..network.proxy.gopher: "212.59.0.1"
FF - prefs.js..network.proxy.gopher_port: 139
FF - prefs.js..network.proxy.http: "212.59.0.1"
FF - prefs.js..network.proxy.http_port: 139
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 192.168.1.1"
FF - prefs.js..network.proxy.socks: "212.59.0.1"
FF - prefs.js..network.proxy.socks_port: 139
FF - prefs.js..network.proxy.ssl: "212.59.0.1"
FF - prefs.js..network.proxy.ssl_port: 139

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.30 05:31:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.16 08:09:00 | 000,000,000 | ---D | M]

[2009.05.07 17:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\Mozilla\Extensions
[2010.12.16 07:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\Mozilla\Firefox\Profiles\3ot3d2ec.default\extensions
[2009.05.26 18:45:22 | 000,000,000 | ---D | M] (ShowIP) -- C:\Documents and Settings\Mano\Application Data\Mozilla\Firefox\Profiles\3ot3d2ec.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}
[2009.05.11 17:43:44 | 000,000,000 | ---D | M] (Softonic English Toolbar) -- C:\Documents and Settings\Mano\Application Data\Mozilla\Firefox\Profiles\3ot3d2ec.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}
[2009.05.25 17:29:21 | 000,000,000 | ---D | M] (Torbutton) -- C:\Documents and Settings\Mano\Application Data\Mozilla\Firefox\Profiles\3ot3d2ec.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009.06.06 14:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\Mozilla\Firefox\Profiles\3ot3d2ec.default\extensions\[email protected]
[2009.03.25 10:52:56 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Mano\Application Data\Mozilla\Firefox\Profiles\3ot3d2ec.default\searchplugins\conduit.xml
[2010.12.15 21:53:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.09.04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2008.03.28 21:18:52 | 000,001,184 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-lt.xml

Hosts file not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (cashtitan browser enhancer) - {64EE0AFE-61A3-627A-15E4-D356CAE7D7B0} - C:\WINNT\system32\yfxsnobveltv.dll ()
O2 - BHO: (Softonic English Toolbar) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (no name) - {EF8820EB-F11E-4DD6-BC6C-D99084691C18} - C:\WINNT\system32\ljJDTKAR.dll ()
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (Softonic English Toolbar) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-776561741-789336058-854245398-1000\..\Toolbar\WebBrowser: (Softonic English Toolbar) - {930F1200-F5F1-4870-BAC6-E233EC8E7023} - C:\Program Files\Softonic_English\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [fagbboebwdwnwlg] C:\WINNT\System32\yfxsnobveltv.dll ()
O4 - HKLM..\Run: [Gene USB Monitor] C:\WINNT\system32\UMonit2K.exe (General)
O4 - HKLM..\Run: [S3Hotkey] C:\WINNT\System32\s3hotkey.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [S3TRAY] C:\WINNT\System32\S3TRAY.exe (S3 Incorporated.)
O4 - HKU\S-1-5-21-776561741-789336058-854245398-1000..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-776561741-789336058-854245398-1000..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe (Robin Hood Software Ltd.)
O4 - HKU\S-1-5-21-776561741-789336058-854245398-1000..\Run: [internat.exe] C:\WINNT\System32\internat.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Configuration Utility HW.15.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Adapter HW.15 V.1.00\WlanCU.exe ()
O4 - Startup: C:\Documents and Settings\Mano\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Palm\hotsync.exe (Palm Computing, Inc., a 3Com Company)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-776561741-789336058-854245398-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-776561741-789336058-854245398-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINNT\system32\rnr20.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINNT\system32\msafd.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.100.200.11 86.100.200.15
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx ()
O18 - Protocol\Filter\application/octet-stream - No CLSID value found
O18 - Protocol\Filter\application/x-complus - No CLSID value found
O18 - Protocol\Filter\application/x-msdownload - No CLSID value found
O18 - Protocol\Filter\Class Install Handler - No CLSID value found
O18 - Protocol\Filter\deflate - No CLSID value found
O18 - Protocol\Filter\gzip - No CLSID value found
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O18 - Protocol\Filter\text/webviewhtml - No CLSID value found
O18 - Protocol\Filter\text/xml - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ljJDTKAR: DllName - ljJDTKAR.dll - C:\WINNT\System32\ljJDTKAR.dll ()
O20 - Winlogon\Notify\wzcnotif: DllName - wzcdlg.dll - C:\WINNT\System32\wzcdlg.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {EF8820EB-F11E-4DD6-BC6C-D99084691C18} - C:\WINNT\system32\ljJDTKAR.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.05 12:04:15 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Nwsapagent - File not found

Drivers32: aux - C:\WINNT\System32\mmdrv.dll (Microsoft Corporation)
Drivers32: aux1 - File not found
Drivers32: aux2 - File not found
Drivers32: aux3 - File not found
Drivers32: aux4 - File not found
Drivers32: aux5 - File not found
Drivers32: aux6 - File not found
Drivers32: aux7 - File not found
Drivers32: aux8 - File not found
Drivers32: aux9 - File not found
Drivers32: midi2 - File not found
Drivers32: midi3 - File not found
Drivers32: midi4 - File not found
Drivers32: midi5 - File not found
Drivers32: midi6 - File not found
Drivers32: midi7 - File not found
Drivers32: midi8 - File not found
Drivers32: midi9 - File not found
Drivers32: mixer2 - File not found
Drivers32: mixer3 - File not found
Drivers32: mixer4 - File not found
Drivers32: mixer5 - File not found
Drivers32: mixer6 - File not found
Drivers32: mixer7 - File not found
Drivers32: mixer8 - File not found
Drivers32: mixer9 - File not found
Drivers32: msacm.ac3acm - C:\WINNT\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINNT\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINNT\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINNT\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\WINNT\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.trspch - C:\WINNT\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINNT\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINNT\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINNT\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\WINNT\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINNT\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINNT\System32\ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINNT\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VP70 - C:\WINNT\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINNT\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINNT\System32\DivX.dll (DivX, Inc.)
Drivers32: wave2 - File not found
Drivers32: wave3 - File not found
Drivers32: wave4 - File not found
Drivers32: wave5 - File not found
Drivers32: wave6 - File not found
Drivers32: wave7 - File not found
Drivers32: wave8 - File not found
Drivers32: wave9 - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: dmadmin - C:\WINNT\System32\dmadmin.exe (VERITAS Software Corp.)
SafeBootMin: dmboot.sys - C:\WINNT\system32\drivers\dmboot.sys (VERITAS Software Corp.)
SafeBootMin: dmio.sys - C:\WINNT\System32\drivers\dmio.sys (VERITAS Software Corp.)
SafeBootMin: dmload.sys - C:\WINNT\system32\drivers\dmload.sys (VERITAS Software Corp.)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: sglfb.sys - File not found
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: tga.sys - File not found
SafeBootMin: vga.sys - Driver
SafeBootMin: WinMgmt - C:\WINNT\system32\wbem\winmgmt.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: dmadmin - C:\WINNT\System32\dmadmin.exe (VERITAS Software Corp.)
SafeBootNet: dmboot.sys - C:\WINNT\system32\drivers\dmboot.sys (VERITAS Software Corp.)
SafeBootNet: dmio.sys - C:\WINNT\System32\drivers\dmio.sys (VERITAS Software Corp.)
SafeBootNet: dmload.sys - C:\WINNT\system32\drivers\dmload.sys (VERITAS Software Corp.)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NBF - Service
SafeBootNet: nbf.sys - Driver
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - C:\WINNT\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - C:\WINNT\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: sglfb.sys - File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: tga.sys - File not found
SafeBootNet: vga.sys - Driver
SafeBootNet: WinMgmt - C:\WINNT\system32\wbem\winmgmt.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} -
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {18560829-3EE5-C7D5-7FB3-76C322776D27} - DirectAnimation
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Проигрыватель Windows Media (Microsoft) 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6A5110B5-E14B-4268-A065-EF89FF33C325} - regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserStub
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINNT\system32\Rundll32.exe C:\WINNT\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} - %SystemRoot%\system32\updcrl.exe -e -u %SystemRoot%\system32\verisignpub1.crl
ActiveX: {A00BF2EB-56EE-4fde-B5EA-6A8FA425B2A5} - W2KAppComp
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINNT\system32\setup\wmpocm.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - "C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - "C:\WINNT\system32\shmgrate.exe" OCInstallUserConfigOE

========== Files/Folders - Created Within 30 Days ==========

[2010.12.15 21:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.12.15 21:18:13 | 015,032,912 | ---- | C] (DivX, Inc.) -- C:\Documents and Settings\Mano\Desktop\DivXPro521XP2K.exe
[2010.12.12 23:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mano\Desktop\foto
[2010.12.09 18:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mano\Desktop\okopka
[2010.12.07 16:56:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.12.07 16:23:23 | 000,512,000 | ---- | C] (ESET) -- C:\Documents and Settings\Mano\Desktop\ESETUninstaller.exe
[2010.12.06 12:14:41 | 000,000,000 | ---D | C] -- C:\WINNT\System32\appmgmt
[2010.11.30 20:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\PIC18 Disassembler
[2010.11.18 21:27:04 | 000,000,000 | ---D | C] -- C:\Program Files\Socket Communications, Inc
[2010.11.16 20:44:09 | 000,233,472 | ---- | C] (CACE Technologies) -- C:\WINNT\System32\wpcap.dll
[2010.11.16 20:44:09 | 000,081,920 | ---- | C] (CACE Technologies) -- C:\WINNT\System32\Packet.dll
[2010.11.16 20:44:09 | 000,061,440 | ---- | C] (CACE Technologies) -- C:\WINNT\System32\WanPacket.dll
[2010.11.16 20:44:09 | 000,057,344 | ---- | C] (Acrotech Solutions) -- C:\WINNT\System32\XButton.ocx
[2010.11.16 20:44:08 | 000,032,512 | ---- | C] (CACE Technologies) -- C:\WINNT\System32\drivers\npf.sys
[1 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.12.16 08:09:51 | 000,001,327 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Movies.lnk
[2010.12.16 08:08:36 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2010.12.16 08:00:41 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
[2010.12.16 07:28:46 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_1d4.dat
[2010.12.15 23:07:48 | 000,001,528 | ---- | M] () -- C:\WINNT\System32\d3d9caps.dat
[2010.12.15 21:52:05 | 015,032,912 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\Mano\Desktop\DivXPro521XP2K.exe
[2010.12.15 20:29:45 | 000,002,206 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010.12.15 20:10:28 | 000,744,468 | -H-- | M] () -- C:\WINNT\ShellIconCache
[2010.12.14 21:35:39 | 000,198,264 | ---- | M] () -- C:\Documents and Settings\Mano\My Documents\PPsH41_blueprints.pdf
[2010.12.12 16:32:30 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2010.12.11 21:29:19 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_304.dat
[2010.12.11 21:24:52 | 000,016,384 | ---- | M] () -- C:\WINNT\System32\Perflib_Perfdata_260.dat
[2010.12.10 07:46:47 | 000,410,839 | ---- | M] () -- C:\Documents and Settings\Mano\Desktop\poc32206.zip
[2010.12.07 16:48:58 | 000,037,888 | ---- | M] () -- C:\WINNT\System32\xxywWqpO.dll
[2010.12.07 16:48:58 | 000,037,888 | ---- | M] () -- C:\WINNT\System32\tuvVMffC.dll
[2010.12.07 16:23:27 | 000,512,000 | ---- | M] (ESET) -- C:\Documents and Settings\Mano\Desktop\ESETUninstaller.exe
[2010.12.07 15:43:10 | 000,037,888 | ---- | M] () -- C:\WINNT\System32\ljJDTKAR.dll
[2010.12.07 15:43:10 | 000,037,888 | ---- | M] () -- C:\WINNT\System32\cbXPfFUL.dll
[2010.12.07 13:19:38 | 000,061,221 | ---- | M] () -- C:\WINNT\System32\ahtwwdhoyujmpt.exe
[2010.12.07 11:38:52 | 000,399,055 | ---- | M] () -- C:\Documents and Settings\Mano\Desktop\105.JPG
[2010.11.30 21:01:02 | 000,000,215 | ---- | M] () -- C:\WINNT\PIC18XXXDIS.INI
[2010.11.22 12:27:28 | 000,394,752 | ---- | M] () -- C:\WINNT\System32\yfxsnobveltv.dll
[2010.11.19 20:50:33 | 000,005,559 | ---- | M] () -- C:\Documents and Settings\Mano\Application Data\bascom-avr.xml
[2010.11.18 21:09:58 | 000,000,070 | ---- | M] () -- C:\WINNT\LOGINPUT.INI
[2010.11.16 21:21:53 | 000,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Easy WiFi Radar.lnk
[1 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.12.16 08:08:36 | 000,001,327 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Movies.lnk
[2010.12.16 08:08:36 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Player.lnk
[2010.12.16 08:00:41 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Converter.lnk
[2010.12.16 07:28:46 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_1d4.dat
[2010.12.14 21:35:39 | 000,198,264 | ---- | C] () -- C:\Documents and Settings\Mano\My Documents\PPsH41_blueprints.pdf
[2010.12.12 16:32:30 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_284.dat
[2010.12.11 21:29:19 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_304.dat
[2010.12.11 21:24:52 | 000,016,384 | ---- | C] () -- C:\WINNT\System32\Perflib_Perfdata_260.dat
[2010.12.10 07:46:42 | 000,410,839 | ---- | C] () -- C:\Documents and Settings\Mano\Desktop\poc32206.zip
[2010.12.07 17:24:03 | 000,744,468 | -H-- | C] () -- C:\WINNT\ShellIconCache
[2010.12.07 16:48:59 | 000,037,888 | ---- | C] () -- C:\WINNT\System32\xxywWqpO.dll
[2010.12.07 16:48:58 | 000,037,888 | ---- | C] () -- C:\WINNT\System32\tuvVMffC.dll
[2010.12.07 15:43:11 | 000,037,888 | ---- | C] () -- C:\WINNT\System32\cbXPfFUL.dll
[2010.12.07 15:43:10 | 000,037,888 | ---- | C] () -- C:\WINNT\System32\ljJDTKAR.dll
[2010.12.07 13:19:38 | 000,061,221 | ---- | C] () -- C:\WINNT\System32\ahtwwdhoyujmpt.exe
[2010.12.07 11:38:47 | 000,399,055 | ---- | C] () -- C:\Documents and Settings\Mano\Desktop\105.JPG
[2010.11.30 20:47:12 | 000,000,215 | ---- | C] () -- C:\WINNT\PIC18XXXDIS.INI
[2010.11.22 12:27:28 | 000,394,752 | ---- | C] () -- C:\WINNT\System32\yfxsnobveltv.dll
[2010.11.16 20:44:11 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Easy WiFi Radar.lnk
[2010.11.16 20:44:09 | 000,389,120 | ---- | C] () -- C:\WINNT\System32\actskn43.ocx
[2010.11.08 21:24:51 | 000,000,092 | ---- | C] () -- C:\WINNT\System32\ftdiun2k.ini
[2010.08.18 06:06:59 | 000,000,043 | ---- | C] () -- C:\WINNT\KeeloqPlugin.ini
[2010.07.15 19:03:44 | 000,000,038 | ---- | C] () -- C:\WINNT\avisplitter.ini
[2010.07.15 19:02:46 | 000,881,664 | ---- | C] () -- C:\WINNT\System32\xvidcore.dll
[2010.07.15 19:02:45 | 000,205,824 | ---- | C] () -- C:\WINNT\System32\xvidvfw.dll
[2010.07.15 19:02:39 | 000,108,032 | ---- | C] () -- C:\WINNT\System32\ff_vfw.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\WINNT\System32\pthreadVC.dll
[2010.06.07 05:50:36 | 000,081,920 | ---- | C] () -- C:\WINNT\System32\MPMapTrace.dll
[2010.06.07 05:14:26 | 000,364,544 | ---- | C] () -- C:\WINNT\System32\mpPathan.dll
[2010.05.30 06:13:45 | 000,021,840 | ---- | C] () -- C:\WINNT\System32\SIntfNT.dll
[2010.05.30 06:13:44 | 000,017,212 | ---- | C] () -- C:\WINNT\System32\SIntf32.dll
[2010.05.30 06:13:44 | 000,012,067 | ---- | C] () -- C:\WINNT\System32\SIntf16.dll
[2010.05.30 05:31:27 | 000,165,376 | ---- | C] () -- C:\WINNT\System32\unrar.dll
[2010.05.23 07:09:37 | 000,682,232 | ---- | C] () -- C:\WINNT\System32\drivers\sptd.sys
[2010.04.05 07:41:17 | 000,290,904 | ---- | C] () -- C:\WINNT\System32\vc6-re200l.dll
[2010.03.14 09:51:00 | 000,000,224 | ---- | C] () -- C:\WINNT\PTTYXDRV.INI
[2010.03.14 09:50:19 | 000,000,224 | ---- | C] () -- C:\WINNT\PTTXYDRV.INI
[2010.03.14 08:50:15 | 000,002,009 | ---- | C] () -- C:\WINNT\Palm OS Emulator.ini
[2010.01.01 00:00:00 | 000,017,920 | ---- | C] () -- C:\WINNT\System32\edittextboxpro.dll
[2009.11.16 21:48:14 | 000,062,464 | ---- | C] () -- C:\WINNT\System32\Agwdll32.dll
[2009.11.16 20:51:48 | 000,000,703 | ---- | C] () -- C:\WINNT\System32\Iconcfg.ini
[2009.10.18 17:08:07 | 000,000,812 | ---- | C] () -- C:\WINNT\LCARD_AD.INI
[2009.10.18 17:08:06 | 000,192,512 | ---- | C] () -- C:\WINNT\System32\lcard_32.dll
[2009.10.10 08:33:03 | 000,000,213 | ---- | C] () -- C:\WINNT\PCWGXDRV.INI
[2009.10.09 15:52:57 | 000,003,824 | ---- | C] () -- C:\WINNT\System32\drivers\DXSOFTIO.SYS
[2009.10.09 15:52:56 | 000,000,070 | ---- | C] () -- C:\WINNT\LOGINPUT.INI
[2009.09.11 20:26:42 | 000,002,912 | ---- | C] () -- C:\WINNT\cvavr.ini
[2009.09.10 17:36:52 | 000,005,559 | ---- | C] () -- C:\Documents and Settings\Mano\Application Data\bascom-avr.xml
[2009.08.29 05:36:10 | 000,000,067 | ---- | C] () -- C:\WINNT\DUKESSEP.INI
[2009.06.06 13:54:08 | 000,004,100 | ---- | C] () -- C:\WINNT\System32\hdvirffo.dll
[2009.06.05 05:01:57 | 007,349,744 | ---- | C] () -- C:\Program Files\FLV PlayerATBSetup.exe
[2009.05.05 13:55:30 | 000,000,041 | ---- | C] () -- C:\WINNT\winampa.ini
[2009.05.05 13:43:48 | 000,004,073 | ---- | C] () -- C:\WINNT\ODBCINST.INI
[2009.05.05 13:42:21 | 000,354,816 | ---- | C] () -- C:\WINNT\System32\psisdecd.dll
[2009.05.05 13:36:34 | 000,000,626 | ---- | C] () -- C:\WINNT\ODBC.INI
[2009.05.05 13:25:20 | 000,000,474 | ---- | C] () -- C:\WINNT\System32\OEMINFO.INI
[2009.05.05 12:02:29 | 000,021,952 | -H-- | C] () -- C:\Program Files\folder.htt
[2008.06.10 18:56:10 | 000,034,312 | ---- | C] () -- C:\WINNT\System32\drivers\epfwtdir.sys
[2006.12.13 15:03:14 | 000,074,240 | ---- | C] () -- C:\WINNT\System32\zlibwapi.dll
[2006.06.01 23:10:25 | 003,596,288 | ---- | C] () -- C:\WINNT\System32\qt-dx331.dll
[2006.06.01 23:06:32 | 000,012,288 | ---- | C] () -- C:\WINNT\System32\DivXWMPExtType.dll
[2002.09.15 00:00:00 | 000,007,265 | ---- | C] () -- C:\WINNT\System32\iasperf.ini
[2002.09.15 00:00:00 | 000,001,505 | ---- | C] () -- C:\WINNT\System32\faxperf.ini
[1999.12.07 08:00:00 | 000,176,400 | ---- | C] () -- C:\WINNT\System32\qcut.dll
[1999.12.07 08:00:00 | 000,033,552 | ---- | C] () -- C:\WINNT\System32\efsadu.dll
[1999.12.07 08:00:00 | 000,000,023 | ---- | C] () -- C:\WINNT\welcome.ini
[1999.09.25 11:36:24 | 000,088,816 | ---- | C] () -- C:\WINNT\System32\drivers\lvcam.sys
[1999.09.25 11:36:22 | 000,017,424 | ---- | C] () -- C:\WINNT\System32\drivers\lvsound.sys

========== LOP Check ==========

[2010.04.05 08:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atmel
[2009.12.25 22:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodata Limited
[2009.10.10 08:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CwGet
[2009.10.09 15:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CwType
[2010.12.07 16:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.10.24 07:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2010.03.14 09:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SeaTTY
[2010.07.21 21:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010.03.14 09:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrueTTY
[2010.03.14 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Web Page Maker
[2010.12.16 00:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\BitTorrent
[2010.12.16 08:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\DNA
[2010.07.28 16:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\Eltima Software
[2009.05.10 10:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\ESET
[2010.10.24 07:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\LangSoft
[2010.03.14 12:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\Web Page Maker
[2010.09.23 17:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\WildPackets
[2009.08.13 04:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mano\Application Data\Wireshark
[2009.05.21 16:37:17 | 000,000,436 | ---- | M] () -- C:\WINNT\Tasks\RegCure Program Check.job
[2009.05.17 03:48:14 | 000,000,370 | ---- | M] () -- C:\WINNT\Tasks\RegCure.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010.11.01 07:03:07 | 000,000,079 | ---- | M] ()(C:\Documents and Settings\Mano\Application Data\Microsoft\Internet Explorer\Quick Launch\???????? ??? ????.scf) -- C:\Documents and Settings\Mano\Application Data\Microsoft\Internet Explorer\Quick Launch\Свернуть все окна.scf
[2010.11.01 07:03:07 | 000,000,079 | ---- | C] ()(C:\Documents and Settings\Mano\Application Data\Microsoft\Internet Explorer\Quick Launch\???????? ??? ????.scf) -- C:\Documents and Settings\Mano\Application Data\Microsoft\Internet Explorer\Quick Launch\Свернуть все окна.scf
[2009.07.06 07:56:07 | 000,105,637 | ---- | M] ()(C:\Documents and Settings\Mano\My Documents\???????.JPG) -- C:\Documents and Settings\Mano\My Documents\склейка.JPG
[2009.07.06 07:56:02 | 000,105,637 | ---- | C] ()(C:\Documents and Settings\Mano\My Documents\???????.JPG) -- C:\Documents and Settings\Mano\My Documents\склейка.JPG

========== Alternate Data Streams ==========

@Alternate Data Stream - 12 bytes -> C:\WINNT\system32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
@Alternate Data Stream - 12 bytes -> C:\WINNT\system32:{4B9A1497-0817-47C4-9612-D5A1C53ACF57}
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:44807EFA

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP