O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BBCE1838-7E3A-41CB-8F01-F483783E704F}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/23 12:53:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/01/11 16:24:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/01/09 14:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/01/09 03:07:46 | 000,386,560 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\User\Local Settings\Application Data\trm.exe
[2012/01/09 03:07:46 | 000,386,560 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\User\Local Settings\Application Data\tni.exe
[2012/01/05 16:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Skype
[2012/01/05 16:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/01/05 16:25:21 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/01/05 16:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011/12/31 05:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\DDMSettings
[2011/12/13 04:05:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/12/13 04:05:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/12/13 04:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\User\Application Data\*.tmp files -> C:\Documents and Settings\User\Application Data\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/01/11 16:21:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2012/01/11 16:14:40 | 000,002,510 | ---- | M] () -- C:\Documents and Settings\User\Desktop\1234.reg
[2012/01/11 15:54:41 | 000,000,344 | ---- | M] () -- C:\Documents and Settings\User\Desktop\essex.reg
[2012/01/11 13:47:31 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/11 13:46:35 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1844237615-1220945662-682003330-1003.job
[2012/01/11 13:44:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/11 13:43:52 | 000,001,789 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/01/11 09:33:03 | 000,002,510 | ---- | M] () -- C:\Documents and Settings\User\Desktop\ipsec.reg
[2012/01/11 02:42:26 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3C0DEF3D-1109-4E6A-A629-2253C647F1FE}.job
[2012/01/11 02:27:01 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/01/11 00:32:41 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\User\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2012/01/09 14:02:25 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/01/09 14:02:24 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/09 03:07:46 | 000,386,560 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\User\Local Settings\Application Data\trm.exe
[2012/01/09 03:07:46 | 000,386,560 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\User\Local Settings\Application Data\tni.exe
[2012/01/08 21:19:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1844237615-1220945662-682003330-1003.job
[2012/01/08 17:15:09 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2012/01/08 12:35:25 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/01/05 21:33:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/19 23:37:10 | 000,034,421 | ---- | M] () -- C:\Documents and Settings\User\My Documents\bad santa 4.jpg
[2011/12/19 23:36:10 | 000,067,364 | ---- | M] () -- C:\Documents and Settings\User\My Documents\bad sant3.jpg
[2011/12/19 23:35:42 | 000,056,890 | ---- | M] () -- C:\Documents and Settings\User\My Documents\bad snta2.jpg
[2011/12/19 23:35:12 | 000,036,814 | ---- | M] () -- C:\Documents and Settings\User\My Documents\bad santa.jpg
[2011/12/16 03:24:30 | 000,297,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/16 03:07:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]