Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Am I clean?


  • Please log in to reply

#1
AlexIT

AlexIT

    Member

  • Member
  • PipPip
  • 76 posts
Help me, thank you.


OTL logfile created on: 25.05.2011 21:29:57 - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = D:\Documents and Settings\AlexIT\Мои документы\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

1022,42 Mb Total Physical Memory | 342,16 Mb Available Physical Memory | 33,47% Memory free
2,40 Gb Paging File | 1,79 Gb Available in Paging File | 74,68% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 8,59 Gb Total Space | 4,62 Gb Free Space | 53,81% Space Free | Partition Type: NTFS
Drive D: | 216,48 Gb Total Space | 74,27 Gb Free Space | 34,31% Space Free | Partition Type: NTFS
Drive E: | 7,79 Gb Total Space | 0,17 Gb Free Space | 2,23% Space Free | Partition Type: FAT32
Drive F: | 687,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 931,28 Gb Total Space | 288,86 Gb Free Space | 31,02% Space Free | Partition Type: FAT32

Computer Name: ALEX | User Name: AlexIT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.05.25 21:29:37 | 000,580,096 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\AlexIT\Мои документы\Downloads\OTL.exe
PRC - [2011.05.10 17:14:18 | 006,789,504 | ---- | M] (QIP) -- D:\Program Files\QIP 2010\qip.exe
PRC - [2011.05.07 13:57:16 | 001,010,232 | ---- | M] (Google Inc.) -- D:\Documents and Settings\AlexIT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011.02.23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- D:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.02.23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.12.10 14:29:00 | 000,092,008 | ---- | M] (TomTom) -- D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.09.01 08:39:18 | 001,164,584 | ---- | M] () -- D:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.10.19 13:47:30 | 000,210,400 | ---- | M] () -- D:\Program Files\WebMoney Agent\wmagent.exe
PRC - [2009.02.09 13:25:55 | 000,111,104 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\services.exe
PRC - [2008.12.04 17:06:46 | 000,083,479 | ---- | M] () -- D:\Program Files\DigiNotifier\DigiNotifier.exe
PRC - [2008.11.21 20:57:55 | 000,552,960 | ---- | M] (Behringer Spezielle Studiotechnik GmbH) -- D:\WINDOWS\system32\bcd3kcpan.exe
PRC - [2008.04.14 18:11:13 | 000,509,440 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2008.04.14 18:11:13 | 000,126,464 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008.04.14 18:11:09 | 000,050,688 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\smss.exe
PRC - [2008.04.14 18:11:07 | 000,033,280 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\rundll32.exe
PRC - [2008.04.14 18:10:56 | 001,034,240 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\explorer.exe
PRC - [2007.06.01 11:21:30 | 001,209,904 | ---- | M] (Nero AG) -- D:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.01 11:21:08 | 000,153,136 | ---- | M] (Nero AG) -- D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007.06.01 11:06:06 | 001,629,744 | ---- | M] (Nero AG) -- D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007.06.01 11:05:56 | 001,551,408 | ---- | M] (Nero AG) -- D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007.06.01 11:05:46 | 001,057,328 | ---- | M] (Nero AG) -- D:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2007.03.29 16:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- D:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
PRC - [2005.07.15 23:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- D:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2005.01.14 10:32:38 | 000,053,248 | ---- | M] () -- D:\WINDOWS\system32\PAStiSvc.exe


========== Modules (SafeList) ==========

MOD - [2011.05.25 21:29:37 | 000,580,096 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\AlexIT\Мои документы\Downloads\OTL.exe
MOD - [2011.04.12 20:24:01 | 000,059,904 | ---- | M] (AudioVkontakte.ru) -- D:\Documents and Settings\All Users\Application Data\VKSaver\vksaver3.dll
MOD - [2011.02.23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- D:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2011.01.21 16:44:10 | 008,479,744 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\shell32.dll
MOD - [2010.12.09 17:15:19 | 000,722,432 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2010.08.23 18:12:35 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.07.16 14:00:53 | 001,287,680 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\ole32.dll
MOD - [2009.12.08 11:25:26 | 000,474,112 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2009.03.21 16:09:06 | 000,995,840 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2009.02.09 12:54:17 | 000,687,616 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2008.04.14 22:40:46 | 000,991,744 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2008.04.14 18:11:16 | 000,146,944 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\winspool.drv
MOD - [2008.04.14 18:10:46 | 000,579,072 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\user32.dll
MOD - [2008.04.14 18:10:46 | 000,219,648 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2008.04.14 18:10:45 | 000,067,584 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\srclient.dll
MOD - [2008.04.14 18:10:39 | 000,586,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mlang.dll
MOD - [2008.04.14 18:10:39 | 000,297,984 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\msctf.dll
MOD - [2008.04.14 18:10:35 | 000,797,696 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\comres.dll
MOD - [2008.04.14 18:10:34 | 000,279,040 | ---- | M] (Корпорация Майкрософт) -- D:\WINDOWS\system32\comdlg32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.02.23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.12.10 14:29:00 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.07.28 01:19:10 | 000,135,680 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009.07.28 01:19:10 | 000,135,680 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009.07.28 01:19:10 | 000,135,680 | ---- | M] (Корпорация Майкрософт) [On_Demand | Running] -- D:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009.04.20 19:19:45 | 000,045,568 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009.02.09 13:25:55 | 000,111,104 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009.02.09 13:25:55 | 000,111,104 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009.02.09 12:54:17 | 000,687,616 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\advapi32.dll -- (Wmi) Расширения драйверов WMI (Windows Management Instrumentation)
SRV - [2008.06.20 18:04:16 | 000,247,296 | ---- | M] (Корпорация Майкрософт) [On_Demand | Running] -- D:\WINDOWS\system32\mswsock.dll -- (Nla) Служба сетевого расположения (NLA)
SRV - [2008.04.14 18:11:13 | 000,126,464 | ---- | M] (Корпорация Майкрософт) [On_Demand | Running] -- D:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008.04.14 18:11:12 | 000,290,304 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008.04.14 18:11:11 | 000,073,216 | ---- | M] (Корпорация Майкрософт) [Disabled | Stopped] -- D:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008.04.14 18:11:09 | 000,091,648 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008.04.14 18:11:08 | 000,141,824 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008.04.14 18:11:07 | 000,096,768 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008.04.14 18:11:04 | 000,113,664 | ---- | M] (Корпорация Майкрософт) [Disabled | Stopped] -- D:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008.04.14 18:11:04 | 000,113,664 | ---- | M] (Корпорация Майкрософт) [Disabled | Stopped] -- D:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008.04.14 18:11:00 | 000,032,768 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008.04.14 18:10:58 | 000,150,528 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008.04.14 18:10:48 | 000,483,840 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008.04.14 18:10:46 | 000,333,824 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\wiaservc.dll -- (stisvc) Служба загрузки изображений (WIA)
SRV - [2008.04.14 18:10:46 | 000,186,368 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008.04.14 18:10:46 | 000,175,616 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008.04.14 18:10:46 | 000,145,408 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008.04.14 18:10:45 | 000,295,936 | ---- | M] (Корпорация Майкрософт) [On_Demand | Running] -- D:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008.04.14 18:10:45 | 000,249,856 | ---- | M] (Корпорация Майкрософт) [On_Demand | Running] -- D:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008.04.14 18:10:45 | 000,171,008 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008.04.14 18:10:44 | 000,193,024 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008.04.14 18:10:44 | 000,018,944 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008.04.14 18:10:43 | 000,409,088 | ---- | M] (Корпорация Майкрософт) [On_Demand | Running] -- D:\WINDOWS\system32\qmgr.dll -- (BITS) Фоновая интеллектуальная служба передачи (BITS)
SRV - [2008.04.14 18:10:42 | 000,436,736 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008.04.14 18:10:41 | 000,198,144 | ---- | M] (Корпорация Майкрософт) [On_Demand | Running] -- D:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008.04.14 18:10:38 | 000,331,264 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Брандмауэр Windows/Общий доступ к Интернету (ICS)
SRV - [2008.04.14 18:10:38 | 000,028,160 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2008.04.14 18:10:35 | 000,126,464 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008.04.14 18:10:35 | 000,024,064 | ---- | M] (Корпорация Майкрософт) [Auto | Running] -- D:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008.04.14 18:10:33 | 000,171,008 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- D:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2007.11.06 22:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- D:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007.06.01 11:05:56 | 001,551,408 | ---- | M] (Nero AG) [Auto | Running] -- D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2005.01.14 10:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- D:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)


========== Driver Services (SafeList) ==========

DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- D:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- D:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- D:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.08.07 08:42:36 | 001,053,056 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\CAMTHWDM.sys -- (CAMTHWDM)
DRV - [2008.11.21 20:57:55 | 000,042,496 | ---- | M] (Behringer Spezielle Studiotechnik GmbH) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BCD3000.SYS -- (BCD3000)
DRV - [2008.11.21 20:57:55 | 000,021,600 | ---- | M] (Behringer Spezielle Studiotechnik GmbH) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BCD3000WDM.SYS -- (BCD3000WDM)
DRV - [2008.11.03 14:39:42 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.10.13 19:26:10 | 004,879,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.14 17:52:45 | 000,073,472 | ---- | M] (Корпорация Майкрософт) [File_System | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2008.04.14 17:52:30 | 000,120,192 | ---- | M] (Корпорация Майкрософт) [Kernel | Disabled | Stopped] -- D:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008.04.14 17:52:28 | 000,068,480 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI)
DRV - [2008.04.14 17:52:21 | 000,080,128 | ---- | M] (Корпорация Майкрософт) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2008.04.14 17:47:56 | 000,014,720 | ---- | M] (Корпорация Майкрософт) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008.04.14 17:47:55 | 000,024,832 | ---- | M] (Корпорация Майкрософт) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008.04.14 17:47:15 | 000,037,504 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008.04.14 17:44:08 | 000,053,120 | ---- | M] (Корпорация Майкрософт) [Kernel | System | Stopped] -- D:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008.04.14 17:44:00 | 000,065,024 | ---- | M] (Корпорация Майкрософт) [Kernel | Auto | Stopped] -- D:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008.04.14 17:41:47 | 000,058,368 | ---- | M] (Корпорация Майкрософт) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008.04.14 17:41:12 | 000,044,544 | ---- | M] (Корпорация Майкрософт) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008.04.14 17:40:08 | 000,051,968 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008.04.14 17:37:43 | 000,023,296 | ---- | M] (Корпорация Майкрософт) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008.04.14 17:37:37 | 000,188,288 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2008.04.14 17:37:37 | 000,030,208 | ---- | M] (Корпорация Майкрософт) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007.11.06 22:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007.11.05 12:56:58 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.06.01 11:05:56 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007.06.01 11:05:56 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007.06.01 11:05:46 | 000,118,704 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- D:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.02.24 13:29:14 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\PFC027.sys -- (PAC207)
DRV - [2003.09.06 15:37:22 | 000,062,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003.09.06 14:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:25:52 | 000,051,744 | ---- | M] (Protection Technology) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2001.10.20 15:00:00 | 000,125,440 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001.10.20 15:00:00 | 000,012,160 | ---- | M] (Корпорация Майкрософт) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001.10.20 15:00:00 | 000,011,776 | ---- | M] (Корпорация Майкрософт) [Kernel | Disabled | Stopped] -- D:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001.10.20 15:00:00 | 000,006,912 | ---- | M] (Корпорация Майкрософт) [Kernel | Auto | Stopped] -- D:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001.10.20 15:00:00 | 000,003,328 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\pciide.sys -- (PCIIde)
DRV - [2001.10.19 21:21:10 | 000,023,936 | ---- | M] (Корпорация Майкрософт) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Dot4usb.sys -- (dot4usb)
DRV - [2001.08.17 21:49:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ru/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.startup.homepage: "http://www.google.ru/"
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.http: "207.62.217.252"
FF - prefs.js..network.proxy.http_port: 3128

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.01.28 21:52:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.04.21 20:27:52 | 000,000,000 | ---D | M]

[2010.02.16 12:35:59 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\AlexIT\Application Data\Mozilla\Extensions
[2010.02.16 12:35:59 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\AlexIT\Application Data\Mozilla\Extensions\[email protected]
[2011.01.11 22:26:54 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\AlexIT\Application Data\Mozilla\Firefox\Profiles\fpf36mpe.default\extensions
[2010.06.08 14:30:44 | 000,000,000 | ---D | M] (Screengrab) -- D:\Documents and Settings\AlexIT\Application Data\Mozilla\Firefox\Profiles\fpf36mpe.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010.06.08 14:30:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\AlexIT\Application Data\Mozilla\Firefox\Profiles\fpf36mpe.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.26 23:24:44 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- D:\Documents and Settings\AlexIT\Application Data\Mozilla\Firefox\Profiles\fpf36mpe.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.06.08 14:30:40 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\AlexIT\Application Data\Mozilla\Firefox\Profiles\fpf36mpe.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2009.05.15 20:25:06 | 000,000,655 | ---- | M] () -- D:\Documents and Settings\AlexIT\Application Data\Mozilla\Firefox\Profiles\fpf36mpe.default\searchplugins\yahoo-search.xml
[2011.02.21 23:40:00 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2010.04.28 15:26:29 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.21 22:24:16 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.24 22:43:17 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.11 21:17:43 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.21 23:40:00 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.08.21 22:38:21 | 000,001,122 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\priceru.xml
[2009.08.21 22:38:21 | 000,002,395 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\rambler.xml
[2009.08.21 22:38:21 | 000,001,945 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\torgmailru.xml
[2009.08.21 22:38:21 | 000,001,304 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-ru.xml
[2009.08.21 22:38:21 | 000,004,072 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\yandex-slovari.xml
[2009.08.21 22:38:21 | 000,004,281 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\yandex.xml

O1 HOSTS File: ([2010.01.27 12:21:20 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Адрес) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O3 - HKCU\..\Toolbar\WebBrowser: (&Адрес) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O3 - HKCU\..\Toolbar\WebBrowser: (&Ссылки) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - D:\WINDOWS\system32\shell32.dll (Корпорация Майкрософт)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] D:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [avast5] D:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCD3000] D:\WINDOWS\system32\bcd3kcpan.exe (Behringer Spezielle Studiotechnik GmbH)
O4 - HKLM..\Run: [DigiNotifier] D:\Program Files\DigiNotifier\DigiNotifier.exe ()
O4 - HKLM..\Run: [DivXUpdate] D:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IMJPMIG8.1] D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [InCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] File not found
O4 - HKLM..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpenDNS Update] File not found
O4 - HKLM..\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SecurDisc] D:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [wmagent.exe] D:\Program Files\WebMoney Agent\wmagent.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ISUSPM] D:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [YandexOnline] File not found
O4 - HKLM..\RunOnce: [aswAhAScr.dll] D:\Program Files\Alwil Software\Avast5\aswRegSvr.exe ()
O4 - Startup: D:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\VKSaver.lnk = D:\Documents and Settings\All Users\Application Data\VKSaver\VKSaver.exe (AudioVkontakte.ru)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Закачать все при помощи FlashGet - D:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Закачать при помощи FlashGet - D:\Program Files\FlashGet\JC_LINK.HTM ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - D:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} https://w3s.webmoney.ru/WMAcceptor.dll (AcceptWM Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\WINDOWS\system32\msvidctl.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\WINDOWS\system32\msvidctl.dll (Корпорация Майкрософт)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - D:\WINDOWS\system32\shell32.dll (Корпорация Майкрософт)
O20 - AppInit_DLLs: (D:\DOCUME~1\ALLUSE~1\APPLIC~1\VKSaver\vksaver3.dll) - D:\Documents and Settings\All Users\Application Data\VKSaver\vksaver3.dll (AudioVkontakte.ru)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - D:\WINDOWS\System32\logonui.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - D:\WINDOWS\System32\shell32.dll (Корпорация Майкрософт)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - D:\WINDOWS\System32\sysdm.cpl (Корпорация Майкрософт)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - D:\WINDOWS\System32\crypt32.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - D:\WINDOWS\System32\cscdll.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - D:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - D:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - D:\WINDOWS\System32\sclgntfy.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - D:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - D:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - D:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - D:\WINDOWS\system32\shell32.dll (Корпорация Майкрософт)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - D:\WINDOWS\system32\shell32.dll (Корпорация Майкрософт)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - D:\WINDOWS\system32\stobject.dll (Корпорация Майкрософт)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Предзагрузчик Browseui - D:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Демон кэша категорий компонентов - D:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O24 - Desktop Components:0 (Моя текущая домашняя страница) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\AlexIT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\AlexIT\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - D:\WINDOWS\System32\shell32.dll (Корпорация Майкрософт)
O29 - HKLM SecurityProviders - (digest.dll) - D:\WINDOWS\System32\digest.dll (Корпорация Майкрософт)
O29 - HKLM SecurityProviders - (msnsspc.dll) - D:\WINDOWS\System32\msnsspc.dll (Корпорация Майкрософт)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.30 02:48:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.11.18 12:08:31 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.11.18 12:08:31 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2003.04.10 09:24:34 | 000,004,398 | ---- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2009.11.18 11:08:32 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2003.01.06 09:53:02 | 000,002,238 | R--- | M] () - F:\AUTORUN.ICO -- [ CDFS ]
O32 - AutoRun File - [2002.11.19 11:23:42 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2003.05.14 15:33:32 | 000,007,914 | R--- | M] () - F:\autorun.apm -- [ CDFS ]
O32 - AutoRun File - [2000.09.05 11:00:00 | 000,532,480 | R--- | M] (Indigo Rose Corporation) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.11.18 11:08:32 | 000,000,000 | R--D | M] - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{4ca45368-2b8d-11df-ae42-001617ce8dfe}\Shell - "" = AutoRun
O33 - MountPoints2\{4ca45368-2b8d-11df-ae42-001617ce8dfe}\Shell\AutoRun\command - "" = H:\PhotoViewer_V6.0.1.exe
O33 - MountPoints2\{5c97cafa-1ae6-11df-ae33-001617ce8dfe}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe
O33 - MountPoints2\{87d50c6d-4865-11df-ae62-001617ce8dfe}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.05.16 22:15:43 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Skype Extras
[2011.05.16 22:11:19 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Skype
[2011.05.16 22:11:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Главное меню\Программы\Skype
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.05.25 21:24:00 | 000,001,052 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-436374069-682003330-1003UA.job
[2011.05.25 21:18:00 | 000,000,956 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.25 20:54:23 | 000,005,758 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2011.05.25 20:24:00 | 000,001,000 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-436374069-682003330-1003Core.job
[2011.05.25 20:18:00 | 000,000,952 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.25 20:02:34 | 000,205,398 | ---- | M] () -- D:\WINDOWS\System32\nvapps.xml
[2011.05.25 20:02:07 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2011.05.25 20:01:17 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2011.05.24 20:18:54 | 000,002,228 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2011.05.20 10:21:53 | 000,000,600 | ---- | M] () -- D:\Documents and Settings\AlexIT\Application Data\winscp.rnd
[2011.05.20 10:20:54 | 000,107,483 | ---- | M] () -- D:\Documents and Settings\AlexIT\Рабочий стол\icecast.xml
[2011.05.18 16:16:16 | 000,020,480 | ---- | M] () -- D:\WINDOWS\System32\[email protected]@@k.DLL
[2011.05.18 16:11:16 | 000,000,630 | ---- | M] () -- D:\Documents and Settings\AlexIT\Рабочий стол\vice city.lnk
[2011.05.18 13:25:15 | 000,486,486 | ---- | M] () -- D:\WINDOWS\System32\perfh019.dat
[2011.05.18 13:25:15 | 000,443,724 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2011.05.18 13:25:15 | 000,085,018 | ---- | M] () -- D:\WINDOWS\System32\perfc019.dat
[2011.05.18 13:25:15 | 000,071,982 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2011.05.10 20:04:38 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2011.05.10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- D:\WINDOWS\avastSS.scr
[2011.05.10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\aswBoot.exe
[2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswSnx.sys
[2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswSP.sys
[2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2011.05.10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys
[2011.05.10 14:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswmon.sys
[2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2011.05.10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys
[2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.04.29 20:40:01 | 000,000,284 | ---- | M] () -- D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[4 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.05.20 09:40:00 | 000,107,483 | ---- | C] () -- D:\Documents and Settings\AlexIT\Рабочий стол\icecast.xml
[2011.05.18 16:11:16 | 000,000,630 | ---- | C] () -- D:\Documents and Settings\AlexIT\Рабочий стол\vice city.lnk
[2011.04.12 20:24:03 | 000,000,138 | ---- | C] () -- D:\WINDOWS\System32\operaprefs_fixed.ini
[2010.03.29 17:30:06 | 000,020,480 | ---- | C] () -- D:\WINDOWS\System32\[email protected]@@k.DLL
[2009.11.11 10:38:34 | 000,260,608 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2009.11.11 10:38:34 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2009.11.11 10:38:34 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2009.11.11 10:38:34 | 000,077,312 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2009.11.11 10:38:34 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- D:\WINDOWS\System32\xlive.dll.cat
[2009.10.13 11:46:50 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\kmword.dll
[2009.10.13 11:46:19 | 000,000,069 | ---- | C] () -- D:\WINDOWS\cm.ini
[2009.06.03 12:06:47 | 000,010,752 | ---- | C] () -- D:\WINDOWS\System32\BASSMOD.dll
[2009.05.27 10:09:29 | 000,000,600 | ---- | C] () -- D:\Documents and Settings\AlexIT\Local Settings\Application Data\PUTTY.RND
[2009.05.15 19:17:58 | 000,064,320 | ---- | C] () -- D:\WINDOWS\War3Unin.dat
[2009.03.28 22:01:57 | 000,283,680 | ---- | C] () -- D:\WINDOWS\System32\prntjpg.dll
[2009.03.10 09:28:44 | 000,000,129 | ---- | C] () -- D:\Documents and Settings\AlexIT\Local Settings\Application Data\fusioncache.dat
[2009.02.02 19:52:32 | 000,000,436 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2008.12.15 00:46:15 | 000,069,260 | -H-- | C] () -- D:\WINDOWS\System32\mlfcache.dat
[2008.11.05 22:26:22 | 000,000,056 | -H-- | C] () -- D:\WINDOWS\System32\ezsidmv.dat
[2008.11.05 18:35:05 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2008.10.31 19:39:02 | 000,000,180 | ---- | C] () -- D:\WINDOWS\wcx_ftp.ini
[2008.10.31 18:51:39 | 001,053,056 | ---- | C] () -- D:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2008.10.31 18:09:51 | 000,053,248 | ---- | C] () -- D:\WINDOWS\System32\PAStiSvc.exe
[2008.10.31 02:35:15 | 000,001,682 | ---- | C] () -- D:\WINDOWS\wincmd.ini
[2008.10.30 12:24:34 | 000,000,600 | ---- | C] () -- D:\Documents and Settings\AlexIT\Application Data\winscp.rnd
[2008.10.30 04:50:40 | 000,164,352 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2008.10.30 04:50:40 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini
[2008.10.30 04:50:38 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2008.10.30 04:50:38 | 000,755,027 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2008.10.30 04:50:38 | 000,159,839 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2008.10.30 04:50:37 | 000,007,680 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2008.10.30 03:52:08 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2008.10.30 03:42:52 | 000,193,024 | ---- | C] () -- D:\Documents and Settings\AlexIT\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.30 03:38:24 | 000,004,337 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2008.10.30 03:36:31 | 000,336,256 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2008.10.30 02:58:53 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2008.10.30 02:49:32 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2008.10.30 02:45:36 | 000,022,564 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2008.10.07 14:33:00 | 001,703,936 | ---- | C] () -- D:\WINDOWS\System32\nvwdmcpl.dll
[2008.10.07 14:33:00 | 001,630,208 | ---- | C] () -- D:\WINDOWS\System32\nwiz.exe
[2008.10.07 14:33:00 | 001,486,848 | ---- | C] () -- D:\WINDOWS\System32\nview.dll
[2008.10.07 14:33:00 | 001,339,392 | ---- | C] () -- D:\WINDOWS\System32\nvdspsch.exe
[2008.10.07 14:33:00 | 001,019,904 | ---- | C] () -- D:\WINDOWS\System32\nvwimg.dll
[2008.10.07 14:33:00 | 000,466,944 | ---- | C] () -- D:\WINDOWS\System32\nvshell.dll
[2008.10.07 14:33:00 | 000,442,368 | ---- | C] () -- D:\WINDOWS\System32\nvappbar.exe
[2008.10.07 14:33:00 | 000,425,984 | ---- | C] () -- D:\WINDOWS\System32\keystone.exe
[2008.10.07 14:33:00 | 000,286,720 | ---- | C] () -- D:\WINDOWS\System32\nvnt4cpl.dll
[2007.11.06 22:19:28 | 000,053,299 | ---- | C] () -- D:\WINDOWS\System32\pthreadVC.dll
[2005.02.24 13:29:14 | 000,162,176 | ---- | C] () -- D:\WINDOWS\System32\drivers\PFC027.sys
[2005.01.25 16:15:42 | 000,010,240 | ---- | C] () -- D:\WINDOWS\System32\PA207USD.DLL
[2004.11.22 14:48:08 | 000,040,960 | ---- | C] () -- D:\WINDOWS\98Setup.exe
[2004.08.17 14:18:40 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\dcache.bin
[2004.08.02 12:20:40 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2003.07.07 03:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2003.07.07 03:00:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2003.04.01 12:49:16 | 000,005,360 | ---- | C] () -- D:\WINDOWS\System32\OUTLPERF.INI
[2001.10.28 18:42:30 | 000,116,224 | ---- | C] () -- D:\WINDOWS\System32\pdfcmnnt.dll
[2001.10.20 15:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001.10.20 15:00:00 | 000,486,486 | ---- | C] () -- D:\WINDOWS\System32\perfh019.dat
[2001.10.20 15:00:00 | 000,443,724 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001.10.20 15:00:00 | 000,305,414 | ---- | C] () -- D:\WINDOWS\System32\perfi019.dat
[2001.10.20 15:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001.10.20 15:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001.10.20 15:00:00 | 000,085,018 | ---- | C] () -- D:\WINDOWS\System32\perfc019.dat
[2001.10.20 15:00:00 | 000,071,982 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001.10.20 15:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001.10.20 15:00:00 | 000,036,176 | ---- | C] () -- D:\WINDOWS\System32\perfd019.dat
[2001.10.20 15:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001.10.20 15:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009.11.18 16:31:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\3po.ru
[2010.01.28 01:41:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\com.adobe.example.avatarAirApplication.199ED43C2CFEB351CD0244628B93195D7C58F98C.1
[2008.11.03 14:39:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\DAEMON Tools
[2009.09.04 10:25:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Download Master
[2009.10.07 16:44:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Easy Thumbnails
[2009.10.29 23:04:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\edu-media
[2009.09.05 22:10:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\FileZilla
[2009.04.30 17:26:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\GlobalSCAPE
[2010.12.30 21:29:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\GrabPro
[2011.01.20 21:33:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\gtk-2.0
[2009.01.21 19:44:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\ICQ
[2009.05.19 10:32:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\it.vodafone.desktopwidget.75C5D0AC8E830B80BD4FBC0B32A23F0123E8C097.1
[2009.10.28 16:58:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Opera
[2010.12.30 21:38:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Orbit
[2008.10.31 18:19:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Pistonsoft
[2009.04.30 12:32:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\PrimeTV
[2010.12.30 21:18:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\ProgSense
[2009.03.09 11:36:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Publish Providers
[2010.05.05 20:05:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\QIP
[2009.01.23 17:14:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\QIP.Online
[2009.03.09 11:35:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Sony
[2010.02.16 12:35:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\TomTom
[2008.10.31 18:51:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Webcammax
[2010.06.14 12:34:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\WebMoney
[2010.01.12 00:41:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\AlexIT\Application Data\Yandex
[2010.01.28 00:14:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2009.04.30 17:27:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2008.11.05 18:40:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\LightScribe
[2011.05.24 21:38:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2010.02.16 12:36:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TomTom
[2011.04.12 20:24:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\VKSaver
[2008.10.31 19:00:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Webcammax
[2008.10.30 04:23:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\YandexPack
[2010.07.09 20:55:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.12.16 21:17:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.06.17 19:59:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011.05.25 20:02:07 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:A064CECC
@Alternate Data Stream - 123 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:1493A0EF
@Alternate Data Stream - 122 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:41ADDB8A

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP