Not now because I'm not at home.*
Can I download it from any other site?
Not now because I'm not at home.*
Can I download it from any other site?
You can try this
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
No that doesn't work too. I even run the extractor as administrator.
But I don't think the problem is in the downloading process, I think the system can't run it correctly.
OK, then we use OTScanIt for that
Open OTScanIt.
Paste text below to Paste Fix here (upper right corner)
Click Run FixCode:[Win32 Services - Non-Microsoft Only] YY -> (Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe YY -> (LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_2.EXE YY -> (LiveUpdate Notice Ex) LiveUpdate Notice Service Ex [Win32_Shared | Auto | Stopped] -> YY -> (LiveUpdate Notice Service) LiveUpdate Notice Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe YY -> (VundoFixSvc) VundoFix Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\VundoFixSVC.exe [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run YY -> Symantec PIF AlertEng -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe ["C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"] [Files/Folders - Created Within 30 days] NY -> VundoFixSVC.exe -> %SystemRoot%\System32\VundoFixSVC.exe [Files/Folders - Modified Within 30 days] NY -> pxblkctw.ini -> %SystemRoot%\System32\pxblkctw.ini NY -> qmlkcjjg.ini -> %SystemRoot%\System32\qmlkcjjg.ini NY -> VundoFixSVC.exe -> %SystemRoot%\System32\VundoFixSVC.exe
If it doesn't run scan automatically, click Run Scan
Delete also these:
C:\Program Files\Common Files\Symantec Shared
C:\Program Files\Symantec
Post back a fresh OTScanIt log, please.
Last edited by Shaba; 2008-08-20 at 19:54.
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
but the files in C:\Program Files\Common Files\Symantec Shared don't want to delete and I will remove them after restart my laptop.Code:OTScanIt logfile created on: 21.8.2008 г. 11:53:19 OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Users\CNF744322V\Desktop\OTScanIt Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 43,22% Memory free 4,00 Gb Paging File | 2,83 Gb Available in Paging File | 70,69% Paging File free Paging file location(s): ?:\pagefile.sys; %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 40,00 Gb Total Space | 16,64 Gb Free Space | 41,59% Space Free | Partition Type: NTFS Drive D: | 6,04 Gb Total Space | 1,35 Gb Free Space | 22,32% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 97,66 Gb Total Space | 59,64 Gb Free Space | 61,07% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CNF744322V-PC Current User Name: CNF744322V Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 19.7.2008 г. 17:25:06 | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 19.7.2008 г. 17:38:28 | Attr = ] clcapsvc.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -> [Ver = 5.00.2819 | Size = 262243 bytes | Modified Date = 24.4.2007 г. 04:11:42 | Attr = ] asghost.exe -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\asghost.exe -> Cognizance Corporation [Ver = 2.5.0.057 | Size = 65536 bytes | Modified Date = 7.2.2007 г. 17:30:00 | Attr = R ] iaantmon.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 355096 bytes | Modified Date = 12.2.2007 г. 17:38:04 | Attr = ] lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.136.1 | Size = 61440 bytes | Modified Date = 15.12.2006 г. 03:49:10 | Attr = ] hpqwmiex.exe -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 3.5.2006 г. 00:41:28 | Attr = ] clsched.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLSched.exe -> [Ver = 5.00.2819 | Size = 106593 bytes | Modified Date = 24.4.2007 г. 04:11:44 | Attr = ] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 19.7.2008 г. 17:38:04 | Attr = ] ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 23.7.2008 г. 17:25:45 | Attr = ] sm56hlpr.exe -> %ProgramFiles%\Motorola\SMSERIAL\sm56hlpr.exe -> Motorola Inc. [Ver = 6.12.04 | Size = 729088 bytes | Modified Date = 9.10.2006 г. 23:43:44 | Attr = ] syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 9.1.11 12Jan07 | Size = 827392 bytes | Modified Date = 13.1.2007 г. 06:36:40 | Attr = ] rthdvcpl.exe -> %SystemRoot%\RtHDVCpl.exe -> Realtek Semiconductor [Ver = 1, 0, 0, 41 | Size = 4390912 bytes | Modified Date = 9.3.2007 г. 20:50:02 | Attr = ] iaanotif.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 174872 bytes | Modified Date = 12.2.2007 г. 17:37:58 | Attr = ] qpservice.exe -> %ProgramFiles%\HP\QuickPlay\QPService.exe -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 176128 bytes | Modified Date = 24.4.2007 г. 04:11:20 | Attr = ] qlbctrl.exe -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe -> Hewlett-Packard Development Company, L.P. [Ver = 6, 2, 2, 1 | Size = 159744 bytes | Modified Date = 13.2.2007 г. 21:38:36 | Attr = ] hpwamain.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3, 0, 5, 1 | Size = 472776 bytes | Modified Date = 1.3.2007 г. 23:18:36 | Attr = ] wifimsg.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 317128 bytes | Modified Date = 11.1.2007 г. 02:12:08 | Attr = ] hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 17.2.2005 г. 09:11:42 | Attr = ] pifsvc.exe -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> File not found mouse32a.exe -> %ProgramFiles%\Tech\Wheel Mouse\5.0\Mouse32A.exe -> [Ver = 8.0.0.0 | Size = 357376 bytes | Modified Date = 24.5.2002 г. 15:54:02 | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 19.7.2008 г. 17:38:34 | Attr = ] skype.exe -> %ProgramFiles%\Skype\Phone\Skype.exe -> Skype Technologies S.A. [Ver = 3.8.0.139 | Size = 21718312 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] hpqtoaster.exe -> %ProgramFiles%\Hewlett-Packard\Shared\HpqToaster.exe -> [Ver = 1, 10, 1, 1 | Size = 677576 bytes | Modified Date = 31.1.2007 г. 01:58:52 | Attr = ] skypepm.exe -> %ProgramFiles%\Skype\Plugin Manager\skypePM.exe -> Skype Technologies [Ver = 2.0.0.58 | Size = 76744 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = R ] hphc_service.exe -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Service.exe -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 62984 bytes | Modified Date = 14.3.2007 г. 22:07:30 | Attr = ] mbam.exe -> %ProgramFiles%\Malwarebytes' Anti-Malware\mbam.exe -> Malwarebytes Corporation [Ver = 1.25 | Size = 1195640 bytes | Modified Date = 17.8.2008 г. 15:01:12 | Attr = ] ashsimpl.exe -> %ProgramFiles%\Alwil Software\Avast4\ashSimpl.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 155832 bytes | Modified Date = 19.7.2008 г. 17:31:12 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.9.0.1 | Size = 307712 bytes | Modified Date = 3.7.2008 г. 05:34:12 | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 12.7.2008 г. 09:29:54 | Attr = ] [Win32 Services - Non-Microsoft Only] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 19.7.2008 г. 17:25:06 | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 19.7.2008 г. 17:38:28 | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 19.7.2008 г. 17:38:04 | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 23.7.2008 г. 17:25:45 | Attr = ] (CertPropSvc) Certificate Propagation [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\system32\svchost.exe -> File not found (CLCapSvc) CyberLink Background Capture Service (CBCS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -> [Ver = 5.00.2819 | Size = 262243 bytes | Modified Date = 24.4.2007 г. 04:11:42 | Attr = ] (CLSched) CyberLink Task Scheduler (CTS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLSched.exe -> [Ver = 5.00.2819 | Size = 106593 bytes | Modified Date = 24.4.2007 г. 04:11:44 | Attr = ] (DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Unknown | Running] -> %SystemRoot%\system32\svchost.exe -> File not found (HP Health Check Service) HP Health Check Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Service.exe -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 62984 bytes | Modified Date = 14.3.2007 г. 22:07:30 | Attr = ] (hpqwmiex) hpqwmiex [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 3.5.2006 г. 00:41:28 | Attr = ] (IAANTMON) Intel(R) Matrix Storage Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 355096 bytes | Modified Date = 12.2.2007 г. 17:38:04 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 14.11.2005 г. 01:06:04 | Attr = ] (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> File not found (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.136.1 | Size = 61440 bytes | Modified Date = 15.12.2006 г. 03:49:10 | Attr = ] (MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] -> %SystemRoot%\System32\msdtc.exe -> File not found (RoxMediaDB9) RoxMediaDB9 [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> Sonic Solutions [Ver = 9.0.5.98 | Size = 880640 bytes | Modified Date = 12.2.2007 г. 19:36:58 | Attr = ] (SBSDWSCService) SBSD Security Center Service [Win32_Own | Auto | Stopped] -> -> File not found (Schedule) Task Scheduler [Win32_Shared | Unknown | Running] -> %systemroot%\system32\svchost.exe -> File not found (SCPolicySvc) Smart Card Removal Policy [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\system32\svchost.exe -> File not found (ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 7, 0, 8, 0 | Size = 430592 bytes | Modified Date = 7.4.2008 г. 09:17:30 | Attr = ] (stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> MicroVision Development, Inc. [Ver = 1.2.560 | Size = 74656 bytes | Modified Date = 17.2.2007 г. 17:31:12 | Attr = R ] (TrustedInstaller) Windows Modules Installer [Win32_Own | Unknown | Stopped] -> %SystemRoot%\servicing\TrustedInstaller.exe -> File not found (TuneUp.Defrag) TuneUp Drive Defrag Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Modified Date = 10.8.2008 г. 14:15:12 | Attr = ] (WdiServiceHost) Diagnostic Service Host [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\System32\svchost.exe -> File not found (WdiSystemHost) Diagnostic System Host [Win32_Shared | Unknown | Running] -> %SystemRoot%\System32\svchost.exe -> File not found [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 19.7.2008 г. 17:38:34 | Attr = ] CognizanceTS -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\ASTSVCC.dll ["C:\Windows\system32\rundll32.exe" c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule] -> Cognizance Corporation [Ver = 1.0.0.008 | Size = 17920 bytes | Modified Date = 22.12.2003 г. 21:12:00 | Attr = R ] HP Health Check Scheduler -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe ["C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 50696 bytes | Modified Date = 12.3.2007 г. 21:54:24 | Attr = ] HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe ["C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"] -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 17.2.2005 г. 09:11:42 | Attr = ] hpWirelessAssistant -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe ["C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"] -> Hewlett-Packard Development Company, L.P. [Ver = 3, 0, 5, 1 | Size = 472776 bytes | Modified Date = 1.3.2007 г. 23:18:36 | Attr = ] IAAnotif -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe ["C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"] -> Intel Corporation [Ver = 7.0.0.1020 | Size = 174872 bytes | Modified Date = 12.2.2007 г. 17:37:58 | Attr = ] LWBMOUSE -> %ProgramFiles%\Tech\Wheel Mouse\5.0\Mouse32A.exe ["C:\Program Files\Tech\Wheel Mouse\5.0\MOUSE32A.EXE"] -> [Ver = 8.0.0.0 | Size = 357376 bytes | Modified Date = 24.5.2002 г. 15:54:02 | Attr = ] NvCplDaemon -> %SystemRoot%\System32\nvcpl.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 8429568 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] NvMediaCenter -> %SystemRoot%\System32\nvmctray.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 81920 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] NvSvc -> %SystemRoot%\System32\nvsvc.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 86016 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] QlbCtrl -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ["C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start] -> Hewlett-Packard Development Company, L.P. [Ver = 6, 2, 2, 1 | Size = 159744 bytes | Modified Date = 13.2.2007 г. 21:38:36 | Attr = ] QPService -> %ProgramFiles%\HP\QuickPlay\QPService.exe ["C:\Program Files\HP\QuickPlay\QPService.exe"] -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 176128 bytes | Modified Date = 24.4.2007 г. 04:11:20 | Attr = ] RtHDVCpl -> %SystemRoot%\RtHDVCpl.exe ["C:\Windows\RtHDVCpl.exe"] -> Realtek Semiconductor [Ver = 1, 0, 0, 41 | Size = 4390912 bytes | Modified Date = 9.3.2007 г. 20:50:02 | Attr = ] SMSERIAL -> %ProgramFiles%\Motorola\SMSERIAL\sm56hlpr.exe ["C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"] -> Motorola Inc. [Ver = 6.12.04 | Size = 729088 bytes | Modified Date = 9.10.2006 г. 23:43:44 | Attr = ] SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] -> Synaptics, Inc. [Ver = 9.1.11 12Jan07 | Size = 827392 bytes | Modified Date = 13.1.2007 г. 06:36:40 | Attr = ] WAWifiMessage -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe ["C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"] -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 317128 bytes | Modified Date = 11.1.2007 г. 02:12:08 | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Skype -> %ProgramFiles%\Skype\Phone\Skype.exe ["C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized] -> Skype Technologies S.A. [Ver = 3.8.0.139 | Size = 21718312 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] uTorrent -> %ProgramFiles%\uTorrent\uTorrent.exe ["C:\Program Files\uTorrent\uTorrent.exe"] -> BitTorrent, Inc. [Ver = 1.8.0.11813 | Size = 267056 bytes | Modified Date = 20.8.2008 г. 20:31:09 | Attr = ] < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {7D7DB869-3021-4CD2-AF0A-B3CAD75ECE31} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 2927104 bytes | Modified Date = 19.1.2008 г. 10:33:10 | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> %SystemRoot%\System32\userinit.exe -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 25088 bytes | Modified Date = 19.1.2008 г. 10:33:33 | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\System32\shell32.dll -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 11580416 bytes | Modified Date = 24.4.2008 г. 07:58:20 | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\System32\sysdm.cpl -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 242688 bytes | Modified Date = 19.1.2008 г. 10:32:57 | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 3 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableInstallerDetection -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableVirtualization -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ValidateAdminCodeSignatures -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\scforceoption -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\FilterAdministratorToken -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableUIADesktopToggle -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_TEXT -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_BITMAP -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_OEMTEXT -> 7 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIB -> 8 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_PALETTE -> 9 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_UNICODETEXT -> 13 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIBV5 -> 17 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> TORiSAN CD-ROM CDR_C36 -> -> File not found NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\System32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 67072 bytes | Modified Date = 19.1.2008 г. 08:49:51 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomSlimtype_DVD_A__DS8A1H__________________WH66____\5&5b8f77b&0&0.0.0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> SCSI\CdRom&Ven_LD3828T&Prod_XDR443V&Rev_1.01\5&36e5972&1&000000 -> < Drives - Autoruns > -> -> autoexec.bat [REM Dummy file for NTVDM | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [Ver = | Size = 24 bytes | Modified Date = 19.9.2006 г. 00:43:36 | Attr = ] AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ] -> D:\AUTOMODE [ NTFS ] -> [Ver = | Size = 340 bytes | Modified Date = 11.9.2005 г. 18:18:54 | Attr = HS] < HOSTS File > (259259 bytes) -> C:\Windows\System32\drivers\etc\Hosts -> ::1 localhost -> -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_CURRENT_USER\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> *.local -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4742 domain(s) found. -> 43 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4742 domain(s) found. -> 43 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 23.10.2006 г. 09:08:42 | Attr = ] {22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> Skype Technologies S.A. [Ver = 2, 2, 0, 181 | Size = 1410344 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 7.7.2008 г. 09:41:58 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 25.3.2008 г. 04:28:01 | Attr = ] {DF21F1DB-80C6-11D3-9483-B03D0EC10000} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [VeriSoft Access Manager] -> Bioscrypt Inc. [Ver = 2.1.078 | Size = 71192 bytes | Modified Date = 21.11.2006 г. 22:59:00 | Attr = R ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 25.3.2008 г. 04:28:01 | Attr = ] {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype] -> Skype Technologies S.A. [Ver = 2, 2, 0, 181 | Size = 1410344 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = ] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 7.7.2008 г. 09:41:58 | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {3BE5C474-CCE6-4538-9841-D96D339E5AB4} -> 212.39.90.42,212.39.90.43 () -> {5695C05F-C4BB-4780-B309-76AD08DFBA0C} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) -> {5CF62F28-4386-4569-96E6-840611873DDC} -> 192.168.3.1,83.222.161.130 (Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)) -> < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 29, 0 | Size = 1942864 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {3860DD98-0549-4D50-AA72-5D17D200EE10}[HKEY_LOCAL_MACHINE] -> http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab[Windows Live OneCare safety scanner control] -> {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ not found. -> -> [Files/Folders - Created Within 30 days] Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 20.8.2008 г. 14:53:46 | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 15:45:32 | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 15:45:32 | Attr = RHS] aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 20560 bytes | Created Date = 20.8.2008 г. 20:05:54 | Attr = ] aswMonFlt.sys -> %SystemRoot%\System32\drivers\aswMonFlt.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 51280 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 23152 bytes | Created Date = 20.8.2008 г. 20:05:56 | Attr = ] aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 78416 bytes | Created Date = 20.8.2008 г. 20:05:54 | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 42912 bytes | Created Date = 20.8.2008 г. 20:05:56 | Attr = ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Created Date = 19.8.2008 г. 18:16:56 | Attr = ] mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> Malwarebytes Corporation [Ver = 1.00 | Size = 38472 bytes | Created Date = 19.8.2008 г. 18:16:55 | Attr = ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 12:46:08 | Attr = H ] ac3filter.cpl -> %SystemRoot%\System32\ac3filter.cpl -> [Ver = 1.01a | Size = 417792 bytes | Created Date = 3.8.2008 г. 01:09:01 | Attr = ] actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 1163960 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] authuitu.dll -> %SystemRoot%\System32\authuitu.dll -> TuneUp Software GmbH [Ver = 1.0.0.6 | Size = 16640 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 94392 bytes | Created Date = 20.8.2008 г. 20:05:55 | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,225,0 | Size = 107888 bytes | Created Date = 10.8.2008 г. 13:16:30 | Attr = ] cpuinf32.dll -> %SystemRoot%\System32\cpuinf32.dll -> [Ver = | Size = 19968 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplaa6.dll -> %SystemRoot%\System32\mplaa6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 77824 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplam6.dll -> %SystemRoot%\System32\mplam6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 65536 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplapx.dll -> %SystemRoot%\System32\mplapx.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 65536 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplaw7.dll -> %SystemRoot%\System32\mplaw7.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 77824 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplva6.dll -> %SystemRoot%\System32\mplva6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1650688 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplvm6.dll -> %SystemRoot%\System32\mplvm6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1552384 bytes | Created Date = 3.8.2008 г. 01:09:42 | Attr = ] mplvpx.dll -> %SystemRoot%\System32\mplvpx.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1122304 bytes | Created Date = 3.8.2008 г. 01:09:42 | Attr = ] mplvw7.dll -> %SystemRoot%\System32\mplvw7.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1581056 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] nhtcbupa.ini -> %SystemRoot%\System32\nhtcbupa.ini -> [Ver = | Size = 1500551 bytes | Created Date = 11.8.2008 г. 21:06:55 | Attr = HS] nkkfilke.ini -> %SystemRoot%\System32\nkkfilke.ini -> [Ver = | Size = 1491240 bytes | Created Date = 10.8.2008 г. 15:16:11 | Attr = HS] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] pndx5016.dll -> %SystemRoot%\System32\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] pndx5032.dll -> %SystemRoot%\System32\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] qtplugin.ocx -> %SystemRoot%\System32\qtplugin.ocx -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 360504 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] qttask.exe -> %SystemRoot%\System32\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Created Date = 3.8.2008 г. 01:11:50 | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Created Date = 3.8.2008 г. 01:09:47 | Attr = ] quicktime.cpl -> %SystemRoot%\System32\quicktime.cpl -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 323072 bytes | Created Date = 3.8.2008 г. 01:09:48 | Attr = ] quicktime.qtp -> %SystemRoot%\System32\quicktime.qtp -> [Ver = | Size = 8890 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] quicktime.qts -> %SystemRoot%\System32\quicktime.qts -> Apple Computer, Inc. [Ver = 6.5.2 | Size = 6676480 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] rmoc3260.dll -> %SystemRoot%\System32\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2049 | Size = 176167 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] startup.cpl -> %SystemRoot%\System32\startup.cpl -> [Ver = | Size = 98304 bytes | Created Date = 3.8.2008 г. 01:10:34 | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] tweakui.hlp -> %SystemRoot%\System32\tweakui.hlp -> [Ver = | Size = 51238 bytes | Created Date = 3.8.2008 г. 01:10:34 | Attr = ] unrar.dll -> %SystemRoot%\System32\unrar.dll -> [Ver = | Size = 152064 bytes | Created Date = 3.8.2008 г. 01:09:40 | Attr = ] uxtuneup.dll -> %SystemRoot%\System32\uxtuneup.dll -> TuneUp Software GmbH [Ver = 2.0.0.12 | Size = 28416 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] vp6dec_settings.cpl -> %SystemRoot%\System32\vp6dec_settings.cpl -> [Ver = | Size = 53248 bytes | Created Date = 3.8.2008 г. 01:10:52 | Attr = ] xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [Ver = | Size = 761856 bytes | Created Date = 3.8.2008 г. 01:09:38 | Attr = ] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Created Date = 11.8.2008 г. 17:08:16 | Attr = HS] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 276 bytes | Created Date = 11.8.2008 г. 17:08:03 | Attr = ] m3jp2k.ini -> %SystemRoot%\m3jp2k.ini -> [Ver = | Size = 761 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] m3jpeg.ini -> %SystemRoot%\m3jpeg.ini -> [Ver = | Size = 714 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 267217069 bytes | Created Date = 10.8.2008 г. 15:52:24 | Attr = ] mmtvmj.ini -> %SystemRoot%\mmtvmj.ini -> [Ver = | Size = 702 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Created Date = 14.8.2008 г. 13:37:30 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 6.8.2008 г. 21:30:41 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 6.8.2008 г. 21:30:41 | Attr = H ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 23.7.2008 г. 23:29:09 | Attr = ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 95 bytes | Created Date = 13.8.2008 г. 16:54:35 | Attr = ] [Files/Folders - Modified Within 30 days] boot -> %SystemDrive%\boot -> [Folder | Modified Date = 13.8.2008 г. 23:04:51 | Attr = HS] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 20.8.2008 г. 14:53:46 | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 15:45:32 | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 15:45:32 | Attr = RHS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 21.8.2008 г. 11:52:35 | Attr = R ] ProgramData -> %AllUsersProfile% -> [Folder | Modified Date = 19.8.2008 г. 18:16:54 | Attr = H ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 20.8.2008 г. 20:08:09 | Attr = HS] Users -> %SystemDrive%\Users -> [Folder | Modified Date = 13.8.2008 г. 12:50:18 | Attr = R ] Windows -> %SystemRoot% -> [Folder | Modified Date = 20.8.2008 г. 15:08:47 | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 13.8.2008 г. 15:55:48 | Attr = ] HOSTS -> %SystemRoot%\System32\drivers\etc\HOSTS -> [Ver = | Size = 259259 bytes | Modified Date = 13.8.2008 г. 15:55:48 | Attr = R ] hosts.20080813-155528.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080813-155528.backup -> [Ver = | Size = 761 bytes | Modified Date = 13.8.2008 г. 12:50:20 | Attr = ] hosts.20080813-155548.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080813-155548.backup -> [Ver = | Size = 259259 bytes | Modified Date = 13.8.2008 г. 15:55:28 | Attr = R ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Modified Date = 17.8.2008 г. 15:01:14 | Attr = ] mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> Malwarebytes Corporation [Ver = 1.00 | Size = 38472 bytes | Modified Date = 17.8.2008 г. 15:01:18 | Attr = ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 12:46:08 | Attr = H ] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3168 bytes | Modified Date = 21.8.2008 г. 11:04:01 | Attr = H ] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3168 bytes | Modified Date = 21.8.2008 г. 11:04:01 | Attr = H ] catroot -> %SystemRoot%\System32\catroot -> [Folder | Modified Date = 19.8.2008 г. 10:09:09 | Attr = ] catroot2 -> %SystemRoot%\System32\catroot2 -> [Folder | Modified Date = 15.8.2008 г. 10:54:37 | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,225,0 | Size = 107888 bytes | Modified Date = 10.8.2008 г. 13:16:30 | Attr = ] CodeIntegrity -> %SystemRoot%\System32\CodeIntegrity -> [Folder | Modified Date = 1.8.2008 г. 12:56:36 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 13.8.2008 г. 23:04:51 | Attr = ] config.nt -> %SystemRoot%\System32\config.nt -> [Ver = | Size = 2577 bytes | Modified Date = 20.8.2008 г. 20:23:41 | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 20.8.2008 г. 20:43:46 | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 15.8.2008 г. 10:53:03 | Attr = ] GroupPolicy -> %SystemRoot%\System32\GroupPolicy -> [Folder | Modified Date = 14.8.2008 г. 22:50:54 | Attr = H ] migration -> %SystemRoot%\System32\migration -> [Folder | Modified Date = 15.8.2008 г. 10:53:02 | Attr = ] Msdtc -> %SystemRoot%\System32\Msdtc -> [Folder | Modified Date = 1.8.2008 г. 12:57:45 | Attr = ] nhtcbupa.ini -> %SystemRoot%\System32\nhtcbupa.ini -> [Ver = | Size = 1500551 bytes | Modified Date = 13.8.2008 г. 12:10:24 | Attr = HS] nkkfilke.ini -> %SystemRoot%\System32\nkkfilke.ini -> [Ver = | Size = 1491240 bytes | Modified Date = 10.8.2008 г. 15:54:38 | Attr = HS] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 102094 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 590082 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 694964 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] qttask.exe -> %SystemRoot%\System32\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 3.8.2008 г. 01:11:50 | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Modified Date = 3.8.2008 г. 01:09:48 | Attr = ] quicktime.qtp -> %SystemRoot%\System32\quicktime.qtp -> [Ver = | Size = 8890 bytes | Modified Date = 14.8.2008 г. 14:57:49 | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Modified Date = 1.8.2008 г. 12:56:36 | Attr = ] Tasks -> %SystemRoot%\System32\Tasks -> [Folder | Modified Date = 11.8.2008 г. 22:09:26 | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Modified Date = 10.8.2008 г. 14:15:12 | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 1.8.2008 г. 12:57:42 | Attr = ] WDI -> %SystemRoot%\System32\WDI -> [Folder | Modified Date = 2.8.2008 г. 13:27:25 | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 10.8.2008 г. 13:44:34 | Attr = R S] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 67584 bytes | Modified Date = 21.8.2008 г. 11:03:38 | Attr = S] bthservsdp.dat -> %SystemRoot%\bthservsdp.dat -> [Ver = | Size = 12 bytes | Modified Date = 20.8.2008 г. 22:01:39 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 14.8.2008 г. 13:05:43 | Attr = S] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Modified Date = 11.8.2008 г. 17:08:16 | Attr = HS] game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 276 bytes | Modified Date = 11.8.2008 г. 17:08:03 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 20.8.2008 г. 14:08:05 | Attr = HS] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 267217069 bytes | Modified Date = 20.8.2008 г. 14:10:06 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 20.8.2008 г. 14:10:19 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 14.8.2008 г. 14:14:37 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 20.8.2008 г. 13:54:20 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 14.8.2008 г. 13:37:30 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 6.8.2008 г. 21:30:41 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 14.8.2008 г. 14:57:46 | Attr = H ] registration -> %SystemRoot%\registration -> [Folder | Modified Date = 1.8.2008 г. 12:56:33 | Attr = ] rescache -> %SystemRoot%\rescache -> [Folder | Modified Date = 15.8.2008 г. 11:09:31 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 23.7.2008 г. 23:29:09 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 10315 bytes | Modified Date = 3.8.2008 г. 01:11:52 | Attr = ] System32 -> %SystemRoot%\System32 -> [Folder | Modified Date = 21.8.2008 г. 11:50:42 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 13.8.2008 г. 12:50:20 | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 21.8.2008 г. 11:53:47 | Attr = ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 95 bytes | Modified Date = 13.8.2008 г. 16:54:35 | Attr = ] winsxs -> %SystemRoot%\winsxs -> [Folder | Modified Date = 15.8.2008 г. 02:01:24 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 21.8.2008 г. 11:03:51 | Attr = H ] C:\ProgramData\Microsoft\Network\Downloader\ -> C:\ProgramData\Microsoft\Network\Downloader -> [Folder | Modified Date = 2.11.2006 г. 16:04:06 | Attr = ] qmgr0.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4194304 bytes | Modified Date = 21.8.2008 г. 11:07:18 | Attr = ] qmgr1.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4194304 bytes | Modified Date = 21.8.2008 г. 11:07:18 | Attr = ] C:\ProgramData\Microsoft\OFFICE\DATA\ -> C:\ProgramData\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 18.6.2008 г. 23:33:29 | Attr = ] opa12.dat -> C:\ProgramData\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8206 bytes | Modified Date = 18.6.2008 г. 23:33:29 | Attr = ] C:\ProgramData\Microsoft\RAC\PublishedData\ -> C:\ProgramData\Microsoft\RAC\PublishedData -> [Folder | Modified Date = 4.6.2008 г. 10:56:51 | Attr = ] PublishedRacMonAFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [Ver = | Size = 27876 bytes | Modified Date = 21.8.2008 г. 11:21:17 | Attr = ] PublishedRacMonCLKTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [Ver = | Size = 0 bytes | Modified Date = 21.8.2008 г. 11:21:18 | Attr = ] PublishedRacMonHFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [Ver = | Size = 0 bytes | Modified Date = 21.8.2008 г. 11:21:17 | Attr = ] PublishedRacMonIndex.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [Ver = | Size = 1896 bytes | Modified Date = 21.8.2008 г. 11:21:07 | Attr = ] PublishedRacMonOSFTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [Ver = | Size = 2760 bytes | Modified Date = 21.8.2008 г. 11:21:18 | Attr = ] PublishedRacMonSWITable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [Ver = | Size = 166708 bytes | Modified Date = 21.8.2008 г. 11:21:15 | Attr = ] C:\ProgramData\Microsoft\User Account Pictures\ -> C:\ProgramData\Microsoft\User Account Pictures -> [Folder | Modified Date = 3.6.2008 г. 11:02:36 | Attr = ] CNF744322V.dat -> C:\ProgramData\Microsoft\User Account Pictures\CNF744322V.dat -> [Ver = | Size = 0 bytes | Modified Date = 3.6.2008 г. 11:02:36 | Attr = ] C:\Windows\Temp\ -> C:\Windows\Temp -> [Folder | Modified Date = 21.8.2008 г. 11:53:47 | Attr = ] CPSSMasterCatalog.ini -> C:\Windows\Temp\CPSSMasterCatalog.ini -> [Ver = | Size = 419 bytes | Modified Date = 20.8.2008 г. 14:07:12 | Attr = ] < End of report >
You have uTorrent again installed
Remove it immediately or will close this thread.
After that, re-run OTScanIt and post back fresh OTScanIt log.
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
sorry, but installed utorrent again because had a important workCode:OTScanIt logfile created on: 21.8.2008 г. 13:17:47 OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Users\CNF744322V\Desktop\OTScanIt Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,77% Memory free 4,00 Gb Paging File | 2,94 Gb Available in Paging File | 73,54% Paging File free Paging file location(s): ?:\pagefile.sys; %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 40,00 Gb Total Space | 15,98 Gb Free Space | 39,95% Space Free | Partition Type: NTFS Drive D: | 6,04 Gb Total Space | 1,24 Gb Free Space | 20,49% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 97,66 Gb Total Space | 59,64 Gb Free Space | 61,07% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CNF744322V-PC Current User Name: CNF744322V Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 19.7.2008 г. 17:25:06 | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 19.7.2008 г. 17:38:28 | Attr = ] clcapsvc.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -> [Ver = 5.00.2819 | Size = 262243 bytes | Modified Date = 24.4.2007 г. 04:11:42 | Attr = ] asghost.exe -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\asghost.exe -> Cognizance Corporation [Ver = 2.5.0.057 | Size = 65536 bytes | Modified Date = 7.2.2007 г. 17:30:00 | Attr = R ] iaantmon.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 355096 bytes | Modified Date = 12.2.2007 г. 17:38:04 | Attr = ] lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.136.1 | Size = 61440 bytes | Modified Date = 15.12.2006 г. 03:49:10 | Attr = ] hpqwmiex.exe -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 3.5.2006 г. 00:41:28 | Attr = ] clsched.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLSched.exe -> [Ver = 5.00.2819 | Size = 106593 bytes | Modified Date = 24.4.2007 г. 04:11:44 | Attr = ] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 19.7.2008 г. 17:38:04 | Attr = ] ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 23.7.2008 г. 17:25:45 | Attr = ] sm56hlpr.exe -> %ProgramFiles%\Motorola\SMSERIAL\sm56hlpr.exe -> Motorola Inc. [Ver = 6.12.04 | Size = 729088 bytes | Modified Date = 9.10.2006 г. 23:43:44 | Attr = ] syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 9.1.11 12Jan07 | Size = 827392 bytes | Modified Date = 13.1.2007 г. 06:36:40 | Attr = ] rthdvcpl.exe -> %SystemRoot%\RtHDVCpl.exe -> Realtek Semiconductor [Ver = 1, 0, 0, 41 | Size = 4390912 bytes | Modified Date = 9.3.2007 г. 20:50:02 | Attr = ] iaanotif.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 174872 bytes | Modified Date = 12.2.2007 г. 17:37:58 | Attr = ] qpservice.exe -> %ProgramFiles%\HP\QuickPlay\QPService.exe -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 176128 bytes | Modified Date = 24.4.2007 г. 04:11:20 | Attr = ] qlbctrl.exe -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe -> Hewlett-Packard Development Company, L.P. [Ver = 6, 2, 2, 1 | Size = 159744 bytes | Modified Date = 13.2.2007 г. 21:38:36 | Attr = ] hpwamain.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3, 0, 5, 1 | Size = 472776 bytes | Modified Date = 1.3.2007 г. 23:18:36 | Attr = ] wifimsg.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 317128 bytes | Modified Date = 11.1.2007 г. 02:12:08 | Attr = ] hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 17.2.2005 г. 09:11:42 | Attr = ] mouse32a.exe -> %ProgramFiles%\Tech\Wheel Mouse\5.0\Mouse32A.exe -> [Ver = 8.0.0.0 | Size = 357376 bytes | Modified Date = 24.5.2002 г. 15:54:02 | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 19.7.2008 г. 17:38:34 | Attr = ] skype.exe -> %ProgramFiles%\Skype\Phone\Skype.exe -> Skype Technologies S.A. [Ver = 3.8.0.139 | Size = 21718312 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] hpqtoaster.exe -> %ProgramFiles%\Hewlett-Packard\Shared\HpqToaster.exe -> [Ver = 1, 10, 1, 1 | Size = 677576 bytes | Modified Date = 31.1.2007 г. 01:58:52 | Attr = ] skypepm.exe -> %ProgramFiles%\Skype\Plugin Manager\skypePM.exe -> Skype Technologies [Ver = 2.0.0.58 | Size = 76744 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = R ] hphc_service.exe -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Service.exe -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 62984 bytes | Modified Date = 14.3.2007 г. 22:07:30 | Attr = ] ashsimpl.exe -> %ProgramFiles%\Alwil Software\Avast4\ashSimpl.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 155832 bytes | Modified Date = 19.7.2008 г. 17:31:12 | Attr = ] adobeupdater.exe -> %CommonProgramFiles%\Adobe\Updater5\AdobeUpdater.exe -> Adobe Systems Incorporated [Ver = 5, 1, 0, 1082 | Size = 2321600 bytes | Modified Date = 28.2.2007 г. 23:06:56 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.9.0.1 | Size = 307712 bytes | Modified Date = 3.7.2008 г. 05:34:12 | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 12.7.2008 г. 09:29:54 | Attr = ] [Win32 Services - Non-Microsoft Only] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 19.7.2008 г. 17:25:06 | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 19.7.2008 г. 17:38:28 | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 19.7.2008 г. 17:38:04 | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 23.7.2008 г. 17:25:45 | Attr = ] (CertPropSvc) Certificate Propagation [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\system32\svchost.exe -> File not found (CLCapSvc) CyberLink Background Capture Service (CBCS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -> [Ver = 5.00.2819 | Size = 262243 bytes | Modified Date = 24.4.2007 г. 04:11:42 | Attr = ] (CLSched) CyberLink Task Scheduler (CTS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLSched.exe -> [Ver = 5.00.2819 | Size = 106593 bytes | Modified Date = 24.4.2007 г. 04:11:44 | Attr = ] (DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Unknown | Running] -> %SystemRoot%\system32\svchost.exe -> File not found (HP Health Check Service) HP Health Check Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Service.exe -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 62984 bytes | Modified Date = 14.3.2007 г. 22:07:30 | Attr = ] (hpqwmiex) hpqwmiex [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 3.5.2006 г. 00:41:28 | Attr = ] (IAANTMON) Intel(R) Matrix Storage Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 355096 bytes | Modified Date = 12.2.2007 г. 17:38:04 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 14.11.2005 г. 01:06:04 | Attr = ] (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> File not found (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.136.1 | Size = 61440 bytes | Modified Date = 15.12.2006 г. 03:49:10 | Attr = ] (MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] -> %SystemRoot%\System32\msdtc.exe -> File not found (RoxMediaDB9) RoxMediaDB9 [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> Sonic Solutions [Ver = 9.0.5.98 | Size = 880640 bytes | Modified Date = 12.2.2007 г. 19:36:58 | Attr = ] (SBSDWSCService) SBSD Security Center Service [Win32_Own | Auto | Stopped] -> -> File not found (Schedule) Task Scheduler [Win32_Shared | Unknown | Running] -> %systemroot%\system32\svchost.exe -> File not found (SCPolicySvc) Smart Card Removal Policy [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\system32\svchost.exe -> File not found (ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 7, 0, 8, 0 | Size = 430592 bytes | Modified Date = 7.4.2008 г. 09:17:30 | Attr = ] (stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> MicroVision Development, Inc. [Ver = 1.2.560 | Size = 74656 bytes | Modified Date = 17.2.2007 г. 17:31:12 | Attr = R ] (TrustedInstaller) Windows Modules Installer [Win32_Own | Unknown | Stopped] -> %SystemRoot%\servicing\TrustedInstaller.exe -> File not found (TuneUp.Defrag) TuneUp Drive Defrag Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Modified Date = 10.8.2008 г. 14:15:12 | Attr = ] (WdiServiceHost) Diagnostic Service Host [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\System32\svchost.exe -> File not found (WdiSystemHost) Diagnostic System Host [Win32_Shared | Unknown | Running] -> %SystemRoot%\System32\svchost.exe -> File not found [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 19.7.2008 г. 17:38:34 | Attr = ] CognizanceTS -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\ASTSVCC.dll ["C:\Windows\system32\rundll32.exe" c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule] -> Cognizance Corporation [Ver = 1.0.0.008 | Size = 17920 bytes | Modified Date = 22.12.2003 г. 21:12:00 | Attr = R ] HP Health Check Scheduler -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe ["C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 50696 bytes | Modified Date = 12.3.2007 г. 21:54:24 | Attr = ] HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe ["C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"] -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 17.2.2005 г. 09:11:42 | Attr = ] hpWirelessAssistant -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe ["C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"] -> Hewlett-Packard Development Company, L.P. [Ver = 3, 0, 5, 1 | Size = 472776 bytes | Modified Date = 1.3.2007 г. 23:18:36 | Attr = ] IAAnotif -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe ["C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"] -> Intel Corporation [Ver = 7.0.0.1020 | Size = 174872 bytes | Modified Date = 12.2.2007 г. 17:37:58 | Attr = ] LWBMOUSE -> %ProgramFiles%\Tech\Wheel Mouse\5.0\Mouse32A.exe ["C:\Program Files\Tech\Wheel Mouse\5.0\MOUSE32A.EXE"] -> [Ver = 8.0.0.0 | Size = 357376 bytes | Modified Date = 24.5.2002 г. 15:54:02 | Attr = ] NvCplDaemon -> %SystemRoot%\System32\nvcpl.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 8429568 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] NvMediaCenter -> %SystemRoot%\System32\nvmctray.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 81920 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] NvSvc -> %SystemRoot%\System32\nvsvc.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 86016 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] QlbCtrl -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ["C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start] -> Hewlett-Packard Development Company, L.P. [Ver = 6, 2, 2, 1 | Size = 159744 bytes | Modified Date = 13.2.2007 г. 21:38:36 | Attr = ] QPService -> %ProgramFiles%\HP\QuickPlay\QPService.exe ["C:\Program Files\HP\QuickPlay\QPService.exe"] -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 176128 bytes | Modified Date = 24.4.2007 г. 04:11:20 | Attr = ] RtHDVCpl -> %SystemRoot%\RtHDVCpl.exe ["C:\Windows\RtHDVCpl.exe"] -> Realtek Semiconductor [Ver = 1, 0, 0, 41 | Size = 4390912 bytes | Modified Date = 9.3.2007 г. 20:50:02 | Attr = ] SMSERIAL -> %ProgramFiles%\Motorola\SMSERIAL\sm56hlpr.exe ["C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"] -> Motorola Inc. [Ver = 6.12.04 | Size = 729088 bytes | Modified Date = 9.10.2006 г. 23:43:44 | Attr = ] SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] -> Synaptics, Inc. [Ver = 9.1.11 12Jan07 | Size = 827392 bytes | Modified Date = 13.1.2007 г. 06:36:40 | Attr = ] WAWifiMessage -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe ["C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"] -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 317128 bytes | Modified Date = 11.1.2007 г. 02:12:08 | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Skype -> %ProgramFiles%\Skype\Phone\Skype.exe ["C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized] -> Skype Technologies S.A. [Ver = 3.8.0.139 | Size = 21718312 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {7D7DB869-3021-4CD2-AF0A-B3CAD75ECE31} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 2927104 bytes | Modified Date = 19.1.2008 г. 10:33:10 | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> %SystemRoot%\System32\userinit.exe -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 25088 bytes | Modified Date = 19.1.2008 г. 10:33:33 | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\System32\shell32.dll -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 11580416 bytes | Modified Date = 24.4.2008 г. 07:58:20 | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\System32\sysdm.cpl -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 242688 bytes | Modified Date = 19.1.2008 г. 10:32:57 | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 3 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableInstallerDetection -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableVirtualization -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ValidateAdminCodeSignatures -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\scforceoption -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\FilterAdministratorToken -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableUIADesktopToggle -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_TEXT -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_BITMAP -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_OEMTEXT -> 7 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIB -> 8 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_PALETTE -> 9 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_UNICODETEXT -> 13 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIBV5 -> 17 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> TORiSAN CD-ROM CDR_C36 -> -> File not found NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\System32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 67072 bytes | Modified Date = 19.1.2008 г. 08:49:51 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomSlimtype_DVD_A__DS8A1H__________________WH66____\5&5b8f77b&0&0.0.0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> SCSI\CdRom&Ven_LD3828T&Prod_XDR443V&Rev_1.01\5&36e5972&1&000000 -> < Drives - Autoruns > -> -> autoexec.bat [REM Dummy file for NTVDM | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [Ver = | Size = 24 bytes | Modified Date = 19.9.2006 г. 00:43:36 | Attr = ] AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ] -> D:\AUTOMODE [ NTFS ] -> [Ver = | Size = 340 bytes | Modified Date = 11.9.2005 г. 18:18:54 | Attr = HS] < HOSTS File > (259259 bytes) -> C:\Windows\System32\drivers\etc\Hosts -> ::1 localhost -> -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_CURRENT_USER\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> *.local -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4742 domain(s) found. -> 43 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4742 domain(s) found. -> 43 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 23.10.2006 г. 09:08:42 | Attr = ] {22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> Skype Technologies S.A. [Ver = 2, 2, 0, 181 | Size = 1410344 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 7.7.2008 г. 09:41:58 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 25.3.2008 г. 04:28:01 | Attr = ] {DF21F1DB-80C6-11D3-9483-B03D0EC10000} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [VeriSoft Access Manager] -> Bioscrypt Inc. [Ver = 2.1.078 | Size = 71192 bytes | Modified Date = 21.11.2006 г. 22:59:00 | Attr = R ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 25.3.2008 г. 04:28:01 | Attr = ] {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype] -> Skype Technologies S.A. [Ver = 2, 2, 0, 181 | Size = 1410344 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = ] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 7.7.2008 г. 09:41:58 | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {3BE5C474-CCE6-4538-9841-D96D339E5AB4} -> 212.39.90.42,212.39.90.43 () -> {5695C05F-C4BB-4780-B309-76AD08DFBA0C} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) -> {5CF62F28-4386-4569-96E6-840611873DDC} -> 192.168.3.1,83.222.161.130 (Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)) -> < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 29, 0 | Size = 1942864 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {3860DD98-0549-4D50-AA72-5D17D200EE10}[HKEY_LOCAL_MACHINE] -> http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab[Windows Live OneCare safety scanner control] -> {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ not found. -> -> [Files/Folders - Created Within 30 days] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 21.8.2008 г. 11:56:20 | Attr = HS] Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 20.8.2008 г. 14:53:46 | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 15:45:32 | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 15:45:32 | Attr = RHS] aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 20560 bytes | Created Date = 20.8.2008 г. 20:05:54 | Attr = ] aswMonFlt.sys -> %SystemRoot%\System32\drivers\aswMonFlt.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 51280 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 23152 bytes | Created Date = 20.8.2008 г. 20:05:56 | Attr = ] aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 78416 bytes | Created Date = 20.8.2008 г. 20:05:54 | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 42912 bytes | Created Date = 20.8.2008 г. 20:05:56 | Attr = ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Created Date = 19.8.2008 г. 18:16:56 | Attr = ] mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> Malwarebytes Corporation [Ver = 1.00 | Size = 38472 bytes | Created Date = 19.8.2008 г. 18:16:55 | Attr = ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 12:46:08 | Attr = H ] ac3filter.cpl -> %SystemRoot%\System32\ac3filter.cpl -> [Ver = 1.01a | Size = 417792 bytes | Created Date = 3.8.2008 г. 01:09:01 | Attr = ] actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 1163960 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] authuitu.dll -> %SystemRoot%\System32\authuitu.dll -> TuneUp Software GmbH [Ver = 1.0.0.6 | Size = 16640 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 94392 bytes | Created Date = 20.8.2008 г. 20:05:55 | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,225,0 | Size = 107888 bytes | Created Date = 10.8.2008 г. 13:16:30 | Attr = ] cpuinf32.dll -> %SystemRoot%\System32\cpuinf32.dll -> [Ver = | Size = 19968 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplaa6.dll -> %SystemRoot%\System32\mplaa6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 77824 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplam6.dll -> %SystemRoot%\System32\mplam6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 65536 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplapx.dll -> %SystemRoot%\System32\mplapx.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 65536 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplaw7.dll -> %SystemRoot%\System32\mplaw7.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 77824 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplva6.dll -> %SystemRoot%\System32\mplva6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1650688 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplvm6.dll -> %SystemRoot%\System32\mplvm6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1552384 bytes | Created Date = 3.8.2008 г. 01:09:42 | Attr = ] mplvpx.dll -> %SystemRoot%\System32\mplvpx.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1122304 bytes | Created Date = 3.8.2008 г. 01:09:42 | Attr = ] mplvw7.dll -> %SystemRoot%\System32\mplvw7.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1581056 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] nhtcbupa.ini -> %SystemRoot%\System32\nhtcbupa.ini -> [Ver = | Size = 1500551 bytes | Created Date = 11.8.2008 г. 21:06:55 | Attr = HS] nkkfilke.ini -> %SystemRoot%\System32\nkkfilke.ini -> [Ver = | Size = 1491240 bytes | Created Date = 10.8.2008 г. 15:16:11 | Attr = HS] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] pndx5016.dll -> %SystemRoot%\System32\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] pndx5032.dll -> %SystemRoot%\System32\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] qtplugin.ocx -> %SystemRoot%\System32\qtplugin.ocx -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 360504 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] qttask.exe -> %SystemRoot%\System32\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Created Date = 3.8.2008 г. 01:11:50 | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Created Date = 3.8.2008 г. 01:09:47 | Attr = ] quicktime.cpl -> %SystemRoot%\System32\quicktime.cpl -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 323072 bytes | Created Date = 3.8.2008 г. 01:09:48 | Attr = ] quicktime.qtp -> %SystemRoot%\System32\quicktime.qtp -> [Ver = | Size = 8890 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] quicktime.qts -> %SystemRoot%\System32\quicktime.qts -> Apple Computer, Inc. [Ver = 6.5.2 | Size = 6676480 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] rmoc3260.dll -> %SystemRoot%\System32\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2049 | Size = 176167 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] startup.cpl -> %SystemRoot%\System32\startup.cpl -> [Ver = | Size = 98304 bytes | Created Date = 3.8.2008 г. 01:10:34 | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] tweakui.hlp -> %SystemRoot%\System32\tweakui.hlp -> [Ver = | Size = 51238 bytes | Created Date = 3.8.2008 г. 01:10:34 | Attr = ] unrar.dll -> %SystemRoot%\System32\unrar.dll -> [Ver = | Size = 152064 bytes | Created Date = 3.8.2008 г. 01:09:40 | Attr = ] uxtuneup.dll -> %SystemRoot%\System32\uxtuneup.dll -> TuneUp Software GmbH [Ver = 2.0.0.12 | Size = 28416 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] vp6dec_settings.cpl -> %SystemRoot%\System32\vp6dec_settings.cpl -> [Ver = | Size = 53248 bytes | Created Date = 3.8.2008 г. 01:10:52 | Attr = ] xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [Ver = | Size = 761856 bytes | Created Date = 3.8.2008 г. 01:09:38 | Attr = ] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Created Date = 11.8.2008 г. 17:08:16 | Attr = HS] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 276 bytes | Created Date = 11.8.2008 г. 17:08:03 | Attr = ] m3jp2k.ini -> %SystemRoot%\m3jp2k.ini -> [Ver = | Size = 761 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] m3jpeg.ini -> %SystemRoot%\m3jpeg.ini -> [Ver = | Size = 714 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 267217069 bytes | Created Date = 10.8.2008 г. 15:52:24 | Attr = ] mmtvmj.ini -> %SystemRoot%\mmtvmj.ini -> [Ver = | Size = 702 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Created Date = 14.8.2008 г. 13:37:30 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 6.8.2008 г. 21:30:41 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 6.8.2008 г. 21:30:41 | Attr = H ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 23.7.2008 г. 23:29:09 | Attr = ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 95 bytes | Created Date = 13.8.2008 г. 16:54:35 | Attr = ] [Files/Folders - Modified Within 30 days] boot -> %SystemDrive%\boot -> [Folder | Modified Date = 13.8.2008 г. 23:04:51 | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 21.8.2008 г. 11:56:23 | Attr = HS] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 20.8.2008 г. 14:53:46 | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 15:45:32 | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 15:45:32 | Attr = RHS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 21.8.2008 г. 13:17:24 | Attr = R ] ProgramData -> %AllUsersProfile% -> [Folder | Modified Date = 21.8.2008 г. 11:52:30 | Attr = H ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 21.8.2008 г. 11:56:05 | Attr = HS] Users -> %SystemDrive%\Users -> [Folder | Modified Date = 13.8.2008 г. 12:50:18 | Attr = R ] Windows -> %SystemRoot% -> [Folder | Modified Date = 20.8.2008 г. 15:08:47 | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 13.8.2008 г. 15:55:48 | Attr = ] HOSTS -> %SystemRoot%\System32\drivers\etc\HOSTS -> [Ver = | Size = 259259 bytes | Modified Date = 13.8.2008 г. 15:55:48 | Attr = R ] hosts.20080813-155528.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080813-155528.backup -> [Ver = | Size = 761 bytes | Modified Date = 13.8.2008 г. 12:50:20 | Attr = ] hosts.20080813-155548.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080813-155548.backup -> [Ver = | Size = 259259 bytes | Modified Date = 13.8.2008 г. 15:55:28 | Attr = R ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Modified Date = 17.8.2008 г. 15:01:14 | Attr = ] mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> Malwarebytes Corporation [Ver = 1.00 | Size = 38472 bytes | Modified Date = 17.8.2008 г. 15:01:18 | Attr = ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 12:46:08 | Attr = H ] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3168 bytes | Modified Date = 21.8.2008 г. 13:03:59 | Attr = H ] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3168 bytes | Modified Date = 21.8.2008 г. 13:03:59 | Attr = H ] catroot -> %SystemRoot%\System32\catroot -> [Folder | Modified Date = 19.8.2008 г. 10:09:09 | Attr = ] catroot2 -> %SystemRoot%\System32\catroot2 -> [Folder | Modified Date = 15.8.2008 г. 10:54:37 | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,225,0 | Size = 107888 bytes | Modified Date = 10.8.2008 г. 13:16:30 | Attr = ] CodeIntegrity -> %SystemRoot%\System32\CodeIntegrity -> [Folder | Modified Date = 1.8.2008 г. 12:56:36 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 13.8.2008 г. 23:04:51 | Attr = ] config.nt -> %SystemRoot%\System32\config.nt -> [Ver = | Size = 2577 bytes | Modified Date = 20.8.2008 г. 20:23:41 | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 20.8.2008 г. 20:43:46 | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 15.8.2008 г. 10:53:03 | Attr = ] GroupPolicy -> %SystemRoot%\System32\GroupPolicy -> [Folder | Modified Date = 14.8.2008 г. 22:50:54 | Attr = H ] migration -> %SystemRoot%\System32\migration -> [Folder | Modified Date = 15.8.2008 г. 10:53:02 | Attr = ] Msdtc -> %SystemRoot%\System32\Msdtc -> [Folder | Modified Date = 1.8.2008 г. 12:57:45 | Attr = ] nhtcbupa.ini -> %SystemRoot%\System32\nhtcbupa.ini -> [Ver = | Size = 1500551 bytes | Modified Date = 13.8.2008 г. 12:10:24 | Attr = HS] nkkfilke.ini -> %SystemRoot%\System32\nkkfilke.ini -> [Ver = | Size = 1491240 bytes | Modified Date = 10.8.2008 г. 15:54:38 | Attr = HS] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 102094 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 590082 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 694964 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] qttask.exe -> %SystemRoot%\System32\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 3.8.2008 г. 01:11:50 | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Modified Date = 3.8.2008 г. 01:09:48 | Attr = ] quicktime.qtp -> %SystemRoot%\System32\quicktime.qtp -> [Ver = | Size = 8890 bytes | Modified Date = 14.8.2008 г. 14:57:49 | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Modified Date = 1.8.2008 г. 12:56:36 | Attr = ] Tasks -> %SystemRoot%\System32\Tasks -> [Folder | Modified Date = 11.8.2008 г. 22:09:26 | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Modified Date = 10.8.2008 г. 14:15:12 | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 1.8.2008 г. 12:57:42 | Attr = ] WDI -> %SystemRoot%\System32\WDI -> [Folder | Modified Date = 2.8.2008 г. 13:27:25 | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 10.8.2008 г. 13:44:34 | Attr = R S] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 67584 bytes | Modified Date = 21.8.2008 г. 11:03:38 | Attr = S] bthservsdp.dat -> %SystemRoot%\bthservsdp.dat -> [Ver = | Size = 12 bytes | Modified Date = 20.8.2008 г. 22:01:39 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 14.8.2008 г. 13:05:43 | Attr = S] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Modified Date = 11.8.2008 г. 17:08:16 | Attr = HS] game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 276 bytes | Modified Date = 11.8.2008 г. 17:08:03 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 21.8.2008 г. 11:56:23 | Attr = HS] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 267217069 bytes | Modified Date = 20.8.2008 г. 14:10:06 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 20.8.2008 г. 14:10:19 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 14.8.2008 г. 14:14:37 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 20.8.2008 г. 13:54:20 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 14.8.2008 г. 13:37:30 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 6.8.2008 г. 21:30:41 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 14.8.2008 г. 14:57:46 | Attr = H ] registration -> %SystemRoot%\registration -> [Folder | Modified Date = 1.8.2008 г. 12:56:33 | Attr = ] rescache -> %SystemRoot%\rescache -> [Folder | Modified Date = 15.8.2008 г. 11:09:31 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 23.7.2008 г. 23:29:09 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 10315 bytes | Modified Date = 3.8.2008 г. 01:11:52 | Attr = ] System32 -> %SystemRoot%\System32 -> [Folder | Modified Date = 21.8.2008 г. 11:50:42 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 13.8.2008 г. 12:50:20 | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 21.8.2008 г. 13:17:45 | Attr = ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 95 bytes | Modified Date = 13.8.2008 г. 16:54:35 | Attr = ] winsxs -> %SystemRoot%\winsxs -> [Folder | Modified Date = 15.8.2008 г. 02:01:24 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 21.8.2008 г. 11:03:51 | Attr = H ] C:\ProgramData\Microsoft\Network\Downloader\ -> C:\ProgramData\Microsoft\Network\Downloader -> [Folder | Modified Date = 2.11.2006 г. 16:04:06 | Attr = ] qmgr0.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4194304 bytes | Modified Date = 21.8.2008 г. 11:07:18 | Attr = ] qmgr1.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4194304 bytes | Modified Date = 21.8.2008 г. 11:07:18 | Attr = ] C:\ProgramData\Microsoft\OFFICE\DATA\ -> C:\ProgramData\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 18.6.2008 г. 23:33:29 | Attr = ] opa12.dat -> C:\ProgramData\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8206 bytes | Modified Date = 18.6.2008 г. 23:33:29 | Attr = ] C:\ProgramData\Microsoft\RAC\PublishedData\ -> C:\ProgramData\Microsoft\RAC\PublishedData -> [Folder | Modified Date = 4.6.2008 г. 10:56:51 | Attr = ] PublishedRacMonAFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [Ver = | Size = 27876 bytes | Modified Date = 21.8.2008 г. 11:21:17 | Attr = ] PublishedRacMonCLKTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [Ver = | Size = 0 bytes | Modified Date = 21.8.2008 г. 11:21:18 | Attr = ] PublishedRacMonHFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [Ver = | Size = 0 bytes | Modified Date = 21.8.2008 г. 11:21:17 | Attr = ] PublishedRacMonIndex.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [Ver = | Size = 1896 bytes | Modified Date = 21.8.2008 г. 11:21:07 | Attr = ] PublishedRacMonOSFTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [Ver = | Size = 2760 bytes | Modified Date = 21.8.2008 г. 11:21:18 | Attr = ] PublishedRacMonSWITable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [Ver = | Size = 166708 bytes | Modified Date = 21.8.2008 г. 11:21:15 | Attr = ] C:\ProgramData\Microsoft\User Account Pictures\ -> C:\ProgramData\Microsoft\User Account Pictures -> [Folder | Modified Date = 3.6.2008 г. 11:02:36 | Attr = ] CNF744322V.dat -> C:\ProgramData\Microsoft\User Account Pictures\CNF744322V.dat -> [Ver = | Size = 0 bytes | Modified Date = 3.6.2008 г. 11:02:36 | Attr = ] C:\Windows\Temp\ -> C:\Windows\Temp -> [Folder | Modified Date = 21.8.2008 г. 13:17:45 | Attr = ] CPSSMasterCatalog.ini -> C:\Windows\Temp\CPSSMasterCatalog.ini -> [Ver = | Size = 419 bytes | Modified Date = 20.8.2008 г. 14:07:12 | Attr = ] < End of report >
What do you mean by work here?
Open OTScanIt.
Paste text below to Paste Fix here (upper right corner)
Click Run FixCode:[Files/Folders - Modified Within 30 days] NY -> nhtcbupa.ini -> %SystemRoot%\System32\nhtcbupa.ini NY -> nkkfilke.ini -> %SystemRoot%\System32\nkkfilke.ini
If it doesn't run scan automatically, click Run Scan
Post back a fresh OTScanIt log, please.
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
I had to donwload some files I needed.Code:OTScanIt logfile created on: 21.8.2008 г. 13:44:36 OTScanIt by OldTimer - Version 1.0.16.2 Folder = C:\Users\CNF744322V\Desktop\OTScanIt Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: d.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 46,39% Memory free 4,00 Gb Paging File | 2,93 Gb Available in Paging File | 73,25% Paging File free Paging file location(s): ?:\pagefile.sys; %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 40,00 Gb Total Space | 16,12 Gb Free Space | 40,30% Space Free | Partition Type: NTFS Drive D: | 6,04 Gb Total Space | 1,24 Gb Free Space | 20,49% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 97,66 Gb Total Space | 59,64 Gb Free Space | 61,07% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CNF744322V-PC Current User Name: CNF744322V Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user [Processes - Non-Microsoft Only] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 19.7.2008 г. 17:25:06 | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 19.7.2008 г. 17:38:28 | Attr = ] clcapsvc.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -> [Ver = 5.00.2819 | Size = 262243 bytes | Modified Date = 24.4.2007 г. 04:11:42 | Attr = ] asghost.exe -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\asghost.exe -> Cognizance Corporation [Ver = 2.5.0.057 | Size = 65536 bytes | Modified Date = 7.2.2007 г. 17:30:00 | Attr = R ] iaantmon.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 355096 bytes | Modified Date = 12.2.2007 г. 17:38:04 | Attr = ] lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.136.1 | Size = 61440 bytes | Modified Date = 15.12.2006 г. 03:49:10 | Attr = ] hpqwmiex.exe -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 3.5.2006 г. 00:41:28 | Attr = ] clsched.exe -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLSched.exe -> [Ver = 5.00.2819 | Size = 106593 bytes | Modified Date = 24.4.2007 г. 04:11:44 | Attr = ] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 19.7.2008 г. 17:38:04 | Attr = ] ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 23.7.2008 г. 17:25:45 | Attr = ] sm56hlpr.exe -> %ProgramFiles%\Motorola\SMSERIAL\sm56hlpr.exe -> Motorola Inc. [Ver = 6.12.04 | Size = 729088 bytes | Modified Date = 9.10.2006 г. 23:43:44 | Attr = ] syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> Synaptics, Inc. [Ver = 9.1.11 12Jan07 | Size = 827392 bytes | Modified Date = 13.1.2007 г. 06:36:40 | Attr = ] rthdvcpl.exe -> %SystemRoot%\RtHDVCpl.exe -> Realtek Semiconductor [Ver = 1, 0, 0, 41 | Size = 4390912 bytes | Modified Date = 9.3.2007 г. 20:50:02 | Attr = ] iaanotif.exe -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 174872 bytes | Modified Date = 12.2.2007 г. 17:37:58 | Attr = ] qpservice.exe -> %ProgramFiles%\HP\QuickPlay\QPService.exe -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 176128 bytes | Modified Date = 24.4.2007 г. 04:11:20 | Attr = ] qlbctrl.exe -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe -> Hewlett-Packard Development Company, L.P. [Ver = 6, 2, 2, 1 | Size = 159744 bytes | Modified Date = 13.2.2007 г. 21:38:36 | Attr = ] hpwamain.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3, 0, 5, 1 | Size = 472776 bytes | Modified Date = 1.3.2007 г. 23:18:36 | Attr = ] wifimsg.exe -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 317128 bytes | Modified Date = 11.1.2007 г. 02:12:08 | Attr = ] hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 17.2.2005 г. 09:11:42 | Attr = ] mouse32a.exe -> %ProgramFiles%\Tech\Wheel Mouse\5.0\Mouse32A.exe -> [Ver = 8.0.0.0 | Size = 357376 bytes | Modified Date = 24.5.2002 г. 15:54:02 | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 19.7.2008 г. 17:38:34 | Attr = ] skype.exe -> %ProgramFiles%\Skype\Phone\Skype.exe -> Skype Technologies S.A. [Ver = 3.8.0.139 | Size = 21718312 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] hpqtoaster.exe -> %ProgramFiles%\Hewlett-Packard\Shared\HpqToaster.exe -> [Ver = 1, 10, 1, 1 | Size = 677576 bytes | Modified Date = 31.1.2007 г. 01:58:52 | Attr = ] skypepm.exe -> %ProgramFiles%\Skype\Plugin Manager\skypePM.exe -> Skype Technologies [Ver = 2.0.0.58 | Size = 76744 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = R ] hphc_service.exe -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Service.exe -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 62984 bytes | Modified Date = 14.3.2007 г. 22:07:30 | Attr = ] ashsimpl.exe -> %ProgramFiles%\Alwil Software\Avast4\ashSimpl.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 155832 bytes | Modified Date = 19.7.2008 г. 17:31:12 | Attr = ] adobeupdater.exe -> %CommonProgramFiles%\Adobe\Updater5\AdobeUpdater.exe -> Adobe Systems Incorporated [Ver = 5, 1, 0, 1082 | Size = 2321600 bytes | Modified Date = 28.2.2007 г. 23:06:56 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.9.0.1 | Size = 307712 bytes | Modified Date = 3.7.2008 г. 05:34:12 | Attr = ] otscanit.exe -> %UserProfile%\Desktop\OTScanIt\OTScanIt.exe -> OldTimer Tools [Ver = 1.0.16.2 | Size = 397312 bytes | Modified Date = 12.7.2008 г. 09:29:54 | Attr = ] [Win32 Services - Non-Microsoft Only] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 16056 bytes | Modified Date = 19.7.2008 г. 17:25:06 | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 147640 bytes | Modified Date = 19.7.2008 г. 17:38:28 | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 250040 bytes | Modified Date = 19.7.2008 г. 17:38:04 | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 8, 1229, 0 | Size = 348344 bytes | Modified Date = 23.7.2008 г. 17:25:45 | Attr = ] (CertPropSvc) Certificate Propagation [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\system32\svchost.exe -> File not found (CLCapSvc) CyberLink Background Capture Service (CBCS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -> [Ver = 5.00.2819 | Size = 262243 bytes | Modified Date = 24.4.2007 г. 04:11:42 | Attr = ] (CLSched) CyberLink Task Scheduler (CTS) [Win32_Own | Auto | Running] -> %ProgramFiles%\HP\QuickPlay\Kernel\TV\CLSched.exe -> [Ver = 5.00.2819 | Size = 106593 bytes | Modified Date = 24.4.2007 г. 04:11:44 | Attr = ] (DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Unknown | Running] -> %SystemRoot%\system32\svchost.exe -> File not found (HP Health Check Service) HP Health Check Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Service.exe -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 62984 bytes | Modified Date = 14.3.2007 г. 22:07:30 | Attr = ] (hpqwmiex) hpqwmiex [Win32_Own | Auto | Running] -> %ProgramFiles%\Hewlett-Packard\Shared\hpqwmiex.exe -> Hewlett-Packard Development Company, L.P. [Ver = 2, 0, 1, 9 | Size = 135168 bytes | Modified Date = 3.5.2006 г. 00:41:28 | Attr = ] (IAANTMON) Intel(R) Matrix Storage Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> Intel Corporation [Ver = 7.0.0.1020 | Size = 355096 bytes | Modified Date = 12.2.2007 г. 17:38:04 | Attr = ] (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 14.11.2005 г. 01:06:04 | Attr = ] (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> File not found (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.136.1 | Size = 61440 bytes | Modified Date = 15.12.2006 г. 03:49:10 | Attr = ] (MSDTC) Distributed Transaction Coordinator [Win32_Own | Unknown | Stopped] -> %SystemRoot%\System32\msdtc.exe -> File not found (RoxMediaDB9) RoxMediaDB9 [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> Sonic Solutions [Ver = 9.0.5.98 | Size = 880640 bytes | Modified Date = 12.2.2007 г. 19:36:58 | Attr = ] (SBSDWSCService) SBSD Security Center Service [Win32_Own | Auto | Stopped] -> -> File not found (Schedule) Task Scheduler [Win32_Shared | Unknown | Running] -> %systemroot%\system32\svchost.exe -> File not found (SCPolicySvc) Smart Card Removal Policy [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\system32\svchost.exe -> File not found (ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\PC Connectivity Solution\ServiceLayer.exe -> Nokia. [Ver = 7, 0, 8, 0 | Size = 430592 bytes | Modified Date = 7.4.2008 г. 09:17:30 | Attr = ] (stllssvr) stllssvr [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\SureThing Shared\stllssvr.exe -> MicroVision Development, Inc. [Ver = 1.2.560 | Size = 74656 bytes | Modified Date = 17.2.2007 г. 17:31:12 | Attr = R ] (TrustedInstaller) Windows Modules Installer [Win32_Own | Unknown | Stopped] -> %SystemRoot%\servicing\TrustedInstaller.exe -> File not found (TuneUp.Defrag) TuneUp Drive Defrag Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Modified Date = 10.8.2008 г. 14:15:12 | Attr = ] (WdiServiceHost) Diagnostic Service Host [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\System32\svchost.exe -> File not found (WdiSystemHost) Diagnostic System Host [Win32_Shared | Unknown | Running] -> %SystemRoot%\System32\svchost.exe -> File not found [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 78008 bytes | Modified Date = 19.7.2008 г. 17:38:34 | Attr = ] CognizanceTS -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\ASTSVCC.dll ["C:\Windows\system32\rundll32.exe" c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule] -> Cognizance Corporation [Ver = 1.0.0.008 | Size = 17920 bytes | Modified Date = 22.12.2003 г. 21:12:00 | Attr = R ] HP Health Check Scheduler -> %ProgramFiles%\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe ["C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] -> Hewlett-Packard [Ver = 2.0.9.1 | Size = 50696 bytes | Modified Date = 12.3.2007 г. 21:54:24 | Attr = ] HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe ["C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"] -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 17.2.2005 г. 09:11:42 | Attr = ] hpWirelessAssistant -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe ["C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"] -> Hewlett-Packard Development Company, L.P. [Ver = 3, 0, 5, 1 | Size = 472776 bytes | Modified Date = 1.3.2007 г. 23:18:36 | Attr = ] IAAnotif -> %ProgramFiles%\Intel\Intel Matrix Storage Manager\IAAnotif.exe ["C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"] -> Intel Corporation [Ver = 7.0.0.1020 | Size = 174872 bytes | Modified Date = 12.2.2007 г. 17:37:58 | Attr = ] LWBMOUSE -> %ProgramFiles%\Tech\Wheel Mouse\5.0\Mouse32A.exe ["C:\Program Files\Tech\Wheel Mouse\5.0\MOUSE32A.EXE"] -> [Ver = 8.0.0.0 | Size = 357376 bytes | Modified Date = 24.5.2002 г. 15:54:02 | Attr = ] NvCplDaemon -> %SystemRoot%\System32\nvcpl.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 8429568 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] NvMediaCenter -> %SystemRoot%\System32\nvmctray.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 81920 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] NvSvc -> %SystemRoot%\System32\nvsvc.dll ["C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart] -> NVIDIA Corporation [Ver = 7.15.11.0123 | Size = 86016 bytes | Modified Date = 1.5.2007 г. 13:27:00 | Attr = ] QlbCtrl -> %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ["C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start] -> Hewlett-Packard Development Company, L.P. [Ver = 6, 2, 2, 1 | Size = 159744 bytes | Modified Date = 13.2.2007 г. 21:38:36 | Attr = ] QPService -> %ProgramFiles%\HP\QuickPlay\QPService.exe ["C:\Program Files\HP\QuickPlay\QPService.exe"] -> CyberLink Corp. [Ver = 4.5.0.0000 | Size = 176128 bytes | Modified Date = 24.4.2007 г. 04:11:20 | Attr = ] RtHDVCpl -> %SystemRoot%\RtHDVCpl.exe ["C:\Windows\RtHDVCpl.exe"] -> Realtek Semiconductor [Ver = 1, 0, 0, 41 | Size = 4390912 bytes | Modified Date = 9.3.2007 г. 20:50:02 | Attr = ] SMSERIAL -> %ProgramFiles%\Motorola\SMSERIAL\sm56hlpr.exe ["C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"] -> Motorola Inc. [Ver = 6.12.04 | Size = 729088 bytes | Modified Date = 9.10.2006 г. 23:43:44 | Attr = ] SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] -> Synaptics, Inc. [Ver = 9.1.11 12Jan07 | Size = 827392 bytes | Modified Date = 13.1.2007 г. 06:36:40 | Attr = ] WAWifiMessage -> %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe ["C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"] -> Hewlett-Packard Development Company, L.P. [Ver = 3.0.4.1 | Size = 317128 bytes | Modified Date = 11.1.2007 г. 02:12:08 | Attr = ] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> Skype -> %ProgramFiles%\Skype\Phone\Skype.exe ["C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized] -> Skype Technologies S.A. [Ver = 3.8.0.139 | Size = 21718312 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {7D7DB869-3021-4CD2-AF0A-B3CAD75ECE31} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 2927104 bytes | Modified Date = 19.1.2008 г. 10:33:10 | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> %SystemRoot%\System32\userinit.exe -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 25088 bytes | Modified Date = 19.1.2008 г. 10:33:33 | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\System32\shell32.dll -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 11580416 bytes | Modified Date = 24.4.2008 г. 07:58:20 | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\System32\sysdm.cpl -> Microsoft Corporation [Ver = 6.0.6000.16386 (vista_rtm.061101-2205) | Size = 242688 bytes | Modified Date = 19.1.2008 г. 10:32:57 | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 3 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableInstallerDetection -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableVirtualization -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ValidateAdminCodeSignatures -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\scforceoption -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\FilterAdministratorToken -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableUIADesktopToggle -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_TEXT -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_BITMAP -> 2 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_OEMTEXT -> 7 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIB -> 8 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_PALETTE -> 9 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_UNICODETEXT -> 13 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats\\CF_DIBV5 -> 17 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> < CDROM Autorun Settings > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> TORiSAN CD-ROM CDR_C36 -> -> File not found NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\System32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 6.0.6001.18000 (longhorn_rtm.080118-1840) | Size = 67072 bytes | Modified Date = 19.1.2008 г. 08:49:51 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\0 -> IDE\CdRomSlimtype_DVD_A__DS8A1H__________________WH66____\5&5b8f77b&0&0.0.0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\Count -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\NextInstance -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\\1 -> SCSI\CdRom&Ven_LD3828T&Prod_XDR443V&Rev_1.01\5&36e5972&1&000000 -> < Drives - Autoruns > -> -> autoexec.bat [REM Dummy file for NTVDM | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [Ver = | Size = 24 bytes | Modified Date = 19.9.2006 г. 00:43:36 | Attr = ] AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ] -> D:\AUTOMODE [ NTFS ] -> [Ver = | Size = 340 bytes | Modified Date = 11.9.2005 г. 18:18:54 | Attr = HS] < HOSTS File > (259259 bytes) -> C:\Windows\System32\drivers\etc\Hosts -> ::1 localhost -> -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_CURRENT_USER\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> *.local -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4742 domain(s) found. -> 43 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4742 domain(s) found. -> 43 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 23.10.2006 г. 09:08:42 | Attr = ] {22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> Skype Technologies S.A. [Ver = 2, 2, 0, 181 | Size = 1410344 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = ] {53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 7.7.2008 г. 09:41:58 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 25.3.2008 г. 04:28:01 | Attr = ] {DF21F1DB-80C6-11D3-9483-B03D0EC10000} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [VeriSoft Access Manager] -> Bioscrypt Inc. [Ver = 2.1.078 | Size = 71192 bytes | Modified Date = 21.11.2006 г. 22:59:00 | Attr = R ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_06\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.60.2 | Size = 509328 bytes | Modified Date = 25.3.2008 г. 04:28:01 | Attr = ] {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype] -> Skype Technologies S.A. [Ver = 2, 2, 0, 181 | Size = 1410344 bytes | Modified Date = 30.5.2008 г. 15:54:16 | Attr = ] {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 6, 0, 12 | Size = 1562448 bytes | Modified Date = 7.7.2008 г. 09:41:58 | Attr = ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {3BE5C474-CCE6-4538-9841-D96D339E5AB4} -> 212.39.90.42,212.39.90.43 () -> {5695C05F-C4BB-4780-B309-76AD08DFBA0C} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) -> {5CF62F28-4386-4569-96E6-840611873DDC} -> 192.168.3.1,83.222.161.130 (Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)) -> < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 29, 0 | Size = 1942864 bytes | Modified Date = 30.5.2008 г. 15:54:14 | Attr = R ] < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {3860DD98-0549-4D50-AA72-5D17D200EE10}[HKEY_LOCAL_MACHINE] -> http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab[Windows Live OneCare safety scanner control] -> {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> < Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ not found. -> -> [Files/Folders - Created Within 30 days] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 21.8.2008 г. 11:56:20 | Attr = HS] Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 20.8.2008 г. 14:53:46 | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 15:45:32 | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 15:45:32 | Attr = RHS] aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 20560 bytes | Created Date = 20.8.2008 г. 20:05:54 | Attr = ] aswMonFlt.sys -> %SystemRoot%\System32\drivers\aswMonFlt.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 51280 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 23152 bytes | Created Date = 20.8.2008 г. 20:05:56 | Attr = ] aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 78416 bytes | Created Date = 20.8.2008 г. 20:05:54 | Attr = ] aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.8.1227.0 | Size = 42912 bytes | Created Date = 20.8.2008 г. 20:05:56 | Attr = ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Created Date = 19.8.2008 г. 18:16:56 | Attr = ] mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> Malwarebytes Corporation [Ver = 1.00 | Size = 38472 bytes | Created Date = 19.8.2008 г. 18:16:55 | Attr = ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Created Date = 13.8.2008 г. 12:46:08 | Attr = H ] ac3filter.cpl -> %SystemRoot%\System32\ac3filter.cpl -> [Ver = 1.01a | Size = 417792 bytes | Created Date = 3.8.2008 г. 01:09:01 | Attr = ] actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 1163960 bytes | Created Date = 20.8.2008 г. 20:05:46 | Attr = ] authuitu.dll -> %SystemRoot%\System32\authuitu.dll -> TuneUp Software GmbH [Ver = 1.0.0.6 | Size = 16640 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> ALWIL Software [Ver = 4, 8, 1227, 0 | Size = 94392 bytes | Created Date = 20.8.2008 г. 20:05:55 | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,225,0 | Size = 107888 bytes | Created Date = 10.8.2008 г. 13:16:30 | Attr = ] cpuinf32.dll -> %SystemRoot%\System32\cpuinf32.dll -> [Ver = | Size = 19968 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplaa6.dll -> %SystemRoot%\System32\mplaa6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 77824 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplam6.dll -> %SystemRoot%\System32\mplam6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 65536 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplapx.dll -> %SystemRoot%\System32\mplapx.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 65536 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplaw7.dll -> %SystemRoot%\System32\mplaw7.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 77824 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplva6.dll -> %SystemRoot%\System32\mplva6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1650688 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] mplvm6.dll -> %SystemRoot%\System32\mplvm6.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1552384 bytes | Created Date = 3.8.2008 г. 01:09:42 | Attr = ] mplvpx.dll -> %SystemRoot%\System32\mplvpx.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1122304 bytes | Created Date = 3.8.2008 г. 01:09:42 | Attr = ] mplvw7.dll -> %SystemRoot%\System32\mplvw7.dll -> Ligos Corporation [Ver = 1.0.0.3 | Size = 1581056 bytes | Created Date = 3.8.2008 г. 01:09:41 | Attr = ] pncrt.dll -> %SystemRoot%\System32\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] pndx5016.dll -> %SystemRoot%\System32\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] pndx5032.dll -> %SystemRoot%\System32\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] qtplugin.ocx -> %SystemRoot%\System32\qtplugin.ocx -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 360504 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] qttask.exe -> %SystemRoot%\System32\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Created Date = 3.8.2008 г. 01:11:50 | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Created Date = 3.8.2008 г. 01:09:47 | Attr = ] quicktime.cpl -> %SystemRoot%\System32\quicktime.cpl -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 323072 bytes | Created Date = 3.8.2008 г. 01:09:48 | Attr = ] quicktime.qtp -> %SystemRoot%\System32\quicktime.qtp -> [Ver = | Size = 8890 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] quicktime.qts -> %SystemRoot%\System32\quicktime.qts -> Apple Computer, Inc. [Ver = 6.5.2 | Size = 6676480 bytes | Created Date = 3.8.2008 г. 01:09:49 | Attr = ] rmoc3260.dll -> %SystemRoot%\System32\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2049 | Size = 176167 bytes | Created Date = 3.8.2008 г. 01:09:52 | Attr = ] startup.cpl -> %SystemRoot%\System32\startup.cpl -> [Ver = | Size = 98304 bytes | Created Date = 3.8.2008 г. 01:10:34 | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] tweakui.hlp -> %SystemRoot%\System32\tweakui.hlp -> [Ver = | Size = 51238 bytes | Created Date = 3.8.2008 г. 01:10:34 | Attr = ] unrar.dll -> %SystemRoot%\System32\unrar.dll -> [Ver = | Size = 152064 bytes | Created Date = 3.8.2008 г. 01:09:40 | Attr = ] uxtuneup.dll -> %SystemRoot%\System32\uxtuneup.dll -> TuneUp Software GmbH [Ver = 2.0.0.12 | Size = 28416 bytes | Created Date = 10.8.2008 г. 14:15:12 | Attr = ] vp6dec_settings.cpl -> %SystemRoot%\System32\vp6dec_settings.cpl -> [Ver = | Size = 53248 bytes | Created Date = 3.8.2008 г. 01:10:52 | Attr = ] xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [Ver = | Size = 761856 bytes | Created Date = 3.8.2008 г. 01:09:38 | Attr = ] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Created Date = 11.8.2008 г. 17:08:16 | Attr = HS] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 276 bytes | Created Date = 11.8.2008 г. 17:08:03 | Attr = ] m3jp2k.ini -> %SystemRoot%\m3jp2k.ini -> [Ver = | Size = 761 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] m3jpeg.ini -> %SystemRoot%\m3jpeg.ini -> [Ver = | Size = 714 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 267217069 bytes | Created Date = 10.8.2008 г. 15:52:24 | Attr = ] mmtvmj.ini -> %SystemRoot%\mmtvmj.ini -> [Ver = | Size = 702 bytes | Created Date = 3.8.2008 г. 01:09:45 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Created Date = 14.8.2008 г. 13:37:30 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 6.8.2008 г. 21:30:41 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 6.8.2008 г. 21:30:41 | Attr = H ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 23.7.2008 г. 23:29:09 | Attr = ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 95 bytes | Created Date = 13.8.2008 г. 16:54:35 | Attr = ] [Files/Folders - Modified Within 30 days] boot -> %SystemDrive%\boot -> [Folder | Modified Date = 13.8.2008 г. 23:04:51 | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 21.8.2008 г. 11:56:23 | Attr = HS] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 20.8.2008 г. 14:53:46 | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 15:45:32 | Attr = RHS] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 15:45:32 | Attr = RHS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 21.8.2008 г. 13:17:24 | Attr = R ] ProgramData -> %AllUsersProfile% -> [Folder | Modified Date = 21.8.2008 г. 11:52:30 | Attr = H ] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 21.8.2008 г. 11:56:05 | Attr = HS] Users -> %SystemDrive%\Users -> [Folder | Modified Date = 13.8.2008 г. 12:50:18 | Attr = R ] Windows -> %SystemRoot% -> [Folder | Modified Date = 20.8.2008 г. 15:08:47 | Attr = ] etc -> %SystemRoot%\System32\drivers\etc -> [Folder | Modified Date = 13.8.2008 г. 15:55:48 | Attr = ] HOSTS -> %SystemRoot%\System32\drivers\etc\HOSTS -> [Ver = | Size = 259259 bytes | Modified Date = 13.8.2008 г. 15:55:48 | Attr = R ] hosts.20080813-155528.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080813-155528.backup -> [Ver = | Size = 761 bytes | Modified Date = 13.8.2008 г. 12:50:20 | Attr = ] hosts.20080813-155548.backup -> %SystemRoot%\System32\drivers\etc\hosts.20080813-155548.backup -> [Ver = | Size = 259259 bytes | Modified Date = 13.8.2008 г. 15:55:28 | Attr = R ] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> Malwarebytes Corporation [Ver = 1, 0, 0, 1 | Size = 17144 bytes | Modified Date = 17.8.2008 г. 15:01:14 | Attr = ] mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> Malwarebytes Corporation [Ver = 1.00 | Size = 38472 bytes | Modified Date = 17.8.2008 г. 15:01:18 | Attr = ] Msft_User_WpdFs_01_00_00.Wdf -> %SystemRoot%\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -> [Ver = | Size = 0 bytes | Modified Date = 13.8.2008 г. 12:46:08 | Attr = H ] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3168 bytes | Modified Date = 21.8.2008 г. 13:03:59 | Attr = H ] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [Ver = | Size = 3168 bytes | Modified Date = 21.8.2008 г. 13:03:59 | Attr = H ] catroot -> %SystemRoot%\System32\catroot -> [Folder | Modified Date = 19.8.2008 г. 10:09:09 | Attr = ] catroot2 -> %SystemRoot%\System32\catroot2 -> [Folder | Modified Date = 15.8.2008 г. 10:54:37 | Attr = ] CmdLineExt.dll -> %SystemRoot%\System32\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,1,225,0 | Size = 107888 bytes | Modified Date = 10.8.2008 г. 13:16:30 | Attr = ] CodeIntegrity -> %SystemRoot%\System32\CodeIntegrity -> [Folder | Modified Date = 1.8.2008 г. 12:56:36 | Attr = ] config -> %SystemRoot%\System32\config -> [Folder | Modified Date = 13.8.2008 г. 23:04:51 | Attr = ] config.nt -> %SystemRoot%\System32\config.nt -> [Ver = | Size = 2577 bytes | Modified Date = 20.8.2008 г. 20:23:41 | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 20.8.2008 г. 20:43:46 | Attr = ] en-US -> %SystemRoot%\System32\en-US -> [Folder | Modified Date = 15.8.2008 г. 10:53:03 | Attr = ] GroupPolicy -> %SystemRoot%\System32\GroupPolicy -> [Folder | Modified Date = 14.8.2008 г. 22:50:54 | Attr = H ] migration -> %SystemRoot%\System32\migration -> [Folder | Modified Date = 15.8.2008 г. 10:53:02 | Attr = ] Msdtc -> %SystemRoot%\System32\Msdtc -> [Folder | Modified Date = 1.8.2008 г. 12:57:45 | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 102094 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 590082 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 694964 bytes | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] qttask.exe -> %SystemRoot%\System32\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 3.8.2008 г. 01:11:50 | Attr = ] QuickTime -> %SystemRoot%\System32\QuickTime -> [Folder | Modified Date = 3.8.2008 г. 01:09:48 | Attr = ] quicktime.qtp -> %SystemRoot%\System32\quicktime.qtp -> [Ver = | Size = 8890 bytes | Modified Date = 14.8.2008 г. 14:57:49 | Attr = ] spool -> %SystemRoot%\System32\spool -> [Folder | Modified Date = 1.8.2008 г. 12:56:36 | Attr = ] Tasks -> %SystemRoot%\System32\Tasks -> [Folder | Modified Date = 11.8.2008 г. 22:09:26 | Attr = ] TuneUpDefragService.exe -> %SystemRoot%\System32\TuneUpDefragService.exe -> TuneUp Software GmbH [Ver = 1.1.0.16 | Size = 355584 bytes | Modified Date = 10.8.2008 г. 14:15:12 | Attr = ] wbem -> %SystemRoot%\System32\wbem -> [Folder | Modified Date = 1.8.2008 г. 12:57:42 | Attr = ] WDI -> %SystemRoot%\System32\WDI -> [Folder | Modified Date = 2.8.2008 г. 13:27:25 | Attr = ] assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 10.8.2008 г. 13:44:34 | Attr = R S] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 67584 bytes | Modified Date = 21.8.2008 г. 11:03:38 | Attr = S] bthservsdp.dat -> %SystemRoot%\bthservsdp.dat -> [Ver = | Size = 12 bytes | Modified Date = 20.8.2008 г. 22:01:39 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 14.8.2008 г. 13:05:43 | Attr = S] ftpcache -> %SystemRoot%\ftpcache -> [Folder | Modified Date = 11.8.2008 г. 17:08:16 | Attr = HS] game.ini -> %SystemRoot%\game.ini -> [Ver = | Size = 276 bytes | Modified Date = 11.8.2008 г. 17:08:03 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 21.8.2008 г. 11:11:54 | Attr = ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 21.8.2008 г. 11:56:23 | Attr = HS] MEMORY.DMP -> %SystemRoot%\MEMORY.DMP -> [Ver = | Size = 267217069 bytes | Modified Date = 20.8.2008 г. 14:10:06 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 20.8.2008 г. 14:10:19 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 69 bytes | Modified Date = 14.8.2008 г. 14:14:37 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 20.8.2008 г. 13:54:20 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 14.8.2008 г. 13:37:30 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 6.8.2008 г. 21:30:41 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 14.8.2008 г. 14:57:46 | Attr = H ] registration -> %SystemRoot%\registration -> [Folder | Modified Date = 1.8.2008 г. 12:56:33 | Attr = ] rescache -> %SystemRoot%\rescache -> [Folder | Modified Date = 15.8.2008 г. 11:09:31 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 23.7.2008 г. 23:29:09 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 10315 bytes | Modified Date = 3.8.2008 г. 01:11:52 | Attr = ] System32 -> %SystemRoot%\System32 -> [Folder | Modified Date = 21.8.2008 г. 13:44:28 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 13.8.2008 г. 12:50:20 | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 21.8.2008 г. 13:44:10 | Attr = ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 95 bytes | Modified Date = 13.8.2008 г. 16:54:35 | Attr = ] winsxs -> %SystemRoot%\winsxs -> [Folder | Modified Date = 15.8.2008 г. 02:01:24 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 21.8.2008 г. 11:03:51 | Attr = H ] C:\ProgramData\Microsoft\Network\Downloader\ -> C:\ProgramData\Microsoft\Network\Downloader -> [Folder | Modified Date = 2.11.2006 г. 16:04:06 | Attr = ] qmgr0.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4194304 bytes | Modified Date = 21.8.2008 г. 11:07:18 | Attr = ] qmgr1.dat -> C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4194304 bytes | Modified Date = 21.8.2008 г. 11:07:18 | Attr = ] C:\ProgramData\Microsoft\OFFICE\DATA\ -> C:\ProgramData\Microsoft\OFFICE\DATA -> [Folder | Modified Date = 18.6.2008 г. 23:33:29 | Attr = ] opa12.dat -> C:\ProgramData\Microsoft\OFFICE\DATA\opa12.dat -> [Ver = | Size = 8206 bytes | Modified Date = 18.6.2008 г. 23:33:29 | Attr = ] C:\ProgramData\Microsoft\RAC\PublishedData\ -> C:\ProgramData\Microsoft\RAC\PublishedData -> [Folder | Modified Date = 4.6.2008 г. 10:56:51 | Attr = ] PublishedRacMonAFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [Ver = | Size = 27876 bytes | Modified Date = 21.8.2008 г. 11:21:17 | Attr = ] PublishedRacMonCLKTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [Ver = | Size = 0 bytes | Modified Date = 21.8.2008 г. 11:21:18 | Attr = ] PublishedRacMonHFLTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [Ver = | Size = 0 bytes | Modified Date = 21.8.2008 г. 11:21:17 | Attr = ] PublishedRacMonIndex.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [Ver = | Size = 1896 bytes | Modified Date = 21.8.2008 г. 11:21:07 | Attr = ] PublishedRacMonOSFTable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [Ver = | Size = 2760 bytes | Modified Date = 21.8.2008 г. 11:21:18 | Attr = ] PublishedRacMonSWITable.DAT -> C:\ProgramData\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [Ver = | Size = 166708 bytes | Modified Date = 21.8.2008 г. 11:21:15 | Attr = ] C:\ProgramData\Microsoft\User Account Pictures\ -> C:\ProgramData\Microsoft\User Account Pictures -> [Folder | Modified Date = 3.6.2008 г. 11:02:36 | Attr = ] CNF744322V.dat -> C:\ProgramData\Microsoft\User Account Pictures\CNF744322V.dat -> [Ver = | Size = 0 bytes | Modified Date = 3.6.2008 г. 11:02:36 | Attr = ] C:\Windows\Temp\ -> C:\Windows\Temp -> [Folder | Modified Date = 21.8.2008 г. 13:44:26 | Attr = ] CPSSMasterCatalog.ini -> C:\Windows\Temp\CPSSMasterCatalog.ini -> [Ver = | Size = 419 bytes | Modified Date = 20.8.2008 г. 14:07:12 | Attr = ] < End of report >
Posting Permissions
