SPYWARE-RU.COM

Созданные ответы форума

Просмотр 2 сообщений - с 1 по 2 (из 2 всего)

Автор

Сообщения
30 мая, 2009 в 5:24 пп в ответ на: информер-вымогатель информер исчез отовсюду кроме моего блог #24152
Teina
Participant
- Темы:1
- Сообщений:3
OTListIt Extras logfile created on: 30.05.2009 21:18:43 — Run 1
OTListIt2 by OldTimer — Version 2.0.15.8 Folder = H:Documents and SettingsalinakРабочий стол
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

1023,11 Mb Total Physical Memory | 451,96 Mb Available Physical Memory | 44,18% Memory free
2,40 Gb Paging File | 1,90 Gb Available in Paging File | 79,20% Paging File free
Paging file location(s): H:pagefile.sys 1536 3072 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:WINDOWS | %ProgramFiles% = H:Program Files
Drive C: | 134,05 Gb Total Space | 11,58 Gb Free Space | 8,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 15,00 Gb Total Space | 4,56 Gb Free Space | 30,42% Space Free | Partition Type: NTFS
Drive I: | 4,29 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: ALINA
Current User Name: alinak
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINESOFTWAREClasses]
.cpl [@ = cplfile] — rundll32.exe shell32.dll,Control_RunDLL «%1»,%*
.hlp [@ = hlpfile] — H:WINDOWSSystem32winhlp32.exe (Корпорация Майкрософт)
.html [@ = FirefoxHTML] — C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation)
.inf [@ = inffile] — H:WINDOWSSystem32NOTEPAD.EXE (Корпорация Майкрософт)
.ini [@ = inifile] — H:WINDOWSSystem32NOTEPAD.EXE (Корпорация Майкрософт)
.url [@ = InternetShortcut] — rundll32.exe shdocvw.dll,OpenURL %l
.reg [@ = regfile] — H:WINDOWSregedit.exe (Корпорация Майкрософт)
.txt [@ = txtfile] — H:WINDOWSsystem32NOTEPAD.EXE (Корпорация Майкрософт)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«FirstRunDisabled» = 1
«AntiVirusDisableNotify» = 0
«FirewallDisableNotify» = 0
«UpdatesDisableNotify» = 0
«AntiVirusOverride» = 0
«FirewallOverride» = 0
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall]

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileGloballyOpenPortsList

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile
«EnableFirewall» = 1
«DoNotAllowExceptions» = 0

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
[2008.04.14 20:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008.04.13 22:53:32 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
[2008.04.14 20:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found — H:Program FilesGoogleGoogle Talkgoogletalk.exe:*:Enabled:Google Talk
[2009.02.11 22:22:44 | 00,270,128 | —- | M] (BitTorrent, Inc.) — H:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent
[2008.01.30 06:19:32 | 00,073,728 | —- | M] (Orb Networks, Inc.) — H:Program FilesWinamp RemotebinOrb.exe:*:Enabled:Orb
[2008.04.01 05:54:06 | 00,507,904 | —- | M] (Orb Networks) — H:Program FilesWinamp RemotebinOrbTray.exe:*:Enabled:OrbTray
[2008.03.28 05:00:24 | 05,844,992 | —- | M] (Orb Networks) — H:Program FilesWinamp RemotebinOrbStreamerClient.exe:*:Enabled:Orb Stream Client
[2004.09.24 18:15:48 | 01,024,000 | —- | M] (IVT Corporation) — C:Program FilesBlueSoleilBlueSoleil.exe:*:Enabled:Bluetooth Application
[2004.09.24 17:15:48 | 01,024,000 | —- | M] (IVT Corporation) — H:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe:*:Enabled:Bluetooth Application
[2008.04.13 22:53:32 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007.01.11 16:26:56 | 00,063,112 | —- | M] (CANON INC.) — H:WINDOWSsystem32CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process
[2008.04.14 20:10:54 | 00,083,456 | —- | M] (Microsoft Corporation) — H:WINDOWSsystem32dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
[2008.04.14 20:11:07 | 00,033,280 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32rundll32.exe:*:Enabled:Запуск библиотеки DLL как приложения
[2008.11.07 15:31:38 | 21,633,320 | R— | M] (Skype Technologies S.A.) — H:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{00060000-0000-1004-8002-0000C06B5161}» = WIBU-KEY Setup (WIBU-KEY Remove)
«{13F3917B56CD4C25848BDC69916971BB}» = DivX Converter
«{18D10072035C4515918F7E37EAFAACFC}» = AutoUpdate
«{1F698102-5739-441E-96F0-74F4EA540F06}» = Attansic Ethernet Utility
«{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk» = Google Talk (remove only)
«{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1» = ConvertHelper 2.2
«{350C9419-3D7C-4EE8-BAA9-00BCB3D54227}» = WebFldrs XP
«{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}» = DAEMON Tools
«{3FC7CBBC4C1E11DCA1A752EA55D89593}» = DivX Version Checker
«{46B17380-56C5-4A0E-BEA8-F1F62948FE36}» = «Виртуальная школа Кирилла и Мефодия. Уроки геометрии. 7 класс»
«{56BFAA6E-2BCC-4AED-9233-84731E66B205}» = Solid Converter PDF v4
«{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}» = Skype™ 3.8
«{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}» = PowerDVD
«{6D9C83CB-07E8-11D5-B189-00E07D8B90C2}» = Page Promoter
«{7148F0A8-6813-11D6-A77B-00B0D0142040}» = Java 2 Runtime Environment, SE v1.4.2_04
«{767CC44C-9BBC-438D-BAD3-FD4595DD148B}» = VC80CRTRedist — 8.0.50727.762
«{7B63B2922B174135AFC0E1377DD81EC2}» = DivX Codec
«{8ADFC4160D694100B5B8A22DE9DCABD9}» = DivX Player
«{90110419-6000-11D3-8CFE-0150048383C9}» = Microsoft Office — профессиональный выпуск версии 2003
«{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}» = Google Update Helper
«{A96E97134CA649888820BCDE5E300BBD}» = H.264 Decoder
«{AAC389499AEF40428987B3D30CFC76C9}» = MKV Splitter
«{AC76BA86-7AD7-1049-7B44-A81200000003}» = Adobe Reader 8 — Russian
«{AEF9DC35ADDF4825B049ACBFD1C6EB37}» = AAC Decoder
«{B13A7C41581B411290FBC0395694E2A9}» = DivX Converter
«{B7050CBDB2504B34BC2A9CA0A692CC29}» = DivX Web Player
«{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}» = BlueSoleil
«{CC016F21-3970-11DE-B878-005056806466}» = Google Планета Земля
«{F0A37341-D692-11D4-A984-009027EC0A9C}» = SoundMAX
«{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1» = ACE Mega CoDecS Pack
«001FFFFFFF09FF00FF0701F00F02F000-R1» = ArchiCAD 9 INT
«Adobe Flash Player ActiveX» = Adobe Flash Player ActiveX
«Adobe Flash Player Plugin» = Adobe Flash Player 10 Plugin
«AtcL1» = Attansic L1 Gigabit Ethernet Driver
«avast!» = avast! Antivirus
«BDE5» = BDE5
«BSM orgazaizer v2.9» = BSM orgazaizer v2.9
«Canon LBP2900» = Canon LBP2900
«DivX Plus DirectShow Filters» = DivX Plus DirectShow Filters
«EZ Learning System Demo 1.00» = EZ Learning System Demo 1.00
«Flash Movie Player» = Flash Movie Player 1.5
«Mandala Painter 3 Professional_is1» = Mandala Painter 3.0 Professional
«Media Player Classic» = Media Player Classic (remove only)
«Mozilla Firefox (3.0.10)» = Mozilla Firefox (3.0.10)
«MSCompPackV1» = Microsoft Compression Client Pack 1.0 for Windows XP
«MyCentria» = Интернет помощник MyCentria
«MyKiT Money_is1» = MyKiT Money 6.2
«Nero — Burning Rom!UninstallKey» = Nero 6 Demo
«NVIDIA Drivers» = NVIDIA Drivers
«Orb» = Winamp Remote
«Organizer6 Personal» = Organizer6 Personal
«Punto Switcher 3.0» = Punto Switcher 3.0
«QuickTime» = QuickTime
«ViewpointMediaPlayer» = Viewpoint Media Player (Remove Only)
«Winamp» = Winamp
«Windows Media Format Runtime» = Windows Media Format 11 runtime
«Windows Media Player» = Проигрыватель Windows Media 11
«Windows XP Service Pack» = Windows XP Service Pack 3
«WinRAR archiver» = WinRAR archiver
«WMFDist11» = Windows Media Format 11 runtime
«wmp11» = Windows Media Player 11
«Wudf01000» = Microsoft User-Mode Driver Framework Feature Pack 1.0
«Математика+ от AV 1.2_is1» = Математика+ 1.2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent» = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERSS-1-5-21-1614895754-1844237615-1801674531-1003SOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent» = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error — 10.06.2008 6:39:52 | Computer Name = ALINA | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
I:MS Office 2003 Russr2Office2003SP2-KB887616-FullFile-RUS.exe failed, 0000001E.

Error — 20.04.2009 7:05:36 | Computer Name = ALINA | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
L:IMG_1681.JPG failed, 00000037.

Error — 20.04.2009 7:05:36 | Computer Name = ALINA | Source = avast! | ID = 33554522
Description = AAVM — scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
L:IMG_1686.JPG failed, 0000001E.

[ Application Events ]
Error — 26.04.2009 13:41:31 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение OIS.EXE, версия 11.0.8161.0, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.

Error — 01.05.2009 9:06:42 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение firefox.exe, версия 1.9.0.3399, зависший модуль
hungapp, версия 0.0.0.0, адрес 0x00000000.

Error — 01.05.2009 9:06:46 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение firefox.exe, версия 1.9.0.3399, зависший модуль
hungapp, версия 0.0.0.0, адрес 0x00000000.

Error — 11.05.2009 6:46:35 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение Skype.exe, версия 3.8.0.188, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.

Error — 19.05.2009 4:43:22 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение Skype.exe, версия 3.8.0.188, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.

Error — 19.05.2009 4:43:25 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение Skype.exe, версия 3.8.0.188, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.

Error — 19.05.2009 16:25:53 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение Skype.exe, версия 3.8.0.188, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.

Error — 23.05.2009 9:37:57 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение Skype.exe, версия 3.8.0.188, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.

Error — 23.05.2009 9:37:59 | Computer Name = ALINA | Source = Application Hang | ID = 1002
Description = Зависшее приложение Skype.exe, версия 3.8.0.188, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.

Error — 27.05.2009 11:28:14 | Computer Name = ALINA | Source = Google Update | ID = 20
Description =

[ System Events ]
Error — 24.05.2009 13:51:34 | Computer Name = ALINA | Source = Cdrom | ID = 262151
Description = Неверный блок на устройстве DeviceCdRom0.
30 мая, 2009 в 5:23 пп в ответ на: информер-вымогатель информер исчез отовсюду кроме моего блог #24151
Teina
Participant
- Темы:1
- Сообщений:3
OTListIt logfile created on: 30.05.2009 21:18:43 — Run 1
OTListIt2 by OldTimer — Version 2.0.15.8 Folder = H:Documents and SettingsalinakРабочий стол
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

1023,11 Mb Total Physical Memory | 451,96 Mb Available Physical Memory | 44,18% Memory free
2,40 Gb Paging File | 1,90 Gb Available in Paging File | 79,20% Paging File free
Paging file location(s): H:pagefile.sys 1536 3072 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:WINDOWS | %ProgramFiles% = H:Program Files
Drive C: | 134,05 Gb Total Space | 11,58 Gb Free Space | 8,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 15,00 Gb Total Space | 4,56 Gb Free Space | 30,42% Space Free | Partition Type: NTFS
Drive I: | 4,29 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: ALINA
Current User Name: alinak
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC — [2008.04.14 20:11:09 | 00,050,688 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32smss.exe
PRC — [2008.04.14 20:11:13 | 00,509,440 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32winlogon.exe
PRC — [2009.02.09 15:25:55 | 00,111,104 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32services.exe
PRC — [2009.02.06 01:01:25 | 00,018,752 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
PRC — [2009.02.06 01:08:40 | 00,138,680 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4ashServ.exe
PRC — [2008.04.14 20:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — H:WINDOWSExplorer.EXE
PRC — [2008.04.14 20:11:07 | 00,033,280 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32rundll32.exe
PRC — [2006.12.18 17:34:00 | 00,868,352 | R— | M] (Analog Devices, Inc.) — H:Program FilesAnalog DevicesCoresmax4pnp.exe
PRC — [2006.07.13 07:12:26 | 00,729,088 | —- | M] (Analog Devices, Inc.) — H:Program FilesAnalog DevicesSoundMAXSmax4.exe
PRC — [2008.04.14 20:11:07 | 00,033,280 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32RUNDLL32.EXE
PRC — [2009.02.06 01:08:45 | 00,081,000 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4ashDisp.exe
PRC — [2008.08.04 03:02:20 | 00,036,352 | —- | M] () — H:Program FilesWinampwinampa.exe
PRC — [2004.02.22 23:44:44 | 00,032,881 | —- | M] () — H:Program FilesJavaj2re1.4.2_04binjusched.exe
PRC — [2008.09.11 12:21:39 | 00,098,304 | —- | M] (Apple Computer, Inc.) — H:WINDOWSsystem32qttask.exe
PRC — [2004.08.22 17:05:02 | 00,081,920 | —- | M] (DAEMON’S HOME) — H:Program FilesDRToolsdaemon.exe
PRC — [2004.11.02 21:24:46 | 00,032,768 | —- | M] (Cyberlink Corp.) — H:Program FilesPowerDVDPDVDServ.exe
PRC — [2008.04.01 05:54:06 | 00,507,904 | —- | M] (Orb Networks) — H:Program FilesWinamp RemotebinOrbTray.exe
PRC — [2008.11.07 15:31:38 | 21,633,320 | R— | M] (Skype Technologies S.A.) — H:Program FilesSkypePhoneSkype.exe
PRC — [2008.10.16 15:20:08 | 00,735,016 | —- | M] (ООО Яндекс) — H:Program FilesPunto Switcherpunto.exe
PRC — [2008.02.20 18:46:14 | 00,659,456 | —- | M] (T-SoftWare) — H:Program FilesOrganizer6 PersonalCrier.exe
PRC — [2009.03.05 18:03:14 | 00,133,104 | —- | M] (Google Inc.) — H:Program FilesGoogleUpdateGoogleUpdate.exe
PRC — [2004.09.21 18:36:08 | 00,106,496 | —- | M] () — H:Program FilesIVT CorporationBlueSoleilBTNtService.exe
PRC — [2007.04.12 19:44:00 | 00,163,908 | —- | M] (NVIDIA Corporation) — H:WINDOWSsystem32nvsvc32.exe
PRC — [2008.01.30 06:19:32 | 00,073,728 | —- | M] (Orb Networks, Inc.) — H:Program FilesWinamp RemotebinOrb.exe
PRC — [2008.10.02 14:16:48 | 00,189,688 | —- | M] (Solid Documents, LLC) — H:WINDOWSInstallerMSI82.tmp
PRC — [2009.02.06 01:08:26 | 00,254,040 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
PRC — [2009.02.06 01:06:04 | 00,352,920 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4ashWebSv.exe
PRC — [2008.09.23 15:17:08 | 00,076,744 | R— | M] (Skype Technologies) — H:Program FilesSkypePlugin ManagerskypePM.exe
PRC — [2009.04.18 09:43:23 | 05,431,808 | —- | M] (Pamela-Systems) — H:Documents and SettingsAll UsersApplication DataSkypePluginsPlugins903CB56BA52F42478957BE8314837A86PamelaPCR.exe
PRC — [2007.01.11 16:26:56 | 00,063,112 | —- | M] (CANON INC.) — H:WINDOWSsystem32CNAB4RPK.EXE
PRC — [2009.04.24 14:22:08 | 00,307,704 | —- | M] (Mozilla Corporation) — C:Program FilesMozilla Firefoxfirefox.exe
PRC — [2008.10.13 12:25:02 | 12,310,864 | —- | M] (Microsoft Corporation) — H:Program FilesMicrosoft OfficeOFFICE11WINWORD.EXE
PRC — [2009.05.30 21:18:23 | 00,501,248 | —- | M] (OldTimer Tools) — H:Documents and SettingsalinakРабочий столOTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV — [2008.04.14 20:10:33 | 00,171,008 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32appmgmts.dll — (AppMgmt [On_Demand | Stopped])
SRV — [2009.02.06 01:01:25 | 00,018,752 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4aswUpdSv.exe — (aswUpdSv [Auto | Running])
SRV — [2009.02.06 01:08:40 | 00,138,680 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4ashServ.exe — (avast! Antivirus [Auto | Running])
SRV — [2009.02.06 01:08:26 | 00,254,040 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4ashMaiSv.exe — (avast! Mail Scanner [On_Demand | Running])
SRV — [2009.02.06 01:06:04 | 00,352,920 | —- | M] (ALWIL Software) — H:Program FilesAlwil SoftwareAvast4ashWebSv.exe — (avast! Web Scanner [On_Demand | Running])
SRV — [2008.04.14 20:10:43 | 00,409,088 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32qmgr.dll — (BITS [On_Demand | Running])
SRV — [2004.09.21 18:36:08 | 00,106,496 | —- | M] () — H:Program FilesIVT CorporationBlueSoleilBTNtService.exe — (BlueSoleil Hid Service [Auto | Running])
SRV — [2008.04.14 20:10:35 | 00,126,464 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32dhcpcsvc.dll — (Dhcp [Auto | Running])
SRV — [2008.04.14 20:10:35 | 00,024,064 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32dmserver.dll — (dmserver [Auto | Running])
SRV — [2008.04.14 20:10:35 | 00,045,568 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32dnsrslvr.dll — (Dnscache [Auto | Running])
SRV — [2009.02.09 15:25:55 | 00,111,104 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32services.exe — (Eventlog [Auto | Running])
SRV — [2008.04.14 20:10:44 | 00,135,680 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32shsvcs.dll — (FastUserSwitchingCompatibility [On_Demand | Running])
SRV — [2009.03.05 18:03:14 | 00,133,104 | —- | M] (Google Inc.) — H:Program FilesGoogleUpdateGoogleUpdate.exe — (gupdate1c99d9b22660d98 [Auto | Stopped])
SRV — [2008.04.14 20:10:43 | 00,038,400 | —- | M] (Microsoft Corporation) — H:WINDOWSPCHealthHelpCtrBinariespchsvc.dll — (helpsvc [Auto | Running])
SRV — [2008.04.14 20:10:58 | 00,150,528 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32imapi.exe — (ImapiService [On_Demand | Stopped])
SRV — [2008.04.14 20:11:00 | 00,032,768 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32mnmsrvc.exe — (mnmsrvc [On_Demand | Stopped])
SRV — [2008.04.14 20:11:04 | 00,113,664 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32netdde.exe — (NetDDE [Disabled | Stopped])
SRV — [2008.04.14 20:11:04 | 00,113,664 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32netdde.exe — (NetDDEdsdm [Disabled | Stopped])
SRV — [2008.04.14 20:10:41 | 00,198,144 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32netman.dll — (Netman [On_Demand | Running])
SRV — [2008.06.20 21:48:23 | 00,247,296 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32mswsock.dll — (Nla [On_Demand | Running])
SRV — [2008.04.14 20:10:42 | 00,436,736 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32ntmssvc.dll — (NtmsSvc [On_Demand | Stopped])
SRV — [2007.04.12 19:44:00 | 00,163,908 | —- | M] (NVIDIA Corporation) — H:WINDOWSsystem32nvsvc32.exe — (NVSvc [Auto | Running])
SRV — [2003.07.28 20:28:22 | 00,089,136 | —- | M] (Microsoft Corporation) — H:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
SRV — [2009.02.09 15:25:55 | 00,111,104 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32services.exe — (PlugPlay [Auto | Running])
SRV — [2008.04.14 20:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32sessmgr.exe — (RDSessMgr [On_Demand | Stopped])
SRV — [2008.04.14 20:11:07 | 00,096,768 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32SCardSvr.exe — (SCardSvr [On_Demand | Stopped])
SRV — [2008.04.14 20:10:44 | 00,193,024 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32schedsvc.dll — (Schedule [Auto | Running])
SRV — [2008.10.02 14:16:48 | 00,189,688 | —- | M] (Solid Documents, LLC) — H:WINDOWSInstallerMSI82.tmp — (SCPDFV4ReadSpool [Auto | Running])
SRV — [2008.04.14 20:10:44 | 00,018,944 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32seclogon.dll — (seclogon [Auto | Running])
SRV — [2008.04.14 20:10:38 | 00,331,264 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32ipnathlp.dll — (SharedAccess [Auto | Running])
SRV — [2008.04.14 20:10:44 | 00,135,680 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32shsvcs.dll — (ShellHWDetection [Auto | Running])
SRV — [2008.04.14 20:10:45 | 00,171,008 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32srsvc.dll — (srservice [Auto | Running])
SRV — [2008.04.14 20:10:46 | 00,333,824 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32wiaservc.dll — (stisvc [On_Demand | Stopped])
SRV — [2008.04.14 20:11:09 | 00,091,648 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32smlogsvc.exe — (SysmonLog [On_Demand | Stopped])
SRV — [2008.04.14 20:10:45 | 00,249,856 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32tapisrv.dll — (TapiSrv [On_Demand | Running])
SRV — [2008.04.14 20:10:45 | 00,295,936 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32termsrv.dll — (TermService [On_Demand | Running])
SRV — [2008.04.14 20:10:44 | 00,135,680 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32shsvcs.dll — (Themes [Auto | Running])
SRV — [2008.04.14 20:11:11 | 00,073,216 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32tlntsvr.exe — (TlntSvr [Disabled | Stopped])
SRV — [2008.04.14 20:10:46 | 00,186,368 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32upnphost.dll — (upnphost [On_Demand | Running])
SRV — [2008.04.14 20:11:12 | 00,290,304 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32vssvc.exe — (VSS [On_Demand | Stopped])
SRV — [2008.04.14 20:10:46 | 00,175,616 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32w32time.dll — (W32Time [Auto | Running])
SRV — [2008.04.14 20:10:46 | 00,145,408 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32wbemWMIsvc.dll — (winmgmt [Auto | Running])
SRV — [2009.02.09 14:54:17 | 00,687,616 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32advapi32.dll — (Wmi [On_Demand | Stopped])
SRV — [2008.04.14 20:11:13 | 00,126,464 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32wbemwmiapsrv.exe — (WmiApSrv [On_Demand | Stopped])
SRV — [2006.11.02 23:06:32 | 00,914,944 | —- | M] (Microsoft Corporation) — H:Program FilesWindows Media PlayerWMPNetwk.exe — (WMPNetworkSvc [On_Demand | Stopped])
SRV — [2008.04.14 20:10:48 | 00,483,840 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32wzcsvc.dll — (WZCSVC [Auto | Running])

========== Driver Services (SafeList) ==========

DRV — [2009.02.06 01:05:11 | 00,026,944 | —- | M] (ALWIL Software) — H:WINDOWSSystem32driversaavmker4.sys — (Aavmker4 [System | Running])
DRV — [2008.04.14 19:37:37 | 00,188,288 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSACPI.sys — (ACPI [Boot | Running])
DRV — [2004.08.18 16:00:00 | 00,011,776 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32driversacpiec.sys — (ACPIEC [Disabled | Stopped])
DRV — [2007.01.16 05:09:00 | 00,293,888 | R— | M] (Analog Devices, Inc.) — H:WINDOWSsystem32driversADIHdAud.sys — (ADIHdAudAddService [On_Demand | Running])
DRV — [2006.08.07 02:57:00 | 00,093,952 | R— | M] (Andrea Electronics Corporation) — H:WINDOWSsystem32driversAEAudio.sys — (AEAudio [On_Demand | Running])
DRV — [2009.02.06 01:07:12 | 00,020,560 | —- | M] (ALWIL Software) — H:WINDOWSsystem32DRIVERSaswFsBlk.sys — (aswFsBlk [Auto | Running])
DRV — [2009.02.06 01:08:10 | 00,094,032 | —- | M] (ALWIL Software) — H:WINDOWSSystem32driversaswmon2.sys — (aswMon2 [Auto | Running])
DRV — [2009.02.06 01:06:10 | 00,023,152 | —- | M] (ALWIL Software) — H:WINDOWSSystem32driversaswRdr.sys — (aswRdr [On_Demand | Running])
DRV — [2009.02.06 01:07:23 | 00,114,768 | —- | M] (ALWIL Software) — H:WINDOWSSystem32driversaswSP.sys — (aswSP [System | Running])
DRV — [2009.02.06 01:06:20 | 00,051,376 | —- | M] (ALWIL Software) — H:WINDOWSSystem32driversaswTdi.sys — (aswTdi [System | Running])
DRV — [2007.03.15 10:12:04 | 00,038,656 | R— | M] (Attansic Technology corporation.) — H:WINDOWSsystem32DRIVERSatl01_xp.sys — (AtcL001 [On_Demand | Running])
DRV — [2004.09.21 18:18:36 | 00,019,712 | —- | M] (IVT Corporation) — H:WINDOWSsystem32DRIVERSblueletaudio.sys — (BlueletAudio [On_Demand | Running])
DRV — [2004.09.21 18:15:34 | 00,010,804 | —- | M] (IVT Corporation) — H:WINDOWSsystem32DRIVERSbtnetdrv.sys — (BT [On_Demand | Stopped])
DRV — [2004.09.21 18:18:40 | 00,023,640 | —- | M] (IVT Corporation) — H:WINDOWSSystem32Driversbtcusb.sys — (Btcsrusb [On_Demand | Running])
DRV — [2004.09.21 18:18:02 | 00,011,604 | —- | M] () — H:WINDOWSsystem32DRIVERSvbtenum.sys — (BTHidEnum [On_Demand | Running])
DRV — [2004.09.21 18:18:02 | 00,028,719 | —- | M] (IVT Corporation) — H:WINDOWSSystem32DriversBTHidMgr.sys — (BTHidMgr [Boot | Running])
DRV — [2008.06.14 21:35:32 | 00,272,512 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32DriversBTHport.sys — (BTHPORT [On_Demand | Stopped])
DRV — [2008.04.14 19:41:12 | 00,044,544 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32driversfips.sys — (Fips [System | Running])
DRV — [2008.03.13 13:51:00 | 00,057,536 | —- | M] (FTDI Ltd.) — H:WINDOWSsystem32driversftdibus.sys — (FTDIBUS [On_Demand | Stopped])
DRV — [2004.08.18 16:00:00 | 00,125,440 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSftdisk.sys — (Ftdisk [Boot | Running])
DRV — [2007.06.27 13:04:14 | 00,071,488 | —- | M] (FTDI Ltd.) — H:WINDOWSsystem32driversftser2k.sys — (FTSER2K [On_Demand | Stopped])
DRV — [2004.10.27 15:21:30 | 00,145,920 | —- | M] (Windows (R) Server 2003 DDK provider) — H:WINDOWSsystem32driversHdAudio.sys — (HdAudAddService [On_Demand | Stopped])
DRV — [2008.04.13 20:36:05 | 00,144,384 | —- | M] (Windows (R) Server 2003 DDK provider) — H:WINDOWSsystem32DRIVERSHDAudBus.sys — (HDAudBus [On_Demand | Running])
DRV — [2008.04.14 19:44:08 | 00,053,120 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSi8042prt.sys — (i8042prt [System | Running])
DRV — [2003.03.29 15:45:18 | 00,089,184 | —- | M] (Ahead Software AG and its licensors) — H:WINDOWSsystem32DRIVERSimagedrv.sys — (Imagedrv [Boot | Running])
DRV — [2008.04.14 19:47:15 | 00,037,504 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSisapnp.sys — (isapnp [Boot | Running])
DRV — [2008.04.14 19:47:55 | 00,024,832 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSkbdclass.sys — (Kbdclass [System | Running])
DRV — [2008.04.14 19:37:37 | 00,030,208 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32driversmodem.sys — (Modem [On_Demand | Running])
DRV — [2008.04.14 19:37:43 | 00,023,296 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSmouclass.sys — (Mouclass [System | Running])
DRV — [2004.08.13 06:56:20 | 00,005,810 | R— | M] () — H:WINDOWSsystem32DRIVERSASACPI.sys — (MTsensor [On_Demand | Running])
DRV — [2007.04.12 19:44:00 | 06,738,656 | —- | M] (NVIDIA Corporation) — H:WINDOWSsystem32DRIVERSnv4_mini.sys — (nv [On_Demand | Running])
DRV — [2000.02.17 22:53:08 | 00,035,744 | R— | M] () — H:WINDOWSSystem32DRIVERSOKIPAR.SYS — (OkiPar [Auto | Running])
DRV — [2008.04.14 19:52:21 | 00,080,128 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSparport.sys — (Parport [On_Demand | Running])
DRV — [2004.08.18 16:00:00 | 00,006,912 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32driversparvdm.sys — (ParVdm [Auto | Running])
DRV — [2008.04.14 19:52:28 | 00,068,480 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSpci.sys — (PCI [Boot | Running])
DRV — [2001.10.19 20:32:14 | 00,003,328 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSpciide.sys — (PCIIde [Boot | Running])
DRV — [2008.04.14 19:52:30 | 00,120,192 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32driverspcmcia.sys — (Pcmcia [Disabled | Stopped])
DRV — [2002.10.05 17:22:41 | 00,053,376 | —- | M] (Protection Technology Co.) — H:WINDOWSSystem32driversprodrv05.sys — (prodrv05 [System | Running])
DRV — [2002.10.05 17:35:57 | 00,075,936 | —- | M] (Protection Technology Co.) — H:WINDOWSSystem32driversprohlp01.sys — (prohlp01 [Boot | Running])
DRV — [2004.08.18 16:00:00 | 00,017,792 | —- | M] (Parallel Technologies, Inc.) — H:WINDOWSsystem32DRIVERSptilink.sys — (Ptilink [On_Demand | Running])
DRV — [2007.03.08 03:51:00 | 00,043,528 | —- | M] (Sonic Solutions) — H:WINDOWSSystem32DriversPxHelp20.sys — (PxHelp20 [Boot | Running])
DRV — [2008.04.14 19:41:47 | 00,058,368 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSredbook.sys — (redbook [System | Running])
DRV — [2004.08.18 16:00:00 | 00,005,888 | —- | M] (Microsoft Corporation) — H:WINDOWSSystem32DriversRootMdm.sys — (ROOTMODEM [On_Demand | Running])
DRV — [2008.10.23 21:44:03 | 00,163,644 | —- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) — H:WINDOWSsystem32DRIVERSsecdrv.sys — (Secdrv [On_Demand | Stopped])
DRV — [2006.03.17 13:18:00 | 00,392,960 | R— | M] (Sensaura) — H:WINDOWSsystem32driversSenfilt.sys — (SenFiltService [On_Demand | Running])
DRV — [2008.04.14 19:44:00 | 00,065,024 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSserial.sys — (Serial [System | Running])
DRV — [2008.04.14 19:52:45 | 00,073,472 | —- | M] (Корпорация Майкрософт) — H:WINDOWSsystem32DRIVERSsr.sys — (sr [Boot | Running])
DRV — [2004.08.22 16:31:10 | 00,155,136 | —- | M] ( ) — H:WINDOWSsystem32DRIVERSUP55bus.sys — (UP55bus [Boot | Running])
DRV — [2004.08.22 16:31:48 | 00,005,248 | —- | M] ( ) — H:WINDOWSSystem32DriversUP55prt.sys — (UP55prt [Boot | Running])
DRV — [2004.09.21 18:18:52 | 00,061,048 | —- | M] (IVT Corporation) — H:WINDOWSsystem32DRIVERSVComm.sys — (VComm [On_Demand | Running])
DRV — [2004.09.22 18:08:46 | 00,081,548 | —- | M] (IVT Corporation) — H:WINDOWSSystem32DriversVcommMgr.sys — (VcommMgr [On_Demand | Running])
DRV — [2008.04.14 19:40:08 | 00,051,968 | —- | M] (Корпорация Майкрософт) — H:WINDOWSSystem32driversvolsnap.sys — (VolSnap [Boot | Running])
DRV — [2004.08.18 11:00:00 | 00,067,584 | —- | M] (WIBU-SYSTEMS AG) — H:WINDOWSSYSTEM32DRIVERSWibukey.sys — (WIBUKEY [Auto | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com/ie
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL = http://www.google.com/ie
IE — HKLMSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.google.com/ie

IE — HKU.DEFAULT.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

IE — HKUS-1-5-18S-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

IE — HKUS-1-5-21-1614895754-1844237615-1801674531-1003SOFTWAREMicrosoftInternet ExplorerMain,Local Page = H:WINDOWSsystem32blank.htm
IE — HKUS-1-5-21-1614895754-1844237615-1801674531-1003SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.google.com
IE — HKUS-1-5-21-1614895754-1844237615-1801674531-1003SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.km.ru
IE — HKUS-1-5-21-1614895754-1844237615-1801674531-1003SOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.google.com/ie
IE — HKUS-1-5-21-1614895754-1844237615-1801674531-1003S-1-5-21-1614895754-1844237615-1801674531-1003SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

========== FireFox ==========

FF — prefs.js..browser.search.defaultenginename: «Google»
FF — prefs.js..browser.search.defaulturl: «http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=»
FF — prefs.js..browser.search.selectedEngine: «Google»
FF — prefs.js..browser.startup.homepage: «http://www.yandex.ru/?clid=40795»
FF — prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.4
FF — prefs.js..extensions.enabledItems: toolbar@netpromoter.ru:3.2.3

FF — HKLMsoftwaremozillaMozilla Firefox 3.0.10extensions\Components: C:PROGRAM FILESMOZILLA FIREFOXCOMPONENTS [2009.05.01 14:58:44 | 00,000,000 | —D | M]
FF — HKLMsoftwaremozillaMozilla Firefox 3.0.10extensions\Plugins: C:PROGRAM FILESMOZILLA FIREFOXPLUGINS [2009.05.01 14:22:42 | 00,000,000 | —D | M]

[2008.08.27 13:39:31 | 00,000,000 | —D | M] — H:Documents and SettingsalinakApplication DatamozillaExtensions
[2008.08.27 13:39:31 | 00,000,000 | —D | M] — H:Documents and SettingsalinakApplication DatamozillaExtensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.05.30 15:53:03 | 00,000,000 | —D | M] — H:Documents and SettingsalinakApplication DatamozillaFirefoxProfilesmek6ambf.defaultextensions
[2009.05.14 12:54:58 | 00,000,000 | —D | M] — H:Documents and SettingsalinakApplication DatamozillaFirefoxProfilesmek6ambf.defaultextensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.05.01 21:11:53 | 00,000,000 | —D | M] — H:Documents and SettingsalinakApplication DatamozillaFirefoxProfilesmek6ambf.defaultextensionstoolbar@netpromoter.ru
[2008.06.10 13:51:23 | 00,001,362 | —- | M] () — H:Documents and SettingsalinakApplication DataMozillaFireFoxProfilesmek6ambf.defaultsearchpluginswinampsearch.xml

O1 HOSTS File: (769 bytes) — H:WINDOWSSystem32driversetcHosts
O1 — Hosts: 127.0.0.1 localhost
O2 — BHO: (Adobe PDF Reader Link Helper) — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — H:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll (Adobe Systems Incorporated)
O2 — BHO: (BP Data Feeder) — {9D64F819-9380-8473-DAB2-702FCB3D7A3E} — File not found
O3 — HKLM..Toolbar: (&Page Promoter Bar) — {BA5D8DF9-1851-4660-B3AE-89E6E030AC34} — Reg Error: Value error. File not found
O3 — HKUS-1-5-21-1614895754-1844237615-1801674531-1003..ToolbarShellBrowser: (no name) — {01E04581-4EEE-11D0-BFE9-00AA005B4383} — H:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
O3 — HKUS-1-5-21-1614895754-1844237615-1801674531-1003..ToolbarWebBrowser: (no name) — {01E04581-4EEE-11D0-BFE9-00AA005B4383} — H:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
O3 — HKUS-1-5-21-1614895754-1844237615-1801674531-1003..ToolbarWebBrowser: (no name) — {0E5CBF21-D15F-11D0-8301-00AA005B4383} — H:WINDOWSsystem32SHELL32.dll (Корпорация Майкрософт)
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «H:Program FilesAdobeReader 8.0ReaderReader_sl.exe» (Adobe Systems Incorporated)
O4 — HKLM..Run: [avast!] H:PROGRA~1ALWILS~1Avast4ashDisp.exe (ALWIL Software)
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent File not found
O4 — HKLM..Run: [DAEMON Tools-1033] «H:Program FilesDRToolsdaemon.exe» -lang 1033 (DAEMON’S HOME)
O4 — HKLM..Run: [googletalk] H:Program FilesGoogleGoogle Talkgoogletalk.exe /autostart File not found
O4 — HKLM..Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 — HKLM..Run: [NeroFilterCheck] H:WINDOWSsystem32NeroCheck.exe (Ahead Software Gmbh)
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE H:WINDOWSsystem32NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE H:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 — HKLM..Run: [nwiz] nwiz.exe /install File not found
O4 — HKLM..Run: [QuickTime Task] «H:WINDOWSsystem32qttask.exe» -atboottime (Apple Computer, Inc.)
O4 — HKLM..Run: [RemoteControl] «H:Program FilesPowerDVDPDVDServ.exe» (Cyberlink Corp.)
O4 — HKLM..Run: [SoundMAX] «H:Program FilesAnalog DevicesSoundMAXSmax4.exe» /tray (Analog Devices, Inc.)
O4 — HKLM..Run: [SoundMAXPnP] H:Program FilesAnalog DevicesCoresmax4pnp.exe (Analog Devices, Inc.)
O4 — HKLM..Run: [SunJavaUpdateSched] H:Program FilesJavaj2re1.4.2_04binjusched.exe ()
O4 — HKLM..Run: [WinampAgent] «H:Program FilesWinampwinampa.exe» ()
O4 — HKUS-1-5-21-1614895754-1844237615-1801674531-1003..Run: [ArtyTalk] «H:Program FilesArtyTalkArtyTalk.exe» /silentstart File not found
O4 — HKUS-1-5-21-1614895754-1844237615-1801674531-1003..Run: [Orb] «H:Program FilesWinamp RemotebinOrbTray.exe» /background (Orb Networks)
O4 — HKUS-1-5-21-1614895754-1844237615-1801674531-1003..Run: [Punto Switcher] H:Program FilesPunto Switcherpunto.exe (ООО Яндекс)
O4 — HKUS-1-5-21-1614895754-1844237615-1801674531-1003..Run: [Skype] «H:Program FilesSkypePhoneSkype.exe» /nosplash /minimized (Skype Technologies S.A.)
O4 — Startup: H:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаBlueSoleil.lnk = H:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe (IVT Corporation)
O4 — Startup: H:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузкаГлашатай.lnk = H:Program FilesOrganizer6 PersonalCrier.exe (T-SoftWare)
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: dontdisplaylastusername = 0
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: legalnoticecaption =
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: legalnoticetext =
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: shutdownwithoutlogon = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: undockwithoutlogon = 1
O7 — HKU.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O7 — HKUS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O7 — HKUS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O7 — HKUS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O7 — HKUS-1-5-21-1614895754-1844237615-1801674531-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://H:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 (Microsoft Corporation)
O9 — Extra ‘Tools’ menuitem : Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — Reg Error: Key error. File not found
O9 — Extra Button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — H:Program FilesMicrosoft OfficeOFFICE11REFIEBAR.DLL (Microsoft Corporation)
O9 — Extra ‘Tools’ menuitem : @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — H:WINDOWSNetwork Diagnosticxpnetdiag.exe (Microsoft Corporation)
O9 — Extra Button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — H:Program FilesMessengermsmsgs.exe (Microsoft Corporation)
O9 — Extra ‘Tools’ menuitem : Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — H:Program FilesMessengermsmsgs.exe (Microsoft Corporation)
O10 — NameSpace_Catalog5Catalog_Entries00000000001 [TCP/IP] — H:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — NameSpace_Catalog5Catalog_Entries00000000003 [Пространство имен службы сетевого расположения (NLA)] — H:WINDOWSSystem32mswsock.dll (Корпорация Майкрософт)
O10 — NameSpace_Catalog5Catalog_Entries00000000004 [Пространство имен Bluetooth] — H:WINDOWSsystem32wshbth.dll (Microsoft Corporation)
O10 — Protocol_Catalog9Catalog_Entries00000000001 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000002 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000003 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000004 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000005 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000006 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000007 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000008 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000009 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000010 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000011 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000012 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000013 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000014 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000015 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000016 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000017 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000018 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000019 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000020 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000021 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O10 — Protocol_Catalog9Catalog_Entries00000000022 — H:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
O15 — HKLM..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 — DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_04)
O16 — DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_04)
O18 — ProtocolHandlerabout {3050F406-98B5-11CF-BB82-00AA00BDCE0B} — H:WINDOWSsystem32mshtml.dll (Корпорация Майкрософт)
O18 — ProtocolHandlercdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerdvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} — H:WINDOWSsystem32msvidctl.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerfile {79eac9e7-baf9-11ce-8c82-00aa004ba90b} — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolHandlergopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerhttp {79eac9e2-baf9-11ce-8c82-00aa004ba90b} — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerhttpx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — H:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttpoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — H:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttps {79eac9e5-baf9-11ce-8c82-00aa004ba90b} — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerhttpsx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — H:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerhttpsoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — H:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — H:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlerjavascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} — H:WINDOWSsystem32mshtml.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerlocal {79eac9e7-baf9-11ce-8c82-00aa004ba90b} — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolHandlermailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} — H:WINDOWSsystem32mshtml.dll (Корпорация Майкрософт)
O18 — ProtocolHandlermk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolHandlermsdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} — H:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlermsdaippoledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} — H:Program FilesCommon FilesSYSTEMOLE DBmsdaipp.dll (Microsoft Corporation)
O18 — ProtocolHandlermso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} — H:Program FilesCommon FilesMicrosoft SharedWeb Components10OWC10.DLL (Microsoft Corporation)
O18 — ProtocolHandlermso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} — H:Program FilesCommon FilesMicrosoft SharedWeb Components11OWC11.DLL (Microsoft Corporation)
O18 — ProtocolHandlerres {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} — H:WINDOWSsystem32mshtml.dll (Корпорация Майкрософт)
O18 — ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — H:Program FilesCommon FilesSkypeSkype4COM.dll (Skype Technologies)
O18 — ProtocolHandlersysimage {76E67A63-06E9-11D2-A840-006008059382} — H:WINDOWSsystem32mshtml.dll (Корпорация Майкрософт)
O18 — ProtocolHandlertv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} — H:WINDOWSsystem32msvidctl.dll (Корпорация Майкрософт)
O18 — ProtocolHandlervbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} — H:WINDOWSsystem32mshtml.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — Class Install Handler — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — deflate — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — gzip — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — lzdhtml — H:WINDOWSsystem32urlmon.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — text/webviewhtml — H:WINDOWSsystem32SHELL32.dll (Корпорация Майкрософт)
O18 — ProtocolFilter: — text/xml — H:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL (Microsoft Corporation)
O20 — HKLM Winlogon: Shell — (Explorer.exe) — H:WINDOWSExplorer.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: UserInit — (H:WINDOWSsystem32userinit.exe) — H:WINDOWSsystem32userinit.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: UIHost — (logonui.exe) — H:WINDOWSsystem32logonui.exe (Корпорация Майкрософт)
O20 — HKLM Winlogon: VMApplet — (rundll32 shell32) — H:WINDOWSSystem32shell32.dll (Корпорация Майкрософт)
O20 — HKLM Winlogon: VMApplet — (Control_RunDLL «sysdm.cpl») — H:WINDOWSsystem32sysdm.cpl (Корпорация Майкрософт)
O20 — WinlogonNotifycrypt32chain: DllName — crypt32.dll — H:WINDOWSsystem32crypt32.dll (Корпорация Майкрософт)
O20 — WinlogonNotifycscdll: DllName — cscdll.dll — H:WINDOWSsystem32cscdll.dll (Корпорация Майкрософт)
O20 — WinlogonNotifyScCertProp: DllName — wlnotify.dll — H:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifySchedule: DllName — wlnotify.dll — H:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifysclgntfy: DllName — sclgntfy.dll — H:WINDOWSsystem32sclgntfy.dll (Корпорация Майкрософт)
O20 — WinlogonNotifySensLogn: DllName — WlNotify.dll — H:WINDOWSsystem32WlNotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifytermsrv: DllName — wlnotify.dll — H:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
O20 — WinlogonNotifywlballoon: DllName — wlnotify.dll — H:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
O21 — SSODL: CDBurn — {fbeb8a05-beee-4442-804e-409d6c4515e9} — H:WINDOWSsystem32SHELL32.dll (Корпорация Майкрософт)
O21 — SSODL: PostBootReminder — {7849596a-48ea-486e-8937-a2a3009f31a9} — H:WINDOWSsystem32SHELL32.dll (Корпорация Майкрософт)
O21 — SSODL: SysTray — {35CEC8A3-2BE6-11D2-8773-92E220524153} — H:WINDOWSsystem32stobject.dll (Корпорация Майкрософт)
O21 — SSODL: WebCheck — {E6FB5E20-DE35-11CF-9C87-00AA005127ED} — H:WINDOWSsystem32webcheck.dll (Корпорация Майкрософт)
O22 — SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} — Предзагрузчик Browseui — H:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
O22 — SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} — Демон кэша категорий компонентов — H:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)
O24 — Desktop Components:0 (Моя текущая домашняя страница) — About:Home
O28 — HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} — H:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)
O29 — HKLM SecurityProviders — (digest.dll) — H:WINDOWSsystem32digest.dll (Корпорация Майкрософт)
O29 — HKLM SecurityProviders — (msnsspc.dll) — H:WINDOWSsystem32msnsspc.dll (Корпорация Майкрософт)
O31 — SafeBoot: AlternateShell — cmd.exe
O32 — HKLM CDRom: AutoRun — 1
O32 — AutoRun File — [2007.12.03 20:19:41 | 00,000,000 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]
O33 — MountPoints2DShell — «» = AutoRun
O33 — MountPoints2DShellAutoRuncommand — «» = D:
O34 — HKLM BootExecute: (autocheck) — File not found
O34 — HKLM BootExecute: (autochk) — H:WINDOWSSystem32autochk.exe (Microsoft Corporation)
O34 — HKLM BootExecute: (*) — * [2009.05.30 21:18:22 | 00,000,000 | —D | M]

========== Files/Folders — Created Within 30 Days ==========

[2009.05.30 21:20:01 | 00,013,223 | —- | C] () — H:Documents and SettingsalinakРабочий столхануман.torrent
[2009.05.30 21:18:22 | 00,501,248 | —- | C] (OldTimer Tools) — H:Documents and SettingsalinakРабочий столOTListIt2.exe
[2009.05.29 13:27:55 | 03,687,587 | —- | C] () — H:Documents and SettingsalinakРабочий столparis.jpg
[2009.05.26 23:15:15 | 00,667,952 | —- | C] () — H:Documents and SettingsalinakРабочий столIMG_2140.JPG
[2009.05.26 22:58:48 | 00,615,253 | —- | C] () — H:Documents and SettingsalinakРабочий столIMG_2002.JPG
[2009.05.22 14:17:59 | 00,001,844 | —- | C] () — H:Documents and SettingsAll UsersРабочий столGoogle Планета Земля.lnk
[2009.05.18 15:22:54 | 00,000,174 | —- | C] () — H:Documents and SettingsalinakРабочий столnewage_low.pls
[2009.05.14 13:10:51 | 00,000,000 | —D | C] — H:Program FilesConvertHelper
[2009.05.05 12:21:23 | 00,000,059 | —- | C] () — H:WINDOWSANS2000.INI
[2009.05.05 12:21:23 | 00,000,020 | -H— | C] () — H:WINDOWSakebook.ini
[2009.05.05 12:21:23 | 00,000,004 | -H— | C] () — H:WINDOWSa3kebook.ini
[2009.05.01 21:09:39 | 00,000,408 | —- | C] () — H:WINDOWSPagePromoter.INI
[2009.05.01 21:08:48 | 00,000,000 | —D | C] — H:Program FilesNetPromoter
[2009.05.01 21:04:01 | 09,125,625 | —- | C] () — H:Documents and SettingsalinakРабочий столpagepromoter.exe
[2009.03.04 10:13:44 | 00,000,024 | —- | C] () — H:WINDOWSMSCPX.ini
[2008.12.07 17:39:00 | 00,049,152 | —- | C] () — H:WINDOWSSystem32kmword.dll
[2008.12.07 17:38:23 | 00,000,069 | —- | C] () — H:WINDOWScm.ini
[2008.11.06 20:37:32 | 03,596,288 | —- | C] () — H:WINDOWSSystem32qt-dx331.dll
[2008.11.06 20:34:00 | 00,000,416 | —- | C] () — H:WINDOWSSystem32dtu100.dll.manifest
[2008.11.06 20:34:00 | 00,000,416 | —- | C] () — H:WINDOWSSystem32dpl100.dll.manifest
[2008.11.06 20:33:02 | 00,012,288 | —- | C] () — H:WINDOWSSystem32DivXWMPExtType.dll
[2008.10.19 15:33:06 | 00,155,136 | —- | C] ( ) — H:WINDOWSSystem32driversUP55bus.sys
[2008.10.19 15:33:06 | 00,005,248 | —- | C] ( ) — H:WINDOWSSystem32driversUP55prt.sys
[2008.10.19 15:17:17 | 00,069,632 | —- | C] () — H:WINDOWSSystem32xmltok.dll
[2008.10.19 15:17:17 | 00,036,864 | —- | C] () — H:WINDOWSSystem32xmlparse.dll
[2008.10.02 14:22:02 | 00,000,137 | —- | C] () — H:WINDOWSPDF2HTML.INI
[2008.10.02 14:19:26 | 00,000,118 | —- | C] () — H:WINDOWSConverterCore.INI
[2008.10.02 14:16:42 | 00,021,240 | —- | C] () — H:WINDOWSSystem32solidlocalmon.dll
[2008.10.02 14:16:42 | 00,013,560 | —- | C] () — H:WINDOWSSystem32solidlocalui.dll
[2008.09.23 15:45:09 | 00,035,744 | R— | C] () — H:WINDOWSSystem32driversOkiPar.Sys
[2008.09.11 12:16:57 | 00,000,761 | —- | C] () — H:WINDOWSm3jp2k.ini
[2008.09.11 12:16:57 | 00,000,702 | —- | C] () — H:WINDOWSmmtvmj.ini
[2008.09.11 12:16:56 | 00,000,714 | —- | C] () — H:WINDOWSm3jpeg.ini
[2008.09.11 12:16:37 | 00,761,856 | —- | C] () — H:WINDOWSSystem32xvidcore.dll
[2008.08.30 12:52:20 | 00,000,154 | —- | C] () — H:WINDOWSoversion.ini
[2008.08.06 19:56:09 | 00,152,064 | —- | C] () — H:WINDOWSSystem32unrar.dll
[2008.06.25 22:12:38 | 00,013,299 | —- | C] () — H:WINDOWSSystem32driverspacket.sys
[2008.06.25 22:12:38 | 00,011,604 | —- | C] () — H:WINDOWSSystem32driversvbtenum.sys
[2008.06.10 13:55:50 | 00,000,394 | —- | C] () — H:WINDOWSODBC.INI
[2008.06.09 20:48:40 | 00,005,810 | R— | C] () — H:WINDOWSSystem32driversASACPI.sys
[2008.06.09 20:48:37 | 00,008,917 | —- | C] () — H:WINDOWSAscd_tmp.ini
[2008.06.09 20:48:25 | 00,010,288 | —- | C] () — H:WINDOWSSystem32driversASUSHWIO.SYS
[2007.04.12 19:44:00 | 01,703,936 | —- | C] () — H:WINDOWSSystem32nvwdmcpl.dll
[2007.04.12 19:44:00 | 01,474,560 | —- | C] () — H:WINDOWSSystem32nview.dll
[2007.04.12 19:44:00 | 01,019,904 | —- | C] () — H:WINDOWSSystem32nvwimg.dll
[2007.04.12 19:44:00 | 00,466,944 | —- | C] () — H:WINDOWSSystem32nvshell.dll
[2007.04.12 19:44:00 | 00,286,720 | —- | C] () — H:WINDOWSSystem32nvnt4cpl.dll
[2004.10.05 19:27:56 | 00,304,572 | —- | C] () — H:WINDOWSSystem32Inter32.DLL
[2004.08.22 17:04:56 | 00,069,120 | —- | C] () — H:WINDOWSdaemon.dll
[2004.08.18 16:00:00 | 00,009,476 | —- | C] () — H:WINDOWSsystem.ini
[2004.08.18 16:00:00 | 00,000,693 | —- | C] () — H:WINDOWSwin.ini
[2003.04.10 13:43:32 | 00,005,412 | —- | C] () — H:WINDOWSSystem32OUTLPERF.INI
[2001.07.19 14:53:00 | 00,176,128 | —- | C] () — H:WINDOWSSystem32SAVTOJPG.DLL

========== Files — Modified Within 30 Days ==========

[6 H:WINDOWSSystem32*.tmp files]
[4 H:WINDOWS*.tmp files]
[1 H:Documents and SettingsalinakLocal Settings*.tmp files]
[2009.05.30 21:20:02 | 00,013,223 | —- | M] () — H:Documents and SettingsalinakРабочий столхануман.torrent
[2009.05.30 21:18:23 | 00,501,248 | —- | M] (OldTimer Tools) — H:Documents and SettingsalinakРабочий столOTListIt2.exe
[2009.05.30 15:41:10 | 00,000,928 | —- | M] () — H:WINDOWStasksGoogleUpdateTaskMachine.job
[2009.05.30 15:41:09 | 00,000,006 | -H— | M] () — H:WINDOWStasksSA.DAT
[2009.05.30 15:41:02 | 00,000,062 | -HS- | M] () — H:Documents and SettingsalinakLocal Settingsdesktop.ini
[2009.05.30 15:40:58 | 00,002,048 | —S- | M] () — H:WINDOWSbootstat.dat
[2009.05.29 13:28:06 | 03,687,587 | —- | M] () — H:Documents and SettingsalinakРабочий столparis.jpg
[2009.05.26 23:26:31 | 00,667,952 | —- | M] () — H:Documents and SettingsalinakРабочий столIMG_2140.JPG
[2009.05.26 23:04:22 | 00,615,253 | —- | M] () — H:Documents and SettingsalinakРабочий столIMG_2002.JPG
[2009.05.22 14:17:59 | 00,001,844 | —- | M] () — H:Documents and SettingsAll UsersРабочий столGoogle Планета Земля.lnk
[2009.05.18 17:31:15 | 00,000,059 | —- | M] () — H:WINDOWSANS2000.INI
[2009.05.18 15:22:54 | 00,000,174 | —- | M] () — H:Documents and SettingsalinakРабочий столnewage_low.pls
[2009.05.11 14:46:54 | 00,002,257 | —- | M] () — H:Documents and SettingsAll UsersРабочий столSkype.lnk
[2009.05.08 15:10:55 | 00,002,206 | —- | M] () — H:WINDOWSSystem32wpa.dbl
[2009.05.07 11:16:29 | 24,699,336 | —- | M] (Microsoft Corporation) — H:WINDOWSSystem32MRT.exe
[2009.05.05 12:21:23 | 00,009,476 | —- | M] () — H:WINDOWSsystem.ini
[2009.05.05 12:21:23 | 00,000,693 | —- | M] () — H:WINDOWSwin.ini
[2009.05.05 12:21:23 | 00,000,020 | -H— | M] () — H:WINDOWSakebook.ini
[2009.05.05 12:21:23 | 00,000,004 | -H— | M] () — H:WINDOWSa3kebook.ini
[2009.05.01 21:54:07 | 00,000,408 | —- | M] () — H:WINDOWSPagePromoter.INI
[2009.05.01 21:05:28 | 09,125,625 | —- | M] () — H:Documents and SettingsalinakРабочий столpagepromoter.exe
Автор

Сообщения