пришлось разделить лог на 3 части — поскольку он не хотел создавать сообщение- слишком много знаков -более 60000
-вот вторая часть.
========== (R ) Internet Explorer ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain]
«Default_Page_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
«Default_Search_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Default_Secondary_Page_URL»=
«Extensions Off Page»=about:NoAdd-ons
«Local Page»=D:windowssystem32blank.htm
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Security Risk Page»=about:SecurityRisk
«Start Page»=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearch]
«CustomizeSearch»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
«Default_Search_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«SearchAssistant»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMain]
«Default_Search_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Local Page»=D:windowssystem32blank.htm
«Page_Transitions»=
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchURL]
«»=http://home.microsoft.com/access/autosearch.asp?p=%s
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — D:WINDOWSsystem32ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0
[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain]
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0
[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain]
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERSS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0
[HKEY_USERSS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftInternet ExplorerMain]
«Default_Search_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Local Page»=D:windowssystem32blank.htm
«Page_Transitions»=
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerSearchURL]
«»=http://home.microsoft.com/access/autosearch.asp?p=%s
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — D:WINDOWSsystem32ieframe.dll (Microsoft Corporation)
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0
========== (O1) Hosts File ==========
HOSTS File = (769 bytes) — D:WINDOWSSystem32driversetcHosts
First 25 entries…
127.0.0.1 localhost
========== (O2) BHO’s ==========
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) — D:Program FilesJavajre6binssv.dll (Sun Microsystems, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) — D:Program FilesJavajre6binjp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) — D:Program FilesJavajre6libdeployjqsiejqs_plugin.dll (Sun Microsystems, Inc.)
========== (O3) Toolbars ==========
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found
========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Alcmtr»=ALCMTR.EXE (Realtek Semiconductor Corp.)
«ATICCC»=»D:Program FilesATI TechnologiesATI.ACEcli.exe» runtime -Delay (ATI Technologies Inc.)
«egui»=»D:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice (ESET)
«ISUSPM Startup»=»D:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup (Macrovision Corporation)
«ISUSScheduler»=»D:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start (Macrovision Corporation)
«NeroFilterCheck»=D:Program FilesCommon FilesAheadLibNeroCheck.exe (Nero AG)
«OutpostFeedBack»=»D:Program FilesAgnitumOutpost Firewall Profeedback.exe» /dump:os_startup (Agnitum Ltd.)
«OutpostMonitor»=D:Program FilesAgnitumOutpost Firewall Proop_mon.exe /tray /noservice (Agnitum Ltd.)
«RTHDCPL»=RTHDCPL.EXE (Realtek Semiconductor Corp.)
«SkyTel»=SkyTel.EXE (Realtek Semiconductor Corp.)
«SunJavaUpdateSched»=»D:Program FilesJavajre6binjusched.exe» (Sun Microsystems, Inc.)
«Transparent»=D:Program FilesTweakNow Accelerator XPTransparent.exe 49 ()
«WinampAgent»=»D:Program FilesWinampWinampa.exe» ()
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«EVEREST AutoStart»=D:Program FilesLavalysEVEREST Ultimate Editioneverest.exe ()
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftWindowsCurrentVersionRun]
«EVEREST AutoStart»=D:Program FilesLavalysEVEREST Ultimate Editioneverest.exe ()
========== (O4) Startup Folders ==========
[2006.03.02 15:00:00 | 00,047,104 | —- | M] (Корпорация Майкрософт) — D:Documents and SettingsDefault UserГлавное менюПрограммыАвтозагрузкаssmypics.scr
[2006.03.02 15:00:00 | 00,047,104 | —- | M] (Корпорация Майкрософт) — D:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузкаssmypics.scr
[2006.03.02 15:00:00 | 00,047,104 | —- | M] (Корпорация Майкрософт) — D:Documents and SettingsГостьГлавное менюПрограммыАвтозагрузкаssmypics.scr
========== (O6 & O7) Current Version Policies ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoCDBurning»=0
«NoDriveTypeAutoRun»=28
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=157
«NoSharedDocuments»= [binary data]
«NoChangeStartMenu»=0
«ClearRecentDocsOnExit»=0
«NoRecentDocsHistory»=0
«MaxRecentDocs»=11
«NoStartMenuMFUprogramsList»=0
«NoViewOnDrive»=0
[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=157
«NoSharedDocuments»= [binary data]
«NoChangeStartMenu»=0
«ClearRecentDocsOnExit»=0
«NoRecentDocsHistory»=0
«MaxRecentDocs»=11
«NoStartMenuMFUprogramsList»=0
«NoViewOnDrive»=0
========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
{44627E97-789B-40d4-B5C2-58BD171129A1}: Button: Быстрая настройка Outpost Firewall Pro — %ProgramFiles%AgnitumOutpost Firewall Proie_bar.dll [2008.07.15 13:37:56 | 00,644,424 | —- | M] (Agnitum Ltd.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Справочные материалы — %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [2003.07.15 06:57:08 | 00,040,512 | —- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 — %SystemRoot%network diagnosticxpnetdiag.exe [2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger — %ProgramFiles%Messengermsmsgs.exe [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger — %ProgramFiles%Messengermsmsgs.exe [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{44627E97-789B-40d4-B5C2-58BD171129A1} [HKLM] -> %ProgramFiles%AgnitumOutpost Firewall Proie_bar.dll [Быстрая настройка Outpost Firewall Pro] -> [2008.07.15 13:37:56 | 00,644,424 | —- | M] (Agnitum Ltd.)
CmdMapping\{5E638779-1818-4754-A595-EF1C63B87A56} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{7558B7E5-7B26-4201-BEDB-00D5FF534523} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [Справочные материалы] -> [2003.07.15 06:57:08 | 00,040,512 | —- | M] (Microsoft Corporation)
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{44627E97-789B-40d4-B5C2-58BD171129A1} [HKLM] -> %ProgramFiles%AgnitumOutpost Firewall Proie_bar.dll [Быстрая настройка Outpost Firewall Pro] -> [2008.07.15 13:37:56 | 00,644,424 | —- | M] (Agnitum Ltd.)
CmdMapping\{5E638779-1818-4754-A595-EF1C63B87A56} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{7558B7E5-7B26-4201-BEDB-00D5FF534523} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [Справочные материалы] -> [2003.07.15 06:57:08 | 00,040,512 | —- | M] (Microsoft Corporation)
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerPlugins]
PluginsPage: «» = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: «» = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLDefaultPrefix]
«»=http://
========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
1 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: — Reg Error: Key does not exist or could not be opened.
{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}: http://www.eset.eu/buxus/docs/OnlineScanner.cab — OnlineScanner Control
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab — Java Plug-in 1.6.0_10
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab — Java Plug-in 1.6.0_10
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab — Java Plug-in 1.6.0_10
========== (O17) DNS Name Servers ==========
{A7D7745F-29B7-44D0-A42B-55B9658D4A4C} (Servers: 192.168.248.21 | Description: D-Link DFE-520TX PCI Fast Ethernet Adapter)
========== (O20) AppInit_DLLs ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_Dlls»=d:progra~1agnitumoutpos~1wl_hook.dll
>[2008.07.15 13:38:06 | 00,722,248 | —- | M] (Agnitum Ltd.) — d:Program FilesAgnitumOutpost Firewall Prowl_hook.dll
========== (O20) HKLM Winlogon Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
«Shell»=Explorer.exe
>[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — D:WINDOWSexplorer.exe
«UserInit»=D:WINDOWSsystem32userinit.exe,
>[2008.04.14 19:11:12 | 00,026,624 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32userinit.exe
«UIHost»=logonui.exe
>[2008.04.14 19:10:59 | 00,515,072 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32logonui.exe
«VMApplet»=rundll32 shell32,Control_RunDLL «sysdm.cpl»
>[2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32shell32.dll
>[2008.04.14 19:11:14 | 00,302,080 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32sysdm.cpl
========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify]
AtiExtEvent: «DllName» = Ati2evxx.dll — D:WINDOWSsystem32ati2evxx.dll (ATI Technologies Inc.)
avldr: «DllName» = avldr.dll — File not found
crypt32chain: «DllName» = crypt32.dll — D:WINDOWSsystem32crypt32.dll (Корпорация Майкрософт)
cscdll: «DllName» = cscdll.dll — D:WINDOWSsystem32cscdll.dll (Корпорация Майкрософт)
MCPClient: «DllName» = D:Program FilesCommon FilesStardockmcpstub.dll — D:Program FilesCommon FilesStardockMCPStub.dll (Stardock)
ScCertProp: «DllName» = wlnotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
Schedule: «DllName» = wlnotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
sclgntfy: «DllName» = sclgntfy.dll — D:WINDOWSsystem32sclgntfy.dll (Корпорация Майкрософт)
SensLogn: «DllName» = WlNotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
termsrv: «DllName» = wlnotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
wlballoon: «DllName» = wlnotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
========== (O21) SSODL Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«0aMCPClient»={F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} (HKLM) — D:Program FilesCommon FilesStardockMCPCore.dll (Stardock)
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«CDBurn»={fbeb8a05-beee-4442-804e-409d6c4515e9} (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«PostBootReminder»={7849596a-48ea-486e-8937-a2a3009f31a9} (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«SysTray»={35CEC8A3-2BE6-11D2-8773-92E220524153} (HKLM) — D:WINDOWSsystem32stobject.dll (Корпорация Майкрософт)
========== (O22) Shared Task Scheduler ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{438755C2-A8BA-11D1-B96B-00A0C90312E1}» (HKLM) = Предзагрузчик Browseui — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{8C7461EF-2B13-11d2-BE35-3078302C2030}» (HKLM) = Демон кэша категорий компонентов — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}» (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)
========== HKLM *SecurityProviders* ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
>[2008.04.14 19:10:35 | 00,068,608 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32digest.dll
>[2008.04.14 19:10:40 | 00,290,816 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32msnsspc.dll
========== Safeboot Options ==========
«AlternateShell»=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCdrom]
«AutoRun» = 1
========== Autorun Files on Drives ==========
AUTOEXEC.BAT []
[2007.12.17 06:13:28 | 00,000,000 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]
AUTOEXEC.BAT []
[2008.06.15 23:02:57 | 00,000,000 | —- | M] () — D:AUTOEXEC.BAT — [ NTFS ]
AUTORUN.INF [[AutoRun] | OPEN=menumenu.exe | ICON=menumenu.ico | ]
[2002.12.22 15:05:14 | 00,000,051 | R— | M] () — F:AUTORUN.INF — [ CDFS ]
========== MountPoints2 ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{51bb51b2-b17d-11dc-aefd-806d6172696f}Shell]
«»=AutoRun
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{51bb51b2-b17d-11dc-aefd-806d6172696f}ShellAutoRuncommand]
«»=F:menumenu.exe — [2002.12.16 18:39:48 | 00,953,344 | R— | M] ((c) Mike Space)
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{aaf36693-f596-11dc-afb9-fa4264221197}Shell]
«»=AutoRun
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{aaf36693-f596-11dc-afb9-fa4264221197}Shell1Command]
«»=.recycledinfo.exe
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{aaf36693-f596-11dc-afb9-fa4264221197}ShellAutoRuncommand]
«»=D:WINDOWSsystem32shell32.dll — [2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт)
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2FShell]
«»=AutoRun
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2FShellAutoRuncommand]
«»=F:menumenu.exe — [2002.12.16 18:39:48 | 00,953,344 | R— | M] ((c) Mike Space)
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2GShellAutoRuncommand]
«»=G:autorun.exe — File not found
========== Files/Folders — Created Within 90 Days ==========
[1 D:WINDOWSSystem32*.tmp files]
[3 D:WINDOWS*.tmp files]
[2008.11.20 22:59:09 | 00,000,000 | —D | C] — D:WINDOWSSun
[2008.11.20 22:55:36 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataMalwarebytes
[2008.11.20 22:55:29 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataMalwarebytes
[2008.11.20 22:37:19 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataSun
[2008.11.19 04:30:21 | 00,289,144 | —- | C] (S!Ri) — D:WINDOWSSystem32VCCLSID.exe
[2008.11.19 04:30:21 | 00,288,417 | —- | C] (S!Ri) — D:WINDOWSSystem32SrchSTS.exe
[2008.11.19 04:30:21 | 00,135,168 | —- | C] (SteelWerX) — D:WINDOWSSystem32swreg.exe
[2008.11.19 04:30:21 | 00,087,552 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32VACFix.exe
[2008.11.19 04:30:21 | 00,082,944 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32o4Patch.exe
[2008.11.19 04:30:21 | 00,082,944 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32IEDFix.exe
[2008.11.19 04:30:21 | 00,082,944 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32IEDFix.C.exe
[2008.11.19 04:30:21 | 00,082,432 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32404Fix.exe
[2008.11.19 04:30:21 | 00,079,360 | —- | C] (SteelWerX) — D:WINDOWSSystem32swxcacls.exe
[2008.11.19 04:30:21 | 00,051,200 | —- | C] () — D:WINDOWSSystem32dumphive.exe
[2008.11.19 04:30:21 | 00,040,960 | —- | C] () — D:WINDOWSSystem32swsc.exe
[2008.11.19 04:30:21 | 00,025,600 | —- | C] () — D:WINDOWSSystem32WS2Fix.exe
[2008.11.19 04:26:09 | 00,003,222 | —- | C] () — D:WINDOWSSystem32tmp.reg
[2008.11.19 03:58:25 | 00,001,393 | —- | C] () — D:WINDOWSimsins.BAK
[2008.11.18 06:28:11 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataMacromedia
[2008.11.18 06:04:09 | 00,000,011 | —- | C] () — D:WINDOWS3DShadow.INI
[2008.11.18 03:10:23 | 00,000,000 | —D | C] — D:Program FilesCommon FilesWise Installation Wizard
[2008.11.18 00:57:39 | 00,000,000 | —D | C] — D:WINDOWSPrefetch
[2008.11.18 00:49:44 | 00,000,000 | —D | C] — D:WINDOWSSystem32bits
[2008.11.18 00:31:32 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыкакаято лабудень
[2008.11.17 13:46:05 | 00,077,824 | —- | C] (Doctor Web, Ltd.) — D:WINDOWSSystem32DRWEBSP.DLL
[2008.11.17 07:01:48 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication Datavlc
[2008.11.17 07:00:46 | 00,000,719 | —- | C] () — D:Documents and SettingsAll Users.WINDOWSРабочий столVLC media player.lnk
[2008.11.17 03:32:29 | 00,000,000 | —D | C] — D:Program Filesxerox
[2008.11.17 03:06:07 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыМои Тексты
[2008.11.17 02:39:15 | 00,000,000 | -HSD | C] — D:WINDOWSCSC
[2008.11.17 01:10:41 | 00,000,552 | —- | C] () — D:WINDOWSSystem32d3d8caps.dat
[2008.11.16 01:00:35 | 00,000,000 | —D | C] — D:WINDOWSie7updates
[2008.11.16 00:32:32 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыDownloaded Program Updates
[2008.11.15 19:22:44 | 06,066,176 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieframe.dll
[2008.11.15 19:22:44 | 01,060,864 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieframe.dll.mui
[2008.11.15 19:22:44 | 00,459,264 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsfeeds.dll
[2008.11.15 19:22:44 | 00,267,776 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheiertutil.dll
[2008.11.15 19:22:44 | 00,052,224 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsfeedsbs.dll
[2008.11.15 19:22:44 | 00,013,824 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieudinit.exe
[2008.11.15 19:22:43 | 02,455,488 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieapfltr.dat
[2008.11.15 19:22:43 | 00,383,488 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieapfltr.dll
[2008.11.15 19:22:43 | 00,063,488 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheicardie.dll
[2008.11.15 19:18:02 | 00,276,992 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32wmphoto.dll
[2008.11.15 19:18:00 | 00,069,120 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32wlanapi.dll
[2008.11.15 19:17:59 | 00,712,704 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32windowscodecs.dll
[2008.11.15 19:17:59 | 00,346,112 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32windowscodecsext.dll
[2008.11.15 19:17:57 | 00,014,208 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driverswacompen.sys
[2008.11.15 19:17:56 | 00,042,240 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversviaagp.sys
[2008.11.15 19:17:56 | 00,028,672 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32vidcap.ax
[2008.11.15 19:17:56 | 00,028,672 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32verclsid.exe
[2008.11.15 19:17:55 | 00,121,984 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversusbvideo.sys
[2008.11.15 19:17:55 | 00,012,800 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversusb8023x.sys
[2008.11.15 19:17:53 | 00,053,248 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32tsgqec.dll
[2008.11.15 19:17:53 | 00,050,688 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32tspkg.dll
[2008.11.15 19:17:53 | 00,044,672 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversuagp35.sys
[2008.11.15 19:17:46 | 00,020,992 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32spupdwxp.exe
[2008.11.15 19:17:45 | 00,007,680 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32spdwnwxp.exe
[2008.11.15 19:17:44 | 00,005,888 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driverssmbali.sys
[2008.11.15 19:17:42 | 00,032,768 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32setupn.exe
[2008.11.15 19:17:42 | 00,010,240 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driverssffp_mmc.sys
[2008.11.15 19:17:39 | 00,290,304 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32rhttpaa.dll
[2008.11.15 19:17:39 | 00,059,136 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversrfcomm.sys
[2008.11.15 19:17:39 | 00,030,592 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversrndismpx.sys
[2008.11.15 19:17:38 | 00,061,952 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32rasqec.dll
[2008.11.15 19:17:37 | 00,076,800 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32qutil.dll
[2008.11.15 19:17:36 | 00,293,376 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32qagentrt.dll
[2008.11.15 19:17:36 | 00,150,528 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32qagent.dll
[2008.11.15 19:17:36 | 00,062,464 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32qcliprov.dll
[2008.11.15 19:17:35 | 00,412,160 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32photometadatahandler.dll
[2008.11.15 19:17:33 | 00,144,896 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32onex.dll
[2008.11.15 19:17:27 | 00,196,608 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32napmontr.dll
[2008.11.15 19:17:27 | 00,176,640 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32napstat.exe
[2008.11.15 19:17:27 | 00,030,720 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32napipsec.dll
[2008.11.15 19:17:26 | 01,307,648 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msxml6.dll
[2008.11.15 19:17:26 | 01,307,648 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsxml6.dll
[2008.11.15 19:17:26 | 00,086,016 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msxml6r.dll
[2008.11.15 19:17:26 | 00,086,016 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsxml6r.dll
[2008.11.15 19:17:25 | 00,080,896 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msshavmsg.dll
[2008.11.15 19:17:24 | 00,155,136 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32mssha.dll
[2008.11.15 19:17:15 | 00,397,312 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32mmcex.dll
[2008.11.15 19:17:15 | 00,184,320 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32microsoft.managementconsole.dll
[2008.11.15 19:17:15 | 00,106,496 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32mmcfxcommon.dll
[2008.11.15 19:17:15 | 00,033,792 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32mmcperf.exe
[2008.11.15 19:17:07 | 00,037,376 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32l2gpstore.dll
[2008.11.15 19:17:06 | 00,061,440 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kmsvc.dll
[2008.11.15 19:17:06 | 00,006,144 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kbdpash.dll
[2008.11.15 19:17:06 | 00,006,144 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kbdnepr.dll
[2008.11.15 19:17:06 | 00,006,144 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kbdiultn.dll
[2008.11.15 19:17:05 | 00,006,144 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kbdbhc.dll
[2008.11.15 19:17:02 | 00,010,752 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32smtpapi.dll
[2008.11.15 19:17:02 | 00,009,728 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32rwnh.dll
[2008.11.15 19:17:02 | 00,001,950 | —- | C] () — D:WINDOWSSystem32pid.inf
[2008.11.15 19:17:00 | 00,046,592 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversirbus.sys
[2008.11.15 19:16:57 | 00,009,728 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32comsdupd.exe
[2008.11.15 19:16:49 | 00,025,728 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32drivershidbth.sys
[2008.11.15 19:16:49 | 00,019,200 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32drivershidir.sys
[2008.11.15 19:16:47 | 00,046,464 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversgagp30kx.sys
[2008.11.15 19:16:45 | 00,020,992 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32faxpatch.exe
[2008.11.15 19:16:43 | 00,184,832 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapp3hst.dll
[2008.11.15 19:16:43 | 00,180,736 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapphost.dll
[2008.11.15 19:16:43 | 00,126,976 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eappcfg.dll
[2008.11.15 19:16:43 | 00,094,208 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eappgnui.dll
[2008.11.15 19:16:43 | 00,059,392 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapqec.dll
[2008.11.15 19:16:43 | 00,040,960 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eappprxy.dll
[2008.11.15 19:16:43 | 00,033,792 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapsvc.dll
[2008.11.15 19:16:43 | 00,031,232 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapolqec.dll
[2008.11.15 19:16:41 | 00,651,264 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3ui.dll
[2008.11.15 19:16:41 | 00,132,608 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3svc.dll
[2008.11.15 19:16:41 | 00,059,904 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3cfg.dll
[2008.11.15 19:16:41 | 00,056,832 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3msm.dll
[2008.11.15 19:16:41 | 00,039,936 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3gpclnt.dll
[2008.11.15 19:16:41 | 00,026,112 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3api.dll
[2008.11.15 19:16:41 | 00,009,216 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3dlg.dll
[2008.11.15 19:16:40 | 00,049,152 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dhcpqec.dll
[2008.11.15 19:16:40 | 00,039,936 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dimsroam.dll
[2008.11.15 19:16:40 | 00,019,456 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dimsntfy.dll
[2008.11.15 19:16:39 | 00,129,045 | —- | C] () — D:WINDOWSSystem32driverscxthsfs2.cty
[2008.11.15 19:16:38 | 00,012,800 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32credssp.dll
[2008.11.15 19:16:33 | 00,037,888 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversbthmodem.sys
[2008.11.15 19:16:33 | 00,018,944 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversbthusb.sys
[2008.11.15 19:16:33 | 00,017,024 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversbthenum.sys
[2008.11.15 19:16:33 | 00,007,168 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32bitsprx4.dll
[2008.11.15 19:16:32 | 00,233,472 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32azroles.dll
[2008.11.15 19:16:28 | 00,042,752 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversalim1541.sys
[2008.11.15 19:16:27 | 00,044,928 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversagpcpq.sys
[2008.11.15 19:16:27 | 00,042,368 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversagp440.sys
[2008.11.15 19:16:25 | 00,136,192 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32aaclient.dll
[2008.11.15 07:52:03 | 00,000,000 | —D | C] — D:WINDOWSWBEM
[2008.11.15 07:50:56 | 00,000,000 | —D | C] — D:Program FilesuTorrent
[2008.11.15 07:50:55 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
@Alternate Data Stream — 181 bytes -> D:Documents and SettingsAll Users.WINDOWSApplication DataTEMP:8E7C96FD
[2008.11.15 02:25:25 | 00,121,856 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32xmllite.dll
[2008.11.15 00:42:14 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataLavasoft
[2008.11.15 00:19:33 | 00,455,296 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemrxsmb.sys
[2008.11.15 00:16:10 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataWindows Genuine Advantage
[2008.11.14 21:09:53 | 00,000,000 | —D | C] — D:Program FilesEsetOnlineScanner
[2008.11.13 02:07:14 | 00,001,602 | —- | C] () — D:Documents and SettingsAll Users.WINDOWSРабочий столMozilla Firefox.lnk
[2008.11.11 02:19:38 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DatauTorrent
[2008.11.10 18:53:41 | 00,000,759 | —- | C] () — D:Documents and SettingsAll Users.WINDOWSРабочий столSothink SWF Easy.lnk
[2008.11.10 18:53:40 | 00,044,544 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msxml4a.dll
[2008.11.10 18:53:15 | 00,000,000 | —D | C] — D:Program FilesSourceTec
[2008.11.10 11:41:39 | 00,000,000 | —D | C] — D:Program FilesStereo Pictures 1.0
[2008.11.02 06:19:43 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataThinstall
[2008.11.01 19:51:37 | 00,054,156 | -H— | C] () — D:WINDOWSQTFont.qfn
[2008.11.01 19:51:37 | 00,001,409 | —- | C] () — D:WINDOWSQTFont.for
[2008.11.01 09:30:22 | 00,234,640 | —- | C] (Agnitum Ltd.) — D:WINDOWSSystem32driversafwcore.sys
[2008.11.01 09:29:27 | 00,000,049 | —- | C] () — D:WINDOWStransp.gif
[2008.11.01 09:29:26 | 00,673,920 | —- | C] (Agnitum Ltd.) — D:WINDOWSSystem32driversSandBox.sys
[2008.11.01 09:29:23 | 00,030,864 | —- | C] (Agnitum Ltd.) — D:WINDOWSSystem32driversafw.sys
[2008.11.01 09:28:49 | 00,000,000 | —D | C] — D:WINDOWSSystem32Filt
[2008.11.01 09:28:49 | 00,000,000 | —D | C] — D:Program FilesAgnitum
[2008.11.01 09:28:02 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataAgnitum
[2008.11.01 03:40:41 | 00,000,000 | —D | C] — D:Program FilesVideoLAN
[2008.10.31 22:25:08 | 00,000,000 | —D | C] — D:WINDOWSl2schemas
[2008.10.31 22:21:17 | 00,000,000 | —D | C] — D:WINDOWSServicePackFiles
[2008.10.31 22:13:43 | 00,000,000 | -H-D | C] — D:WINDOWS$NtServicePackUninstall$
[2008.10.31 20:40:47 | 00,000,000 | —D | C] — D:WINDOWSSystem32ru-ru
[2008.10.31 20:38:20 | 00,000,000 | -H-D | C] — D:WINDOWSie7
[2008.10.31 20:37:53 | 00,000,000 | -H-D | C] — D:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
[2008.10.31 20:37:15 | 00,000,000 | -H-D | C] — D:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
[2008.10.31 18:38:44 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataSendSpace Wizard
[2008.10.30 20:59:12 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication Datavlc(2)
[2008.10.30 12:21:45 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataYaChatData
[2008.10.30 12:20:11 | 00,000,000 | —D | C] — D:Documents and SettingsппппLocal SettingsApplication DataYandex
[2008.10.30 12:20:10 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataYandex
[2008.10.30 12:20:06 | 00,000,000 | —D | C] — D:Program FilesYandex
[2008.10.30 07:11:31 | 00,044,544 | —- | C] () — D:WINDOWSAWuninstall.exe
[2008.10.30 07:11:22 | 00,000,000 | —D | C] — D:Program FilesLokas
[2008.10.30 06:40:24 | 00,000,000 | —D | C] — D:Documents and SettingsппппLocal SettingsApplication DataLiveCraft
[2008.10.30 06:08:45 | 00,001,024 | —- | C] () — D:WINDOWSSystem32bpxw4kb.tgz
[2008.10.30 06:08:29 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataVertusTech
[2008.10.30 06:08:27 | 00,000,000 | —D | C] — D:Program FilesVertus Fluid Mask 3
[2008.10.30 06:06:41 | 00,000,000 | —D | C] — D:Program FilesImage Doctor
[2008.10.29 07:45:03 | 00,000,000 | —D | C] — D:Program FilesTeleport Pro
[2008.10.29 07:15:30 | 00,067,866 | —- | C] () — D:WINDOWSSystem32driversnetwlan5.img
[2008.10.29 07:12:53 | 00,064,352 | —- | C] () — D:WINDOWSSystem32driversativmc20.cod
[2008.10.29 03:02:17 | 00,000,000 | —D | C] — D:Program FilesMSXML 4.0
[2008.10.29 00:54:13 | 00,138,496 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheafd.sys
[2008.10.29 00:54:01 | 00,333,824 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachesrv.sys
[2008.10.29 00:53:50 | 01,846,528 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachewin32k.sys
[2008.10.29 00:53:46 | 02,147,328 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachentkrnlmp.exe
[2008.10.29 00:53:45 | 02,190,976 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachentoskrnl.exe
[2008.10.29 00:53:45 | 02,067,840 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachentkrnlpa.exe
[2008.10.29 00:53:45 | 02,025,984 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachentkrpamp.exe
[2008.10.29 00:52:25 | 00,203,136 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachermcast.sys
[2008.10.29 00:51:47 | 00,691,712 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheinetcomm.dll
[2008.10.29 00:49:00 | 00,337,408 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachenetapi32.dll
[2008.10.29 00:46:27 | 00,000,000 | —D | C] — D:WINDOWSSystem32SoftwareDistribution
[2008.10.28 21:05:48 | 00,000,000 | —D | C] — D:Documents and SettingsппппLocal SettingsApplication DataApple Computer
[2008.10.28 19:56:27 | 00,000,000 | —- | C] () — D:WINDOWSnsreg.dat
[2008.10.28 19:56:22 | 00,000,000 | —D | C] — D:Documents and SettingsппппLocal SettingsApplication DataMozilla
[2008.10.28 19:56:22 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataMozilla
[2008.10.28 19:55:48 | 00,000,000 | —D | C] — D:Program FilesMozilla Firefox
[2008.10.28 19:44:24 | 00,337,320 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32difxapi.dll
[2008.10.28 19:44:24 | 00,043,008 | —- | C] (D-Link ) — D:WINDOWSSystem32driversdlkfet5b.sys
[2008.10.21 04:21:04 | 00,000,000 | —D | C] — D:WINDOWSuninstall
[2008.10.21 04:04:45 | 00,000,000 | —D | C] — D:Program FilesRoger Nichols Digital, Inc
[2008.10.21 03:09:27 | 00,000,016 | —- | C] () — D:WINDOWSSystem32w3data.vss
[2008.10.21 03:09:27 | 00,000,016 | —- | C] () — D:WINDOWSSystem32msvcsv60.dll
[2008.10.21 03:09:27 | 00,000,016 | —- | C] () — D:WINDOWSmsocreg32.dat
[2008.10.18 17:35:31 | 00,000,000 | —D | C] — D:Program FilesWWAYM
[2008.10.14 21:24:32 | 00,000,747 | —- | C] () — D:Documents and SettingsAll Users.WINDOWSРабочий столCounter-Strike 1.6.lnk
[2008.10.11 13:56:25 | 00,000,000 | —D | C] — D:Program FilesCounter-Strike 1.6
[2008.10.07 08:09:57 | 00,000,000 | —D | C] — D:WINDOWSpss
[2008.10.07 03:38:21 | 00,000,000 | —- | C] () — D:WINDOWSPlayList.Fpl
[2008.10.07 03:38:18 | 00,000,173 | —- | C] () — D:WINDOWSSystem32FOLESVR.DLL
[2008.10.07 03:34:11 | 00,389,120 | —- | C] () — D:WINDOWSSystem32ACTSKN43.OCX
[2008.10.07 03:34:11 | 00,000,000 | —D | C] — D:WINDOWStmp
[2008.10.04 05:12:56 | 03,086,049 | —- | C] () — D:Documents and SettingsппппМои документыMEGA GIF.gif
[2008.10.01 18:00:43 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыUpdater5
[2008.09.30 16:43:34 | 01,286,152 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msxml4.dll
[2008.09.22 15:40:48 | 00,000,000 | —D | C] — D:Program FilesWave Arts
[2008.09.22 13:33:09 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыFabFilter
[2008.09.22 13:33:09 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataFabFilter
[2008.09.22 13:33:03 | 00,000,000 | —D | C] — D:Program FilesFabFilter
[2008.09.20 00:03:54 | 00,000,132 | —- | C] () — D:Documents and SettingsппппМои документыSkinTune History 1.dat
[2008.08.24 10:36:56 | 00,000,000 | —D | C] — D:WINDOWSSystem32²
** — D:WINDOWSSystem32??
[2008.08.24 10:31:22 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыiZotope Spectron Presets
[2008.08.24 10:20:18 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataWaves Audio
