Созданные ответы форума
-
Сообщения
-
Extras.txt:
OTViewIt Extras logfile created on: 24.12.2008 19:34:37 — Run
OTViewIt by OldTimer — Version 1.0.20.1 Folder = C:ProjectsASFCode — OBGMainASF.WebASF.Dictionary.Web.UIImagesnewDict
Windows Server 2003 Enterprise Edition Service Pack 2 (Version = 5.2.3790) — Type = NTServer
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000419 | Country: Russia | Language: RUS | Date Format: dd.MM.yyyy1,99 Gb Total Physical Memory | 0,16 Gb Available Physical Memory | 7,81% Memory free
3,85 Gb Paging File | 1,83 Gb Available in Paging File | 47,59% Paging File free
Paging file location(s): C:pagefile.sys 2046 4092;%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 48,83 Gb Total Space | 4,01 Gb Free Space | 8,21% Space Free | Partition Type: NTFS
Drive D: | 100,22 Gb Total Space | 15,18 Gb Free Space | 15,15% Space Free | Partition Type: NTFS
Drive E: | 231,23 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 513,73 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 596,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 698,65 Gb Total Space | 291,20 Gb Free Space | 41,68% Space Free | Partition Type: NTFSComputer Name: SALAMANDRA
Current User Name: gig
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days========== File Associations ==========
[HKEY_LOCAL_MACHINESOFTWAREClasses
]
.html [@ = FirefoxHTML] — C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation)========== Security Center Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile
«EnableFirewall»=0
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplications]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPorts]========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
[2007.01.19 11:54:56 | 05,674,352 | —- | M] (Microsoft Corporation) — C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007.01.04 15:10:02 | 00,297,752 | —- | M] (Microsoft Corporation) — C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2006.02.28 11:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour
[2008.05.21 03:37:24 | 12,844,576 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
[2003.04.08 21:51:36 | 00,840,192 | —- | M] (Eugene Roshal & FAR Group) — C:Program FilesFarFar.exe:*:Enabled:File and archive manager
[2008.09.23 14:17:06 | 21,755,688 | R— | M] (Skype Technologies S.A.) — C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
[2007.01.19 11:54:56 | 05,674,352 | —- | M] (Microsoft Corporation) — C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007.01.04 15:10:02 | 00,297,752 | —- | M] (Microsoft Corporation) — C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)========== (O10) Winsock2 Catalogs ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWinSock2Parameters]
NameSpace_Catalog5Catalog_Entries�00000000004 [mdnsNSP] — C:Program FilesBonjourmdnsNSP.dll (Apple Computer, Inc.)========== HKEY_USERS Protocol Defaults ==========
[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapProtocolDefaults] — Default Protocols
@ivt — @ivt protocol not assigned
file — file protocol not assigned
ftp — ftp protocol not assigned
http — http protocol not assigned
https — https protocol not assigned
shell — shell protocol not assigned========== HKEY_USERS Protocol Defaults ==========
[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapProtocolDefaults] — Default Protocols
@ivt — @ivt protocol not assigned
file — file protocol not assigned
ftp — ftp protocol not assigned
http — http protocol not assigned
https — https protocol not assigned
shell — shell protocol not assigned========== HKEY_USERS Protocol Defaults ==========
[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapProtocolDefaults] — Default Protocols
@ivt — @ivt protocol not assigned
file — file protocol not assigned
ftp — ftp protocol not assigned
http — http protocol not assigned
https — https protocol not assigned
shell — shell protocol not assigned========== HKEY_USERS Protocol Defaults ==========
[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapProtocolDefaults] — Default Protocols
@ivt — @ivt protocol not assigned
file — file protocol not assigned
ftp — ftp protocol not assigned
http — http protocol not assigned
https — https protocol not assigned
shell — shell protocol not assigned========== (O18) Protocol Handlers ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.08.24 07:01:46 | 00,224,128 | —- | M] (Microsoft Corporation) D:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll (grooveLocalGWS:{88FED34C-F0CA-4636-A375-3CB6248B04CD} (HKLM) [Local Groove Web Services Protocol])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.01.19 11:53:24 | 00,063,344 | —- | M] (Microsoft Corporation) C:Program FilesMSN Messengermsgrapp.8.1.0178.00.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
msdaipp: [HKLM — No CLSID value][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2007.08.28 23:55:14 | 01,014,128 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesSystemOle DBMSDAIPP.DLL msdaipp�x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAMON.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2007.08.28 23:55:14 | 01,014,128 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesSystemOle DBMSDAIPP.DLL msdaippoledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAIPP.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.11.07 10:23:16 | 00,991,736 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedHelphxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.01.19 11:53:24 | 00,063,344 | —- | M] (Microsoft Corporation) C:Program FilesMSN Messengermsgrapp.8.1.0178.00.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2007.05.10 12:45:34 | 08,069,464 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedWeb Components11OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2008.09.23 14:17:06 | 01,942,864 | R— | M] (Skype Technologies) C:Program FilesCommon FilesSkypeSkype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [IEProtocolHandler Class])========== (O18) Protocol Filters ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSFilter] — Protocol Filters
[2006.10.26 20:41:48 | 00,044,344 | —- | M] (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{0134A1A1-C283-4A47-91A1-92F19F960372}»=Adobe Creative Suite 2
«{01AE68B4-C785-4865-BC7E-78456372BB75}»=RU
«{04AF207D-9A77-465A-8B76-991F6AB66245}»=Adobe Help Viewer CS3
«{05EC21B8-4593-3037-A781-A6B5AFFCB19D}»=Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools — enu
«{082BDF7B-4810-4599-BF0D-E3AC44EC8524}»=Microsoft ASP.NET 2.0 AJAX Extensions 1.0
«{08B32819-6EEF-4057-AEDA-5AB681A36A23}»=Adobe Bridge Start Meeting
«{09E2111C-16B1-4DDF-BF0D-F994C9A12350}»=Adobe Setup
«{0C19D563-5F25-4621-BF10-01F741BD283F}»=Microsoft SQL Server Compact 3.5 SP1 Design Tools English
«{0DF3AE91-E533-3960-8516-B23737F8B7A2}»=Visual C++ 2008 x64 Runtime — (v9.0.30729)
«{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01″=Visual C++ 2008 x64 Runtime — v9.0.30729.01
«{0ED47137-C071-46CC-A243-E5E33271E10E}»=Windows Live Sign-in Assistant
«{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}»=Symantec AntiVirus Client
«{1389C6A4-4965-4AEC-9175-08B54A10FA48}»=Microsoft SQL Server 2005 Mobile [ENU] Developer Tools
«{143709E9-ECD1-4202-8970-AC7A3FDD6ACA}»=ABCpdf .NET 6.0
«{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}»=Adobe WinSoft Linguistics Plugin
«{1862162E-3BBC-448F-AA63-49F33152D54A}»=Microsoft Visual Studio 2005 Team Suite — ENU
«{1D58229F-C505-45CA-8223-F35F3A34B963}»=Adobe Version Cue CS3 Server
«{1F698102-5739-441E-96F0-74F4EA540F06}»=Attansic Giga Ethernet Utility
«{22E23C71-C27A-3F30-8849-BB6129E50679}»=Visual C++ 2008 IA64 Runtime — (v9.0.30729)
«{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01″=Visual C++ 2008 IA64 Runtime — v9.0.30729.01
«{236BB7C4-4419-42FD-0409-1E257A25E34D}»=Adobe Photoshop CS2
«{23959E96-A80F-4172-A655-210E9BB7BFBE}»=MSDN Library for Visual Studio 2005
«{241F2BF7-69EB-42A4-9156-96B2426C7504}»=Microsoft SQL Server Compact 3.5 for Devices ENU
«{24D1FCDD-FE3F-43D4-96D6-EDA0A8F633E7}_is1″=Sothink DHTML Menu 8
«{26A24AE4-039D-4CA4-87B4-2F83216011FF}»=Java(TM) 6 Update 11
«{291B3A3B-F808-45B8-8113-DF232FCB6C82}»=Microsoft .NET Compact Framework 3.5
«{29E5EA97-5F74-4A57-B8B2-D4F169117183}»=Adobe Stock Photos CS3
«{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}»=Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
«{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}»=Adobe Flash Video Encoder
«{3248F0A8-6813-11D6-A77B-00B0D0160020}»=Java(TM) 6 Update 2
«{3248F0A8-6813-11D6-A77B-00B0D0160030}»=Java(TM) 6 Update 3
«{3248F0A8-6813-11D6-A77B-00B0D0160050}»=Java(TM) 6 Update 5
«{3311CE59-2676-491A-B459-EA0320703CF8}»=.NET Framework Machine Code Access Security Policy
«{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}»=SQL Server System CLR Types
«{36DD7006-7BFE-4E3D-AF6E-FA734BC879B7}»=SQLXML4
«{388E4B09-3E71-4649-8921-F44A3A2954A7}»=Microsoft Visual Studio 2005 Tools for Office Runtime
«{3891E1C9-8E9E-43E2-B009-6D008BCD7669}»=Microsoft Expression Blend 2
«{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}»=Cisco Systems VPN Client 4.0.1 (Rel)
«{4196D960-68B0-4BEB-B312-3C1B4654068D}»=Handy Recovery 4.0
«{44D4AF75-6870-41F5-9181-662EA05507E1}»=Microsoft Document Explorer 2005
«{4D2DFB70-AECB-47BF-A895-3B3AA544934F}»=Microsoft SQL Server 2005 Tools
«{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}»=FontNav
«{51846830-E7B2-4218-8968-B77F0FF475B8}»=Adobe Color EU Extra Settings
«{52B0D62A-860D-4136-9A8A-9FD877E8EE89}»=Microsoft SQL Server 2005 Analysis Services
«{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}»=Microsoft SQL Server Setup Support Files (English)
«{54793AA1-5001-42F4-ABB6-C364617C6078}»=Adobe Linguistics CS3
«{571700F0-DB9D-4B3A-B03D-35A14BB5939F}»=Windows Live Messenger
«{587178E7-B1DF-494E-9838-FA4DD36E873C}»=ASUSUpdate
«{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}»=Skype™ 3.8
«{60DE4033-9503-48D1-A483-7846BD217CA9}»=ICQ6
«{64c5b887-b5ee-42b8-8596-78905a6b5f1f}»=Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
«{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}»=Microsoft Document Explorer 2008
«{68A35043-C55A-4237-88C9-37EE1C63ED71}»=Microsoft Visual J# 2.0 Redistributable Package
«{69880C00-08DD-4385-B752-9C62656F6D1E}»=Microsoft SQL Server 2005 Backward compatibility
«{6ABE0BEE-D572-4FE8-B434-9E72A289431B}»=Adobe Fonts All
«{6B52140A-F189-4945-BFFC-DB3F00B8C589}»=Adobe Flash CS3
«{6B708481-748A-4EB4-97C1-CD386244FF77}»=Adobe MotionPicture Color Files
«{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}»=AHV content for Acrobat and Flash
«{6C531060-84FB-4F96-8F33-29DF020632EB}»=Microsoft .NET Compact Framework 1.0 SP3 Developer
«{6C9F6D23-E9AD-43C9-B43A-011562AAF876}»=Windows Mobile 5.0 SDK R2 for Pocket PC
«{6D9A7CEE-054A-437D-99EF-DD7C77E001FD}»=WebMoney Keeper Classic 3.5.0.2
«{6FDD4688-E063-401D-B6BE-7234E20B9173}»=Microsoft SQL Server 2005 Books Online (English) (September 2007)
«{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}»=Adobe Asset Services CS3
«{7299052b-02a4-4627-81f2-1818da5d550d}»=Microsoft Visual C++ 2005 Redistributable
«{7472B5B4-3FB7-446F-BC78-6BBA506EC473}»=Opera 9.50
«{766B3A7A-B5AE-33F5-9858-75E692799C84}»=Microsoft Visual Studio 2008 Team Explorer — ENU
«{786C5747-1033-0000-B58E-000000000001}»=Adobe Stock Photos 1.0
«{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}»=Adobe Dreamweaver CS3
«{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}»=CorelDRAW Graphics Suite X3
«{7D7E6D55-E338-4B4C-AD91-E750BFD2BA4C}»=Microsoft SQL Server 2005 Reporting Services
«{7F4C8163-F259-49A0-A018-2857A90578BC}»=Adobe InDesign CS2
«{802771A9-A856-4A41-ACF7-1450E523C923}»=Adobe XMP Panels CS3
«{80C06CCD-7D07-3DB6-86CD-B57B3F0614D8}»=Microsoft Visual Studio Team System 2008 Team Suite — ENU
«{81CD5553-EDAF-41B5-911B-120203752773}»=Microsoft Silverlight Tools Alpha for Visual Studio 2008 Beta 2
«{842FAF7C-50EF-4463-9B8F-6222E1384D7D}»=Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
«{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}»=Microsoft Silverlight
«{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}»=Adobe Device Central CS3
«{8E408A85-E0E5-4094-903F-8675707AC313}»=Microsoft SQL Server 2005 Integration Services
«{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}»=Adobe Type Support
«{8EDBA74D-0686-4C99-BFDD-F894678E5B39}»=Adobe Common File Installer
«{8FB53850-246A-3507-8ADE-0060093FFEA6}»=Visual Studio Tools for the Office system 3.0 Runtime
«{90120000-0010-0409-0000-0000000FF1CE}»=Microsoft Software Update for Web Folders (English) 12
«{90120000-0015-0409-0000-0000000FF1CE}»=Microsoft Office Access MUI (English) 2007
«{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0016-0409-0000-0000000FF1CE}»=Microsoft Office Excel MUI (English) 2007
«{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0018-0409-0000-0000000FF1CE}»=Microsoft Office PowerPoint MUI (English) 2007
«{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0019-0409-0000-0000000FF1CE}»=Microsoft Office Publisher MUI (English) 2007
«{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001A-0409-0000-0000000FF1CE}»=Microsoft Office Outlook MUI (English) 2007
«{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001B-0409-0000-0000000FF1CE}»=Microsoft Office Word MUI (English) 2007
«{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-0409-0000-0000000FF1CE}»=Microsoft Office Proof (English) 2007
«{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-0409-0000-0000000FF1CE}_PRJPROR_{3EC77D26-799B-4CD8-914F-C1565E796173}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-0409-0000-0000000FF1CE}_VISPROR_{3EC77D26-799B-4CD8-914F-C1565E796173}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-040C-0000-0000000FF1CE}»=Microsoft Office Proof (French) 2007
«{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-040C-0000-0000000FF1CE}_PRJPROR_{430971B1-C31E-45DA-81E0-72C095BAB72C}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-040C-0000-0000000FF1CE}_VISPROR_{430971B1-C31E-45DA-81E0-72C095BAB72C}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-0C0A-0000-0000000FF1CE}»=Microsoft Office Proof (Spanish) 2007
«{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-001F-0C0A-0000-0000000FF1CE}_VISPROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0021-0000-0000-0000000FF1CE}»=Microsoft Office Visual Web Developer 2007
«{90120000-0021-0409-0000-0000000FF1CE}»=Microsoft Office Visual Web Developer MUI (English) 2007
«{90120000-002C-0409-0000-0000000FF1CE}»=Microsoft Office Proofing (English) 2007
«{90120000-0030-0000-0000-0000000FF1CE}»=Microsoft Office Enterprise 2007
«{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0044-0409-0000-0000000FF1CE}»=Microsoft Office InfoPath MUI (English) 2007
«{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0054-0409-0000-0000000FF1CE}»=Microsoft Office Visio MUI (English) 2007
«{90120000-0054-0409-0000-0000000FF1CE}_VISPROR_{EA35370F-586C-45E1-AC6C-A4E275C6B762}»=Microsoft Office Visio 2007 Service Pack 1 (SP1)
«{90120000-006E-0409-0000-0000000FF1CE}»=Microsoft Office Shared MUI (English) 2007
«{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-006E-0409-0000-0000000FF1CE}_PRJPROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-006E-0409-0000-0000000FF1CE}_VISPROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{FAD8A83E-9BAC-4179-9268-A35948034D85}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-00A1-0409-0000-0000000FF1CE}»=Microsoft Office OneNote MUI (English) 2007
«{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-00B4-0409-0000-0000000FF1CE}»=Microsoft Office Project MUI (English) 2007
«{90120000-00B4-0409-0000-0000000FF1CE}_PRJPROR_{75EC8FFC-B913-4991-B3A1-22576D2FC45D}»=Microsoft Office Project 2007 Service Pack 1 (SP1)
«{90120000-00BA-0409-0000-0000000FF1CE}»=Microsoft Office Groove MUI (English) 2007
«{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0114-0409-0000-0000000FF1CE}»=Microsoft Office Groove Setup Metadata MUI (English) 2007
«{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0115-0409-0000-0000000FF1CE}»=Microsoft Office Shared Setup Metadata MUI (English) 2007
«{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0115-0409-0000-0000000FF1CE}_PRJPROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0115-0409-0000-0000000FF1CE}_VISPROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{FAD8A83E-9BAC-4179-9268-A35948034D85}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90120000-0117-0409-0000-0000000FF1CE}»=Microsoft Office Access Setup Metadata MUI (English) 2007
«{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}»=2007 Microsoft Office Suite Service Pack 1 (SP1)
«{90176341-0A8B-4CCC-A78D-F862228A6B95}»=Adobe Anchor Service CS3
«{90A40409-6000-11D3-8CFE-0150048383C9}»=Microsoft Office 2003 Web Components
«{91120000-003B-0000-0000-0000000FF1CE}»=Microsoft Office Project Professional 2007
«{91120000-003B-0000-0000-0000000FF1CE}_PRJPROR_{C1877F6E-C1C8-486D-A697-86431029690C}»=Microsoft Office Project 2007 Service Pack 1 (SP1)
«{91120000-0051-0000-0000-0000000FF1CE}»=Microsoft Office Visio Professional 2007
«{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443}»=Microsoft Office Visio 2007 Service Pack 1 (SP1)
«{95655ED4-7CA5-46DF-907F-7144877A32E5}»=Adobe Color NA Recommended Settings
«{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}»=Windows Mobile 5.0 SDK R2 for Smartphone
«{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}»=Visual C++ 8.0 ATL (x86) WinSXS MSM
«{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}»=Visual C++ 8.0 CRT (x86) WinSXS MSM
«{98D1A713-438C-4A23-8AB6-41B37C4A2D47}»=VMware Workstation
«{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}»=Microsoft SQL Server Database Publishing Wizard 1.3
«{9BE2669E-2BD8-4164-A8B5-C904C864B403}»=WA Update v3.50 beta2
«{9C9824D9-9000-4373-A6A5-D0E5D4831394}»=Adobe Bridge CS3
«{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}»=Adobe CMaps
«{A2D81E70-2A98-4A08-A628-94388B063C5E}»=Adobe Color — Photoshop Specific
«{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}»=Microsoft .NET Framework 3.0 Service Pack 2
«{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}»=IKEA Home Planner
«{AA11000A-C75E-487C-88FC-37AA1AACFB63}»=ABBYY Lingvo 11 Six Languages
«{AA467959-A1D6-4F45-90CD-11DC57733F32}»=Crystal Reports Basic for Visual Studio 2008
«{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}»=PDF Settings
«{AC76BA86-1033-0000-7760-000000000003}»=Adobe Acrobat 8 Professional
«{AC76BA86-7AD7-1033-7B44-A81200000003}»=Adobe Reader 8.1.2
«{ADBE46EE-54E0-4610-B436-D7E93D829100}»=Adobe Version Cue CS2
«{B268E9A1-04A9-40D0-9866-846BE2B74BA7}»=Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools
«{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}»=Adobe Illustrator CS2
«{B32E7732-B2FB-3FD0-81AC-6025B1104C66}»=Microsoft Device Emulator version 3.0 — ENU
«{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}»=Adobe Camera Raw 4.0
«{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1″=Spybot — Search & Destroy
«{B671CBFD-4109-4D35-9252-3062D3CCB7B2}»=Adobe SING CS3
«{B74D4E10-1033-0000-0000-000000000001}»=Adobe Bridge 1.0
«{B7F560B3-6EFF-4026-A982-843895A41149}»=Adobe BridgeTalk Plugin CS3
«{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}»=Adobe Default Language CS3
«{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}»=Microsoft Visual Studio 2008 Shell (integrated mode) — ENU
«{BE5F3842-8309-4754-92D5-83E02E6077A3}»=Adobe Extension Manager CS3
«{BFD96B89-B769-4CD6-B11E-E79FFD46F067}»=QuickTime
«{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}»=Microsoft .NET Framework 2.0 Service Pack 2
«{C0B81E26-F7D0-4E84-941A-21C438BC586D}»=Microsoft SQL Server 2005 Notification Services
«{C25EF637-BE7A-4761-9B45-9069989C319F}»=Microsoft Visual Studio 2005 Premier Partner Edition — ENU
«{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}»=Adobe ExtendScript Toolkit 2
«{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}»=Suite Specific
«{C5BD220A-EFE8-48A5-B70E-9503D535FACE}»=Adobe WAS CS3
«{C6CCBD7A-0922-4FF5-B185-72F95B7D1EAB}»=ABCpdf .NET 5.0
«{C94E45B0-6AA6-4FB9-9AAE-22085F631880}»=VBA
«{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}»=Microsoft Windows SDK for Visual Studio 2008 SP1 Tools
«{CB3F8375-B600-4B9F-83C9-238ED1E583FD}»=Adobe InDesign CS3
«{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}»=Microsoft .NET Framework 3.5 SP1
«{D0DFF92A-492E-4C40-B862-A74A173C25C5}»=Adobe Version Cue CS3 Client
«{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}»=Adobe Creative Suite 3 Design Premium
«{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}»=Adobe PDF Library Files
«{DA0BF7AB-88EB-4675-8FA1-531EAD938821}»=SnagIt 8
«{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}»=Adobe Color Common Settings
«{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}»=Adobe Color JA Extra Settings
«{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}»=jetAudio Basic
«{E027FE2E-3FF5-4DC9-A838-3F21CCF74EFE}»=Microsoft Visual Studio 2005 Team Explorer — ENU
«{E21DB865-B8F4-4E62-BC9E-3ED3911A7C10}»=Janus WinForms Controls Suite v3 for .NET (LICENSED)
«{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}»=Microsoft SQL Server Compact 3.5 SP1 English
«{E69AE897-9E0B-485C-8552-7841F48D42D8}»=Adobe Update Manager CS3
«{E6DE9A54-8514-446E-9D11-530DC599C355}»=Microsoft SharedView
«{E9787678-1033-0000-8E67-000000000001}»=Adobe Help Center 1.0
«{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}»=Microsoft SQL Server VSS Writer
«{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}»=Adobe InDesign CS3 Icon Handler
«{EB3F5C2A-0754-38B8-8722-7B537006BF46}»=Microsoft Visual Studio 2008 Performance Collection Tools — ENU
«{EB76B218-8FC5-41DF-9F1F-7FF3E0448383}»=Microsoft SQL Server 2005
«{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}»=Microsoft .NET Compact Framework 2.0 SP2
«{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}»=Realtek High Definition Audio Driver
«{F333A33D-125C-32A2-8DCE-5C5D14231E27}»=Visual C++ 2008 x86 Runtime — (v9.0.30729)
«{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01″=Visual C++ 2008 x86 Runtime — v9.0.30729.01
«{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}»=Update Manager
«{F4CE0186-2ED0-4782-9A11-2CF38CFA3E8E}»=Janus WinForms Controls v3.5 for .NET Patch (3.5.0.27)
«{F5E87B12-3C27-452F-8E78-21D42164FD83}»=Microsoft SQL Server 2008 Management Objects
«{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}»=Microsoft SQL Server Native Client
«{FF29527A-44CD-3422-945E-981A13584000}»=VC Runtimes MSI
«Adobe Flash Player ActiveX»=Adobe Flash Player 10 ActiveX
«Adobe Flash Player Plugin»=Adobe Flash Player 10 Plugin
«Adobe Shockwave Player»=Adobe Shockwave Player
«Adobe SVG Viewer»=Adobe SVG Viewer 3.0
«Adobe_c14ac4070fd9614ffe63f4bb533db2c»=Add or Remove Adobe Creative Suite 3 Design Premium
«Advanced FAR FTP Password Recovery»=Advanced FAR FTP Password Recovery
«AFPL Ghostscript 8.53″=AFPL Ghostscript 8.53
«AFPL Ghostscript Fonts»=AFPL Ghostscript Fonts
«AtcL1″=Attansic L1 Gigabit Ethernet Driver
«Balance_is1″=Balance
«BC2_is1″=Beyond Compare Version 2.4.3
«Blend_2.0.1523.0″=Microsoft Expression Blend 2
«DivX 5.0.2 Pro Bundle»=DivX 5.0.2 Pro Bundle
«DivX Codec»=DivX Codec
«DivX Player»=DivX Player 2.1
«EasyTask»=EasyTask
«Elasto Mania»=Elasto Mania
«eMusic Promotion»=eMusic — 50 Free MP3 offer
«ENTERPRISE»=Microsoft Office Enterprise 2007
«FAR manager»=FAR file manager
«FlashGet(JetCar)»=FlashGet(JetCar)
«FLVPlayer»=FLV Player 1.3.3
«FoxyTunesForFirefox»=FoxyTunes for Firefox
«GIF ANImator»=
«HDMI»=Intel(R) Graphics Media Accelerator Driver
«HijackThis»=HijackThis 2.0.2
«IDNMitigationAPIs»=Microsoft Internationalized Domain Names Mitigation APIs
«ie7″=Windows Internet Explorer 7
«ImageMagick 6.2.6 Q16_is1″=ImageMagick 6.2.6-1 Q16 (01/31/06)
«LiveUpdate1.7″=LiveUpdate 1.7 (Symantec Corporation)
«Malwarebytes’ Anti-Malware_is1″=Malwarebytes’ Anti-Malware
«Microsoft .NET Framework 3.5 SP1″=Microsoft .NET Framework 3.5 SP1
«Microsoft Document Explorer 2005″=Microsoft Document Explorer 2005
«Microsoft Document Explorer 2008″=Microsoft Document Explorer 2008
«Microsoft SQL Server 2005″=Microsoft SQL Server 2005
«Microsoft Visual J# 2.0 Redistributable Package»=Microsoft Visual J# 2.0 Redistributable Package
«Microsoft Visual Studio 2005 Team Explorer — ENU»=Microsoft Visual Studio 2005 Team Explorer — ENU
«Microsoft Visual Studio 2005 Team Suite — ENU»=Microsoft Visual Studio 2005 Team Suite — ENU
«Microsoft Visual Studio 2005 Tools for Office Runtime»=Visual Studio 2005 Tools for Office Second Edition Runtime
«Microsoft Visual Studio 2008 Team Explorer — ENU»=Microsoft Visual Studio 2008 Team Explorer — ENU
«Microsoft Visual Studio Team System 2008 Team Suite — ENU»=Microsoft Visual Studio Team System 2008 Team Suite — ENU
«Mozilla Firefox (3.0.5)»=Mozilla Firefox (3.0.5)
«Mozilla Firefox (3.0b5)»=Mozilla Firefox (3.0b5)
«MSDN Library for Visual Studio 2005″=MSDN Library for Visual Studio 2005
«MultipleIEs_is1″=MultipleIEs
«NLSDownlevelMapping»=Microsoft National Language Support Downlevel APIs
«PokerStars.net»=PokerStars.net
«PRJPROR»=Microsoft Office Project Professional 2007
«pstoedit and importps_is1″=pstoedit and importps 3.43
«QIP 2005_is1″=QIP 2005 8080
«QIP Infium_is1″=QIP Infium 2.0.9018 RC3
«QIP2005″=QIP 2005 Uninstall
«ShockwaveFlash»=Adobe Flash Player 9 ActiveX
«TMeter_is1″=TMeter 8.0.488
«TrafMeter_is1″=TrafMeter 6.6.404
«VISPROR»=Microsoft Office Visio Professional 2007
«Visual Studio Tools for the Office system 3.0 Runtime»=Visual Studio Tools for the Office system 3.0 Runtime
«VisualWebDeveloper»=Microsoft Visual Studio Web Authoring Component
«WIC»=Windows Imaging Component
«Winamp»=Winamp (remove only)
«Windows Server 2003 Service Pack»=Windows Server 2003 Service Pack 2
«WinRAR archiver»=Архиватор WinRAR
«XpsEPSC»=XML Paper Specification Shared Components Pack 1.0
«XTTB00001.XTTB00001Toolbar»=ICQ Toolbar
«ДубльГИС Новосибирск_is1″=ДубльГИС Новосибирск========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«63eb0cbdafeec04d»=Orðabókaskipan OBG
«Google Chrome»=Google Chrome
«WinImage»=WinImage========== HKEY_USERS Uninstall List ==========
[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«63eb0cbdafeec04d»=Orðabókaskipan OBG
«Google Chrome»=Google Chrome
«WinImage»=WinImage========== Last 10 Event Log Errors ==========
[ Application Events ]
Error — 16.09.2008 14:00:29 | Computer Name = SALAMANDRA | Source = SQLVDI | ID = 1
Description = SQLVDI: Loc=CVDS::Cleanup. Desc=Release(ClientAliveMutex). ErrorCode=(288)Attempt
to release mutex not owned by caller. . Process=2288. Thread=3920. Client. Instance=.
VD=.Error — 16.09.2008 14:00:29 | Computer Name = SALAMANDRA | Source = SQLVDI | ID = 1
Description = SQLVDI: Loc=CVDS::Cleanup. Desc=Release(ClientAliveMutex). ErrorCode=(288)Attempt
to release mutex not owned by caller. . Process=2288. Thread=3920. Client. Instance=.
VD=.Error — 16.09.2008 14:00:29 | Computer Name = SALAMANDRA | Source = SQLVDI | ID = 1
Description = SQLVDI: Loc=CVDS::Cleanup. Desc=Release(ClientAliveMutex). ErrorCode=(288)Attempt
to release mutex not owned by caller. . Process=2288. Thread=3920. Client. Instance=.
VD=.Error — 16.09.2008 14:00:29 | Computer Name = SALAMANDRA | Source = SQLVDI | ID = 1
Description = SQLVDI: Loc=CVDS::Cleanup. Desc=Release(ClientAliveMutex). ErrorCode=(288)Attempt
to release mutex not owned by caller. . Process=2288. Thread=3920. Client. Instance=.
VD=.Error — 16.09.2008 19:35:15 | Computer Name = SALAMANDRA | Source = Norton AntiVirus | ID = 16711685
Description = Virus Found!Virus name: Trojan Horse in File: C:PROGRA~1MYCENT~1InfoBarMYCENT~1.DLL
by: Defwatch scan. Action: Clean failed : Leave Alone succeeded :Error — 16.09.2008 19:35:15 | Computer Name = SALAMANDRA | Source = Norton AntiVirus | ID = 16711685
Description = Virus Found!Virus name: Bloodhound.Exploit.196 in File: C:Documents
and SettingsgigLocal SettingsApplication DataMozillaFirefoxProfilestgw7bnt5.defaultCache19734E60d01
by: Defwatch scan. Action: Clean failed : Leave Alone succeeded :Error — 17.09.2008 3:35:48 | Computer Name = SALAMANDRA | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.1433 — Fatal Execution Engine Error
(7A06491A) (0)Error — 17.09.2008 19:33:27 | Computer Name = SALAMANDRA | Source = Norton AntiVirus | ID = 16711685
Description = Virus Found!Virus name: Trojan Horse in File: C:PROGRA~1MYCENT~1InfoBarMYCENT~1.DLL
by: Defwatch scan. Action: Clean failed : Leave Alone succeeded :Error — 17.09.2008 19:33:27 | Computer Name = SALAMANDRA | Source = Norton AntiVirus | ID = 16711685
Description = Virus Found!Virus name: Bloodhound.Exploit.196 in File: C:Documents
and SettingsgigLocal SettingsApplication DataMozillaFirefoxProfilestgw7bnt5.defaultCache19734E60d01
by: Defwatch scan. Action: Clean failed : Leave Alone succeeded :Error — 18.09.2008 5:15:30 | Computer Name = SALAMANDRA | Source = TrafSvc | ID = 3
Description = Error saving XML Traffic Report C:Documents and SettingsgigDesktopTrafReportsRep2008-09.xml,
The system cannot find the path specified.[ OSession Events ]
Error — 17.12.2007 9:42:04 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 45
seconds with 0 seconds of active time. This session ended with a crash.Error — 22.04.2008 9:11:40 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 114286
seconds with 6600 seconds of active time. This session ended with a crash.Error — 22.04.2008 9:13:14 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 63
seconds with 60 seconds of active time. This session ended with a crash.Error — 22.04.2008 9:14:59 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 96
seconds with 60 seconds of active time. This session ended with a crash.Error — 22.04.2008 9:16:43 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 98
seconds with 60 seconds of active time. This session ended with a crash.Error — 22.04.2008 9:17:22 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 31
seconds with 0 seconds of active time. This session ended with a crash.Error — 22.04.2008 9:19:52 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 144
seconds with 60 seconds of active time. This session ended with a crash.Error — 27.05.2008 3:59:20 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4614
seconds with 1320 seconds of active time. This session ended with a crash.Error — 15.07.2008 7:35:03 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 9, Application Name: Microsoft Office Project, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.Error — 15.07.2008 7:35:15 | Computer Name = SALAMANDRA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 9, Application Name: Microsoft Office Project, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.[ System Events ]
Error — 11.12.2008 5:16:43 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1}to the user NT AUTHORITYNETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.Error — 11.12.2008 9:26:49 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1}to the user NT AUTHORITYNETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.Error — 11.12.2008 9:27:48 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1}to the user NT AUTHORITYNETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.Error — 15.12.2008 3:29:40 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10005
Description = DCOM got error «%1058» attempting to start the service StiSvc with
arguments «» in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}Error — 16.12.2008 2:31:09 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10005
Description = DCOM got error «%1058» attempting to start the service StiSvc with
arguments «» in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}Error — 17.12.2008 8:58:39 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1}to the user NT AUTHORITYNETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.Error — 17.12.2008 8:59:11 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1}to the user NT AUTHORITYNETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.Error — 18.12.2008 5:12:55 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1}to the user NT AUTHORITYNETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.Error — 22.12.2008 1:54:22 | Computer Name = SALAMANDRA | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:08:06 on 21.12.2008 was unexpected.Error — 23.12.2008 6:06:19 | Computer Name = SALAMANDRA | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1}to the user NT AUTHORITYNETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.< End of report >
========== Files — Modified Within 30 Days ==========
[1 C:WINDOWSSystem32*.tmp files]
[4 C:WINDOWS*.tmp files]
[2008.12.24 14:53:17 | 00,039,936 | —- | M] () — C:Documents and SettingsgigLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.24 13:08:14 | 02,152,962 | —- | M] () — C:Documents and SettingsgigDesktopuntitled.bmp
[2008.12.24 03:05:01 | 00,000,234 | —- | M] () — C:WINDOWStasksSystemState Backup (weekly).job
[2008.12.24 01:05:05 | 00,000,226 | —- | M] () — C:WINDOWStasksSystemState Backup.job
[2008.12.23 19:02:16 | 00,000,939 | —- | M] () — C:Documents and SettingsgigDesktopSpybot — Search & Destroy.lnk
[2008.12.23 19:01:13 | 15,083,520 | —- | M] (Safer Networking Limited ) — C:Documents and SettingsgigDesktopspybotsd160.exe
[2008.12.23 18:04:11 | 00,389,120 | —- | M] (Microsoft Corporation) — C:WINDOWSSystem32cmd.execf
[2008.12.23 18:04:01 | 02,885,687 | —- | M] () — C:Documents and SettingsgigDesktopComboFix.exe
[2008.12.23 17:03:06 | 00,001,714 | -H— | M] () — C:Documents and SettingsgigMy DocumentsDefault.rdp
[2008.12.23 16:29:35 | 00,796,078 | —- | M] () — C:Documents and SettingsgigDesktopzooming.zip
[2008.12.23 14:37:50 | 00,001,740 | —- | M] () — C:Documents and SettingsgigDesktopHijackThis.lnk
[2008.12.23 13:37:52 | 00,000,566 | —- | M] () — C:Documents and SettingsgigMy DocumentsMy Sharing Folders.lnk
[2008.12.23 13:36:55 | 00,002,447 | —- | M] () — C:Documents and SettingsAll UsersStart MenuProgramsStartupVPN Client.lnk
[2008.12.23 13:36:47 | 00,002,197 | —- | M] () — C:Documents and SettingsAll UsersStart MenuProgramsStartupAdobe Acrobat Speed Launcher.lnk
[2008.12.23 13:35:15 | 00,002,206 | —- | M] () — C:WINDOWSSystem32wpa.dbl
[2008.12.23 13:35:05 | 00,000,006 | -H— | M] () — C:WINDOWStasksSA.DAT
[2008.12.23 13:35:03 | 00,002,048 | —S- | M] () — C:WINDOWSbootstat.dat
[2008.12.22 18:03:01 | 00,012,319 | —- | M] () — C:Documents and SettingsgigDesktopSprotin credit card payment.docx
[2008.12.22 18:00:55 | 00,539,136 | —- | M] () — C:Documents and SettingsgigDesktopASF_2008_12_19_1.mpp
[2008.12.22 11:56:41 | 00,017,920 | —- | M] () — C:WINDOWSSystem32clicker2.sys
[2008.12.17 16:30:01 | 00,808,318 | —- | M] () — C:WINDOWSSystem32PerfStringBackup.INI
[2008.12.17 16:30:01 | 00,647,274 | —- | M] () — C:WINDOWSSystem32perfh009.dat
[2008.12.17 16:30:01 | 00,143,476 | —- | M] () — C:WINDOWSSystem32perfc009.dat
[2008.12.15 14:09:19 | 00,000,127 | —- | M] () — C:WINDOWSSystem32MRT.INI
[2008.12.15 13:57:21 | 00,353,647 | —- | M] () — C:Documents and SettingsgigMy DocumentsПлюсы.docx
[2008.12.13 13:29:12 | 03,593,216 | —- | M] (Microsoft Corporation) — C:WINDOWSSystem32mshtml.dll
[2008.12.13 13:29:12 | 03,593,216 | —- | M] (Microsoft Corporation) — C:WINDOWSSystem32dllcachemshtml.dll
[2008.12.12 15:58:45 | 00,305,705 | —- | M] () — C:Documents and SettingsgigDesktopRSIT.exe
[2008.12.12 13:58:47 | 00,000,702 | —- | M] () — C:Documents and SettingsAll UsersDesktopMalwarebytes’ Anti-Malware.lnk
[2008.12.12 12:35:07 | 00,812,344 | —- | M] (Trend Micro Inc.) — C:Documents and SettingsgigDesktopHJTInstall.exe
[2008.12.11 15:31:56 | 00,003,470 | —- | M] () — C:WINDOWSimsins.BAK
[2008.12.10 05:24:37 | 17,593,280 | —- | M] (Microsoft Corporation) — C:WINDOWSSystem32MRT.exe
[2008.12.08 11:38:32 | 00,424,960 | -HS- | M] () — C:Documents and SettingsgigDesktopThumbs.db
@Alternate Data Stream — 0 bytes -> C:Documents and SettingsgigDesktopThumbs.db:encryptable
[2008.12.03 19:59:06 | 00,038,496 | —- | M] (Malwarebytes Corporation) — C:WINDOWSSystem32driversmbamswissarmy.sys
[2008.12.03 19:59:02 | 00,015,504 | —- | M] (Malwarebytes Corporation) — C:WINDOWSSystem32driversmbam.sys
[2008.12.03 14:56:48 | 00,524,288 | —- | M] () — C:Documents and SettingsgigDesktopASF_2008_12_03.mpp
[2008.12.03 14:55:52 | 00,014,020 | —- | M] () — C:Documents and SettingsgigDesktopProjects state.docx
[2008.12.01 21:11:51 | 00,001,024 | —- | M] () — C:.rnd
[2008.12.01 17:42:09 | 00,014,091 | —- | M] () — C:Documents and SettingsgigDesktopLaw tasks review.docx
[2008.12.01 13:04:38 | 00,000,056 | -H— | M] () — C:WINDOWSSystem32ezsidmv.dat
[2008.12.01 00:46:14 | 02,107,498 | -H— | M] () — C:Documents and SettingsgigLocal SettingsApplication DataIconCache.db
[2008.11.28 20:31:41 | 00,104,448 | —- | M] () — C:WINDOWSSystem32rdl9432.exe
[2008.11.28 20:26:38 | 00,000,010 | —- | M] () — C:WINDOWSpopcinfo.dat
< End of report >OTViewIt.txt:
OTViewIt logfile created on: 24.12.2008 19:34:37 — Run
OTViewIt by OldTimer — Version 1.0.20.1 Folder = C:ProjectsASFCode — OBGMainASF.WebASF.Dictionary.Web.UIImagesnewDict
Windows Server 2003 Enterprise Edition Service Pack 2 (Version = 5.2.3790) — Type = NTServer
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000419 | Country: Russia | Language: RUS | Date Format: dd.MM.yyyy1,99 Gb Total Physical Memory | 0,16 Gb Available Physical Memory | 7,81% Memory free
3,85 Gb Paging File | 1,83 Gb Available in Paging File | 47,59% Paging File free
Paging file location(s): C:pagefile.sys 2046 4092;%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 48,83 Gb Total Space | 4,01 Gb Free Space | 8,21% Space Free | Partition Type: NTFS
Drive D: | 100,22 Gb Total Space | 15,18 Gb Free Space | 15,15% Space Free | Partition Type: NTFS
Drive E: | 231,23 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 513,73 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 596,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 698,65 Gb Total Space | 291,20 Gb Free Space | 41,68% Space Free | Partition Type: NTFSComputer Name: SALAMANDRA
Current User Name: gig
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days========== Processes ==========
[2005.04.04 17:58:28 | 00,163,840 | —- | M] (Adobe Systems Incorporated) — C:Program FilesAdobeAdobe Version Cue CS2binVersionCueCS2.exe
[2006.02.28 11:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe
[2003.05.07 12:21:00 | 01,413,184 | —- | M] (Cisco Systems, Inc.) — C:Program FilesCisco SystemsVPN Clientcvpnd.exe
[2002.07.30 10:36:00 | 00,032,768 | —- | M] (Symantec Corporation) — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusDefWatch.exe
[2007.02.17 02:19:44 | 00,014,336 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32inetsrvinetinfo.exe
[2008.12.12 15:29:14 | 00,152,984 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjqs.exe
[2006.10.26 12:40:34 | 00,335,872 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
[2008.08.05 16:58:50 | 00,205,840 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL Server90DTSBinnMsDtsSrvr.exe
[2006.08.28 01:53:48 | 00,092,952 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnmsftesql.exe
[2008.08.05 16:58:52 | 29,184,016 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.4MSSQLBinnsqlservr.exe
[2008.08.05 16:58:52 | 29,184,016 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnsqlservr.exe
[2008.08.05 16:58:50 | 14,894,608 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.2OLAPbinmsmdsrv.exe
[2002.07.30 10:40:44 | 00,573,440 | —- | M] (Symantec Corporation) — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe
[2008.08.05 16:58:50 | 00,016,912 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesReportServerbinReportingServicesService.exe
[2005.04.04 17:58:30 | 03,502,080 | —- | M] () — C:Program FilesAdobeAdobe Version Cue CS2datadatabasebinmysqld-nt.exe
[2007.02.10 04:29:56 | 00,089,968 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe
[2008.03.28 00:31:52 | 00,407,040 | —- | M] () — C:Program FilesTMeterTrafSvc.exe
[2005.12.15 20:42:10 | 00,217,088 | —- | M] (VMware, Inc.) — C:Program FilesVMwareVMware Workstationvmware-authd.exe
[2005.12.15 20:28:52 | 00,245,760 | —- | M] (VMware, Inc.) — C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvmount2.exe
[2005.12.15 20:42:10 | 00,135,168 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32vmnat.exe
[2005.12.15 20:42:10 | 00,106,496 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32vmnetdhcp.exe
[2007.02.17 01:31:22 | 00,389,120 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32cmd.exe
[2006.07.19 13:57:00 | 00,020,480 | —- | M] (Microsoft) — C:TFSCustomPoliciesUpdatePolicies.exe
[2007.02.17 03:09:46 | 00,207,872 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32wbemwmiprvse.exe
[2006.08.14 21:39:00 | 00,098,304 | R— | M] (Intel Corporation) — C:WINDOWSsystem32igfxtray.exe
[2006.08.14 21:41:00 | 00,114,688 | R— | M] (Intel Corporation) — C:WINDOWSsystem32hkcmd.exe
[2006.08.14 21:38:00 | 00,094,208 | R— | M] (Intel Corporation) — C:WINDOWSsystem32igfxpers.exe
[2006.12.17 22:00:00 | 16,062,464 | R— | M] (Realtek Semiconductor Corp.) — C:WINDOWSRTHDCPL.exe
[2002.07.30 10:35:04 | 00,077,824 | —- | M] (Symantec Corporation) — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusVPTray.exe
[2005.12.10 20:57:19 | 00,133,016 | —- | M] (DT Soft Ltd.) — C:Program FilesDAEMON Toolsdaemon.exe
[2007.08.24 07:00:48 | 00,033,648 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
[2005.04.04 17:58:30 | 00,856,064 | —- | M] (Adobe Sytems Incorporated) — C:Program FilesAdobeAdobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe
[2006.06.21 23:14:50 | 00,035,328 | —- | M] () — C:Program FilesWinampwinampa.exe
[2008.12.12 15:29:14 | 00,136,600 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjusched.exe
[2005.09.01 03:32:38 | 00,106,496 | —- | M] (ABBYY (BIT Software)) — C:Program FilesABBYY Lingvo 11 Six LanguagesLvAgent.exe
[2008.01.31 23:13:08 | 00,385,024 | —- | M] (Apple Inc.) — C:Program FilesQuickTimeQTTask.exe
[2008.02.07 23:28:18 | 00,221,184 | —- | M] () — C:Program FilesTMeterTrafMonitor.exe
[2005.08.11 15:30:30 | 00,081,920 | —- | M] (Macrovision Corporation) — C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
[2006.10.22 22:24:02 | 00,620,152 | —- | M] (Adobe Systems Inc.) — D:Program FilesAdobeAcrobat 8.0Acrobatacrotray.exe
[2007.01.19 11:54:56 | 05,674,352 | —- | M] (Microsoft Corporation) — C:Program FilesMSN Messengermsnmsgr.exe
[2008.09.23 14:17:06 | 21,755,688 | R— | M] (Skype Technologies S.A.) — C:Program FilesSkypePhoneSkype.exe
[2008.09.03 10:40:04 | 00,133,104 | —- | M] (Google Inc.) — C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
[2007.05.01 11:11:48 | 06,395,464 | —- | M] (TechSmith Corporation) — C:Program FilesTechSmithSnagIt 8SnagIt32.exe
[2007.05.01 11:12:10 | 00,058,952 | —- | M] (TechSmith Corporation) — C:Program FilesTechSmithSnagIt 8TscHelp.exe
[2007.05.01 11:12:10 | 00,075,336 | —- | M] (TechSmith Corporation) — C:Program FilesTechSmithSnagIt 8SnagPriv.exe
[2008.08.18 13:10:09 | 00,654,848 | —- | M] (Macrovision Europe Ltd.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
[2007.01.19 11:54:14 | 00,097,136 | —- | M] (Microsoft Corporation) — C:Program FilesMSN Messengerusnsvc.exe
[2008.09.23 14:17:08 | 00,076,744 | R— | M] (Skype Technologies) — C:Program FilesSkypePlugin ManagerskypePM.exe
[2007.02.17 01:30:40 | 00,009,728 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32cidaemon.exe
[2007.02.17 01:30:40 | 00,009,728 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32cidaemon.exe
[2008.05.21 03:37:24 | 12,844,576 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE
[2008.12.09 17:00:52 | 03,259,392 | —- | M] (The Author of QIP) — C:Program FilesQIPqip.exe
[2008.12.22 12:00:14 | 00,307,704 | —- | M] (Mozilla Corporation) — C:Program FilesMozilla Firefoxfirefox.exe
[2008.07.30 10:06:58 | 01,100,280 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft Visual Studio 9.0Common7IDEdevenv.exe
[2007.02.17 01:30:40 | 00,009,728 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32cidaemon.exe
[2006.06.21 23:16:10 | 01,075,200 | —- | M] (Nullsoft) — C:Program FilesWinampwinamp.exe
[2007.02.17 03:00:02 | 00,155,648 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32sndvol32.exe
[2007.02.17 03:08:14 | 00,007,168 | —- | M] (Microsoft Corporation) — c:WINDOWSsystem32inetsrvw3wp.exe
[2003.04.08 21:51:36 | 00,840,192 | —- | M] (Eugene Roshal & FAR Group) — C:Program FilesFarFar.exe
[2007.02.17 02:57:48 | 00,034,816 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32rundll32.exe
[2008.12.03 19:59:02 | 01,265,296 | —- | M] (Malwarebytes Corporation) — C:Program FilesMalwarebytes’ Anti-Malwarembam.exe
[2008.12.24 19:34:28 | 00,423,424 | —- | M] (OldTimer Tools) — C:ProjectsASFCode — OBGMainASF.WebASF.Dictionary.Web.UIImagesnewDictOTViewIt.exe========== (O23) Win32 Services ==========
[2007.09.26 19:19:28 | 00,072,704 | —- | M] (Adobe Systems) — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe — (Adobe LM Service [On_Demand | Stopped])
[2005.04.04 17:58:28 | 00,163,840 | —- | M] (Adobe Systems Incorporated) — C:Program FilesAdobeAdobe Version Cue CS2binVersionCueCS2.exe — (Adobe Version Cue CS2 [Auto | Running])
[2007.03.20 15:41:24 | 00,153,792 | —- | M] (Adobe Systems Incorporated) — C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3.exe — (Adobe Version Cue CS3 [On_Demand | Stopped])
[2008.07.25 11:16:40 | 00,034,312 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe — (aspnet_state [On_Demand | Stopped])
[2006.02.28 11:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe — (Bonjour Service [Auto | Running])
[2008.07.25 11:17:02 | 00,069,632 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2003.05.07 12:21:00 | 01,413,184 | —- | M] (Cisco Systems, Inc.) — C:Program FilesCisco SystemsVPN Clientcvpnd.exe — (CVPND [Auto | Running])
[2002.07.30 10:36:00 | 00,032,768 | —- | M] (Symantec Corporation) — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusDefWatch.exe — (DefWatch [Auto | Running])
[2007.02.17 01:50:02 | 00,164,864 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32dfssvc.exe — (Dfs [On_Demand | Stopped])
[2008.08.18 13:10:09 | 00,654,848 | —- | M] (Macrovision Europe Ltd.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe — (FLEXnet Licensing Service [On_Demand | Running])
[2008.07.29 21:10:04 | 00,046,104 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe — (FontCache3.0.0.0 [On_Demand | Stopped])
[2008.07.29 19:24:50 | 00,881,664 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe — (idsvc [Unknown | Stopped])
[2007.02.17 02:19:44 | 00,014,336 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32inetsrvinetinfo.exe — (IISADMIN [Auto | Running])
[2007.02.17 02:20:52 | 00,040,448 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32ismserv.exe — (IsmServ [Disabled | Stopped])
[2008.12.12 15:29:14 | 00,152,984 | —- | M] (Sun Microsystems, Inc.) — C:Program FilesJavajre6binjqs.exe — (JavaQuickStarterService [Auto | Running])
[2007.02.17 23:30:26 | 00,094,720 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32llssrv.exe — (LicenseService [Disabled | Stopped])
[2006.10.26 12:40:34 | 00,335,872 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe — (MDM [Auto | Running])
[2007.08.24 06:59:20 | 00,068,464 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe — (Microsoft Office Groove Audit Service [On_Demand | Stopped])
[2008.08.05 16:58:50 | 00,205,840 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL Server90DTSBinnMsDtsSrvr.exe — (MsDtsServer [Auto | Running])
[2006.08.28 01:53:48 | 00,092,952 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnmsftesql.exe — (msftesql [Auto | Running])
[2008.08.05 16:58:52 | 29,184,016 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.4MSSQLBinnsqlservr.exe — (MSSQL$SQLEXPRESS [Auto | Running])
[2008.08.05 16:58:52 | 29,184,016 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnsqlservr.exe — (MSSQLSERVER [Auto | Running])
[2005.10.14 02:50:20 | 00,045,272 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL Server90Sharedsqladhlp90.exe — (MSSQLServerADHelper [Disabled | Stopped])
[2008.08.05 16:58:50 | 14,894,608 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.2OLAPbinmsmdsrv.exe — (MSSQLServerOLAPService [Auto | Running])
[2006.12.02 05:17:54 | 02,805,000 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft Visual Studio 8Common7IDERemote Debuggerx86msvsmon.exe — (msvsmon80 [Disabled | Stopped])
[2008.07.29 13:10:46 | 03,201,024 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft Visual Studio 9.0Common7IDERemote Debuggerx86msvsmon.exe — (msvsmon90 [Disabled | Stopped])
[2008.07.29 19:16:38 | 00,132,096 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe — (NetTcpPortSharing [Disabled | Stopped])
[2002.07.30 10:40:44 | 00,573,440 | —- | M] (Symantec Corporation) — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe — (Norton AntiVirus Server [Auto | Running])
[2007.02.17 02:41:50 | 00,792,064 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32ntfrs.exe — (NtFrs [On_Demand | Stopped])
[2007.08.24 03:19:12 | 00,443,776 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE — (odserv [On_Demand | Stopped])
[2006.10.26 13:03:08 | 00,145,184 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
[2008.08.05 16:58:50 | 00,016,912 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesReportServerbinReportingServicesService.exe — (ReportServer [Auto | Running])
[2007.02.17 02:55:56 | 00,067,072 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32rsopprov.exe — (RSoPProv [On_Demand | Stopped])
[2007.02.10 04:29:48 | 00,242,544 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe — (SQLBrowser [Disabled | Stopped])
[2007.02.10 04:29:48 | 00,344,944 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnSQLAGENT90.EXE — (SQLSERVERAGENT [On_Demand | Stopped])
[2007.02.10 04:29:56 | 00,089,968 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe — (SQLWriter [Auto | Running])
[2008.03.28 00:31:52 | 00,407,040 | —- | M] () — C:Program FilesTMeterTrafSvc.exe — (TrafSvc [Auto | Running])
[2007.02.17 03:07:00 | 00,071,168 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32tssdis.exe — (Tssdis [Disabled | Stopped])
[2007.02.17 03:08:32 | 00,039,424 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32wdfmgr.exe — (UMWdf [On_Demand | Stopped])
[2007.01.19 11:54:14 | 00,097,136 | —- | M] (Microsoft Corporation) — C:Program FilesMSN Messengerusnsvc.exe — (usnjsvc [On_Demand | Running])
[2007.02.17 23:36:40 | 00,352,768 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32vds.exe — (vds [On_Demand | Stopped])
[2005.12.15 20:42:10 | 00,217,088 | —- | M] (VMware, Inc.) — C:Program FilesVMwareVMware Workstationvmware-authd.exe — (VMAuthdService [Auto | Running])
[2005.12.15 20:42:10 | 00,106,496 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32vmnetdhcp.exe — (VMnetDHCP [Auto | Running])
[2005.12.15 20:28:52 | 00,245,760 | —- | M] (VMware, Inc.) — C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvmount2.exe — (vmount2 [Auto | Running])
[2005.12.15 20:42:10 | 00,135,168 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32vmnat.exe — (VMware NAT Service [Auto | Running])========== Driver Services ==========
[2006.10.31 09:12:54 | 00,037,888 | R— | M] (Attansic Technology corporation.) — C:WINDOWSsystem32driversatl01_03.sys — (AtcL001 [On_Demand | Running])
[2008.12.22 11:56:41 | 00,017,920 | —- | M] () — C:WINDOWSsystem32clicker2.sys — (clicker2.sys [On_Demand | Stopped])
[2007.02.17 01:31:14 | 00,069,120 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversclusdisk.sys — (ClusDisk [Disabled | Stopped])
[2007.02.17 01:34:58 | 00,017,920 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driverscrcdisk.sys — (crcdisk [Boot | Running])
[2003.05.07 12:22:16 | 00,268,874 | —- | M] (Cisco Systems, Inc.) — C:WINDOWSsystem32driversCVPNDRVA.sys — (CVPNDRVA [Auto | Running])
[2007.02.17 01:49:38 | 00,034,816 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversdfs.sys — (DfsDriver [Boot | Running])
[2002.10.17 13:22:50 | 00,138,916 | —- | M] (Deterministic Networks, Inc.) — C:WINDOWSsystem32driversdne2000.sys — (DNE [On_Demand | Running])
[2007.09.26 14:56:08 | 00,223,128 | —- | M] () — C:WINDOWSsystem32driversdtscsi.sys — (dtscsi [On_Demand | Running])
[2008.04.15 05:33:17 | 00,385,072 | —- | M] (Symantec Corporation) — C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys — (eeCtrl [System | Running])
[2004.09.25 06:00:00 | 00,012,928 | —- | M] (Bo Brantén) — C:WINDOWSSystem32driversfiledisk.sys — (FileDisk [System | Running])
[2005.12.15 20:42:12 | 00,022,016 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32drivershcmon.sys — (hcmon [Auto | Running])
[2005.07.08 16:56:32 | 00,144,384 | —- | M] (Windows (R) Server 2003 DDK provider) — C:WINDOWSsystem32drivershdaudbus.sys — (HDAudBus [On_Demand | Running])
[2006.08.14 23:00:00 | 01,109,568 | R— | M] (Intel Corporation) — C:WINDOWSsystem32driversigxpmp32.sys — (ialm [On_Demand | Running])
[2006.12.20 22:00:00 | 04,405,248 | R— | M] (Realtek Semiconductor Corp.) — C:WINDOWSsystem32driversRtkHDAud.sys — (IntcAzAudAddService [On_Demand | Running])
[2004.08.13 08:56:20 | 00,005,810 | R— | M] () — C:WINDOWSsystem32driversASACPI.sys — (MTsensor [On_Demand | Running])
[2002.06.19 19:57:12 | 00,218,112 | —- | M] (Symantec Corporation) — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusNavap.sys — (NAVAP [On_Demand | Running])
[2002.06.19 19:57:14 | 00,029,184 | —- | M] (Symantec Corporation) — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusNavapel.sys — (NAVAPEL [Auto | Running])
[2008.12.23 21:35:02 | 00,089,104 | —- | M] (Symantec Corporation) — C:Program FilesCommon FilesSymantec SharedVirusDefs20081222.005NAVENG.SYS — (NAVENG [On_Demand | Running])
[2008.12.23 21:35:02 | 00,876,112 | —- | M] (Symantec Corporation) — C:Program FilesCommon FilesSymantec SharedVirusDefs20081222.005NAVEX15.SYS — (NAVEX15 [On_Demand | Running])
[2008.05.26 13:13:43 | 00,010,368 | —- | M] (Padus, Inc.) — C:WINDOWSsystem32driverspfc.sys — (pfc [On_Demand | Running])
[2007.02.17 02:54:52 | 00,020,480 | —- | M] (Parallel Technologies, Inc.) — C:WINDOWSsystem32driversptilink.sys — (Ptilink [On_Demand | Running])
[2006.05.17 02:23:54 | 00,046,080 | —- | M] (Sonic Solutions) — C:WINDOWSsystem32driversPxHelp20.sys — (PxHelp20 [Boot | Running])
[2007.11.13 15:32:23 | 00,020,480 | —- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) — C:WINDOWSsystem32driverssecdrv.sys — (Secdrv [On_Demand | Stopped])
[2007.09.26 14:54:46 | 00,643,072 | —- | M] () — C:WINDOWSsystem32driverssptd.sys — (sptd [Boot | Running])
[2007.09.26 14:53:37 | 00,073,224 | —- | M] (Symantec Corporation) — C:Program FilesSymantecSYMEVENT.SYS — (SymEvent [On_Demand | Running])
[2008.02.05 16:53:40 | 00,020,480 | —- | M] (Trafficreg Software) — C:WINDOWSsystem32driversTMETER.sys — (TMeter [On_Demand | Running])
[2007.02.17 03:07:52 | 00,024,064 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversvgapnp.sys — (vga [On_Demand | Stopped])
[2005.12.15 20:42:12 | 00,009,600 | R— | M] (VMware, Inc.) — C:WINDOWSsystem32driversvmnetadapter.sys — (VMnetAdapter [On_Demand | Running])
[2005.12.15 20:42:12 | 00,023,424 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32driversvmnetbridge.sys — (VMnetBridge [Auto | Running])
[2005.12.15 20:42:12 | 00,015,616 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32driversvmnetuserif.sys — (VMnetuserif [Auto | Running])
[2005.12.15 20:42:10 | 00,009,216 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32driversvmparport.sys — (VMparport [Auto | Running])
[2005.12.15 20:42:10 | 00,094,848 | —- | M] (VMware, Inc.) — C:WINDOWSsystem32driversvmx86.sys — (vmx86 [Auto | Running])
[2003.03.03 13:08:56 | 00,176,896 | —- | M] (Zone Labs Inc.) — C:WINDOWSsystem32vsdatant.sys — (vsdatant [On_Demand | Stopped])
[2006.12.02 02:10:00 | 00,048,128 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft Visual Studio 8Team ToolsPerformance ToolsVSPerfDrv.sys — (VSPerfDrv [On_Demand | Stopped])
[2007.09.04 16:53:34 | 00,055,664 | —- | M] (Microsoft Corporation) — D:Program FilesMicrosoft Visual Studio 9.0Team ToolsPerformance ToolsVSPerfDrv90.sys — (VSPerfDrv90 [On_Demand | Stopped])
[2005.12.15 20:28:54 | 00,011,520 | —- | M] (VMware, Inc.) — C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvstor2.sys — (vstor2 [Auto | Running])
[2007.02.17 03:09:26 | 00,169,984 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driverswlbs.sys — (WLBS [On_Demand | Stopped])
[2007.02.17 03:11:38 | 00,014,848 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversws2ifsl.sys — (WS2IFSL [Disabled | Stopped])========== (R ) Internet Explorer ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain]
«Default_Page_URL»=http://go.microsoft.com/fwlink/?LinkId=69157
«Default_Search_URL»=http://go.microsoft.com/fwlink/?LinkId=54896
«Default_Secondary_Page_URL»=
«Extensions Off Page»=about:NoAdd-ons
«Local Page»=%SystemRoot%system32blank.htm
«Search Page»=http://go.microsoft.com/fwlink/?LinkId=54896
«Security Risk Page»=about:SecurityRisk
«Start Page»=http://go.microsoft.com/fwlink/?LinkId=69157[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearch]
«CustomizeSearch»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
«SearchAssistant»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMain]
«Default_Page_URL»=res://shdoclc.dll/softAdmin.htm
«Local Page»=C:WINDOWSsystem32blank.htm
«Page_Transitions»=
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=res://shdoclc.dll/softAdmin.htm[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 1
«ProxyOverride» = 192.168.0.*;msteam.local;*.msteam.local;localhost;[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-20SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SOFTWAREMicrosoftInternet ExplorerMain]
«Default_Page_URL»=res://shdoclc.dll/softAdmin.htm
«Local Page»=C:WINDOWSsystem32blank.htm
«Page_Transitions»=
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=res://shdoclc.dll/softAdmin.htm[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 1
«ProxyOverride» = 192.168.0.*;msteam.local;*.msteam.local;localhost;========== (O1) Hosts File ==========
HOSTS File = (734 bytes) — C:WINDOWSSystem32driversetcHosts
First 25 entries…
127.0.0.1 localhost========== (O2) BHO’s ==========
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
{00C6482D-C502-44C8-8409-FCE54AD9C208} (HKLM) — C:Program FilesTechSmithSnagIt 8SnagItBHO.dll (TechSmith Corporation)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll (Adobe Systems Incorporated)
{53707962-6F74-2D53-2644-206D7942484F} (HKLM) — C:Program FilesSpybot — Search & DestroySDHelper.dll (Safer Networking Limited)
{62355041-605D-4469-84FD-5D66ED67A7E3} (HKLM) — D:Program FilesMicrosoft Visual Studio 8Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO.dll (Microsoft Corporation)
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (HKLM) — D:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) — C:Program FilesJavajre6binssv.dll (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corporation)
{A5366673-E8CA-11D3-9CD9-0090271D075B} (HKLM) — C:Program FilesFlashGetJccatch.dll (Amaze Soft)
{AE7CD045-E861-484f-8273-0445EE161910} (HKLM) — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll (Adobe Systems Incorporated)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) — C:Program FilesJavajre6binjp2ssv.dll (Sun Microsystems, Inc.)
{E31CE47F-C268-41ba-897B-B415E613947D} (HKLM) — D:Program FilesMicrosoft Visual Studio 9.0Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO90.dll (Microsoft Corporation)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll (Sun Microsystems, Inc.)========== (O3) Toolbars ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{47833539-D0C5-4125-9FA8-0819E2EAAC93}» (HKLM) — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll (Adobe Systems Incorporated)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}» (HKLM) — C:Program FilesTechSmithSnagIt 8SnagItIEAddin.dll (TechSmith Corporation)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{E0E899AB-F487-11D5-8D29-0050BA6940E3}» (HKLM) — C:Program FilesFlashGetfgiebar.dll (Amaze Soft)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{47833539-D0C5-4125-9FA8-0819E2EAAC93}» (HKLM) — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll (Adobe Systems Incorporated)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{47833539-D0C5-4125-9FA8-0819E2EAAC93}» (HKLM) — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll (Adobe Systems Incorporated)[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«»= File not found
«Acrobat Assistant 8.0″=»D:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe» (Adobe Systems Inc.)
«Adobe Reader Speed Launcher»=»C:Program FilesAdobeReader 8.0ReaderReader_sl.exe» (Adobe Systems Incorporated)
«Adobe Version Cue CS2″=»C:Program FilesAdobeAdobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe» (Adobe Sytems Incorporated)
«Adobe_ID0EYTHM»=C:PROGRA~1COMMON~1AdobeADOBEV~1ServerbinVERSIO~2.EXE (Adobe Systems Incorporated)
«Alcmtr»=ALCMTR.EXE (Realtek Semiconductor Corp.)
«DAEMON Tools»=»C:Program FilesDAEMON Toolsdaemon.exe» -lang 1033 (DT Soft Ltd.)
«GrooveMonitor»=»D:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe» (Microsoft Corporation)
«HotKeysCmds»=C:WINDOWSsystem32hkcmd.exe (Intel Corporation)
«IgfxTray»=C:WINDOWSsystem32igfxtray.exe (Intel Corporation)
«ISUSPM Startup»=»c:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup (Macrovision Corporation)
«ISUSScheduler»=»C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start (Macrovision Corporation)
«Lingvo Launcher»=»C:Program FilesABBYY Lingvo 11 Six LanguagesLvagent.exe» /STARTUP (ABBYY (BIT Software))
«LingvoTraining»=»C:Program FilesABBYY Lingvo 11 Six LanguagesTutor.exe» /ND /NW /AS (ABBYY (BIT Software))
«NevoDRM»=»C:Program FilesИгрыNevoDRMNevoDRM.exe» ()
«Persistence»=C:WINDOWSsystem32igfxpers.exe (Intel Corporation)
«QuickTime Task»=»C:Program FilesQuickTimeQTTask.exe» -atboottime (Apple Inc.)
«RTHDCPL»=RTHDCPL.EXE (Realtek Semiconductor Corp.)
«SkyTel»=SkyTel.EXE (Realtek Semiconductor Corp.)
«SunJavaUpdateSched»=»C:Program FilesJavajre6binjusched.exe» (Sun Microsystems, Inc.)
«TrafMonitor»=C:Program FilesTMetertrafmonitor.exe /logon /admin ()
«vptray»=C:PROGRA~1SYMANT~1SYMANT~1vptray.exe (Symantec Corporation)
«WinampAgent»=C:Program FilesWinampwinampa.exe ()[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«Google Update»=»C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c (Google Inc.)
«MsnMsgr»=»C:Program FilesMSN MessengerMsnMsgr.Exe» /background (Microsoft Corporation)
«Skype»=»C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized (Skype Technologies S.A.)
«SpybotSD TeaTimer»=C:Program FilesSpybot — Search & DestroyTeaTimer.exe (Safer Networking Limited)[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SOFTWAREMicrosoftWindowsCurrentVersionRun]
«Google Update»=»C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c (Google Inc.)
«MsnMsgr»=»C:Program FilesMSN MessengerMsnMsgr.Exe» /background (Microsoft Corporation)
«Skype»=»C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized (Skype Technologies S.A.)
«SpybotSD TeaTimer»=C:Program FilesSpybot — Search & DestroyTeaTimer.exe (Safer Networking Limited)========== (O4) RunOnce Keys ==========
[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«tscuninstall»=%systemroot%system32tscupgrd.exe (Microsoft Corporation)[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«tscuninstall»=%systemroot%system32tscupgrd.exe (Microsoft Corporation)[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«tscuninstall»=%systemroot%system32tscupgrd.exe (Microsoft Corporation)[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«tscuninstall»=%systemroot%system32tscupgrd.exe (Microsoft Corporation)========== (O4) Startup Folders ==========
[2008.08.18 13:25:43 | 00,295,606 | R— | M] () — C:Documents and SettingsAll UsersStart MenuProgramsStartupAdobe Acrobat Speed Launcher.lnk = C:WINDOWSInstaller{AC76BA86-1033-0000-7760-000000000003}_SC_Acrobat.exe
[2006.10.22 23:01:50 | 00,734,872 | —- | M] () — C:Documents and SettingsAll UsersStart MenuProgramsStartupAdobe Acrobat Synchronizer.lnk = D:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
[2005.03.16 18:16:50 | 00,113,664 | —- | M] (Adobe Systems, Inc.) — C:Documents and SettingsAll UsersStart MenuProgramsStartupAdobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
[2007.05.01 11:11:48 | 06,395,464 | —- | M] (TechSmith Corporation) — C:Documents and SettingsAll UsersStart MenuProgramsStartupSnagIt 8.lnk = C:Program FilesTechSmithSnagIt 8SnagIt32.exe
[2007.09.27 14:27:25 | 00,006,144 | R— | M] () — C:Documents and SettingsAll UsersStart MenuProgramsStartupVPN Client.lnk = C:WINDOWSInstaller{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}Icon3E5562ED7.ico========== (O6 & O7) Current Version Policies ==========
[HKEY_CURRENT_USERSoftwarepoliciesmicrosoftinternet explorerControl Panel]
«Proxy»=1[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566Softwarepoliciesmicrosoftinternet explorerControl Panel]
«Proxy»=1[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«ShowSuperHidden»=1
«NoDriveTypeAutoRun»=95[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem]
«disablecad»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«scforceoption»=0
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=149[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem]
«DisableRegistryTools»=0[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=149[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=149[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=149[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=149[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=149[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem]
«DisableRegistryTools»=0========== (O8) IE Context Menu Extensions ==========
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt]
Append to existing PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert link target to Adobe PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert link target to existing PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert selected links to Adobe PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert selected links to existing PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert selection to Adobe PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert selection to existing PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
E&xport to Microsoft Excel: D:Program FilesMicrosoft OfficeOffice12EXCEL.EXE [2008.10.18 18:30:22 | 17,931,616 | —- | M] (Microsoft Corporation)
Translate with ABBYY &Lingvo: C:Program FilesABBYY Lingvo 11 Six LanguagesLingvo.exe [2005.09.01 04:14:20 | 04,579,328 | —- | M] (ABBYY (BIT Software))
Закачать все при помощи FlashGet: C:Program FilesFlashGetjc_all.htm [2000.02.06 11:06:06 | 00,000,575 | —- | M] ()
Закачать при помощи FlashGet: C:Program FilesFlashGetjc_link.htm [2000.02.06 11:06:34 | 00,001,898 | —- | M] ()[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SoftwareMicrosoftInternet ExplorerMenuExt]
Append to existing PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert link target to Adobe PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert link target to existing PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert selected links to Adobe PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert selected links to existing PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert selection to Adobe PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert selection to existing PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF: D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006.10.22 22:20:26 | 00,321,120 | —- | M] (Adobe Systems Incorporated)
E&xport to Microsoft Excel: D:Program FilesMicrosoft OfficeOffice12EXCEL.EXE [2008.10.18 18:30:22 | 17,931,616 | —- | M] (Microsoft Corporation)
Translate with ABBYY &Lingvo: C:Program FilesABBYY Lingvo 11 Six LanguagesLingvo.exe [2005.09.01 04:14:20 | 04,579,328 | —- | M] (ABBYY (BIT Software))
Закачать все при помощи FlashGet: C:Program FilesFlashGetjc_all.htm [2000.02.06 11:06:06 | 00,000,575 | —- | M] ()
Закачать при помощи FlashGet: C:Program FilesFlashGetjc_link.htm [2000.02.06 11:06:34 | 00,001,898 | —- | M] ()========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Send to OneNote — D:Program FilesMicrosoft OfficeOffice12ONBttnIE.dll [2007.12.13 01:20:58 | 00,606,288 | —- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: S&end to OneNote — D:Program FilesMicrosoft OfficeOffice12ONBttnIE.dll [2007.12.13 01:20:58 | 00,606,288 | —- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research — D:Program FilesMicrosoft OfficeOffice12REFIEBAR.DLL [2006.10.26 19:12:22 | 00,040,424 | —- | M] (Microsoft Corporation)
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}: Button: FlashGet — %ProgramFiles%FlashGetflashget.exe [2002.05.27 11:51:22 | 01,179,648 | —- | M] (Amaze Soft)
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}: Menu: &FlashGet — %ProgramFiles%FlashGetflashget.exe [2002.05.27 11:51:22 | 01,179,648 | —- | M] (Amaze Soft)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot — Search & Destroy Configuration — %ProgramFiles%Spybot — Search & DestroySDHelper.dll [2008.09.15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
{E59EB121-F339-4851-A3BA-FE49C35617C2}: Button: ICQ6 — %ProgramFiles%ICQ6ICQ.exe [2008.09.01 21:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
{E59EB121-F339-4851-A3BA-FE49C35617C2}: Menu: ICQ6 — %ProgramFiles%ICQ6ICQ.exe [2008.09.01 21:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D}: Button: PokerStars.net — %ProgramFiles%PokerStars.NETPokerStarsUpdate.exe [2008.11.07 18:44:55 | 00,701,720 | —- | M] (PokerStars)[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKLM] -> D:Program FilesMicrosoft OfficeOffice12ONBttnIE.dll [Send to OneNote] -> [2007.12.13 01:20:58 | 00,606,288 | —- | M] (Microsoft Corporation)
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> D:Program FilesMicrosoft OfficeOffice12REFIEBAR.DLL [Research] -> [2006.10.26 19:12:22 | 00,040,424 | —- | M] (Microsoft Corporation)
CmdMapping\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKLM] -> %ProgramFiles%FlashGetflashget.exe [FlashGet] -> [2002.05.27 11:51:22 | 01,179,648 | —- | M] (Amaze Soft)
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> %ProgramFiles%ICQ6ICQ.exe [ICQ6] -> [2008.09.01 21:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
CmdMapping\{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} [HKLM] -> %ProgramFiles%PokerStars.NETPokerStarsUpdate.exe [PokerStars.net] -> [2008.11.07 18:44:55 | 00,701,720 | —- | M] (PokerStars)[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKLM] -> D:Program FilesMicrosoft OfficeOffice12ONBttnIE.dll [Send to OneNote] -> [2007.12.13 01:20:58 | 00,606,288 | —- | M] (Microsoft Corporation)
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> D:Program FilesMicrosoft OfficeOffice12REFIEBAR.DLL [Research] -> [2006.10.26 19:12:22 | 00,040,424 | —- | M] (Microsoft Corporation)
CmdMapping\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKLM] -> %ProgramFiles%FlashGetflashget.exe [FlashGet] -> [2002.05.27 11:51:22 | 01,179,648 | —- | M] (Amaze Soft)
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> %ProgramFiles%ICQ6ICQ.exe [ICQ6] -> [2008.09.01 21:08:21 | 00,173,304 | —- | M] (ICQ, Inc.)
CmdMapping\{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} [HKLM] -> %ProgramFiles%PokerStars.NETPokerStarsUpdate.exe [PokerStars.net] -> [2008.11.07 18:44:55 | 00,701,720 | —- | M] (PokerStars)========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerPlugins]
PluginsPage: «» = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: «» = Microsoft ActiveX Gallery========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLDefaultPrefix]
«»=http://========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
1 domain(s) and sub-domain(s) not assigned to a zone.[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
dinex.dkwww: http in My Computer
1 domain(s) and sub-domain(s) not assigned to a zone.[HKEY_USERSS-1-5-21-3678828449-2864459046-1899228827-5566SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
dinex.dkwww: http in My Computer
1 domain(s) and sub-domain(s) not assigned to a zone.========== (O16) DPF ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1207113857174 — MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab — Java Plug-in 1.6.0_11
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab — Java Plug-in 1.6.0_02
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab — Java Plug-in 1.6.0_03
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab — Java Plug-in 1.6.0_05
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab — Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab — Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab — Shockwave Flash Object========== (O17) DNS Name Servers ==========
{09B89079-9E6A-4D18-B873-0F1152B49429} (Servers: | Description: )
{63CACF20-719E-4C91-A034-5EC6AA05B47E} (Servers: | Description: )
{C0DA178A-92AD-47E9-A7CD-DEC0312D3098} (Servers: | Description: Attansic L1 Gigabit Ethernet 10/100/1000Base-T Controller)========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify]
igfxcui: «DllName» = igfxdev.dll — C:WINDOWSsystem32igfxdev.dll (Intel Corporation)
NavLogon: «DllName» = C:WINDOWSsystem32NavLogon.dll — C:WINDOWSsystem32NavLogon.dll ()========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}» (HKLM) — D:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll (Microsoft Corporation)========== Safeboot Options ==========
«AlternateShell»=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCdrom]
«AutoRun» = 0========== Autorun Files on Drives ==========
AUTOEXEC.BAT []
[2007.09.26 15:04:56 | 00,000,000 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]autorun.inf [[autorun] | label=Microsoft Expression Blend 2 | icon=Setup.exe,0 | open=Setup.exe | ]
[2008.04.21 09:36:50 | 00,000,081 | R— | M] () — E:autorun.inf — [ CDFS ]AUTORUN.INF [[AutoRun] | open=setup.exe | icon=setup.exe,0 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ]
[2001.08.24 00:00:00 | 00,000,110 | R— | M] () — F:AUTORUN.INF — [ CDFS ]AUTORUN.INF [[AutoRun] | open=setup.exe | icon=setup.exe,0 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ]
[2001.08.24 00:00:00 | 00,000,110 | R— | M] () — G:AUTORUN.INF — [ CDFS ]========== MountPoints2 ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{17d25e65-da06-11dc-9c02-005056c00008}ShellAutoRuncommand]
«»=F:[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{17d25e65-da06-11dc-9c02-005056c00008}ShellopenCommand]
«»=rundll32.exe .desktop.dll,InstallM[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{270c11ff-6cce-11dc-97b1-005056c00008}ShellAutoRuncommand]
«»=F:f.exe — File not found[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{270c11ff-6cce-11dc-97b1-005056c00008}ShellexploreCommand]
«»=F:f.exe — File not found[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{270c11ff-6cce-11dc-97b1-005056c00008}ShellopenCommand]
«»=F:f.exe — File not found========== Files/Folders — Created Within 30 Days ==========
[2008.12.24 16:03:21 | 00,000,000 | —D | C] — C:Documents and SettingsgigDesktopЮрчик
[2008.12.24 14:53:03 | 00,000,000 | —D | C] — C:Documents and SettingsgigDesktopzooming
[2008.12.24 13:08:14 | 02,152,962 | —- | C] () — C:Documents and SettingsgigDesktopuntitled.bmp
[2008.12.23 19:02:16 | 00,000,939 | —- | C] () — C:Documents and SettingsgigDesktopSpybot — Search & Destroy.lnk
[2008.12.23 19:02:12 | 00,000,000 | —D | C] — C:Program FilesSpybot — Search & Destroy
[2008.12.23 19:02:12 | 00,000,000 | —D | C] — C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
[2008.12.23 18:59:30 | 15,083,520 | —- | C] (Safer Networking Limited ) — C:Documents and SettingsgigDesktopspybotsd160.exe
[2008.12.23 18:04:11 | 00,389,120 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32cmd.execf
[2008.12.23 18:04:05 | 00,000,000 | —D | C] — C:32788R22FWJFW
[2008.12.23 18:03:53 | 02,885,687 | —- | C] () — C:Documents and SettingsgigDesktopComboFix.exe
[2008.12.23 16:29:35 | 00,796,078 | —- | C] () — C:Documents and SettingsgigDesktopzooming.zip
[2008.12.23 14:37:50 | 00,001,740 | —- | C] () — C:Documents and SettingsgigDesktopHijackThis.lnk
[2008.12.23 14:17:17 | 00,000,000 | —D | C] — C:Documents and SettingsgigDesktopSecurity
[2008.12.22 18:03:01 | 00,012,319 | —- | C] () — C:Documents and SettingsgigDesktopSprotin credit card payment.docx
[2008.12.22 15:21:31 | 00,539,136 | —- | C] () — C:Documents and SettingsgigDesktopASF_2008_12_19_1.mpp
[2008.12.18 22:31:39 | 03,593,216 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32mshtml.dll
[2008.12.17 13:43:30 | 00,000,000 | —D | C] — C:Program FilesMultipleIEs
[2008.12.15 17:31:33 | 00,017,920 | —- | C] () — C:WINDOWSSystem32clicker2.sys
[2008.12.15 14:09:19 | 00,000,127 | —- | C] () — C:WINDOWSSystem32MRT.INI
[2008.12.12 18:49:11 | 00,000,000 | —D | C] — C:Documents and SettingsgigDesktopLaw
[2008.12.12 18:31:56 | 00,353,647 | —- | C] () — C:Documents and SettingsgigMy DocumentsПлюсы.docx
[2008.12.12 15:58:58 | 00,000,000 | —D | C] — C:rsit
[2008.12.12 15:58:44 | 00,305,705 | —- | C] () — C:Documents and SettingsgigDesktopRSIT.exe
[2008.12.12 13:58:50 | 00,000,000 | —D | C] — C:Documents and SettingsgigApplication DataMalwarebytes
[2008.12.12 13:58:47 | 00,015,504 | —- | C] (Malwarebytes Corporation) — C:WINDOWSSystem32driversmbam.sys
[2008.12.12 13:58:47 | 00,000,702 | —- | C] () — C:Documents and SettingsAll UsersDesktopMalwarebytes’ Anti-Malware.lnk
[2008.12.12 13:58:45 | 00,038,496 | —- | C] (Malwarebytes Corporation) — C:WINDOWSSystem32driversmbamswissarmy.sys
[2008.12.12 13:58:44 | 00,000,000 | —D | C] — C:Program FilesMalwarebytes’ Anti-Malware
[2008.12.12 13:58:44 | 00,000,000 | —D | C] — C:Documents and SettingsAll UsersApplication DataMalwarebytes
[2008.12.12 13:15:16 | 00,000,000 | —D | C] — C:Program FilesAdvanced FAR FTP Password Recovery
[2008.12.12 12:35:11 | 00,000,000 | —D | C] — C:Program FilesTrend Micro
[2008.12.12 12:35:03 | 00,812,344 | —- | C] (Trend Micro Inc.) — C:Documents and SettingsgigDesktopHJTInstall.exe
[2008.12.12 11:58:37 | 00,000,000 | —D | C] — C:Program FilesSoftLogica
[2008.12.10 18:27:51 | 00,459,264 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32msfeeds.dll
[2008.12.10 18:27:51 | 00,267,776 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32iertutil.dll
[2008.12.10 18:27:51 | 00,105,984 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32url.dll
[2008.12.10 18:27:51 | 00,105,984 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcacheurl.dll
[2008.12.10 18:27:51 | 00,052,224 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32msfeedsbs.dll
[2008.12.10 18:27:50 | 00,383,488 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32ieapfltr.dll
[2008.12.10 18:27:50 | 00,063,488 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32icardie.dll
[2008.12.10 18:27:49 | 00,124,928 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcacheadvpack.dll
[2008.12.10 18:27:49 | 00,124,928 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32advpack.dll
[2008.12.10 18:27:48 | 00,826,368 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32wininet.dll
[2008.12.10 18:27:48 | 00,826,368 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcachewininet.dll
[2008.12.10 18:27:47 | 01,160,192 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32urlmon.dll
[2008.12.10 18:27:47 | 01,160,192 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcacheurlmon.dll
[2008.12.10 18:27:43 | 06,066,176 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32ieframe.dll
[2008.12.10 18:27:41 | 03,593,216 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcachemshtml.dll
[2008.12.10 18:27:38 | 00,096,768 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcachelogagent.exe
[2008.12.10 18:27:37 | 00,990,208 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcachewmnetmgr.dll
[2008.12.10 18:27:35 | 02,330,624 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32wmvcore.dll
[2008.12.10 18:27:35 | 02,330,624 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcachewmvcore.dll
[2008.12.10 18:27:31 | 00,284,672 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32gdi32.dll
[2008.12.10 18:27:31 | 00,284,672 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcachegdi32.dll
[2008.12.10 18:27:30 | 00,247,326 | —- | C] (Microsoft Corporation) — C:WINDOWSSystem32dllcachestrmdll.dll
[2008.12.04 19:48:19 | 00,000,000 | —D | C] — C:Documents and SettingsgigLocal SettingsApplication Dataany
[2008.12.04 19:48:19 | 00,000,000 | —D | C] — C:Documents and SettingsgigApplication Dataany
[2008.12.03 14:56:48 | 00,524,288 | —- | C] () — C:Documents and SettingsgigDesktopASF_2008_12_03.mpp
[2008.12.02 12:24:45 | 00,009,600 | R— | C] (VMware, Inc.) — C:WINDOWSSystem32driversvmnetadapter.sys
[2008.12.02 12:24:45 | 00,005,120 | R— | C] (VMware, Inc.) — C:WINDOWSSystem32vnetinst.dll
[2008.12.02 12:24:43 | 00,135,168 | —- | C] (VMware, Inc.) — C:WINDOWSSystem32vmnat.exe
[2008.12.02 12:24:43 | 00,106,496 | —- | C] (VMware, Inc.) — C:WINDOWSSystem32vmnetdhcp.exe
[2008.12.02 12:24:43 | 00,015,616 | —- | C] (VMware, Inc.) — C:WINDOWSSystem32driversvmnetuserif.sys
[2008.12.02 12:24:41 | 00,010,240 | R— | C] (VMware, Inc.) — C:WINDOWSSystem32driversvmnet.sys
[2008.12.02 12:24:40 | 00,385,024 | —- | C] (VMware, Inc.) — C:WINDOWSSystem32vnetlib.dll
[2008.12.02 12:23:49 | 00,000,000 | —D | C] — C:Program FilesCommon FilesVMware
[2008.12.01 21:11:51 | 00,001,024 | —- | C] () — C:.rnd
[2008.12.01 21:10:40 | 00,000,000 | —D | C] — C:Program FilesVMware
[2008.12.01 20:42:47 | 00,000,000 | —D | C] — C:mnt
[2008.12.01 13:17:48 | 00,000,000 | —D | C] — C:Program Filesavz4
[2008.12.01 13:04:38 | 00,000,056 | -H— | C] () — C:WINDOWSSystem32ezsidmv.dat
[2008.12.01 13:04:11 | 00,000,000 | —D | C] — C:Documents and SettingsgigApplication DataskypePM
[2008.11.28 20:31:44 | 00,104,448 | —- | C] () — C:WINDOWSSystem32rdl9432.exe
[2008.11.28 20:28:37 | 00,000,000 | —D | C] — C:Documents and SettingsgigApplication DataScreenSeven
[2008.11.28 20:26:38 | 00,000,010 | —- | C] () — C:WINDOWSpopcinfo.dat
[2008.11.28 19:47:26 | 00,000,000 | —D | C] — C:Program FilesZuma Deluxe
[2008.11.28 19:47:14 | 00,000,000 | —D | C] — C:Program FilesReflexiveArcade
[2008.11.27 18:50:11 | 00,000,000 | —D | C] — C:Documents and SettingsgigLocal SettingsApplication DataPaint.NET
[2008.11.27 18:44:50 | 00,000,000 | —D | C] — C:Transfer
[2008.11.27 16:40:06 | 00,000,000 | —D | C] — C:Documents and SettingsgigMy DocumentsDownloads
[2008.11.27 15:14:14 | 00,000,000 | —D | C] — C:Documents and SettingsgigDesktopPublishingSupport.InputRSIT скачал и запустил, но он не доходя до конца, на этапе Listing Services and Drivers
выдает ошибку: Line: -1 Error: Variable used without being declared.тем не менее log.txt создается, а info.txt нет.
Вот log.txt:
Logfile of random’s system information tool 1.04 (written by random/random)
Run by gig at 2008-12-23 14:47:59
Microsoft(R) Windows(R) Server 2003, Enterprise Edition Service Pack 2
System drive C: has 4 GB (9%) free of 50 GB
Total RAM: 2039 MB (48% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:00, on 23.12.2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAdobeAdobe Version Cue CS2binVersionCueCS2.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32cisvc.exe
C:Program FilesCisco SystemsVPN Clientcvpnd.exe
C:Program FilesSymantec_Client_SecuritySymantec AntiVirusDefWatch.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32inetsrvinetinfo.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnmsftesql.exe
C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnsqlservr.exe
C:Program FilesMicrosoft SQL ServerMSSQL.2OLAPbinmsmdsrv.exe
C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe
C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesReportServerbinReportingServicesService.exe
C:Program FilesAdobeAdobe Version Cue CS2datadatabasebinmysqld-nt.exe
C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe
C:Program FilesTMeterTrafSvc.exe
C:Program FilesVMwareVMware Workstationvmware-authd.exe
C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvmount2.exe
C:WINDOWSsystem32vmnat.exe
C:WINDOWSsystem32vmnetdhcp.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32cmd.exe
C:TFSCustomPoliciesUpdatePolicies.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:WINDOWSRTHDCPL.EXE
C:PROGRA~1SYMANT~1SYMANT~1vptray.exe
C:Program FilesDAEMON Toolsdaemon.exe
D:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesAdobeAdobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe
C:Program FilesWinampwinampa.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesABBYY Lingvo 11 Six LanguagesLvagent.exe
C:Program FilesQuickTimeQTTask.exe
C:Program FilesTMetertrafmonitor.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
D:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMSN MessengerMsnMsgr.Exe
C:Program FilesSkypePhoneSkype.exe
C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesICQ6ICQ.exe
C:Program FilesTechSmithSnagIt 8SnagIt32.exe
C:Program FilesTechSmithSnagIt 8TSCHelp.exe
C:Program FilesTechSmithSnagIt 8SnagPriv.exe
C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
C:Program FilesMSN Messengerusnsvc.exe
C:Program FilesSkypePlugin ManagerSkypePM.exe
C:WINDOWSsystem32cidaemon.exe
C:WINDOWSsystem32cidaemon.exe
C:WINDOWSsystem32cidaemon.exe
C:Program FilesMozilla Firefoxfirefox.exe
D:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE
C:WINDOWSsystem32NOTEPAD.EXE
C:Documents and SettingsgigDesktopRSIT.exe
C:Program FilesTrend MicroHijackThisgig.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://google.icq.com/search/search_frame.php
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = res://shdoclc.dll/softAdmin.htm
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = msteam1:8080
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 192.168.0.*;msteam.local;*.msteam.local;localhost;
R3 — Default URLSearchHook is missing
O2 — BHO: SnagIt Toolbar Loader — {00C6482D-C502-44C8-8409-FCE54AD9C208} — C:Program FilesTechSmithSnagIt 8SnagItBHO.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: Microsoft Web Test Recorder Helper — {62355041-605D-4469-84FD-5D66ED67A7E3} — D:Program FilesMicrosoft Visual Studio 8Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — D:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: (no name) — {7E853D72-626A-48EC-A868-BA8D5E23E045} — (no file)
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: IeCatch2 Class — {A5366673-E8CA-11D3-9CD9-0090271D075B} — C:PROGRA~1FlashGetjccatch.dll
O2 — BHO: Adobe PDF Conversion Toolbar Helper — {AE7CD045-E861-484f-8273-0445EE161910} — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: Microsoft Web Test Recorder 9.0 Helper — {E31CE47F-C268-41ba-897B-B415E613947D} — D:Program FilesMicrosoft Visual Studio 9.0Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO90.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 — Toolbar: FlashGet Bar — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — C:PROGRA~1FlashGetfgiebar.dll
O3 — Toolbar: Adobe PDF — {47833539-D0C5-4125-9FA8-0819E2EAAC93} — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O3 — Toolbar: SnagIt — {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — C:Program FilesTechSmithSnagIt 8SnagItIEAddin.dll
O4 — HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] C:WINDOWSsystem32igfxpers.exe
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [vptray] C:PROGRA~1SYMANT~1SYMANT~1vptray.exe
O4 — HKLM..Run: [DAEMON Tools] «C:Program FilesDAEMON Toolsdaemon.exe» -lang 1033
O4 — HKLM..Run: [GrooveMonitor] «D:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Adobe Version Cue CS2] «C:Program FilesAdobeAdobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe»
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [Lingvo Launcher] «C:Program FilesABBYY Lingvo 11 Six LanguagesLvagent.exe» /STARTUP
O4 — HKLM..Run: [LingvoTraining] «C:Program FilesABBYY Lingvo 11 Six LanguagesTutor.exe» /ND /NW /AS
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [TrafMonitor] C:Program FilesTMetertrafmonitor.exe /logon /admin
O4 — HKLM..Run: [ISUSPM Startup] «c:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup
O4 — HKLM..Run: [ISUSScheduler] «C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start
O4 — HKLM..Run: [Acrobat Assistant 8.0] «D:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe»
O4 — HKLM..Run: [Adobe_ID0EYTHM] C:PROGRA~1COMMON~1AdobeADOBEV~1ServerbinVERSIO~2.EXE
O4 — HKLM..Run: [NevoDRM] «C:Program FilesИгрыNevoDRMNevoDRM.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MsnMsgr] «C:Program FilesMSN MessengerMsnMsgr.Exe» /background
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘Default user’)
O4 — Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 — Global Startup: Adobe Acrobat Synchronizer.lnk = D:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
O4 — Global Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: SnagIt 8.lnk = C:Program FilesTechSmithSnagIt 8SnagIt32.exe
O4 — Global Startup: VPN Client.lnk = ?
O6 — HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 — Extra context menu item: Append to existing PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert link target to Adobe PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert link target to existing PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert selected links to Adobe PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 — Extra context menu item: Convert selected links to existing PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 — Extra context menu item: Convert selection to Adobe PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert selection to existing PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert to Adobe PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: E&xport to Microsoft Excel — res://D:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Translate with ABBYY &Lingvo — res://C:Program FilesABBYY Lingvo 11 Six LanguagesLingvo.exe/3000
O8 — Extra context menu item: Закачать все при помощи FlashGet — C:Program FilesFlashGetjc_all.htm
O8 — Extra context menu item: Закачать при помощи FlashGet — C:Program FilesFlashGetjc_link.htm
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — D:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — D:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — D:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra ‘Tools’ menuitem: &FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O9 — Extra button: PokerStars.net — {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} — C:Program FilesPokerStars.NETPokerStarsUpdate.exe
O15 — Trusted Zone: http://www.dinex.dk
O15 — ESC Trusted Zone: http://runonce.msn.com
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1207113857174
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpipParameters: Domain = msteam.local
O17 — HKLMSoftware..Telephony: DomainName = msteam.local
O17 — HKLMSystemCS1ServicesTcpipParameters: Domain = msteam.local
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — D:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Adobe Version Cue CS2 — Adobe Systems Incorporated — C:Program FilesAdobeAdobe Version Cue CS2binVersionCueCS2.exe
O23 — Service: Adobe Version Cue CS3 — Adobe Systems Incorporated — C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3.exe
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Cisco Systems, Inc. VPN Service (CVPND) — Cisco Systems, Inc. — C:Program FilesCisco SystemsVPN Clientcvpnd.exe
O23 — Service: DefWatch — Symantec Corporation — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusDefWatch.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: Symantec AntiVirus Client (Norton AntiVirus Server) — Symantec Corporation — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe
O23 — Service: TMeter 8.0.488 (TrafSvc) — Unknown owner — C:Program FilesTMeterTrafSvc.exe
O23 — Service: VMware Authorization Service (VMAuthdService) — VMware, Inc. — C:Program FilesVMwareVMware Workstationvmware-authd.exe
O23 — Service: VMware DHCP Service (VMnetDHCP) — VMware, Inc. — C:WINDOWSsystem32vmnetdhcp.exe
O23 — Service: VMware Virtual Mount Manager Extended (vmount2) — VMware, Inc. — C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvmount2.exe
O23 — Service: VMware NAT Service — VMware, Inc. — C:WINDOWSsystem32vmnat.exe—
End of file — 15557 bytes======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskUser.job
C:WINDOWStasksSystemState Backup (weekly).job
C:WINDOWStasksSystemState Backup.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader — C:Program FilesTechSmithSnagIt 8SnagItBHO.dll [2007-05-01 63048][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{62355041-605D-4469-84FD-5D66ED67A7E3}]
Microsoft Web Test Recorder Helper — D:Program FilesMicrosoft Visual Studio 8Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO.dll [2006-12-02 29696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — D:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper — C:Program FilesJavajre6binssv.dll [2008-12-12 320920][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2007-12-14 392240][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A5366673-E8CA-11D3-9CD9-0090271D075B}]
IeCatch2 Class — C:PROGRA~1FlashGetjccatch.dll [2002-01-16 65536][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2008-12-12 34816][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E31CE47F-C268-41ba-897B-B415E613947D}]
Microsoft Web Test Recorder 9.0 Helper — D:Program FilesMicrosoft Visual Studio 9.0Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO90.dll [2007-11-08 64088][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2008-12-12 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} — FlashGet Bar — C:PROGRA~1FlashGetfgiebar.dll [2002-05-27 86016]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} — Adobe PDF — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — SnagIt — C:Program FilesTechSmithSnagIt 8SnagItIEAddin.dll [2007-05-01 161352][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«IgfxTray»=C:WINDOWSsystem32igfxtray.exe [2006-08-14 98304]
«HotKeysCmds»=C:WINDOWSsystem32hkcmd.exe [2006-08-14 114688]
«Persistence»=C:WINDOWSsystem32igfxpers.exe [2006-08-14 94208]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-12-17 16062464]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-15 2879488]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-02 69632]
«vptray»=C:PROGRA~1SYMANT~1SYMANT~1vptray.exe [2002-07-30 77824]
«DAEMON Tools»=C:Program FilesDAEMON Toolsdaemon.exe [2005-12-10 133016]
«GrooveMonitor»=D:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
«Adobe Version Cue CS2″=C:Program FilesAdobeAdobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe [2005-04-04 856064]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2006-06-21 35328]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2008-12-12 136600]
«»= []
«Lingvo Launcher»=C:Program FilesABBYY Lingvo 11 Six LanguagesLvagent.exe [2005-09-01 106496]
«LingvoTraining»=C:Program FilesABBYY Lingvo 11 Six LanguagesTutor.exe [2005-09-01 1282048]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-01-11 39792]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2008-01-31 385024]
«TrafMonitor»=C:Program FilesTMetertrafmonitor.exe [2008-02-07 221184]
«ISUSPM Startup»=c:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe [2005-08-11 249856]
«ISUSScheduler»=C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe [2005-08-11 81920]
«Acrobat Assistant 8.0″=D:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe [2006-10-22 620152]
«Adobe_ID0EYTHM»=C:PROGRA~1COMMON~1AdobeADOBEV~1ServerbinVERSIO~2.EXE [2007-03-20 1884160]
«NevoDRM»=C:Program FilesИгрыNevoDRMNevoDRM.exe [2008-07-29 201728][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2007-02-17 15360]
«MsnMsgr»=C:Program FilesMSN MessengerMsnMsgr.Exe [2007-01-19 5674352]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]
«Google Update»=C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2008-09-03 133104]
«ICQ»=C:Program FilesICQ6ICQ.exe [2008-09-01 173304]C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Acrobat Speed Launcher.lnk — C:WINDOWSInstaller{AC76BA86-1033-0000-7760-000000000003}_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk — D:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
SnagIt 8.lnk — C:Program FilesTechSmithSnagIt 8SnagIt32.exe
VPN Client.lnk — C:WINDOWSInstaller{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}Icon3E5562ED7.ico[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycrypt32chain]
C:WINDOWSsystem32crypt32.dll [2007-02-17 595456][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycryptnet]
C:WINDOWSsystem32cryptnet.dll [2007-02-17 62464][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycscdll]
C:WINDOWSsystem32cscdll.dll [2007-02-17 101888][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifydimsntfy]
C:WINDOWSsystem32dimsntfy.dll [2007-02-17 19456][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2006-08-14 155648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyNavLogon]
C:WINDOWSsystem32NavLogon.dll [2002-07-30 45056][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyScCertProp]
C:WINDOWSsystem32wlnotify.dll [2007-02-17 96768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifySchedule]
C:WINDOWSsystem32wlnotify.dll [2007-02-17 96768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifysclgntfy]
C:WINDOWSsystem32sclgntfy.dll [2003-03-25 19968][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifySensLogn]
C:WINDOWSsystem32WlNotify.dll [2007-02-17 96768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifytermsrv]
C:WINDOWSsystem32wlnotify.dll [2007-02-17 96768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifywlballoon]
C:WINDOWSsystem32wlnotify.dll [2007-02-17 96768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
PostBootReminder — {7849596a-48ea-486e-8937-a2a3009f31a9} — C:WINDOWSsystem32SHELL32.dll [2007-11-07 8360448]
CDBurn — {fbeb8a05-beee-4442-804e-409d6c4515e9} — C:WINDOWSsystem32SHELL32.dll [2007-11-07 8360448]
WebCheck — {E6FB5E20-DE35-11CF-9C87-00AA005127ED} — C:WINDOWSsystem32webcheck.dll [2008-10-17 233472]
SysTray — {35CEC8A3-2BE6-11D2-8773-92E220524153} — C:WINDOWSsystem32stobject.dll [2007-02-17 122880][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionexplorerSharedTaskScheduler]
Browseui preloader — {438755C2-A8BA-11D1-B96B-00A0C90312E1} — C:WINDOWSsystem32browseui.dll [2007-02-17 1033216]
Component Categories cache daemon — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:WINDOWSsystem32browseui.dll [2007-02-17 1033216][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}»=C:WINDOWSsystem32shell32.dll [2007-11-07 8360448]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=D:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«notification packages»=RASSFM
KDCSVC
WDIGEST
scecli[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAppMgmt]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalBase]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalBoot Bus Extender]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalBoot file system]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalCryptSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalDcomLaunch]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmadmin]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmboot.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmio.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmload.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmserver]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalEventLog]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalFile system]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalFilter]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalHelpSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalNetlogon]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPCI Configuration]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPlugPlay]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPNP Filter]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPrimary disk]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalRpcSs]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsacsvr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSCSI Class]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsermouse.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSystem Bus Extender]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvds]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvga.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvgasave.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalwd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinMgmt]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAFD]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAppMgmt]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBase]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBoot Bus Extender]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBoot file system]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBrowser]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkCryptSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDcomLaunch]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDhcp]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmadmin]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmboot.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmio.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmload.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmserver]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDnsCache]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkEventLog]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkFile system]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkFilter]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkHelpSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkip6fw.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkipnat.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkLanmanServer]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkLanmanWorkstation]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkLmHosts]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMessenger]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNDIS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNDIS Wrapper]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNdisuio]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetBIOS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetBIOSGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetBT]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetDDEGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetlogon]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetMan]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetwork]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetworkProvider]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNtLmSsp]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPCI Configuration]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPlugPlay]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPNP Filter]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPNP_TDI]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPrimary disk]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpcdd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpdd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpwd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdsessmgr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkRpcSs]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksacsvr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSCSI Class]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksermouse.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksharedaccess]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkStreams Drivers]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSystem Bus Extender]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTcpip]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTDI]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworktdpipe.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworktdtcp.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworktermservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkUploadMgr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvds]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvga.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvgasave.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinMgmt]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWZCSVC]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«disablecad»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=149[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«ShowSuperHidden»=
«NoDriveTypeAutoRun»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«D:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»D:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesFarFar.exe»=»C:Program FilesFarFar.exe:*:Enabled:File and archive manager»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{17d25e65-da06-11dc-9c02-005056c00008}]
shellAutoRuncommand — F:
shellopencommand — rundll32.exe .desktop.dll,InstallM[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{270c11ff-6cce-11dc-97b1-005056c00008}]
shellAutoRuncommand — F:f.exe
shellexplorecommand — F:f.exe
shellopencommand — F:f.exe======List of files/folders created in the last 1 months======
2008-12-22 17:23:00 —-A—- C:mbam-info.txt
2008-12-18 22:31:39 —-A—- C:WINDOWSsystem32mshtml.dll
2008-12-17 13:43:30 —-D—- C:Program FilesMultipleIEs
2008-12-15 17:34:08 —-A—- C:WINDOWSsystem32rundll32.exe.Z-missing.txt
2008-12-15 14:09:19 —-A—- C:WINDOWSsystem32MRT.INI
2008-12-12 15:58:58 —-D—- C:rsit
2008-12-12 15:29:23 —-A—- C:WINDOWSsystem32deploytk.dll
2008-12-12 13:58:50 —-D—- C:Documents and SettingsgigApplication DataMalwarebytes
2008-12-12 13:58:44 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2008-12-12 13:58:44 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2008-12-12 13:15:16 —-D—- C:Program FilesAdvanced FAR FTP Password Recovery
2008-12-12 12:35:11 —-D—- C:Program FilesTrend Micro
2008-12-12 11:58:37 —-D—- C:Program FilesSoftLogica
2008-12-11 15:31:26 —-HDC—- C:WINDOWS$NtUninstallKB952069$
2008-12-11 15:30:53 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2008-12-11 15:30:22 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2008-12-11 15:29:54 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2008-12-10 18:27:51 —-A—- C:WINDOWSsystem32url.dll
2008-12-10 18:27:51 —-A—- C:WINDOWSsystem32msfeedsbs.dll
2008-12-10 18:27:51 —-A—- C:WINDOWSsystem32msfeeds.dll
2008-12-10 18:27:51 —-A—- C:WINDOWSsystem32iertutil.dll
2008-12-10 18:27:50 —-A—- C:WINDOWSsystem32ieapfltr.dll
2008-12-10 18:27:50 —-A—- C:WINDOWSsystem32icardie.dll
2008-12-10 18:27:49 —-A—- C:WINDOWSsystem32advpack.dll
2008-12-10 18:27:48 —-A—- C:WINDOWSsystem32wininet.dll
2008-12-10 18:27:47 —-A—- C:WINDOWSsystem32urlmon.dll
2008-12-10 18:27:43 —-A—- C:WINDOWSsystem32ieframe.dll
2008-12-10 18:27:35 —-A—- C:WINDOWSsystem32wmvcore.dll
2008-12-10 18:27:31 —-A—- C:WINDOWSsystem32gdi32.dll
2008-12-04 19:48:19 —-D—- C:Documents and SettingsgigApplication Dataany
2008-12-02 12:24:45 —-RA—- C:WINDOWSsystem32vnetinst.dll
2008-12-02 12:24:43 —-A—- C:WINDOWSsystem32vmnetdhcp.exe
2008-12-02 12:24:43 —-A—- C:WINDOWSsystem32vmnat.exe
2008-12-02 12:24:40 —-A—- C:WINDOWSsystem32vnetlib.dll
2008-12-02 12:23:49 —-D—- C:Program FilesCommon FilesVMware
2008-12-01 21:10:40 —-D—- C:Program FilesVMware
2008-12-01 20:42:47 —-D—- C:mnt
2008-12-01 13:17:48 —-D—- C:Program Filesavz4
2008-12-01 13:04:11 —-D—- C:Documents and SettingsgigApplication DataskypePM
2008-11-28 20:31:44 —-A—- C:WINDOWSsystem32rdl9432.exe
2008-11-28 20:28:37 —-D—- C:Documents and SettingsgigApplication DataScreenSeven
2008-11-28 19:47:26 —-D—- C:Program FilesZuma Deluxe
2008-11-28 19:47:14 —-D—- C:Program FilesReflexiveArcade
2008-11-27 18:44:50 —-D—- C:Transfer
2008-11-24 12:21:21 —-D—- C:Program FilesCommon FilesSkype======List of files/folders modified in the last 1 months======
2008-12-23 14:45:20 —-D—- C:Documents and SettingsgigApplication DataSkype
2008-12-23 14:18:39 —-D—- C:Program FilesMozilla Firefox
2008-12-23 13:40:37 —-D—- C:WINDOWSsystem32CatRoot2
2008-12-23 13:37:17 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-12-23 13:37:07 —-D—- C:WINDOWSsystem32inetsrv
2008-12-23 13:35:42 —-D—- C:WINDOWSsystem32drivers
2008-12-23 13:35:26 —-D—- C:WINDOWSTemp
2008-12-23 13:35:26 —-D—- C:Documents and SettingsAll UsersApplication DataVMware
2008-12-23 05:21:02 —-D—- C:WINDOWSsecurity
2008-12-23 01:05:36 —-D—- C:WINDOWSsystem32NtmsData
2008-12-22 12:33:27 —-D—- C:WINDOWSsystem32
2008-12-22 11:55:18 —-D—- C:WINDOWS
2008-12-19 15:01:08 —-D—- C:WINDOWSinf
2008-12-19 15:00:53 —-D—- C:WINDOWSie7updates
2008-12-19 15:00:47 —-HD—- C:WINDOWS$hf_mig$
2008-12-17 16:30:01 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2008-12-17 13:43:30 —-RD—- C:Program Files
2008-12-17 13:32:50 —-D—- C:Documents and SettingsgigApplication DataVMware
2008-12-15 16:33:19 —-SHD—- C:WINDOWSInstaller
2008-12-15 16:33:19 —-SHD—- C:Config.Msi
2008-12-12 15:29:14 —-A—- C:WINDOWSsystem32javaws.exe
2008-12-12 15:29:14 —-A—- C:WINDOWSsystem32javaw.exe
2008-12-12 15:29:14 —-A—- C:WINDOWSsystem32java.exe
2008-12-12 15:29:11 —-D—- C:Program FilesJava
2008-12-12 14:23:28 —-D—- C:Program FilesICQToolbar
2008-12-11 15:33:17 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2008-12-11 15:31:56 —-A—- C:WINDOWSimsins.BAK
2008-12-11 15:31:48 —-D—- C:Program FilesInternet Explorer
2008-12-10 16:26:15 —-D—- C:Program FilesQIP
2008-12-10 05:24:37 —-A—- C:WINDOWSsystem32MRT.exe
2008-12-04 19:31:16 —-D—- C:Projects
2008-12-03 03:00:01 —-D—- C:WINDOWSSystemState.Backup
2008-12-02 12:23:49 —-D—- C:Program FilesCommon Files
2008-12-02 12:08:52 —-D—- C:WINDOWSsystem32LogFiles
2008-12-01 20:46:53 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2008-12-01 13:28:45 —-D—- C:Program FilesICQ2003b
2008-12-01 13:27:55 —-D—- C:Program FilesICQLite
2008-12-01 13:26:30 —-D—- C:Program FilesИгры
2008-12-01 13:04:21 —-D—- C:Program FilesICQ6
2008-12-01 01:01:10 —-D—- C:WINDOWSrepair
2008-12-01 00:48:58 —-D—- C:Program FilesMicrosoft Silverlight
2008-11-28 18:27:43 —-D—- C:Program FilesPokerStars.NET
2008-11-28 15:04:58 —-D—- C:Program FilesFlashGet
2008-11-27 18:49:17 —-D—- C:TEMP
2008-11-26 03:05:40 —-SHD—- C:System Volume Information
2008-11-24 12:21:41 —-D—- C:Program FilesSkype
2008-11-24 12:21:41 —-D—- C:Documents and SettingsAll UsersApplication DataSkypeДобрый день
Сначала небольшой вопрос, вы узнаёте эту программу
C:WebServersdenwerBoot.exeДа — это программа для локальной поддержки php сайтов. Раньше пробовал пользоватся, но из-за конфликта с IIS перестал.
Предписанные действия я выполнил, но так как MBAM я чуть раньше уже запускал, он даже с новой базой уже ничего не находит:
Malwarebytes’ Anti-Malware 1.31
Версия базы данных: 1534
Windows 5.2.3790 Service Pack 223.12.2008 14:16:55
mbam-log-2008-12-23 (14-16-55).txtТип проверки: Быстрая
Проверено объектов: 76459
Прошло времени: 11 minute(s), 20 second(s)Заражено процессов в памяти: 0
Заражено модулей в памяти: 0
Заражено ключей реестра: 0
Заражено значений реестра: 0
Заражено параметров реестра: 0
Заражено папок: 0
Заражено файлов: 0Заражено процессов в памяти:
(Вредоносные программы не обнаружены)Заражено модулей в памяти:
(Вредоносные программы не обнаружены)Заражено ключей реестра:
(Вредоносные программы не обнаружены)Заражено значений реестра:
(Вредоносные программы не обнаружены)Заражено параметров реестра:
(Вредоносные программы не обнаружены)Заражено папок:
(Вредоносные программы не обнаружены)Заражено файлов:
(Вредоносные программы не обнаружены)
