- This topic has 3 ответа, 2 участника, and was last updated 14 years, 9 months назад by
.
-
Сообщения
-
При включении скайпа,онлайн игр,выключается интернет,при чем комп пишет,что сначала не удается подключиться,потом и вовсе не подключен сетевой кабель…лечится переподключением кабеля или как-то само отлагивает и включается.
Когда просто пользуешься инетом или icq всё отлично работает,касперский находил C/programData/msvmon32/keygen.exe и жаловался на то,что не может удалить,сейчас молчит.Здравствуйте, добро пожаловать на Spyware-ru форум.
Выполним дополнительную проверку.
Скачайте сканер OTL кликнув по этой ссылке и сохраните файл на вашем рабочем столе.* Дважды кликните по скачанному файлу.
* Поставьте галочку в пункте «Scan All Users».
* Кликните по кнопке «Run Scan».
* Когда программа закончит работу, будут показаны два лога (OTListIt.txt и Extra.txt).Вставьте оба OTL лога в ваш ответ. Каждый лог в отдельное сообщение.
OTL logfile created on: 27.03.2010 21:07:32 — Run 1
OTL by OldTimer — Version 3.1.37.3 Folder = C:UsersСаняDesktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) — Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:pagefile.sys%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 465,76 Gb Total Space | 111,49 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: САНЯ-ПК
Current User Name: Саня
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard========== Processes (SafeList) ==========
PRC — [2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
PRC — [2010.03.22 22:36:08 | 000,302,928 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe
PRC — [2010.03.22 22:36:06 | 000,437,584 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe
PRC — [2010.02.14 18:19:12 | 000,056,832 | —- | M] (AudioVkontakte.Ru) — C:Program Files (x86)VKSaverVKSaverUpdater.exe
PRC — [2009.11.20 19:17:00 | 000,240,232 | —- | M] (NVIDIA Corporation) — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
PRC — [2007.09.02 13:58:52 | 000,495,616 | —- | M] () — C:Program Files (x86)RocketDockRocketDock.exe========== Modules (SafeList) ==========
MOD — [2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
MOD — [2010.03.09 15:10:08 | 000,044,544 | —- | M] (AudioVkontakte.Ru) — C:WindowsSysWOW64vksaver.dll
MOD — [2010.01.19 14:21:39 | 000,158,224 | —- | M] (Kaspersky Lab) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsscrchpg.dll
MOD — [2009.04.11 19:24:25 | 000,450,560 | —- | M] (Microsoft Corporation) — C:WindowsSysWOW64comdlg32.dll
MOD — [2007.11.19 14:42:24 | 000,072,208 | —- | M] (Kaspersky Lab) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsr3hook.dll
MOD — [2007.09.02 13:57:36 | 000,069,632 | —- | M] () — C:Program Files (x86)RocketDockRocketDock.dll========== Win32 Services (SafeList) ==========
SRV:64bit: — [2009.09.25 04:26:26 | 001,142,272 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativeFntCache.dll — (FontCache)
SRV:64bit: — [2009.04.11 19:25:35 | 000,252,928 | —- | M] (Microsoft Corporation) [On_Demand | Running] — C:WindowsSysNativeumrdp.dll — (UmRdpService)
SRV:64bit: — [2009.04.11 19:25:25 | 000,604,672 | —- | M] (Microsoft Corporation) [Auto | Running] — C:WindowsSysNativecscsvc.dll — (CscService)
SRV:64bit: — [2009.04.11 19:23:10 | 001,149,440 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativewbengine.exe — (wbengine)
SRV:64bit: — [2008.01.21 05:50:23 | 000,195,584 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativeappmgmts.dll — (AppMgmt)
SRV:64bit: — [2008.01.21 05:47:07 | 000,689,152 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativefxssvc.exe — (Fax)
SRV:64bit: — [2008.01.21 05:46:39 | 000,383,544 | —- | M] (Microsoft Corporation) [Auto | Running] — C:Program FilesWindows DefenderMpSvc.dll — (WinDefend)
SRV — [2010.03.22 22:36:08 | 000,302,928 | —- | M] (Malwarebytes Corporation) [Auto | Running] — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe — (MBAMService)
SRV — [2010.01.19 14:21:37 | 000,231,952 | —- | M] (Kaspersky Lab) [On_Demand | Stopped] — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe — (AVP)
SRV — [2009.11.20 19:17:00 | 000,240,232 | —- | M] (NVIDIA Corporation) [Auto | Running] — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe — (Stereo Service)
SRV — [2009.04.11 19:24:46 | 000,089,920 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_64)
SRV — [2007.06.15 16:55:00 | 000,300,544 | —- | M] (Nokia.) [On_Demand | Stopped] — C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe — (ServiceLayer)
SRV — [2006.11.02 16:34:14 | 000,000,000 | —D | M] [Unknown | Stopped] — C:WindowsSysWOW64Msdtc — (MSDTC)
SRV — [2006.11.02 09:35:15 | 000,060,994 | —- | M] () [On_Demand | Stopped] — C:WindowsSysWOW64wbemvds.mof — (vds)
SRV — [2006.11.02 09:35:15 | 000,055,846 | —- | M] () [On_Demand | Stopped] — C:WindowsSysWOW64wbemvss.mof — (VSS)========== Driver Services (SafeList) ==========
DRV:64bit: — [2010.03.22 22:36:00 | 000,024,664 | —- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] — C:WindowsSysNativedriversmbam.sys — (MBAMProtector)
DRV:64bit: — [2010.03.22 21:15:40 | 000,144,400 | —- | M] (Kaspersky Lab) [Kernel | System | Running] — C:WindowsSysNativeDRIVERSkl1.sys — (kl1)
DRV:64bit: — [2010.02.27 22:56:33 | 000,314,016 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativeDRIVERSatksgt.sys — (atksgt)
DRV:64bit: — [2010.02.27 22:56:32 | 000,043,680 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativeDRIVERSlirsgt.sys — (lirsgt)
DRV:64bit: — [2010.01.19 14:21:39 | 000,202,768 | —- | M] (Kaspersky Lab) [File_System | System | Running] — C:WindowsSysNativeDRIVERSklif.sys — (KLIF)
DRV:64bit: — [2010.01.19 13:52:40 | 000,834,544 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysNativeDriverssptd.sys — (sptd)
DRV:64bit: — [2009.10.01 03:51:42 | 000,046,592 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSwpdusb.sys — (WpdUsb)
DRV:64bit: — [2009.04.11 19:25:30 | 000,160,744 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSysNativeDRIVERSfvevol.sys — (fvevol)
DRV:64bit: — [2009.04.11 19:25:24 | 000,460,800 | —- | M] (Microsoft Corporation) [Kernel | System | Running] — C:WindowsSysNativedriverscsc.sys — (CSC)
DRV:64bit: — [2009.04.11 19:23:09 | 000,032,768 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser.sys — (usbser)
DRV:64bit: — [2009.04.11 19:23:06 | 000,275,456 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversHdAudio.sys — (HdAudAddService) Драйвер функции UAA для службы High Definition Audio (Microsoft)
DRV:64bit: — [2008.05.02 10:58:50 | 000,008,704 | —- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser_lowerfltx64.sys — (upperdev)
DRV:64bit: — [2008.05.02 10:58:48 | 000,023,552 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversccdcmbox64.sys — (nmwcdcx64)
DRV:64bit: — [2008.05.02 10:58:48 | 000,018,432 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversccdcmbx64.sys — (nmwcdx64)
DRV:64bit: — [2007.04.04 13:59:20 | 000,026,392 | —- | M] (Kaspersky Lab) [Kernel | System | Running] — C:WindowsSysNativeDRIVERSklim6.sys — (KLIM6)
DRV:64bit: — [2007.02.22 11:18:14 | 000,017,408 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversnmwcdcjx64.sys — (nmwcdcjx64)
DRV:64bit: — [2006.10.10 05:09:03 | 000,742,696 | —- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativeDRIVERSnvm60x64.sys — (NVENETFD)
DRV — [2010.03.22 20:30:35 | 000,036,264 | —- | M] (Innova) [Kernel | On_Demand | Stopped] — C:Program Files (x86)RFOnlineFrostfrost.sys — (Frost)
DRV — [2009.12.21 16:02:40 | 000,000,000 | —D | M] [Kernel | System | Running] — C:WindowsCSC — (CSC)
DRV — [2006.09.19 00:36:40 | 000,003,066 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysWOW64wbemtcpip.mof — (Tcpip)
DRV — [2006.09.19 00:35:23 | 000,001,088 | —- | M] () [Kernel | On_Demand | Running] — C:WindowsSysWOW64wbemmpsdrv.mof — (mpsdrv)========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htmIE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=135293
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,StartPageCache = 1
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: — Reg Error: Key error. File not found
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program Files (x86)Mail.RuAgentMradllnewmrasearch.dll ()
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersСаняAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll (qip.ru)
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0========== FireFox ==========
FF — prefs.js..extensions.enabledItems: yasearch@yandex.ru:4.3.0
FF — prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198FF — HKLMsoftwaremozillaMozilla Firefox 3.5.8extensions\Components: C:Program Files (x86)Mozilla Firefoxcomponents [2010.03.22 10:41:28 | 000,000,000 | —D | M]
FF — HKLMsoftwaremozillaMozilla Firefox 3.5.8extensions\Plugins: C:Program Files (x86)Mozilla Firefoxplugins [2010.03.22 10:40:59 | 000,000,000 | —D | M]
FF — HKLMsoftwaremozillaMozilla Firefox 3.6extensions\Components: C:Program Files (x86)Mozilla Firefoxcomponents [2010.03.22 10:41:28 | 000,000,000 | —D | M]
FF — HKLMsoftwaremozillaMozilla Firefox 3.6extensions\Plugins: C:Program Files (x86)Mozilla Firefoxplugins [2010.03.22 10:40:59 | 000,000,000 | —D | M][2010.03.22 10:41:43 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaExtensions
[2010.03.26 11:11:02 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensions
[2010.03.22 10:53:35 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensions{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.22 10:53:33 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensionsyasearch@yandex.ru
[2010.03.22 10:53:33 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensionsyasearch@yandex.ruchromeskinextensions-hacks
[2010.03.26 11:11:02 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensions
[2010.03.26 10:50:35 | 000,000,000 | —D | M] (Skype extension for Firefox) — C:Program Files (x86)Mozilla Firefoxextensions{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.03.22 10:41:00 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensionsyasearch@yandex.ru
[2010.03.22 10:41:01 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensionsyasearch@yandex.ruchromeskinextensions-hacks
[2008.09.16 07:18:20 | 000,122,880 | —- | M] (WestByte) — C:Program Files (x86)Mozilla Firefoxpluginsnpdm.dll
[2010.01.16 03:56:03 | 000,001,122 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginspriceru.xml
[2010.01.16 03:56:03 | 000,002,395 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsrambler.xml
[2010.01.16 03:56:03 | 000,001,945 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginstorgmailru.xml
[2010.01.16 03:56:03 | 000,001,304 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginswikipedia-ru.xml
[2010.01.16 03:56:03 | 000,004,072 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsyandex-slovari.xml
[2010.01.16 03:56:03 | 000,004,281 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsyandex.xmlO1 HOSTS File: ([2006.09.19 00:37:24 | 000,000,761 | —- | M]) — C:WindowsSysNativedriversetcHosts
O1 — Hosts: 127.0.0.1 localhost
O1 — Hosts: ::1 localhost
O2 — BHO: (IE 4.x-6.x BHO for Download Master) — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:Program Files (x86)Download Masterdmiehlp.dll (WestByte)
O2 — BHO: (QIPBHO Class) — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersСаняAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll (qip.ru)
O3 — HKLM..Toolbar: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
O3 — HKU.DEFAULT..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
O3 — HKUS-1-5-18..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
O3 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
O4:64bit: — HKLM..Run: [Windows Defender] C:Program FilesWindows DefenderMSASCui.exe (Microsoft Corporation)
O4 — HKLM..Run: [MAgent] C:Program Files (x86)Mail.RuAgentMAgent.exe (Mail.Ru)
O4 — HKLM..Run: [Malwarebytes’ Anti-Malware] C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe (Malwarebytes Corporation)
O4 — HKLM..Run: [msvmon32] C:ProgramDatamsvmon32keygen.exe File not found
O4 — HKLM..Run: [PCSuiteTrayApplication] C:UsersPublicNokia PC Suite 6LaunchApplication.exe (Nokia)
O4 — HKLM..Run: [VKSaverUpdater] C:Program Files (x86)VKSaverVKSaverUpdater.exe (AudioVkontakte.Ru)
O4 — HKU.DEFAULT..Run: [Nokia.PCSync] C:UsersPublicNokia PC Suite 6PcSync2.exe (Time Information Services Ltd.)
O4 — HKUS-1-5-18..Run: [Nokia.PCSync] C:UsersPublicNokia PC Suite 6PcSync2.exe (Time Information Services Ltd.)
O4 — HKUS-1-5-19..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
O4 — HKUS-1-5-19..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)
O4 — HKUS-1-5-20..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
O4 — HKUS-1-5-20..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [DAEMON Tools Lite] C:Program Files (x86)DAEMON Tools LiteDTLite.exe (DT Soft Ltd)
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [Download Master] C:Program Files (x86)Download Masterdmaster.exe (WestByte)
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [RocketDock] C:Program Files (x86)RocketDockRocketDock.exe ()
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [uTorrent] C:Program Files (x86)uTorrentuTorrent.exe (BitTorrent, Inc.)
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe File not found
O6 — HKLMSoftwarePoliciesMicrosoftInternet ExplorerLow Rights present
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableLUA = 0
O8:64bit: — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program Files (x86)Download Masterdmieall.htm ()
O8:64bit: — Extra context menu item: Закачать при помощи Download Master — C:Program Files (x86)Download Masterdmie.htm ()
O8:64bit: — Extra context menu item: Передать на удаленную закачку DM — C:Program Files (x86)Download Masterremdown.htm ()
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program Files (x86)Download Masterdmieall.htm ()
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program Files (x86)Download Masterdmie.htm ()
O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program Files (x86)Download Masterremdown.htm ()
O9:64bit: — Extra Button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64SCIEPlgn.dll (Kaspersky Lab)
O9 — Extra Button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows WorkstationsSCIEPlgn.dll (Kaspersky Lab)
O9 — Extra Button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe (Mail.Ru)
O9 — Extra ‘Tools’ menuitem : Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe (Mail.Ru)
O9 — Extra Button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program Files (x86)Download Masterdmaster.exe (WestByte)
O9 — Extra ‘Tools’ menuitem : &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program Files (x86)Download Masterdmaster.exe (WestByte)
O13 — gopher Prefix: missing
O13 — gopher Prefix: missing
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 — HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 217.10.39.4 217.10.32.4 217.10.36.5 217.10.44.35
O18:64bit: — ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — Reg Error: Key error. File not found
O18 — ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies)
O20:64bit: — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOx64adialhk.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64adialhk.dll (Kaspersky Lab)
O20:64bit: — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOx64r3hook.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64r3hook.dll (Kaspersky Lab)
O20 — AppInit_DLLs: (C:Windowssystem32vksaver.dll) — C:WindowsSysWOW64vksaver.dll (AudioVkontakte.Ru)
O20 — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOadialhk.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsadialhk.dll (Kaspersky Lab)
O20 — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOr3hook.dll C:Windowssystem32vksaver.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsr3hook.dll (Kaspersky Lab)
O20:64bit: — HKLM Winlogon: Shell — (explorer.exe) — C:Windowsexplorer.exe (Microsoft Corporation)
O20 — HKLM Winlogon: Shell — (explorer.exe) — C:WindowsSysWow64explorer.exe (Microsoft Corporation)
O20:64bit: — WinlogonNotifyklogon: DllName — Reg Error: Key error. — C:WindowsSysNativeklogon.dll (Kaspersky Lab)
O24 — Desktop WallPaper: C:UsersСаняAppDataRoamingMicrosoftWindows Photo GalleryФоновый рисунок фотоальбома Windows.jpg
O24 — Desktop BackupWallPaper: C:UsersСаняAppDataRoamingMicrosoftWindows Photo GalleryФоновый рисунок фотоальбома Windows.jpg
O32 — HKLM CDRom: AutoRun — 1
O33 — MountPoints2{087702d3-04e9-11df-b1b5-001966ce9918}Shell — «» = AutoRun
O33 — MountPoints2{087702d3-04e9-11df-b1b5-001966ce9918}ShellAutoRuncommand — «» = E:setup.exe — File not found
O33 — MountPoints2{2787484c-ef02-11de-929f-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{2787484c-ef02-11de-929f-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{3ed7779b-1249-11df-be94-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{3ed7779b-1249-11df-be94-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{433824c4-f582-11de-8642-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{433824c4-f582-11de-8642-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{5b2b9289-19fd-11df-af40-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{5b2b9289-19fd-11df-af40-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
O34 — HKLM BootExecute: (autocheck autochk *) — File not found
O35:64bit: — HKLM..comfile [open] — «%1» %*
O35:64bit: — HKLM..exefile [open] — «%1» %*
O35 — HKLM..comfile [open] — «%1» %*
O35 — HKLM..exefile [open] — «%1» %*
O37:64bit: — HKLM…com [@ = comfile] — «%1» %*
O37:64bit: — HKLM…exe [@ = exefile] — «%1» %*
O37 — HKLM…com [@ = comfile] — «%1» %*
O37 — HKLM…exe [@ = exefile] — «%1» %*========== Files/Folders — Created Within 30 Days ==========
[2010.03.27 21:05:42 | 000,555,520 | —- | C] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
[2010.03.26 10:50:22 | 000,000,000 | —D | C] — C:Program Files (x86)Common FilesSkype
[2010.03.25 19:59:42 | 000,000,000 | —D | C] — C:UsersСаняDocumentsSquare Enix
[2010.03.25 16:50:37 | 000,000,000 | —D | C] — C:UsersСаняAppDataRoamingMalwarebytes
[2010.03.25 16:34:02 | 000,038,224 | —- | C] (Malwarebytes Corporation) — C:WindowsSysWow64driversmbamswissarmy.sys
[2010.03.25 16:33:56 | 000,000,000 | —D | C] — C:ProgramDataMalwarebytes
[2010.03.25 16:33:55 | 000,024,664 | —- | C] (Malwarebytes Corporation) — C:WindowsSysNativedriversmbam.sys
[2010.03.25 16:33:55 | 000,000,000 | —D | C] — C:Program Files (x86)Malwarebytes’ Anti-Malware
[2010.03.25 16:21:41 | 000,000,000 | —D | C] — C:Program Files (x86)Just Cause 2
[2010.03.25 11:47:04 | 000,000,000 | —D | C] — C:Program Files (x86)trend micro
[2010.03.25 11:47:03 | 000,000,000 | —D | C] — C:rsit
[2010.03.22 20:51:40 | 000,000,000 | —D | C] — C:Program Files (x86)4GAME
[2010.03.22 12:46:32 | 000,000,000 | —D | C] — C:UsersСаняDesktopAion
[2010.03.22 11:46:11 | 000,000,000 | —D | C] — C:UsersСаняDesktopНовая папка (2)
[2010.03.22 10:41:27 | 000,000,000 | —D | C] — C:UsersСаняAppDataRoamingMozilla
[2010.03.21 19:50:25 | 000,000,000 | —D | C] — C:UsersСаняDesktopaion rus
[2010.03.21 13:38:39 | 000,000,000 | —D | C] — C:UsersСаняAppDataLocalassembly
[2010.03.16 18:08:41 | 000,000,000 | —D | C] — C:UsersСаняDesktopRus_Client_Infiniteaion
[2010.03.15 23:10:08 | 000,000,000 | —D | C] — C:Program Files (x86)Planet Updater
[2010.03.14 21:58:26 | 000,000,000 | —D | C] — C:Program Files (x86)Aion
[2010.03.11 09:35:43 | 000,032,768 | —- | C] (Microsoft Corporation) — C:WindowsSysNativenshhttp.dll
[2010.03.11 09:35:43 | 000,024,064 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64nshhttp.dll
[2010.03.11 09:35:37 | 000,033,792 | —- | C] (Microsoft Corporation) — C:WindowsSysNativehttpapi.dll
[2010.03.11 09:35:37 | 000,030,720 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64httpapi.dll
[2010.03.09 23:31:06 | 000,000,000 | —D | C] — C:Program Files (x86)LineageII
[2010.03.04 00:19:56 | 000,000,000 | —D | C] — C:UsersСаняDocumentsLiberation Studio
[2010.03.03 11:47:36 | 000,000,000 | —D | C] — C:ProgramDatat01x97GIiTqrf7M2Q
[2010.03.02 19:28:51 | 000,000,000 | —D | C] — C:Windows1C4551A64743409391E41477CD655043.TMP
[2010.03.02 19:22:41 | 000,000,000 | —D | C] — C:Program Files (x86)Deep Silver
[2010.03.01 16:53:40 | 000,000,000 | —D | C] — C:UsersСаняDocumentsWBGames
[2010.03.01 15:36:36 | 000,000,000 | —D | C] — C:Program Files (x86)F.E.A.R. 2 Complete
[2010.02.27 23:57:48 | 000,000,000 | —D | C] — C:UsersСаняAppDataLocalRisen
[2010.02.27 22:48:59 | 000,530,776 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeXAudio2_6.dll
[2010.02.27 22:48:59 | 000,528,216 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64XAudio2_6.dll
[2010.02.27 22:48:59 | 000,078,680 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeXAPOFX1_4.dll
[2010.02.27 22:48:59 | 000,074,072 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64XAPOFX1_4.dll
[2010.02.27 22:48:57 | 000,238,936 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64xactengine3_6.dll
[2010.02.27 22:48:57 | 000,176,984 | —- | C] (Microsoft Corporation) — C:WindowsSysNativexactengine3_6.dll
[2010.02.27 22:48:57 | 000,024,920 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeX3DAudio1_7.dll
[2010.02.27 22:48:57 | 000,022,360 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64X3DAudio1_7.dll
[2010.02.27 22:13:47 | 002,605,920 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeD3DCompiler_40.dll
[2010.02.27 22:13:47 | 002,036,576 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64D3DCompiler_40.dll
[2010.02.27 22:13:47 | 000,519,000 | —- | C] (Microsoft Corporation) — C:WindowsSysNatived3dx10_40.dll
[2010.02.27 22:13:47 | 000,452,440 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64d3dx10_40.dll
[2010.02.27 22:13:45 | 005,631,312 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeD3DX9_40.dll
[2010.02.27 22:13:45 | 004,379,984 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64D3DX9_40.dll
[2010.02.27 22:05:45 | 000,000,000 | —D | C] — C:Program Files (x86)Section 8
[2 C:Windows*.tmp files -> C:Windows*.tmp -> ]========== Files — Modified Within 30 Days ==========
[2010.03.27 21:07:25 | 001,572,864 | -HS- | M] () — C:UsersСаняNTUSER.DAT
[2010.03.27 21:07:14 | 028,388,924 | -HS- | M] () — C:WindowsSysNativedriversfidbox.dat
[2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
[2010.03.27 20:58:51 | 000,034,800 | —- | M] () — C:ProgramDatanvModes.dat
[2010.03.27 20:58:51 | 000,034,800 | —- | M] () — C:ProgramDatanvModes.001
[2010.03.27 20:58:41 | 000,003,760 | -H— | M] () — C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.27 20:58:41 | 000,003,760 | -H— | M] () — C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.27 20:58:35 | 000,000,006 | -H— | M] () — C:WindowstasksSA.DAT
[2010.03.27 20:58:31 | 000,067,584 | —S- | M] () — C:Windowsbootstat.dat
[2010.03.27 15:32:24 | 000,508,852 | -HS- | M] () — C:WindowsSysNativedriversfidbox.idx
[2010.03.27 15:32:23 | 000,524,288 | -HS- | M] () — C:UsersСаняNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000001.regtrans-ms
[2010.03.27 15:32:23 | 000,065,536 | -HS- | M] () — C:UsersСаняNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TM.blf
[2010.03.27 15:32:15 | 002,404,610 | -H— | M] () — C:UsersСаняAppDataLocalIconCache.db
[2010.03.25 16:34:05 | 000,000,814 | —- | M] () — C:UsersPublicDesktopMalwarebytes’ Anti-Malware.lnk
[2010.03.25 16:21:42 | 000,000,667 | —- | M] () — C:UsersPublicDesktopJust Cause 2.lnk
[2010.03.25 12:44:13 | 000,021,085 | —- | M] () — C:UsersСаняDesktop[rutracker.org].t2848506.torrent
[2010.03.25 11:46:52 | 000,781,909 | —- | M] () — C:UsersСаняDesktopRSIT.exe
[2010.03.23 14:40:57 | 000,043,520 | —- | M] () — C:UsersСаняAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.23 12:03:19 | 001,459,114 | —- | M] () — C:WindowsSysNativePerfStringBackup.INI
[2010.03.23 12:03:19 | 000,653,074 | —- | M] () — C:WindowsSysNativeperfh019.dat
[2010.03.23 12:03:19 | 000,586,980 | —- | M] () — C:WindowsSysNativeperfh009.dat
[2010.03.23 12:03:19 | 000,125,594 | —- | M] () — C:WindowsSysNativeperfc019.dat
[2010.03.23 12:03:19 | 000,101,052 | —- | M] () — C:WindowsSysNativeperfc009.dat
[2010.03.22 22:36:26 | 000,038,224 | —- | M] (Malwarebytes Corporation) — C:WindowsSysWow64driversmbamswissarmy.sys
[2010.03.22 22:36:00 | 000,024,664 | —- | M] (Malwarebytes Corporation) — C:WindowsSysNativedriversmbam.sys
[2010.03.22 21:15:40 | 000,144,400 | —- | M] (Kaspersky Lab) — C:WindowsSysNativedriverskl1.sys
[2010.03.22 20:22:00 | 000,000,559 | —- | M] () — C:UsersСаняDesktopAionForseti — Ярлык.lnk
[2010.03.22 11:34:33 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.dat
[2010.03.22 10:41:28 | 000,000,000 | —- | M] () — C:Windowsnsreg.dat
[2010.03.21 22:34:54 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_a068 5fe.dat
[2010.03.21 21:34:12 | 000,000,921 | —- | M] () — C:UsersPublicDesktopPlanet Updater.lnk
[2010.03.21 14:12:33 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.bak
[2010.03.21 12:54:48 | 000,000,169 | —- | M] () — C:UsersСаняDesktopродители для вас ).url
[2010.03.17 22:47:04 | 000,000,032 | —- | M] () — C:ProgramDataezsid.dat
[2010.03.17 22:41:48 | 005,852,160 | —- | M] () — C:UsersСаняDesktoprserv34ru.msi
[2010.03.16 20:24:20 | 000,000,694 | —- | M] () — C:UsersСаняDesktopPvP World Aion Launcher — Ярлык.lnk
[2010.03.16 20:24:20 | 000,000,583 | —- | M] () — C:UsersСаняDesktopcc — Ярлык.lnk
[2010.03.16 20:24:20 | 000,000,479 | —- | M] () — C:UsersСаняDesktopData — Ярлык.lnk
[2010.03.15 22:48:25 | 000,000,083 | —- | M] () — C:Program Files (x86).config
[2010.03.14 22:42:59 | 028,815,126 | —- | M] () — C:UsersСаняDesktopPatch_Aion.rar
[2010.03.14 21:58:43 | 000,350,985 | —- | M] () — C:UsersСаняDesktopPlanetUpdater.zip
[2010.03.12 07:59:41 | 000,001,157 | —- | M] () — C:UsersСаняDesktopl2.lnk
[2010.03.09 15:10:08 | 000,044,544 | —- | M] (AudioVkontakte.Ru) — C:WindowsSysWow64vksaver.dll
[2010.03.01 16:45:49 | 000,000,912 | —- | M] () — C:UsersСаняDesktopF.E.A.R. 2 Complete.lnk
[2010.02.27 22:56:33 | 000,314,016 | —- | M] () — C:WindowsSysNativedriversatksgt.sys
[2010.02.27 22:56:32 | 000,043,680 | —- | M] () — C:WindowsSysNativedriverslirsgt.sys
[2010.02.27 22:11:23 | 000,000,823 | —- | M] () — C:UsersСаняDesktopSection 8.lnk
[2 C:Windows*.tmp files -> C:Windows*.tmp -> ]========== Files Created — No Company Name ==========
[2010.03.25 16:34:05 | 000,000,814 | —- | C] () — C:UsersPublicDesktopMalwarebytes’ Anti-Malware.lnk
[2010.03.25 16:21:42 | 000,000,667 | —- | C] () — C:UsersPublicDesktopJust Cause 2.lnk
[2010.03.25 12:44:11 | 000,021,085 | —- | C] () — C:UsersСаняDesktop[rutracker.org].t2848506.torrent
[2010.03.25 11:46:49 | 000,781,909 | —- | C] () — C:UsersСаняDesktopRSIT.exe
[2010.03.22 20:22:00 | 000,000,559 | —- | C] () — C:UsersСаняDesktopAionForseti — Ярлык.lnk
[2010.03.22 10:41:28 | 000,000,000 | —- | C] () — C:Windowsnsreg.dat
[2010.03.21 21:34:12 | 000,000,921 | —- | C] () — C:UsersPublicDesktopPlanet Updater.lnk
[2010.03.21 20:33:37 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.bak
[2010.03.17 22:47:04 | 000,000,032 | —- | C] () — C:ProgramDataezsid.dat
[2010.03.17 22:39:55 | 005,852,160 | —- | C] () — C:UsersСаняDesktoprserv34ru.msi
[2010.03.17 20:49:07 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.dat
[2010.03.16 20:24:20 | 000,000,694 | —- | C] () — C:UsersСаняDesktopPvP World Aion Launcher — Ярлык.lnk
[2010.03.16 20:24:20 | 000,000,583 | —- | C] () — C:UsersСаняDesktopcc — Ярлык.lnk
[2010.03.16 20:24:20 | 000,000,479 | —- | C] () — C:UsersСаняDesktopData — Ярлык.lnk
[2010.03.15 22:11:42 | 000,000,083 | —- | C] () — C:Program Files (x86).config
[2010.03.15 09:20:19 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_a068 5fe.dat
[2010.03.14 22:41:37 | 028,815,126 | —- | C] () — C:UsersСаняDesktopPatch_Aion.rar
[2010.03.14 21:58:41 | 000,350,985 | —- | C] () — C:UsersСаняDesktopPlanetUpdater.zip
[2010.03.10 21:47:16 | 000,001,157 | —- | C] () — C:UsersСаняDesktopl2.lnk
[2010.03.01 16:45:49 | 000,000,912 | —- | C] () — C:UsersСаняDesktopF.E.A.R. 2 Complete.lnk
[2010.02.27 22:56:33 | 000,314,016 | —- | C] () — C:WindowsSysNativedriversatksgt.sys
[2010.02.27 22:56:32 | 000,043,680 | —- | C] () — C:WindowsSysNativedriverslirsgt.sys
[2010.02.27 22:11:23 | 000,000,823 | —- | C] () — C:UsersСаняDesktopSection 8.lnk
[2010.02.05 13:48:06 | 000,594,946 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistMSI31C8.txt
[2010.02.05 13:48:05 | 000,014,390 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistUI31C8.txt
[2010.01.19 16:46:28 | 000,123,242 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistMSI0A06.txt
[2010.01.19 16:46:26 | 000,014,576 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistUI0A06.txt
[2009.12.30 19:35:21 | 000,000,008 | —- | C] () — C:UsersСаняAppDataRoamingNMM-MetaData.db
[2009.12.23 22:18:46 | 000,040,960 | —- | C] () — C:WindowsSysWow64psfind.dll
[2009.12.22 18:30:30 | 000,043,520 | —- | C] () — C:UsersСаняAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.21 18:38:15 | 000,034,800 | —- | C] () — C:ProgramDatanvModes.dat
[2009.12.21 18:38:15 | 000,034,800 | —- | C] () — C:ProgramDatanvModes.001
[2009.12.21 16:14:02 | 000,000,732 | —- | C] () — C:UsersСаняAppDataLocald3d9caps64.dat
[2009.08.07 19:51:34 | 000,178,430 | —- | C] () — C:WindowsSysWow64xlive.dll.cat
[2009.04.11 19:24:20 | 000,368,640 | —- | C] () — C:WindowsSysWow64msjetoledb40.dll
[2009.04.11 19:23:28 | 000,117,248 | —- | C] () — C:WindowsSysWow64EhStorAuthn.dll
[2008.10.07 09:13:30 | 000,197,912 | —- | C] () — C:WindowsSysWow64physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelFrench.dll
[2008.01.21 05:49:10 | 000,060,124 | —- | C] () — C:WindowsSysWow64tcpmon.ini
[2007.03.29 23:00:40 | 000,203,264 | R— | C] () — C:WindowsSysWow64CddbCdda.dllOTL Extras logfile created on: 27.03.2010 21:07:32 — Run 1
OTL by OldTimer — Version 3.1.37.3 Folder = C:UsersСаняDesktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) — Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:pagefile.sys%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 465,76 Gb Total Space | 111,49 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: САНЯ-ПК
Current User Name: Саня
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses]
[HKEY_LOCAL_MACHINESOFTWAREClasses]
.cpl [@ = cplfile] — C:WindowsSysWow64control.exe (Microsoft Corporation)[HKEY_USERSS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREClasses]
.html [@ = FirefoxHTML] — C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation)========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
batfile [open] — «%1» %* File not found
cmdfile [open] — «%1» %* File not found
comfile [open] — «%1» %* File not found
exefile [open] — «%1» %* File not found
helpfile [open] — Reg Error: Key error.
htmlfile [edit] — Reg Error: Key error.
htmlfile [print] — rundll32.exe %windir%system32mshtml.dll,PrintHTML «%1» File not found
inffile [install] — %SystemRoot%System32InfDefaultInstall.exe «%1» (Microsoft Corporation)
piffile [open] — «%1» %* File not found
regfile [merge] — Reg Error: Key error.
scrfile [config] — «%1» File not found
scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] — «%1» /S File not found
txtfile [edit] — Reg Error: Key error.
Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)[HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
batfile [open] — «%1» %*
cmdfile [open] — «%1» %*
comfile [open] — «%1» %*
cplfile [cplopen] — %SystemRoot%System32control.exe «%1»,%* (Microsoft Corporation)
exefile [open] — «%1» %*
helpfile [open] — Reg Error: Key error.
htmlfile [edit] — Reg Error: Key error.
htmlfile [print] — rundll32.exe %windir%system32mshtml.dll,PrintHTML «%1»
inffile [install] — %SystemRoot%System32InfDefaultInstall.exe «%1» (Microsoft Corporation)
piffile [open] — «%1» %*
regfile [merge] — Reg Error: Key error.
scrfile [config] — «%1»
scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] — «%1» /S
txtfile [edit] — Reg Error: Key error.
Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«cval» = 164bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
«AntiVirusOverride» = 0
«AntiSpywareOverride» = 0
«FirewallOverride» = 0
«VistaSp1» = C2 FE 8D 6A DC 5B C8 01 [binary data]
«VistaSp2» = 00 AF B5 BE C4 BA C9 01 [binary data]64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]
«DisableMonitoring» = 1
«» =[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
«oobe_av» = 1[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
«EnableFirewall» = 0
«DisableNotifications» = 0[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
«EnableFirewall» = 0
«DisableNotifications» = 0[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
«EnableFirewall» = 0
«DisableNotifications» = 0========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
«{AB8C7350-C2F1-4F4C-810F-07289BFE29A8}» = lport=3389 | protocol=6 | dir=in | app=system |========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
«{207AF17E-2A05-410A-B198-FB5CEACE6F60}» = protocol=17 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
«{2135EE56-35E6-43EC-8A45-880C9C153B48}» = protocol=17 | dir=in | app=c:program files (x86)dragon agedaoriginslauncher.exe |
«{29B9F4B4-CDFD-446C-A9B4-CDBD2BE615E9}» = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
«{2C7F7E6D-3B9C-4F56-BF82-20CE4757D788}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutparadise.exe |
«{2CAF3E70-8010-4F2A-806B-D31B1F88A99C}» = protocol=6 | dir=in | app=c:program files (x86)dragon agebin_shipdaorigins.exe |
«{356B0065-1245-4242-9C2C-B0BC8B273A06}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutconfigtool.exe |
«{511DB63D-6B5C-4919-8D76-C39C101C98E2}» = protocol=6 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
«{65424E30-A609-46FD-858C-A8014DEF2FD1}» = protocol=6 | dir=in | app=c:program files (x86)dragon agebin_shipdaupdatersvc.service.exe |
«{78E064B0-4A1E-4DF3-AE7D-E87CBE63DCED}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutparadise.exe |
«{7F334F50-D2B1-41D6-BA7F-839B4DCF802F}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutlauncher.exe |
«{83777A59-9B73-4282-B129-4B6DFDB7215E}» = protocol=17 | dir=in | app=c:program files (x86)f.e.a.r. 2 completefear2.exe |
«{8399922C-CB75-4F8F-ABD1-CFEC511B0936}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«{8518AFA3-7930-4A90-82D7-B569543114F5}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«{B08745DA-52AB-4D02-A2C0-7FE9645B3258}» = protocol=6 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
«{B1A68284-4D35-4B65-953F-B2101344C5C3}» = protocol=17 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
«{B3CA4813-FB5A-41B9-AF7B-45D214DD21B1}» = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
«{B4CD4D3F-4491-4B3C-AEFE-5BB93F4AD032}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«{B52894A1-26DE-4431-BA24-7A03743B4F3F}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«{B5FF52EF-17FD-44B0-BDBC-9BD3F9C64363}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutlauncher.exe |
«{B9D648F9-B49D-493E-83E4-F0E42D1755D8}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutconfigtool.exe |
«{D7E57C7C-A051-4C0A-A5C4-2A957DE39048}» = protocol=17 | dir=in | app=c:program files (x86)dragon agebin_shipdaupdatersvc.service.exe |
«{E69C5AD2-DF5E-4AEB-89F1-70A3ED8D7EF8}» = protocol=6 | dir=in | app=c:program files (x86)f.e.a.r. 2 completefear2.exe |
«{F8F70645-8D1A-4078-95A3-BE108A56B492}» = protocol=6 | dir=in | app=c:program files (x86)dragon agedaoriginslauncher.exe |
«{FD97DA46-87CF-437C-A02E-6F821333054B}» = protocol=17 | dir=in | app=c:program files (x86)dragon agebin_shipdaorigins.exe |
«{FE269C31-240C-414D-A668-0C3171EE6D37}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«TCP Query User{993EF6E1-D1E0-4FE3-8CF6-8F2F86448F49}C:program files (x86)qipqip.exe» = protocol=6 | dir=in | app=c:program files (x86)qipqip.exe |
«UDP Query User{94DFCDEA-823D-47CE-9702-FDAC774D6579}C:program files (x86)qipqip.exe» = protocol=17 | dir=in | app=c:program files (x86)qipqip.exe |========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{23170F69-40C1-2702-0465-000001000000}» = 7-Zip 4.65 (x64 edition)
«{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}» = Microsoft .NET Framework 3.5 Language Pack SP1 — rus
«{3D3E663D-4E7E-4577-A560-7ECDDD45548A}» = PVSonyDll
«{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}» = Nokia Connectivity Cable Driver
«{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}» = Microsoft .NET Framework 3.5 SP1
«0C5EDC3653FED5B121F464339EAC12534D253B25» = Пакет драйверов Windows — Nokia Modem (02/15/2007 3.1)
«4077F884D1BB007055BDB83B621D87220A73F30F» = Пакет драйверов Windows — Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
«B726756F5B5A5AA9D798B399386FC6205A45F19E» = Пакет драйверов Windows — Nokia Modem (02/15/2007 3.1)
«CD8424B9400BFF7D34AA18F816C71322AC4BDAA7» = Пакет драйверов Windows — Nokia Modem (05/24/2007 6.84.0.1)
«Crysis Warhead_is1» = Crysis Warhead
«Microsoft .NET Framework 3.5 Language Pack SP1 — rus» = Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS
«Microsoft .NET Framework 3.5 SP1» = Microsoft .NET Framework 3.5 SP1
«NVIDIA Display Control Panel» = NVIDIA Display Control Panel
«NVIDIA Drivers» = NVIDIA Drivers[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{06C26FAF-2C9F-4CA2-945E-A75CC2B5D410}» = Fabrika Futbola
«{11964613-805F-432D-A12B-169554B793E7}» = Nokia Connectivity Cable Driver
«{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}» = Risen
«{217EC467-61C4-1939-3BBF-4FA4CAEA42FF}» = EA Shared Game Component: Activation
«{2B9C002D-F3C1-4F8A-B29A-7F9E9B473D4D}» = Яндекс.Бар 4.3 для Internet Explorer
«{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}» = Microsoft Games for Windows — LIVE Redistributable
«{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}» = Titan Quest
«{4C496EA3-C94B-4D03-80AD-455283F43342}_is1» = F.E.A.R. 2 Complete
«{7299052b-02a4-4627-81f2-1818da5d550d}» = Microsoft Visual C++ 2005 Redistributable
«{79B986AD-54D8-4498-AA06-89808829ACC0}» = Антивирус Касперского 6.0 для Windows Workstations
«{837b34e3-7c30-493c-8f6a-2b0f04e2912c}» = Microsoft Visual C++ 2005 Redistributable
«{8DAB9102-F91C-47EE-AADF-5436A6A77DGB}_is1» = Fallout 3 v.1.7
«{981029E0-7FC9-4CF3-AB39-6F133621921A}» = Skype Toolbars
«{99A40651-0BC2-4095-8F9A-A40FAB224FEF}» = PC Connectivity Solution
«{9A25302D-30C0-39D9-BD6F-21E6EC160475}» = Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.17
«{9A996B6A-846E-4A89-B9C4-17546B7BE49F}» = Burnout(TM) Paradise The Ultimate Box
«{A2BCA9F1-566C-4805-97D1-7FDC93386723}» = Adobe AIR
«{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}» = Nokia PC Suite
«{AEC81925-9C76-4707-84A9-40696C613ED3}» = Dragon Age: Начало
«{C008F6C5-0647-4433-8755-12D89389EF4F}» = Planet Updater
«{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}» = NVIDIA PhysX
«{D103C4BA-F905-437A-8049-DB24763BBE36}» = Skype™ 4.2
«{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1» = Rapture3D 2.3.22 Game
«{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}» = jetAudio Basic
«{F112F66E-25CA-42DD-983C-6118EB38F606}» = Microsoft Games for Windows — LIVE
«Adobe AIR» = Adobe AIR
«Adobe Flash Player ActiveX» = Adobe Flash Player 10 ActiveX
«Adobe Flash Player Plugin» = Adobe Flash Player 10 Plugin
«Bytescout XLS Viewer_is1» = Bytescout XLS Viewer 2.30a (FREEWARE)
«com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1» = EA Shared Game Component: Activation
«DirectX Update OnLine_is1» = DirectX Update for Xp/Vista
«Dirt 2_is1» = Dirt 2
«Download Master_is1» = Download Master version 5.5.15.1179
«Dream Stripper_is1» = Dream Stripper
«EA Installer.1635480076» = EA Installer
«Grand Casino_is1» = Grand Casino v.1.0
«HijackThis» = HijackThis 2.0.2
«InstallWIX_{79B986AD-54D8-4498-AA06-89808829ACC0}» = Антивирус Касперского 6.0 для Windows Workstations
«Just Cause 2_is1» = Just Cause 2
«Malwarebytes’ Anti-Malware_is1» = Malwarebytes’ Anti-Malware
«Mozilla Firefox (3.6)» = Mozilla Firefox (3.6)
«MRA» = Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)
«myAC.Client_is1» = myAC.Client 1.5.9
«Nokia PC Suite» = Nokia PC Suite
«NVIDIAStereo» = NVIDIA Stereoscopic 3D Driver
«OpenAL» = OpenAL
«Planet Updater» = Planet Updater
«Prototype_is1» = Prototype
«RocketDock_is1» = RocketDock 1.3.5
«Section 8_is1» = Section 8
«Teamspeak 2 RC2_is1» = TeamSpeak 2 RC2
«uTorrent» = µTorrent
«VKSaver» = VKSaver
«Шустрый жучок 3. Дело об убийстве в снегах_is1» = Шустрый жучок 3. Дело об убийстве в снегах========== Last 10 Event Log Errors ==========
[ Application Events ]
Error — 25.03.2010 6:27:38 | Computer Name = Саня-ПК | Source = Windows Search Service | ID = 3013
Description =Error — 25.03.2010 6:27:38 | Computer Name = Саня-ПК | Source = Windows Search Service | ID = 3013
Description =Error — 25.03.2010 9:21:58 | Computer Name = Саня-ПК | Source = System Restore | ID = 8193
Description =Error — 26.03.2010 7:24:22 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
0xc0000005, смещение ошибки 0x000cea30, ИД процесса 0xa78, время запуска приложения
0x01cacccc3a8862be.Error — 26.03.2010 7:24:25 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
0xc0000005, смещение ошибки 0x000cea30, ИД процесса 0xa78, время запуска приложения
0x01cacccc3a8862be.Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = VSS | ID = 12293
Description =Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = System Restore | ID = 8193
Description =Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = System Restore | ID = 8210
Description =Error — 26.03.2010 8:55:37 | Computer Name = Саня-ПК | Source = VSS | ID = 12293
Description =Error — 26.03.2010 10:31:29 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
0xc0000005, смещение ошибки 0x0082fd76, ИД процесса 0xb24, время запуска приложения
0x01cacceced951ab3.[ System Events ]
Error — 24.03.2010 4:24:41 | Computer Name = Саня-ПК | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 192.168.100.10 для сетевого адаптера
с сетевым адресом 001966CE9918.Error — 24.03.2010 13:22:53 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 24.03.2010 14:35:01 | Computer Name = Саня-ПК | Source = Service Control Manager | ID = 7000
Description =Error — 24.03.2010 14:35:01 | Computer Name = Саня-ПК | Source = Application Popup | ID = 1060
Description = Загрузка ??C:Program Files (x86)RFOnlineFrostfrost.sys заблокирована
из-за несовместимости с данной системой. Обратитесь к поставщику программного обеспечения
за совместимой версией драйвера.Error — 25.03.2010 4:38:44 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 25.03.2010 12:56:47 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 26.03.2010 3:47:21 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 26.03.2010 13:11:02 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 27.03.2010 8:20:54 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 27.03.2010 13:58:20 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =
- Для ответа в этой теме необходимо авторизоваться.
