RSIT скачал и запустил, но он не доходя до конца, на этапе Listing Services and Drivers
выдает ошибку: Line: -1 Error: Variable used without being declared.
тем не менее log.txt создается, а info.txt нет.
Вот log.txt:
Logfile of random’s system information tool 1.04 (written by random/random)
Run by gig at 2008-12-23 14:47:59
Microsoft(R) Windows(R) Server 2003, Enterprise Edition Service Pack 2
System drive C: has 4 GB (9%) free of 50 GB
Total RAM: 2039 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:00, on 23.12.2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAdobeAdobe Version Cue CS2binVersionCueCS2.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32cisvc.exe
C:Program FilesCisco SystemsVPN Clientcvpnd.exe
C:Program FilesSymantec_Client_SecuritySymantec AntiVirusDefWatch.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32inetsrvinetinfo.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnmsftesql.exe
C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnsqlservr.exe
C:Program FilesMicrosoft SQL ServerMSSQL.2OLAPbinmsmdsrv.exe
C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe
C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesReportServerbinReportingServicesService.exe
C:Program FilesAdobeAdobe Version Cue CS2datadatabasebinmysqld-nt.exe
C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe
C:Program FilesTMeterTrafSvc.exe
C:Program FilesVMwareVMware Workstationvmware-authd.exe
C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvmount2.exe
C:WINDOWSsystem32vmnat.exe
C:WINDOWSsystem32vmnetdhcp.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32cmd.exe
C:TFSCustomPoliciesUpdatePolicies.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:WINDOWSRTHDCPL.EXE
C:PROGRA~1SYMANT~1SYMANT~1vptray.exe
C:Program FilesDAEMON Toolsdaemon.exe
D:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesAdobeAdobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe
C:Program FilesWinampwinampa.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesABBYY Lingvo 11 Six LanguagesLvagent.exe
C:Program FilesQuickTimeQTTask.exe
C:Program FilesTMetertrafmonitor.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
D:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMSN MessengerMsnMsgr.Exe
C:Program FilesSkypePhoneSkype.exe
C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesICQ6ICQ.exe
C:Program FilesTechSmithSnagIt 8SnagIt32.exe
C:Program FilesTechSmithSnagIt 8TSCHelp.exe
C:Program FilesTechSmithSnagIt 8SnagPriv.exe
C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
C:Program FilesMSN Messengerusnsvc.exe
C:Program FilesSkypePlugin ManagerSkypePM.exe
C:WINDOWSsystem32cidaemon.exe
C:WINDOWSsystem32cidaemon.exe
C:WINDOWSsystem32cidaemon.exe
C:Program FilesMozilla Firefoxfirefox.exe
D:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE
C:WINDOWSsystem32NOTEPAD.EXE
C:Documents and SettingsgigDesktopRSIT.exe
C:Program FilesTrend MicroHijackThisgig.exe
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://google.icq.com/search/search_frame.php
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = res://shdoclc.dll/softAdmin.htm
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = msteam1:8080
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 192.168.0.*;msteam.local;*.msteam.local;localhost;
R3 — Default URLSearchHook is missing
O2 — BHO: SnagIt Toolbar Loader — {00C6482D-C502-44C8-8409-FCE54AD9C208} — C:Program FilesTechSmithSnagIt 8SnagItBHO.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: Microsoft Web Test Recorder Helper — {62355041-605D-4469-84FD-5D66ED67A7E3} — D:Program FilesMicrosoft Visual Studio 8Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — D:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: (no name) — {7E853D72-626A-48EC-A868-BA8D5E23E045} — (no file)
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: IeCatch2 Class — {A5366673-E8CA-11D3-9CD9-0090271D075B} — C:PROGRA~1FlashGetjccatch.dll
O2 — BHO: Adobe PDF Conversion Toolbar Helper — {AE7CD045-E861-484f-8273-0445EE161910} — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: Microsoft Web Test Recorder 9.0 Helper — {E31CE47F-C268-41ba-897B-B415E613947D} — D:Program FilesMicrosoft Visual Studio 9.0Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO90.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 — Toolbar: FlashGet Bar — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — C:PROGRA~1FlashGetfgiebar.dll
O3 — Toolbar: Adobe PDF — {47833539-D0C5-4125-9FA8-0819E2EAAC93} — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O3 — Toolbar: SnagIt — {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — C:Program FilesTechSmithSnagIt 8SnagItIEAddin.dll
O4 — HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] C:WINDOWSsystem32igfxpers.exe
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [vptray] C:PROGRA~1SYMANT~1SYMANT~1vptray.exe
O4 — HKLM..Run: [DAEMON Tools] «C:Program FilesDAEMON Toolsdaemon.exe» -lang 1033
O4 — HKLM..Run: [GrooveMonitor] «D:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Adobe Version Cue CS2] «C:Program FilesAdobeAdobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe»
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [Lingvo Launcher] «C:Program FilesABBYY Lingvo 11 Six LanguagesLvagent.exe» /STARTUP
O4 — HKLM..Run: [LingvoTraining] «C:Program FilesABBYY Lingvo 11 Six LanguagesTutor.exe» /ND /NW /AS
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [TrafMonitor] C:Program FilesTMetertrafmonitor.exe /logon /admin
O4 — HKLM..Run: [ISUSPM Startup] «c:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup
O4 — HKLM..Run: [ISUSScheduler] «C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start
O4 — HKLM..Run: [Acrobat Assistant 8.0] «D:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe»
O4 — HKLM..Run: [Adobe_ID0EYTHM] C:PROGRA~1COMMON~1AdobeADOBEV~1ServerbinVERSIO~2.EXE
O4 — HKLM..Run: [NevoDRM] «C:Program FilesИгрыNevoDRMNevoDRM.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MsnMsgr] «C:Program FilesMSN MessengerMsnMsgr.Exe» /background
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘Default user’)
O4 — Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 — Global Startup: Adobe Acrobat Synchronizer.lnk = D:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
O4 — Global Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: SnagIt 8.lnk = C:Program FilesTechSmithSnagIt 8SnagIt32.exe
O4 — Global Startup: VPN Client.lnk = ?
O6 — HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 — Extra context menu item: Append to existing PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert link target to Adobe PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert link target to existing PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert selected links to Adobe PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 — Extra context menu item: Convert selected links to existing PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 — Extra context menu item: Convert selection to Adobe PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert selection to existing PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert to Adobe PDF — res://D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: E&xport to Microsoft Excel — res://D:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Translate with ABBYY &Lingvo — res://C:Program FilesABBYY Lingvo 11 Six LanguagesLingvo.exe/3000
O8 — Extra context menu item: Закачать все при помощи FlashGet — C:Program FilesFlashGetjc_all.htm
O8 — Extra context menu item: Закачать при помощи FlashGet — C:Program FilesFlashGetjc_link.htm
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — D:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — D:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — D:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra ‘Tools’ menuitem: &FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O9 — Extra button: PokerStars.net — {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} — C:Program FilesPokerStars.NETPokerStarsUpdate.exe
O15 — Trusted Zone: http://www.dinex.dk
O15 — ESC Trusted Zone: http://runonce.msn.com
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1207113857174
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpipParameters: Domain = msteam.local
O17 — HKLMSoftware..Telephony: DomainName = msteam.local
O17 — HKLMSystemCS1ServicesTcpipParameters: Domain = msteam.local
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — D:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Adobe Version Cue CS2 — Adobe Systems Incorporated — C:Program FilesAdobeAdobe Version Cue CS2binVersionCueCS2.exe
O23 — Service: Adobe Version Cue CS3 — Adobe Systems Incorporated — C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3.exe
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Cisco Systems, Inc. VPN Service (CVPND) — Cisco Systems, Inc. — C:Program FilesCisco SystemsVPN Clientcvpnd.exe
O23 — Service: DefWatch — Symantec Corporation — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusDefWatch.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: Symantec AntiVirus Client (Norton AntiVirus Server) — Symantec Corporation — C:Program FilesSymantec_Client_SecuritySymantec AntiVirusRtvscan.exe
O23 — Service: TMeter 8.0.488 (TrafSvc) — Unknown owner — C:Program FilesTMeterTrafSvc.exe
O23 — Service: VMware Authorization Service (VMAuthdService) — VMware, Inc. — C:Program FilesVMwareVMware Workstationvmware-authd.exe
O23 — Service: VMware DHCP Service (VMnetDHCP) — VMware, Inc. — C:WINDOWSsystem32vmnetdhcp.exe
O23 — Service: VMware Virtual Mount Manager Extended (vmount2) — VMware, Inc. — C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvmount2.exe
O23 — Service: VMware NAT Service — VMware, Inc. — C:WINDOWSsystem32vmnat.exe
—
End of file — 15557 bytes
======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskUser.job
C:WINDOWStasksSystemState Backup (weekly).job
C:WINDOWStasksSystemState Backup.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader — C:Program FilesTechSmithSnagIt 8SnagItBHO.dll [2007-05-01 63048]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{62355041-605D-4469-84FD-5D66ED67A7E3}]
Microsoft Web Test Recorder Helper — D:Program FilesMicrosoft Visual Studio 8Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO.dll [2006-12-02 29696]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — D:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper — C:Program FilesJavajre6binssv.dll [2008-12-12 320920]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2007-12-14 392240]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A5366673-E8CA-11D3-9CD9-0090271D075B}]
IeCatch2 Class — C:PROGRA~1FlashGetjccatch.dll [2002-01-16 65536]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2008-12-12 34816]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E31CE47F-C268-41ba-897B-B415E613947D}]
Microsoft Web Test Recorder 9.0 Helper — D:Program FilesMicrosoft Visual Studio 9.0Common7IDEPrivateAssembliesMicrosoft.VisualStudio.QualityTools.RecorderBarBHO90.dll [2007-11-08 64088]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2008-12-12 73728]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} — FlashGet Bar — C:PROGRA~1FlashGetfgiebar.dll [2002-05-27 86016]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} — Adobe PDF — D:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} — SnagIt — C:Program FilesTechSmithSnagIt 8SnagItIEAddin.dll [2007-05-01 161352]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«IgfxTray»=C:WINDOWSsystem32igfxtray.exe [2006-08-14 98304]
«HotKeysCmds»=C:WINDOWSsystem32hkcmd.exe [2006-08-14 114688]
«Persistence»=C:WINDOWSsystem32igfxpers.exe [2006-08-14 94208]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-12-17 16062464]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-15 2879488]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-02 69632]
«vptray»=C:PROGRA~1SYMANT~1SYMANT~1vptray.exe [2002-07-30 77824]
«DAEMON Tools»=C:Program FilesDAEMON Toolsdaemon.exe [2005-12-10 133016]
«GrooveMonitor»=D:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
«Adobe Version Cue CS2″=C:Program FilesAdobeAdobe Version Cue CS2ControlPanelVersionCueCS2Tray.exe [2005-04-04 856064]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2006-06-21 35328]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2008-12-12 136600]
«»= []
«Lingvo Launcher»=C:Program FilesABBYY Lingvo 11 Six LanguagesLvagent.exe [2005-09-01 106496]
«LingvoTraining»=C:Program FilesABBYY Lingvo 11 Six LanguagesTutor.exe [2005-09-01 1282048]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-01-11 39792]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2008-01-31 385024]
«TrafMonitor»=C:Program FilesTMetertrafmonitor.exe [2008-02-07 221184]
«ISUSPM Startup»=c:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe [2005-08-11 249856]
«ISUSScheduler»=C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe [2005-08-11 81920]
«Acrobat Assistant 8.0″=D:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe [2006-10-22 620152]
«Adobe_ID0EYTHM»=C:PROGRA~1COMMON~1AdobeADOBEV~1ServerbinVERSIO~2.EXE [2007-03-20 1884160]
«NevoDRM»=C:Program FilesИгрыNevoDRMNevoDRM.exe [2008-07-29 201728]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2007-02-17 15360]
«MsnMsgr»=C:Program FilesMSN MessengerMsnMsgr.Exe [2007-01-19 5674352]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]
«Google Update»=C:Documents and SettingsgigLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2008-09-03 133104]
«ICQ»=C:Program FilesICQ6ICQ.exe [2008-09-01 173304]
C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Acrobat Speed Launcher.lnk — C:WINDOWSInstaller{AC76BA86-1033-0000-7760-000000000003}_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk — D:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
SnagIt 8.lnk — C:Program FilesTechSmithSnagIt 8SnagIt32.exe
VPN Client.lnk — C:WINDOWSInstaller{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}Icon3E5562ED7.ico
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycrypt32chain]
C:WINDOWSsystem32crypt32.dll [2007-02-17 595456]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycryptnet]
C:WINDOWSsystem32cryptnet.dll [2007-02-17 62464]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycscdll]
C:WINDOWSsystem32cscdll.dll [2007-02-17 101888]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifydimsntfy]
C:WINDOWSsystem32dimsntfy.dll [2007-02-17 19456]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2006-08-14 155648]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyNavLogon]
C:WINDOWSsystem32NavLogon.dll [2002-07-30 45056]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyScCertProp]
C:WINDOWSsystem32wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifySchedule]
C:WINDOWSsystem32wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifysclgntfy]
C:WINDOWSsystem32sclgntfy.dll [2003-03-25 19968]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifySensLogn]
C:WINDOWSsystem32WlNotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifytermsrv]
C:WINDOWSsystem32wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifywlballoon]
C:WINDOWSsystem32wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
PostBootReminder — {7849596a-48ea-486e-8937-a2a3009f31a9} — C:WINDOWSsystem32SHELL32.dll [2007-11-07 8360448]
CDBurn — {fbeb8a05-beee-4442-804e-409d6c4515e9} — C:WINDOWSsystem32SHELL32.dll [2007-11-07 8360448]
WebCheck — {E6FB5E20-DE35-11CF-9C87-00AA005127ED} — C:WINDOWSsystem32webcheck.dll [2008-10-17 233472]
SysTray — {35CEC8A3-2BE6-11D2-8773-92E220524153} — C:WINDOWSsystem32stobject.dll [2007-02-17 122880]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionexplorerSharedTaskScheduler]
Browseui preloader — {438755C2-A8BA-11D1-B96B-00A0C90312E1} — C:WINDOWSsystem32browseui.dll [2007-02-17 1033216]
Component Categories cache daemon — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:WINDOWSsystem32browseui.dll [2007-02-17 1033216]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}»=C:WINDOWSsystem32shell32.dll [2007-11-07 8360448]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=D:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«notification packages»=RASSFM
KDCSVC
WDIGEST
scecli
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAppMgmt]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalBase]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalBoot Bus Extender]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalBoot file system]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalCryptSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalDcomLaunch]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmadmin]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmboot.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmio.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmload.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaldmserver]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalEventLog]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalFile system]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalFilter]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalHelpSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalNetlogon]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPCI Configuration]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPlugPlay]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPNP Filter]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPrimary disk]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalRpcSs]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsacsvr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSCSI Class]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsermouse.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSystem Bus Extender]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvds]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvga.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvgasave.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalwd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinMgmt]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAFD]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAppMgmt]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBase]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBoot Bus Extender]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBoot file system]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBrowser]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkCryptSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDcomLaunch]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDhcp]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmadmin]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmboot.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmio.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmload.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdmserver]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDnsCache]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkEventLog]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkFile system]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkFilter]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkHelpSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkip6fw.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkipnat.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkLanmanServer]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkLanmanWorkstation]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkLmHosts]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMessenger]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNDIS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNDIS Wrapper]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNdisuio]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetBIOS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetBIOSGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetBT]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetDDEGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetlogon]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetMan]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetwork]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNetworkProvider]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNtLmSsp]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPCI Configuration]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPlugPlay]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPNP Filter]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPNP_TDI]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPrimary disk]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpcdd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpdd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpwd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdsessmgr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkRpcSs]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksacsvr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSCSI Class]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksermouse.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksharedaccess]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkStreams Drivers]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSystem Bus Extender]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTcpip]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTDI]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworktdpipe.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworktdtcp.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworktermservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkUploadMgr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvds]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvga.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvgasave.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinMgmt]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWZCSVC]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«disablecad»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=149
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«ShowSuperHidden»=
«NoDriveTypeAutoRun»=
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1»
«C:Program FilesMSN Messengerlivecall.exe»=»C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«D:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»D:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesFarFar.exe»=»C:Program FilesFarFar.exe:*:Enabled:File and archive manager»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{17d25e65-da06-11dc-9c02-005056c00008}]
shellAutoRuncommand — F:
shellopencommand — rundll32.exe .desktop.dll,InstallM
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{270c11ff-6cce-11dc-97b1-005056c00008}]
shellAutoRuncommand — F:f.exe
shellexplorecommand — F:f.exe
shellopencommand — F:f.exe
======List of files/folders created in the last 1 months======
2008-12-22 17:23:00 —-A—- C:mbam-info.txt
2008-12-18 22:31:39 —-A—- C:WINDOWSsystem32mshtml.dll
2008-12-17 13:43:30 —-D—- C:Program FilesMultipleIEs
2008-12-15 17:34:08 —-A—- C:WINDOWSsystem32rundll32.exe.Z-missing.txt
2008-12-15 14:09:19 —-A—- C:WINDOWSsystem32MRT.INI
2008-12-12 15:58:58 —-D—- C:rsit
2008-12-12 15:29:23 —-A—- C:WINDOWSsystem32deploytk.dll
2008-12-12 13:58:50 —-D—- C:Documents and SettingsgigApplication DataMalwarebytes
2008-12-12 13:58:44 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2008-12-12 13:58:44 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2008-12-12 13:15:16 —-D—- C:Program FilesAdvanced FAR FTP Password Recovery
2008-12-12 12:35:11 —-D—- C:Program FilesTrend Micro
2008-12-12 11:58:37 —-D—- C:Program FilesSoftLogica
2008-12-11 15:31:26 —-HDC—- C:WINDOWS$NtUninstallKB952069$
2008-12-11 15:30:53 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2008-12-11 15:30:22 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2008-12-11 15:29:54 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2008-12-10 18:27:51 —-A—- C:WINDOWSsystem32url.dll
2008-12-10 18:27:51 —-A—- C:WINDOWSsystem32msfeedsbs.dll
2008-12-10 18:27:51 —-A—- C:WINDOWSsystem32msfeeds.dll
2008-12-10 18:27:51 —-A—- C:WINDOWSsystem32iertutil.dll
2008-12-10 18:27:50 —-A—- C:WINDOWSsystem32ieapfltr.dll
2008-12-10 18:27:50 —-A—- C:WINDOWSsystem32icardie.dll
2008-12-10 18:27:49 —-A—- C:WINDOWSsystem32advpack.dll
2008-12-10 18:27:48 —-A—- C:WINDOWSsystem32wininet.dll
2008-12-10 18:27:47 —-A—- C:WINDOWSsystem32urlmon.dll
2008-12-10 18:27:43 —-A—- C:WINDOWSsystem32ieframe.dll
2008-12-10 18:27:35 —-A—- C:WINDOWSsystem32wmvcore.dll
2008-12-10 18:27:31 —-A—- C:WINDOWSsystem32gdi32.dll
2008-12-04 19:48:19 —-D—- C:Documents and SettingsgigApplication Dataany
2008-12-02 12:24:45 —-RA—- C:WINDOWSsystem32vnetinst.dll
2008-12-02 12:24:43 —-A—- C:WINDOWSsystem32vmnetdhcp.exe
2008-12-02 12:24:43 —-A—- C:WINDOWSsystem32vmnat.exe
2008-12-02 12:24:40 —-A—- C:WINDOWSsystem32vnetlib.dll
2008-12-02 12:23:49 —-D—- C:Program FilesCommon FilesVMware
2008-12-01 21:10:40 —-D—- C:Program FilesVMware
2008-12-01 20:42:47 —-D—- C:mnt
2008-12-01 13:17:48 —-D—- C:Program Filesavz4
2008-12-01 13:04:11 —-D—- C:Documents and SettingsgigApplication DataskypePM
2008-11-28 20:31:44 —-A—- C:WINDOWSsystem32rdl9432.exe
2008-11-28 20:28:37 —-D—- C:Documents and SettingsgigApplication DataScreenSeven
2008-11-28 19:47:26 —-D—- C:Program FilesZuma Deluxe
2008-11-28 19:47:14 —-D—- C:Program FilesReflexiveArcade
2008-11-27 18:44:50 —-D—- C:Transfer
2008-11-24 12:21:21 —-D—- C:Program FilesCommon FilesSkype
======List of files/folders modified in the last 1 months======
2008-12-23 14:45:20 —-D—- C:Documents and SettingsgigApplication DataSkype
2008-12-23 14:18:39 —-D—- C:Program FilesMozilla Firefox
2008-12-23 13:40:37 —-D—- C:WINDOWSsystem32CatRoot2
2008-12-23 13:37:17 —-RSHDC—- C:WINDOWSsystem32dllcache
2008-12-23 13:37:07 —-D—- C:WINDOWSsystem32inetsrv
2008-12-23 13:35:42 —-D—- C:WINDOWSsystem32drivers
2008-12-23 13:35:26 —-D—- C:WINDOWSTemp
2008-12-23 13:35:26 —-D—- C:Documents and SettingsAll UsersApplication DataVMware
2008-12-23 05:21:02 —-D—- C:WINDOWSsecurity
2008-12-23 01:05:36 —-D—- C:WINDOWSsystem32NtmsData
2008-12-22 12:33:27 —-D—- C:WINDOWSsystem32
2008-12-22 11:55:18 —-D—- C:WINDOWS
2008-12-19 15:01:08 —-D—- C:WINDOWSinf
2008-12-19 15:00:53 —-D—- C:WINDOWSie7updates
2008-12-19 15:00:47 —-HD—- C:WINDOWS$hf_mig$
2008-12-17 16:30:01 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2008-12-17 13:43:30 —-RD—- C:Program Files
2008-12-17 13:32:50 —-D—- C:Documents and SettingsgigApplication DataVMware
2008-12-15 16:33:19 —-SHD—- C:WINDOWSInstaller
2008-12-15 16:33:19 —-SHD—- C:Config.Msi
2008-12-12 15:29:14 —-A—- C:WINDOWSsystem32javaws.exe
2008-12-12 15:29:14 —-A—- C:WINDOWSsystem32javaw.exe
2008-12-12 15:29:14 —-A—- C:WINDOWSsystem32java.exe
2008-12-12 15:29:11 —-D—- C:Program FilesJava
2008-12-12 14:23:28 —-D—- C:Program FilesICQToolbar
2008-12-11 15:33:17 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2008-12-11 15:31:56 —-A—- C:WINDOWSimsins.BAK
2008-12-11 15:31:48 —-D—- C:Program FilesInternet Explorer
2008-12-10 16:26:15 —-D—- C:Program FilesQIP
2008-12-10 05:24:37 —-A—- C:WINDOWSsystem32MRT.exe
2008-12-04 19:31:16 —-D—- C:Projects
2008-12-03 03:00:01 —-D—- C:WINDOWSSystemState.Backup
2008-12-02 12:23:49 —-D—- C:Program FilesCommon Files
2008-12-02 12:08:52 —-D—- C:WINDOWSsystem32LogFiles
2008-12-01 20:46:53 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2008-12-01 13:28:45 —-D—- C:Program FilesICQ2003b
2008-12-01 13:27:55 —-D—- C:Program FilesICQLite
2008-12-01 13:26:30 —-D—- C:Program FilesИгры
2008-12-01 13:04:21 —-D—- C:Program FilesICQ6
2008-12-01 01:01:10 —-D—- C:WINDOWSrepair
2008-12-01 00:48:58 —-D—- C:Program FilesMicrosoft Silverlight
2008-11-28 18:27:43 —-D—- C:Program FilesPokerStars.NET
2008-11-28 15:04:58 —-D—- C:Program FilesFlashGet
2008-11-27 18:49:17 —-D—- C:TEMP
2008-11-26 03:05:40 —-SHD—- C:System Volume Information
2008-11-24 12:21:41 —-D—- C:Program FilesSkype
2008-11-24 12:21:41 —-D—- C:Documents and SettingsAll UsersApplication DataSkype
