OTListIt logfile created on: 10.04.2009 11:44:17 - Run 1
OTListIt2 by OldTimer - Version 2.0.12.2     Folder = C:\Documents and Settings\Владелец\Рабочий стол
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy
 
1015,17 Mb Total Physical Memory | 753,75 Mb Available Physical Memory | 74,25% Memory free
2,39 Gb Paging File | 2,24 Gb Available in Paging File | 93,99% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 6,81 Gb Free Space | 46,47% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 9,95 Gb Free Space | 67,91% Space Free | Partition Type: NTFS
Drive E: | 45,23 Gb Total Space | 36,02 Gb Free Space | 79,64% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BASE
Current User Name: Владелец
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
 
[color=orange]========== Processes (SafeList) ==========[/color]
 
PRC - C:\WINDOWS\System32\smss.exe (Корпорация Майкрософт)
PRC - C:\WINDOWS\system32\winlogon.exe (Корпорация Майкрософт)
PRC - C:\WINDOWS\system32\services.exe (Корпорация Майкрософт)
PRC - C:\WINDOWS\system32\CAP3RSK.EXE (CANON INC.)
PRC - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE (CANON INC.)
PRC - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE (CANON INC.)
PRC - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE (CANON INC.)
PRC - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE (CANON INC.)
PRC - C:\WINDOWS\system32\notepad.exe (Корпорация Майкрософт)
PRC - C:\WINDOWS\system32\imapi.exe (Корпорация Майкрософт)
PRC - C:\WINDOWS\explorer.exe (Корпорация Майкрософт)
PRC - C:\Documents and Settings\Владелец\Рабочий стол\OTListIt2.exe (OldTimer Tools)
 
[color=orange]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (BITS [On_Demand | Stopped]) -- C:\WINDOWS\system32\qmgr.dll (Корпорация Майкрософт)
SRV - (Dhcp [Auto | Running]) -- C:\WINDOWS\System32\dhcpcsvc.dll (Корпорация Майкрософт)
SRV - (dmserver [On_Demand | Stopped]) -- C:\WINDOWS\System32\dmserver.dll (Корпорация Майкрософт)
SRV - (Dnscache [Auto | Running]) -- C:\WINDOWS\System32\dnsrslvr.dll (Корпорация Майкрософт)
SRV - (Eventlog [Auto | Running]) -- C:\WINDOWS\system32\services.exe (Корпорация Майкрософт)
SRV - (FastUserSwitchingCompatibility [On_Demand | Running]) -- C:\WINDOWS\System32\shsvcs.dll (Корпорация Майкрософт)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (ImapiService [On_Demand | Running]) -- C:\WINDOWS\system32\imapi.exe (Корпорация Майкрософт)
SRV - (mnmsrvc [On_Demand | Stopped]) -- C:\WINDOWS\system32\mnmsrvc.exe (Корпорация Майкрософт)
SRV - (NetDDE [Disabled | Stopped]) -- C:\WINDOWS\system32\netdde.exe (Корпорация Майкрософт)
SRV - (NetDDEdsdm [Disabled | Stopped]) -- C:\WINDOWS\system32\netdde.exe (Корпорация Майкрософт)
SRV - (Netman [On_Demand | Running]) -- C:\WINDOWS\System32\netman.dll (Корпорация Майкрософт)
SRV - (Nla [On_Demand | Running]) -- C:\WINDOWS\System32\mswsock.dll (Корпорация Майкрософт)
SRV - (NtmsSvc [On_Demand | Stopped]) -- C:\WINDOWS\system32\ntmssvc.dll (Корпорация Майкрософт)
SRV - (PlugPlay [Auto | Running]) -- C:\WINDOWS\system32\services.exe (Корпорация Майкрософт)
SRV - (RDSessMgr [On_Demand | Stopped]) -- C:\WINDOWS\system32\sessmgr.exe (Корпорация Майкрософт)
SRV - (SCardSvr [On_Demand | Stopped]) -- C:\WINDOWS\System32\SCardSvr.exe (Корпорация Майкрософт)
SRV - (Schedule [Auto | Running]) -- C:\WINDOWS\system32\schedsvc.dll (Корпорация Майкрософт)
SRV - (seclogon [Auto | Running]) -- C:\WINDOWS\System32\seclogon.dll (Корпорация Майкрософт)
SRV - (SharedAccess [Auto | Running]) -- C:\WINDOWS\System32\ipnathlp.dll (Корпорация Майкрософт)
SRV - (ShellHWDetection [Auto | Running]) -- C:\WINDOWS\System32\shsvcs.dll (Корпорация Майкрософт)
SRV - (srservice [Auto | Running]) -- C:\WINDOWS\system32\srsvc.dll (Корпорация Майкрософт)
SRV - (stisvc [On_Demand | Stopped]) -- C:\WINDOWS\system32\wiaservc.dll (Корпорация Майкрософт)
SRV - (SysmonLog [On_Demand | Stopped]) -- C:\WINDOWS\system32\smlogsvc.exe (Корпорация Майкрософт)
SRV - (TapiSrv [On_Demand | Running]) -- C:\WINDOWS\System32\tapisrv.dll (Корпорация Майкрософт)
SRV - (TermService [On_Demand | Running]) -- C:\WINDOWS\System32\termsrv.dll (Корпорация Майкрософт)
SRV - (Themes [Auto | Running]) -- C:\WINDOWS\System32\shsvcs.dll (Корпорация Майкрософт)
SRV - (upnphost [On_Demand | Stopped]) -- C:\WINDOWS\System32\upnphost.dll (Корпорация Майкрософт)
SRV - (VSS [On_Demand | Stopped]) -- C:\WINDOWS\System32\vssvc.exe (Корпорация Майкрософт)
SRV - (W32Time [Auto | Running]) -- C:\WINDOWS\system32\w32time.dll (Корпорация Майкрософт)
SRV - (winmgmt [Auto | Running]) -- C:\WINDOWS\system32\wbem\WMIsvc.dll (Корпорация Майкрософт)
SRV - (WmiApSrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe (Корпорация Майкрософт)
SRV - (WZCSVC [Auto | Running]) -- C:\WINDOWS\System32\wzcsvc.dll (Корпорация Майкрософт)
 
[color=orange]========== Driver Services (SafeList) ==========[/color]
 
DRV - (ACPI [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ACPI.sys (Корпорация Майкрософт)
DRV - (ACPIEC [Disabled | Stopped]) -- C:\WINDOWS\System32\drivers\acpiec.sys (Корпорация Майкрософт)
DRV - (AtcL002 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\l251x86.sys (Atheros Communications, Inc.)
DRV - (Cap7134 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Cap7134.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (Fips [System | Running]) -- C:\WINDOWS\System32\drivers\fips.sys (Корпорация Майкрософт)
DRV - (Ftdisk [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Корпорация Майкрософт)
DRV - (HASPNT [Auto | Running]) -- C:\WINDOWS\system32\haspnt.sys (Sable Crack Laboratory)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows (R) Server 2003 DDK provider)
DRV - (i8042prt [System | Running]) -- C:\WINDOWS\system32\DRIVERS\i8042prt.sys (Корпорация Майкрософт)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (isapnp [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\isapnp.sys (Корпорация Майкрософт)
DRV - (Kbdclass [System | Running]) -- C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Корпорация Майкрософт)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (Modem [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\modem.sys (Корпорация Майкрософт)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (Mouclass [System | Running]) -- C:\WINDOWS\system32\DRIVERS\mouclass.sys (Корпорация Майкрософт)
DRV - (MTsensor [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ASACPI.sys ()
DRV - (Parport [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\parport.sys (Корпорация Майкрософт)
DRV - (ParVdm [Auto | Running]) -- C:\WINDOWS\System32\drivers\parvdm.sys (Корпорация Майкрософт)
DRV - (PCI [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\pci.sys (Корпорация Майкрософт)
DRV - (PCIIde [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\pciide.sys (Корпорация Майкрософт)
DRV - (Pcmcia [Disabled | Stopped]) -- C:\WINDOWS\System32\drivers\pcmcia.sys (Корпорация Майкрософт)
DRV - (PhTVTune [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\PhTVTune.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (redbook [System | Running]) -- C:\WINDOWS\system32\DRIVERS\redbook.sys (Корпорация Майкрософт)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys ()
DRV - (Serial [System | Running]) -- C:\WINDOWS\system32\DRIVERS\serial.sys (Корпорация Майкрософт)
DRV - (sr [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\sr.sys (Корпорация Майкрософт)
DRV - (uzi4mty3 [System | Running]) -- C:\WINDOWS\system32\Drivers\uzi4mty3.sys ()
DRV - (VolSnap [Boot | Running]) -- C:\WINDOWS\System32\drivers\volsnap.sys (Корпорация Майкрософт)
DRV - (Winachcf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\winachcf.sys (Conexant)
 
[color=orange]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=orange]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-527237240-299502267-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-527237240-299502267-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-527237240-299502267-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ya.ru/
IE - HKU\S-1-5-21-527237240-299502267-725345543-1003\S-1-5-21-527237240-299502267-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\Program Files\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKU\S-1-5-21-527237240-299502267-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O3 - HKU\S-1-5-21-527237240-299502267-725345543-1003\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O3 - HKU\S-1-5-21-527237240-299502267-725345543-1003\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Корпорация Майкрософт)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup (Agnitum Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-527237240-299502267-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-527237240-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-527237240-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-527237240-299502267-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-527237240-299502267-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Закачать все при помощи FlashGet - D:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Закачать при помощи FlashGet - D:\Program Files\FlashGet\jc_link.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [TCP/IP] - C:\WINDOWS\System32\mswsock.dll (Корпорация Майкрософт)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Пространство имен службы сетевого расположения (NLA)] - C:\WINDOWS\System32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Корпорация Майкрософт)
O18 - Protocol\Filter:  - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Filter:  - deflate - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Filter:  - gzip - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Filter:  - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Корпорация Майкрософт)
O18 - Protocol\Filter:  - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Корпорация Майкрософт)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Корпорация Майкрософт)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Корпорация Майкрософт)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Корпорация Майкрософт)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Корпорация Майкрософт)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Корпорация Майкрософт)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Корпорация Майкрософт)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Корпорация Майкрософт)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Предзагрузчик Browseui - C:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Демон кэша категорий компонентов - C:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O24 - Desktop Components:0 (Моя текущая домашняя страница) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Корпорация Майкрософт)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\system32\digest.dll (Корпорация Майкрософт)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Корпорация Майкрософт)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - E:\autobackup.reg () - [ NTFS ]
O32 - Autorun File - Z:\autorun.inf () - [ NTFS ]
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
 
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[4 C:\WINDOWS\*.tmp files]
[2009.04.10 11:43:22 | 00,500,736 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Владелец\Рабочий стол\OTListIt2.exe
[2009.04.10 11:40:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009.04.10 11:38:32 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009.04.09 17:26:01 | 00,004,324 | ---- | C] () -- C:\ComboFix.7z
[2009.04.09 17:17:35 | 00,000,214 | ---- | C] () -- C:\Boot.bak
[2009.04.09 17:17:34 | 00,261,376 | ---- | C] () -- C:\cmldr
[2009.04.09 17:17:32 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009.04.09 17:16:21 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009.04.09 17:16:21 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009.04.09 17:16:21 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009.04.09 17:16:21 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.04.09 17:16:21 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2009.04.09 17:16:21 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.04.09 17:16:21 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.04.09 17:16:21 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2009.04.09 17:16:21 | 00,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009.04.09 17:15:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009.04.09 17:15:47 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009.04.09 17:14:49 | 04,630,760 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\Владелец\Рабочий стол\WindowsXP-KB310994-SP2-Home-BootDisk-RUS.exe
[2009.04.09 17:14:35 | 03,067,803 | R--- | C] () -- C:\Documents and Settings\Владелец\Рабочий стол\ComboFix.exe
[2009.04.09 11:14:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Владелец\Application Data\Malwarebytes
[2009.04.09 11:14:42 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.04.09 11:14:42 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Рабочий стол\Malwarebytes' Anti-Malware.lnk
[2009.04.09 11:14:40 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.04.09 11:14:39 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.04.09 11:14:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009.04.09 10:44:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2009.04.09 10:40:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009.04.08 12:20:16 | 00,011,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\uzi4mty3.sys
[2009.04.03 14:32:09 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2009.04.03 14:32:08 | 01,565,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv9vcm.dll
[2009.04.03 14:32:07 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.03 14:32:07 | 01,044,480 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll
[2009.04.03 14:32:07 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.04.03 14:32:07 | 00,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll
[2009.04.03 14:32:07 | 00,196,608 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dtu100.dll
[2009.04.03 14:32:07 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.04.03 14:32:07 | 00,073,728 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2009.04.03 14:32:06 | 00,639,066 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2009.04.03 14:32:05 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.03 14:32:05 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.03 14:32:04 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2008.12.26 17:23:58 | 00,599,040 | ---- | C] () -- C:\WINDOWS\System32\parser2ndflm.dll
[2008.11.18 22:05:50 | 00,406,016 | ---- | C] () -- C:\WINDOWS\System32\common2ndfldll.dll
[2008.11.18 13:10:26 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008.09.26 18:42:36 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008.09.26 18:42:36 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2008.09.02 21:27:50 | 00,000,128 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2008.09.02 21:27:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\TeleText.INI
[2008.07.19 00:28:23 | 00,000,428 | ---- | C] () -- C:\WINDOWS\sumgame.ini
[2008.07.18 21:25:42 | 00,002,570 | ---- | C] () -- C:\WINDOWS\Opera.INI
[2008.07.17 19:03:02 | 00,000,154 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.17 12:33:23 | 00,000,331 | ---- | C] () -- C:\WINDOWS\FMTMSAM.INI
[2008.07.17 12:33:09 | 00,000,177 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2008.07.17 12:32:48 | 00,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2008.07.17 12:32:44 | 00,343,040 | R--- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2008.07.17 12:32:44 | 00,116,736 | R--- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2008.07.17 12:32:44 | 00,000,032 | ---- | C] () -- C:\WINDOWS\hppLangChoice.ini
[2008.07.17 12:32:28 | 00,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHealr.dll
[2008.07.17 10:58:23 | 00,000,383 | ---- | C] () -- C:\WINDOWS\System32\Haspdos.sys
[2008.07.16 20:30:28 | 00,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4885.dll
[2008.07.16 20:28:45 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008.07.16 20:28:44 | 00,011,617 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008.07.16 20:28:34 | 00,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006.03.02 16:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006.03.02 16:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006.03.02 16:00:00 | 00,001,083 | ---- | C] () -- C:\WINDOWS\win.ini
[2006.03.02 16:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003.10.13 23:24:44 | 00,002,061 | ---- | C] () -- C:\WINDOWS\AVerTV.ini
 
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
 
[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009.04.10 14:30:58 | 00,346,452 | ---- | M] () -- C:\WINDOWS\System32\perfh019.dat
[2009.04.10 14:30:58 | 00,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009.04.10 14:30:58 | 00,049,552 | ---- | M] () -- C:\WINDOWS\System32\perfc019.dat
[2009.04.10 14:30:58 | 00,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009.04.10 14:30:57 | 00,754,472 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.04.10 11:40:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.04.10 11:39:57 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.04.10 11:37:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.04.10 11:37:11 | 06,388,552 | -H-- | M] () -- C:\Documents and Settings\Владелец\Local Settings\Application Data\IconCache.db
[2009.04.10 11:33:35 | 00,001,083 | ---- | M] () -- C:\WINDOWS\win.ini
[2009.04.10 11:33:35 | 00,000,284 | RHS- | M] () -- C:\boot.ini
[2009.04.10 11:28:34 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009.04.10 11:28:26 | 00,000,154 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009.04.10 11:28:24 | 00,000,049 | ---- | M] () -- C:\WINDOWS\transp.gif
[2009.04.10 11:22:05 | 00,500,736 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Владелец\Рабочий стол\OTListIt2.exe
[2009.04.10 10:50:36 | 00,000,027 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2009.04.10 08:02:57 | 00,002,444 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.04.10 00:30:18 | 00,002,061 | ---- | M] () -- C:\WINDOWS\AVerTV.ini
[2009.04.09 17:26:01 | 00,004,324 | ---- | M] () -- C:\ComboFix.7z
[2009.04.09 16:56:01 | 04,630,760 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\Владелец\Рабочий стол\WindowsXP-KB310994-SP2-Home-BootDisk-RUS.exe
[2009.04.09 11:14:42 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Рабочий стол\Malwarebytes' Anti-Malware.lnk
[2009.04.09 10:41:25 | 00,000,214 | ---- | M] () -- C:\Boot.bak
[2009.04.09 10:35:44 | 03,067,803 | R--- | M] () -- C:\Documents and Settings\Владелец\Рабочий стол\ComboFix.exe
[2009.04.08 12:27:21 | 00,011,264 | ---- | M] () -- C:\WINDOWS\System32\drivers\uzi4mty3.sys
[2009.03.31 16:14:34 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Владелец\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.26 09:49:39 | 00,010,627 | ---- | M] () -- C:\Documents and Settings\Владелец\Мои документы\Зарплата Лариса.odt
[2009.03.25 10:18:49 | 00,001,076 | ---- | M] () -- C:\Documents and Settings\All Users\Рабочий стол\Canon LASER SHOT LBP-1120.LNK
[2009.03.24 13:11:15 | 00,000,620 | ---- | M] () -- C:\Documents and Settings\Владелец\Рабочий стол\Ярлык для Транспорт,услуги.lnk
 
[color=orange]========== LOP Check ==========[/color]
 
[2008.08.04 17:11:38 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008.07.18 12:25:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009.04.09 11:14:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008.07.25 09:09:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008.11.07 15:20:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NFS Underground
[2008.07.17 03:57:41 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
[2008.07.16 20:21:03 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Application Data\Microsoft
[2008.07.16 20:25:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2008.07.16 20:21:03 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008.07.16 20:24:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2008.07.16 20:21:03 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008.07.17 03:57:41 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Администратор\Application Data
[2008.08.29 13:23:03 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Администратор\Application Data\Microsoft
[2009.04.09 11:14:44 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Владелец\Application Data
[2008.10.22 14:09:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Владелец\Application Data\Adobe
[2008.07.31 12:00:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Владелец\Application Data\Help
[2008.07.17 19:35:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Владелец\Application Data\Macromedia
[2008.08.22 22:00:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Владелец\Application Data\Mail.Ru
[2009.04.09 11:14:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Владелец\Application Data\Malwarebytes
[2008.11.07 15:41:28 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Владелец\Application Data\Microsoft
[2009.04.09 17:13:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Владелец\Application Data\OpenOffice.org2
[2008.07.17 19:21:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Владелец\Application Data\Opera
[2008.10.10 21:55:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Владелец\Application Data\SecuROM
[2009.02.13 12:52:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Владелец\Application Data\Super-Cow
[2006.03.02 16:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.04.10 11:40:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
 
[color=orange]========== Purity Check ==========[/color]
 
< End of report >