• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало
Adguard
 

100992

  • Профиль
  • Начатые темы
  • Созданные ответы
  • Engagements
  • Избранное

Созданные ответы форума

Просмотр 5 сообщений - с 1 по 5 (из 5 всего)
  • Автор
    Сообщения
  • 27 марта, 2010 в 6:16 пп в ответ на: Проблема при работе с интернет приложениями… #29198
    100992
    Participant
    • Темы:3
    • Сообщений:8
    • ☆

    OTL Extras logfile created on: 27.03.2010 21:07:32 — Run 1
    OTL by OldTimer — Version 3.1.37.3 Folder = C:UsersСаняDesktop
    64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) — Type = NTWorkstation
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

    4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
    8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
    Paging file location(s): ?:pagefile.sys

    %SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
    Drive C: | 465,76 Gb Total Space | 111,49 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: САНЯ-ПК
    Current User Name: Саня
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========

    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses]

    [HKEY_LOCAL_MACHINESOFTWAREClasses]
    .cpl [@ = cplfile] — C:WindowsSysWow64control.exe (Microsoft Corporation)

    [HKEY_USERSS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREClasses]
    .html [@ = FirefoxHTML] — C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
    batfile [open] — «%1» %* File not found
    cmdfile [open] — «%1» %* File not found
    comfile [open] — «%1» %* File not found
    exefile [open] — «%1» %* File not found
    helpfile [open] — Reg Error: Key error.
    htmlfile [edit] — Reg Error: Key error.
    htmlfile [print] — rundll32.exe %windir%system32mshtml.dll,PrintHTML «%1» File not found
    inffile [install] — %SystemRoot%System32InfDefaultInstall.exe «%1» (Microsoft Corporation)
    piffile [open] — «%1» %* File not found
    regfile [merge] — Reg Error: Key error.
    scrfile [config] — «%1» File not found
    scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] — «%1» /S File not found
    txtfile [edit] — Reg Error: Key error.
    Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
    Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
    Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
    batfile [open] — «%1» %*
    cmdfile [open] — «%1» %*
    comfile [open] — «%1» %*
    cplfile [cplopen] — %SystemRoot%System32control.exe «%1»,%* (Microsoft Corporation)
    exefile [open] — «%1» %*
    helpfile [open] — Reg Error: Key error.
    htmlfile [edit] — Reg Error: Key error.
    htmlfile [print] — rundll32.exe %windir%system32mshtml.dll,PrintHTML «%1»
    inffile [install] — %SystemRoot%System32InfDefaultInstall.exe «%1» (Microsoft Corporation)
    piffile [open] — «%1» %*
    regfile [merge] — Reg Error: Key error.
    scrfile [config] — «%1»
    scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] — «%1» /S
    txtfile [edit] — Reg Error: Key error.
    Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
    Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
    Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
    «cval» = 1

    64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

    64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
    «AntiVirusOverride» = 0
    «AntiSpywareOverride» = 0
    «FirewallOverride» = 0
    «VistaSp1» = C2 FE 8D 6A DC 5B C8 01 [binary data]
    «VistaSp2» = 00 AF B5 BE C4 BA C9 01 [binary data]

    64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]
    «DisableMonitoring» = 1
    «» =

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
    «oobe_av» = 1

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
    «EnableFirewall» = 0
    «DisableNotifications» = 0

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
    «EnableFirewall» = 0
    «DisableNotifications» = 0

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
    «EnableFirewall» = 0
    «DisableNotifications» = 0

    ========== Authorized Applications List ==========

    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
    «{AB8C7350-C2F1-4F4C-810F-07289BFE29A8}» = lport=3389 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
    «{207AF17E-2A05-410A-B198-FB5CEACE6F60}» = protocol=17 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
    «{2135EE56-35E6-43EC-8A45-880C9C153B48}» = protocol=17 | dir=in | app=c:program files (x86)dragon agedaoriginslauncher.exe |
    «{29B9F4B4-CDFD-446C-A9B4-CDBD2BE615E9}» = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
    «{2C7F7E6D-3B9C-4F56-BF82-20CE4757D788}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutparadise.exe |
    «{2CAF3E70-8010-4F2A-806B-D31B1F88A99C}» = protocol=6 | dir=in | app=c:program files (x86)dragon agebin_shipdaorigins.exe |
    «{356B0065-1245-4242-9C2C-B0BC8B273A06}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutconfigtool.exe |
    «{511DB63D-6B5C-4919-8D76-C39C101C98E2}» = protocol=6 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
    «{65424E30-A609-46FD-858C-A8014DEF2FD1}» = protocol=6 | dir=in | app=c:program files (x86)dragon agebin_shipdaupdatersvc.service.exe |
    «{78E064B0-4A1E-4DF3-AE7D-E87CBE63DCED}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutparadise.exe |
    «{7F334F50-D2B1-41D6-BA7F-839B4DCF802F}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutlauncher.exe |
    «{83777A59-9B73-4282-B129-4B6DFDB7215E}» = protocol=17 | dir=in | app=c:program files (x86)f.e.a.r. 2 completefear2.exe |
    «{8399922C-CB75-4F8F-ABD1-CFEC511B0936}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
    «{8518AFA3-7930-4A90-82D7-B569543114F5}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
    «{B08745DA-52AB-4D02-A2C0-7FE9645B3258}» = protocol=6 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
    «{B1A68284-4D35-4B65-953F-B2101344C5C3}» = protocol=17 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
    «{B3CA4813-FB5A-41B9-AF7B-45D214DD21B1}» = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
    «{B4CD4D3F-4491-4B3C-AEFE-5BB93F4AD032}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
    «{B52894A1-26DE-4431-BA24-7A03743B4F3F}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
    «{B5FF52EF-17FD-44B0-BDBC-9BD3F9C64363}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutlauncher.exe |
    «{B9D648F9-B49D-493E-83E4-F0E42D1755D8}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutconfigtool.exe |
    «{D7E57C7C-A051-4C0A-A5C4-2A957DE39048}» = protocol=17 | dir=in | app=c:program files (x86)dragon agebin_shipdaupdatersvc.service.exe |
    «{E69C5AD2-DF5E-4AEB-89F1-70A3ED8D7EF8}» = protocol=6 | dir=in | app=c:program files (x86)f.e.a.r. 2 completefear2.exe |
    «{F8F70645-8D1A-4078-95A3-BE108A56B492}» = protocol=6 | dir=in | app=c:program files (x86)dragon agedaoriginslauncher.exe |
    «{FD97DA46-87CF-437C-A02E-6F821333054B}» = protocol=17 | dir=in | app=c:program files (x86)dragon agebin_shipdaorigins.exe |
    «{FE269C31-240C-414D-A668-0C3171EE6D37}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
    «TCP Query User{993EF6E1-D1E0-4FE3-8CF6-8F2F86448F49}C:program files (x86)qipqip.exe» = protocol=6 | dir=in | app=c:program files (x86)qipqip.exe |
    «UDP Query User{94DFCDEA-823D-47CE-9702-FDAC774D6579}C:program files (x86)qipqip.exe» = protocol=17 | dir=in | app=c:program files (x86)qipqip.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
    «{23170F69-40C1-2702-0465-000001000000}» = 7-Zip 4.65 (x64 edition)
    «{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}» = Microsoft .NET Framework 3.5 Language Pack SP1 — rus
    «{3D3E663D-4E7E-4577-A560-7ECDDD45548A}» = PVSonyDll
    «{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}» = Nokia Connectivity Cable Driver
    «{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}» = Microsoft .NET Framework 3.5 SP1
    «0C5EDC3653FED5B121F464339EAC12534D253B25» = Пакет драйверов Windows — Nokia Modem (02/15/2007 3.1)
    «4077F884D1BB007055BDB83B621D87220A73F30F» = Пакет драйверов Windows — Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
    «B726756F5B5A5AA9D798B399386FC6205A45F19E» = Пакет драйверов Windows — Nokia Modem (02/15/2007 3.1)
    «CD8424B9400BFF7D34AA18F816C71322AC4BDAA7» = Пакет драйверов Windows — Nokia Modem (05/24/2007 6.84.0.1)
    «Crysis Warhead_is1» = Crysis Warhead
    «Microsoft .NET Framework 3.5 Language Pack SP1 — rus» = Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS
    «Microsoft .NET Framework 3.5 SP1» = Microsoft .NET Framework 3.5 SP1
    «NVIDIA Display Control Panel» = NVIDIA Display Control Panel
    «NVIDIA Drivers» = NVIDIA Drivers

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
    «{06C26FAF-2C9F-4CA2-945E-A75CC2B5D410}» = Fabrika Futbola
    «{11964613-805F-432D-A12B-169554B793E7}» = Nokia Connectivity Cable Driver
    «{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}» = Risen
    «{217EC467-61C4-1939-3BBF-4FA4CAEA42FF}» = EA Shared Game Component: Activation
    «{2B9C002D-F3C1-4F8A-B29A-7F9E9B473D4D}» = Яндекс.Бар 4.3 для Internet Explorer
    «{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}» = Microsoft Games for Windows — LIVE Redistributable
    «{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}» = Titan Quest
    «{4C496EA3-C94B-4D03-80AD-455283F43342}_is1» = F.E.A.R. 2 Complete
    «{7299052b-02a4-4627-81f2-1818da5d550d}» = Microsoft Visual C++ 2005 Redistributable
    «{79B986AD-54D8-4498-AA06-89808829ACC0}» = Антивирус Касперского 6.0 для Windows Workstations
    «{837b34e3-7c30-493c-8f6a-2b0f04e2912c}» = Microsoft Visual C++ 2005 Redistributable
    «{8DAB9102-F91C-47EE-AADF-5436A6A77DGB}_is1» = Fallout 3 v.1.7
    «{981029E0-7FC9-4CF3-AB39-6F133621921A}» = Skype Toolbars
    «{99A40651-0BC2-4095-8F9A-A40FAB224FEF}» = PC Connectivity Solution
    «{9A25302D-30C0-39D9-BD6F-21E6EC160475}» = Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.17
    «{9A996B6A-846E-4A89-B9C4-17546B7BE49F}» = Burnout(TM) Paradise The Ultimate Box
    «{A2BCA9F1-566C-4805-97D1-7FDC93386723}» = Adobe AIR
    «{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}» = Nokia PC Suite
    «{AEC81925-9C76-4707-84A9-40696C613ED3}» = Dragon Age: Начало
    «{C008F6C5-0647-4433-8755-12D89389EF4F}» = Planet Updater
    «{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}» = NVIDIA PhysX
    «{D103C4BA-F905-437A-8049-DB24763BBE36}» = Skype™ 4.2
    «{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1» = Rapture3D 2.3.22 Game
    «{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}» = jetAudio Basic
    «{F112F66E-25CA-42DD-983C-6118EB38F606}» = Microsoft Games for Windows — LIVE
    «Adobe AIR» = Adobe AIR
    «Adobe Flash Player ActiveX» = Adobe Flash Player 10 ActiveX
    «Adobe Flash Player Plugin» = Adobe Flash Player 10 Plugin
    «Bytescout XLS Viewer_is1» = Bytescout XLS Viewer 2.30a (FREEWARE)
    «com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1» = EA Shared Game Component: Activation
    «DirectX Update OnLine_is1» = DirectX Update for Xp/Vista
    «Dirt 2_is1» = Dirt 2
    «Download Master_is1» = Download Master version 5.5.15.1179
    «Dream Stripper_is1» = Dream Stripper
    «EA Installer.1635480076» = EA Installer
    «Grand Casino_is1» = Grand Casino v.1.0
    «HijackThis» = HijackThis 2.0.2
    «InstallWIX_{79B986AD-54D8-4498-AA06-89808829ACC0}» = Антивирус Касперского 6.0 для Windows Workstations
    «Just Cause 2_is1» = Just Cause 2
    «Malwarebytes’ Anti-Malware_is1» = Malwarebytes’ Anti-Malware
    «Mozilla Firefox (3.6)» = Mozilla Firefox (3.6)
    «MRA» = Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)
    «myAC.Client_is1» = myAC.Client 1.5.9
    «Nokia PC Suite» = Nokia PC Suite
    «NVIDIAStereo» = NVIDIA Stereoscopic 3D Driver
    «OpenAL» = OpenAL
    «Planet Updater» = Planet Updater
    «Prototype_is1» = Prototype
    «RocketDock_is1» = RocketDock 1.3.5
    «Section 8_is1» = Section 8
    «Teamspeak 2 RC2_is1» = TeamSpeak 2 RC2
    «uTorrent» = µTorrent
    «VKSaver» = VKSaver
    «Шустрый жучок 3. Дело об убийстве в снегах_is1» = Шустрый жучок 3. Дело об убийстве в снегах

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error — 25.03.2010 6:27:38 | Computer Name = Саня-ПК | Source = Windows Search Service | ID = 3013
    Description =

    Error — 25.03.2010 6:27:38 | Computer Name = Саня-ПК | Source = Windows Search Service | ID = 3013
    Description =

    Error — 25.03.2010 9:21:58 | Computer Name = Саня-ПК | Source = System Restore | ID = 8193
    Description =

    Error — 26.03.2010 7:24:22 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
    Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
    сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
    0xc0000005, смещение ошибки 0x000cea30, ИД процесса 0xa78, время запуска приложения
    0x01cacccc3a8862be.

    Error — 26.03.2010 7:24:25 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
    Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
    сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
    0xc0000005, смещение ошибки 0x000cea30, ИД процесса 0xa78, время запуска приложения
    0x01cacccc3a8862be.

    Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = VSS | ID = 12293
    Description =

    Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = System Restore | ID = 8193
    Description =

    Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = System Restore | ID = 8210
    Description =

    Error — 26.03.2010 8:55:37 | Computer Name = Саня-ПК | Source = VSS | ID = 12293
    Description =

    Error — 26.03.2010 10:31:29 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
    Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
    сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
    0xc0000005, смещение ошибки 0x0082fd76, ИД процесса 0xb24, время запуска приложения
    0x01cacceced951ab3.

    [ System Events ]
    Error — 24.03.2010 4:24:41 | Computer Name = Саня-ПК | Source = Dhcp | ID = 1000
    Description = Компьютер утерял аренду на IP-адрес 192.168.100.10 для сетевого адаптера
    с сетевым адресом 001966CE9918.

    Error — 24.03.2010 13:22:53 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
    Description =

    Error — 24.03.2010 14:35:01 | Computer Name = Саня-ПК | Source = Service Control Manager | ID = 7000
    Description =

    Error — 24.03.2010 14:35:01 | Computer Name = Саня-ПК | Source = Application Popup | ID = 1060
    Description = Загрузка ??C:Program Files (x86)RFOnlineFrostfrost.sys заблокирована
    из-за несовместимости с данной системой. Обратитесь к поставщику программного обеспечения
    за совместимой версией драйвера.

    Error — 25.03.2010 4:38:44 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
    Description =

    Error — 25.03.2010 12:56:47 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
    Description =

    Error — 26.03.2010 3:47:21 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
    Description =

    Error — 26.03.2010 13:11:02 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
    Description =

    Error — 27.03.2010 8:20:54 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
    Description =

    Error — 27.03.2010 13:58:20 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
    Description =

    27 марта, 2010 в 6:15 пп в ответ на: Проблема при работе с интернет приложениями… #29197
    100992
    Participant
    • Темы:3
    • Сообщений:8
    • ☆

    OTL logfile created on: 27.03.2010 21:07:32 — Run 1
    OTL by OldTimer — Version 3.1.37.3 Folder = C:UsersСаняDesktop
    64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) — Type = NTWorkstation
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy

    4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
    8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
    Paging file location(s): ?:pagefile.sys

    %SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
    Drive C: | 465,76 Gb Total Space | 111,49 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: САНЯ-ПК
    Current User Name: Саня
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC — [2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
    PRC — [2010.03.22 22:36:08 | 000,302,928 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe
    PRC — [2010.03.22 22:36:06 | 000,437,584 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe
    PRC — [2010.02.14 18:19:12 | 000,056,832 | —- | M] (AudioVkontakte.Ru) — C:Program Files (x86)VKSaverVKSaverUpdater.exe
    PRC — [2009.11.20 19:17:00 | 000,240,232 | —- | M] (NVIDIA Corporation) — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    PRC — [2007.09.02 13:58:52 | 000,495,616 | —- | M] () — C:Program Files (x86)RocketDockRocketDock.exe

    ========== Modules (SafeList) ==========

    MOD — [2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
    MOD — [2010.03.09 15:10:08 | 000,044,544 | —- | M] (AudioVkontakte.Ru) — C:WindowsSysWOW64vksaver.dll
    MOD — [2010.01.19 14:21:39 | 000,158,224 | —- | M] (Kaspersky Lab) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsscrchpg.dll
    MOD — [2009.04.11 19:24:25 | 000,450,560 | —- | M] (Microsoft Corporation) — C:WindowsSysWOW64comdlg32.dll
    MOD — [2007.11.19 14:42:24 | 000,072,208 | —- | M] (Kaspersky Lab) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsr3hook.dll
    MOD — [2007.09.02 13:57:36 | 000,069,632 | —- | M] () — C:Program Files (x86)RocketDockRocketDock.dll

    ========== Win32 Services (SafeList) ==========

    SRV:64bit: — [2009.09.25 04:26:26 | 001,142,272 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativeFntCache.dll — (FontCache)
    SRV:64bit: — [2009.04.11 19:25:35 | 000,252,928 | —- | M] (Microsoft Corporation) [On_Demand | Running] — C:WindowsSysNativeumrdp.dll — (UmRdpService)
    SRV:64bit: — [2009.04.11 19:25:25 | 000,604,672 | —- | M] (Microsoft Corporation) [Auto | Running] — C:WindowsSysNativecscsvc.dll — (CscService)
    SRV:64bit: — [2009.04.11 19:23:10 | 001,149,440 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativewbengine.exe — (wbengine)
    SRV:64bit: — [2008.01.21 05:50:23 | 000,195,584 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativeappmgmts.dll — (AppMgmt)
    SRV:64bit: — [2008.01.21 05:47:07 | 000,689,152 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativefxssvc.exe — (Fax)
    SRV:64bit: — [2008.01.21 05:46:39 | 000,383,544 | —- | M] (Microsoft Corporation) [Auto | Running] — C:Program FilesWindows DefenderMpSvc.dll — (WinDefend)
    SRV — [2010.03.22 22:36:08 | 000,302,928 | —- | M] (Malwarebytes Corporation) [Auto | Running] — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe — (MBAMService)
    SRV — [2010.01.19 14:21:37 | 000,231,952 | —- | M] (Kaspersky Lab) [On_Demand | Stopped] — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe — (AVP)
    SRV — [2009.11.20 19:17:00 | 000,240,232 | —- | M] (NVIDIA Corporation) [Auto | Running] — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe — (Stereo Service)
    SRV — [2009.04.11 19:24:46 | 000,089,920 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_64)
    SRV — [2007.06.15 16:55:00 | 000,300,544 | —- | M] (Nokia.) [On_Demand | Stopped] — C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe — (ServiceLayer)
    SRV — [2006.11.02 16:34:14 | 000,000,000 | —D | M] [Unknown | Stopped] — C:WindowsSysWOW64Msdtc — (MSDTC)
    SRV — [2006.11.02 09:35:15 | 000,060,994 | —- | M] () [On_Demand | Stopped] — C:WindowsSysWOW64wbemvds.mof — (vds)
    SRV — [2006.11.02 09:35:15 | 000,055,846 | —- | M] () [On_Demand | Stopped] — C:WindowsSysWOW64wbemvss.mof — (VSS)

    ========== Driver Services (SafeList) ==========

    DRV:64bit: — [2010.03.22 22:36:00 | 000,024,664 | —- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] — C:WindowsSysNativedriversmbam.sys — (MBAMProtector)
    DRV:64bit: — [2010.03.22 21:15:40 | 000,144,400 | —- | M] (Kaspersky Lab) [Kernel | System | Running] — C:WindowsSysNativeDRIVERSkl1.sys — (kl1)
    DRV:64bit: — [2010.02.27 22:56:33 | 000,314,016 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativeDRIVERSatksgt.sys — (atksgt)
    DRV:64bit: — [2010.02.27 22:56:32 | 000,043,680 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativeDRIVERSlirsgt.sys — (lirsgt)
    DRV:64bit: — [2010.01.19 14:21:39 | 000,202,768 | —- | M] (Kaspersky Lab) [File_System | System | Running] — C:WindowsSysNativeDRIVERSklif.sys — (KLIF)
    DRV:64bit: — [2010.01.19 13:52:40 | 000,834,544 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysNativeDriverssptd.sys — (sptd)
    DRV:64bit: — [2009.10.01 03:51:42 | 000,046,592 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSwpdusb.sys — (WpdUsb)
    DRV:64bit: — [2009.04.11 19:25:30 | 000,160,744 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSysNativeDRIVERSfvevol.sys — (fvevol)
    DRV:64bit: — [2009.04.11 19:25:24 | 000,460,800 | —- | M] (Microsoft Corporation) [Kernel | System | Running] — C:WindowsSysNativedriverscsc.sys — (CSC)
    DRV:64bit: — [2009.04.11 19:23:09 | 000,032,768 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser.sys — (usbser)
    DRV:64bit: — [2009.04.11 19:23:06 | 000,275,456 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversHdAudio.sys — (HdAudAddService) Драйвер функции UAA для службы High Definition Audio (Microsoft)
    DRV:64bit: — [2008.05.02 10:58:50 | 000,008,704 | —- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser_lowerfltx64.sys — (upperdev)
    DRV:64bit: — [2008.05.02 10:58:48 | 000,023,552 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversccdcmbox64.sys — (nmwcdcx64)
    DRV:64bit: — [2008.05.02 10:58:48 | 000,018,432 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversccdcmbx64.sys — (nmwcdx64)
    DRV:64bit: — [2007.04.04 13:59:20 | 000,026,392 | —- | M] (Kaspersky Lab) [Kernel | System | Running] — C:WindowsSysNativeDRIVERSklim6.sys — (KLIM6)
    DRV:64bit: — [2007.02.22 11:18:14 | 000,017,408 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversnmwcdcjx64.sys — (nmwcdcjx64)
    DRV:64bit: — [2006.10.10 05:09:03 | 000,742,696 | —- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativeDRIVERSnvm60x64.sys — (NVENETFD)
    DRV — [2010.03.22 20:30:35 | 000,036,264 | —- | M] (Innova) [Kernel | On_Demand | Stopped] — C:Program Files (x86)RFOnlineFrostfrost.sys — (Frost)
    DRV — [2009.12.21 16:02:40 | 000,000,000 | —D | M] [Kernel | System | Running] — C:WindowsCSC — (CSC)
    DRV — [2006.09.19 00:36:40 | 000,003,066 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysWOW64wbemtcpip.mof — (Tcpip)
    DRV — [2006.09.19 00:35:23 | 000,001,088 | —- | M] () [Kernel | On_Demand | Running] — C:WindowsSysWOW64wbemmpsdrv.mof — (mpsdrv)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE:64bit: — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
    IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm

    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=135293
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,StartPageCache = 1
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: — Reg Error: Key error. File not found
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program Files (x86)Mail.RuAgentMradllnewmrasearch.dll ()
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersСаняAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll (qip.ru)
    IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0

    ========== FireFox ==========

    FF — prefs.js..extensions.enabledItems: yasearch@yandex.ru:4.3.0
    FF — prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198

    FF — HKLMsoftwaremozillaMozilla Firefox 3.5.8extensions\Components: C:Program Files (x86)Mozilla Firefoxcomponents [2010.03.22 10:41:28 | 000,000,000 | —D | M]
    FF — HKLMsoftwaremozillaMozilla Firefox 3.5.8extensions\Plugins: C:Program Files (x86)Mozilla Firefoxplugins [2010.03.22 10:40:59 | 000,000,000 | —D | M]
    FF — HKLMsoftwaremozillaMozilla Firefox 3.6extensions\Components: C:Program Files (x86)Mozilla Firefoxcomponents [2010.03.22 10:41:28 | 000,000,000 | —D | M]
    FF — HKLMsoftwaremozillaMozilla Firefox 3.6extensions\Plugins: C:Program Files (x86)Mozilla Firefoxplugins [2010.03.22 10:40:59 | 000,000,000 | —D | M]

    [2010.03.22 10:41:43 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaExtensions
    [2010.03.26 11:11:02 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensions
    [2010.03.22 10:53:35 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensions{20a82645-c095-46ed-80e3-08825760534b}
    [2010.03.22 10:53:33 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensionsyasearch@yandex.ru
    [2010.03.22 10:53:33 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensionsyasearch@yandex.ruchromeskinextensions-hacks
    [2010.03.26 11:11:02 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensions
    [2010.03.26 10:50:35 | 000,000,000 | —D | M] (Skype extension for Firefox) — C:Program Files (x86)Mozilla Firefoxextensions{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2010.03.22 10:41:00 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensionsyasearch@yandex.ru
    [2010.03.22 10:41:01 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensionsyasearch@yandex.ruchromeskinextensions-hacks
    [2008.09.16 07:18:20 | 000,122,880 | —- | M] (WestByte) — C:Program Files (x86)Mozilla Firefoxpluginsnpdm.dll
    [2010.01.16 03:56:03 | 000,001,122 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginspriceru.xml
    [2010.01.16 03:56:03 | 000,002,395 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsrambler.xml
    [2010.01.16 03:56:03 | 000,001,945 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginstorgmailru.xml
    [2010.01.16 03:56:03 | 000,001,304 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginswikipedia-ru.xml
    [2010.01.16 03:56:03 | 000,004,072 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsyandex-slovari.xml
    [2010.01.16 03:56:03 | 000,004,281 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsyandex.xml

    O1 HOSTS File: ([2006.09.19 00:37:24 | 000,000,761 | —- | M]) — C:WindowsSysNativedriversetcHosts
    O1 — Hosts: 127.0.0.1 localhost
    O1 — Hosts: ::1 localhost
    O2 — BHO: (IE 4.x-6.x BHO for Download Master) — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:Program Files (x86)Download Masterdmiehlp.dll (WestByte)
    O2 — BHO: (QIPBHO Class) — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersСаняAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll (qip.ru)
    O3 — HKLM..Toolbar: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
    O3 — HKU.DEFAULT..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
    O3 — HKUS-1-5-18..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
    O3 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
    O4:64bit: — HKLM..Run: [Windows Defender] C:Program FilesWindows DefenderMSASCui.exe (Microsoft Corporation)
    O4 — HKLM..Run: [MAgent] C:Program Files (x86)Mail.RuAgentMAgent.exe (Mail.Ru)
    O4 — HKLM..Run: [Malwarebytes’ Anti-Malware] C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe (Malwarebytes Corporation)
    O4 — HKLM..Run: [msvmon32] C:ProgramDatamsvmon32keygen.exe File not found
    O4 — HKLM..Run: [PCSuiteTrayApplication] C:UsersPublicNokia PC Suite 6LaunchApplication.exe (Nokia)
    O4 — HKLM..Run: [VKSaverUpdater] C:Program Files (x86)VKSaverVKSaverUpdater.exe (AudioVkontakte.Ru)
    O4 — HKU.DEFAULT..Run: [Nokia.PCSync] C:UsersPublicNokia PC Suite 6PcSync2.exe (Time Information Services Ltd.)
    O4 — HKUS-1-5-18..Run: [Nokia.PCSync] C:UsersPublicNokia PC Suite 6PcSync2.exe (Time Information Services Ltd.)
    O4 — HKUS-1-5-19..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
    O4 — HKUS-1-5-19..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)
    O4 — HKUS-1-5-20..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
    O4 — HKUS-1-5-20..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)
    O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [DAEMON Tools Lite] C:Program Files (x86)DAEMON Tools LiteDTLite.exe (DT Soft Ltd)
    O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [Download Master] C:Program Files (x86)Download Masterdmaster.exe (WestByte)
    O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [RocketDock] C:Program Files (x86)RocketDockRocketDock.exe ()
    O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [uTorrent] C:Program Files (x86)uTorrentuTorrent.exe (BitTorrent, Inc.)
    O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe File not found
    O6 — HKLMSoftwarePoliciesMicrosoftInternet ExplorerLow Rights present
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1
    O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableLUA = 0
    O8:64bit: — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program Files (x86)Download Masterdmieall.htm ()
    O8:64bit: — Extra context menu item: Закачать при помощи Download Master — C:Program Files (x86)Download Masterdmie.htm ()
    O8:64bit: — Extra context menu item: Передать на удаленную закачку DM — C:Program Files (x86)Download Masterremdown.htm ()
    O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program Files (x86)Download Masterdmieall.htm ()
    O8 — Extra context menu item: Закачать при помощи Download Master — C:Program Files (x86)Download Masterdmie.htm ()
    O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program Files (x86)Download Masterremdown.htm ()
    O9:64bit: — Extra Button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64SCIEPlgn.dll (Kaspersky Lab)
    O9 — Extra Button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows WorkstationsSCIEPlgn.dll (Kaspersky Lab)
    O9 — Extra Button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe (Mail.Ru)
    O9 — Extra ‘Tools’ menuitem : Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe (Mail.Ru)
    O9 — Extra Button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program Files (x86)Download Masterdmaster.exe (WestByte)
    O9 — Extra ‘Tools’ menuitem : &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program Files (x86)Download Masterdmaster.exe (WestByte)
    O13 — gopher Prefix: missing
    O13 — gopher Prefix: missing
    O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
    O17 — HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 217.10.39.4 217.10.32.4 217.10.36.5 217.10.44.35
    O18:64bit: — ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — Reg Error: Key error. File not found
    O18 — ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies)
    O20:64bit: — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOx64adialhk.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64adialhk.dll (Kaspersky Lab)
    O20:64bit: — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOx64r3hook.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64r3hook.dll (Kaspersky Lab)
    O20 — AppInit_DLLs: (C:Windowssystem32vksaver.dll) — C:WindowsSysWOW64vksaver.dll (AudioVkontakte.Ru)
    O20 — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOadialhk.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsadialhk.dll (Kaspersky Lab)
    O20 — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOr3hook.dll C:Windowssystem32vksaver.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsr3hook.dll (Kaspersky Lab)
    O20:64bit: — HKLM Winlogon: Shell — (explorer.exe) — C:Windowsexplorer.exe (Microsoft Corporation)
    O20 — HKLM Winlogon: Shell — (explorer.exe) — C:WindowsSysWow64explorer.exe (Microsoft Corporation)
    O20:64bit: — WinlogonNotifyklogon: DllName — Reg Error: Key error. — C:WindowsSysNativeklogon.dll (Kaspersky Lab)
    O24 — Desktop WallPaper: C:UsersСаняAppDataRoamingMicrosoftWindows Photo GalleryФоновый рисунок фотоальбома Windows.jpg
    O24 — Desktop BackupWallPaper: C:UsersСаняAppDataRoamingMicrosoftWindows Photo GalleryФоновый рисунок фотоальбома Windows.jpg
    O32 — HKLM CDRom: AutoRun — 1
    O33 — MountPoints2{087702d3-04e9-11df-b1b5-001966ce9918}Shell — «» = AutoRun
    O33 — MountPoints2{087702d3-04e9-11df-b1b5-001966ce9918}ShellAutoRuncommand — «» = E:setup.exe — File not found
    O33 — MountPoints2{2787484c-ef02-11de-929f-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
    O33 — MountPoints2{2787484c-ef02-11de-929f-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
    O33 — MountPoints2{3ed7779b-1249-11df-be94-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
    O33 — MountPoints2{3ed7779b-1249-11df-be94-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
    O33 — MountPoints2{433824c4-f582-11de-8642-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
    O33 — MountPoints2{433824c4-f582-11de-8642-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
    O33 — MountPoints2{5b2b9289-19fd-11df-af40-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
    O33 — MountPoints2{5b2b9289-19fd-11df-af40-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
    O34 — HKLM BootExecute: (autocheck autochk *) — File not found
    O35:64bit: — HKLM..comfile [open] — «%1» %*
    O35:64bit: — HKLM..exefile [open] — «%1» %*
    O35 — HKLM..comfile [open] — «%1» %*
    O35 — HKLM..exefile [open] — «%1» %*
    O37:64bit: — HKLM…com [@ = comfile] — «%1» %*
    O37:64bit: — HKLM…exe [@ = exefile] — «%1» %*
    O37 — HKLM…com [@ = comfile] — «%1» %*
    O37 — HKLM…exe [@ = exefile] — «%1» %*

    ========== Files/Folders — Created Within 30 Days ==========

    [2010.03.27 21:05:42 | 000,555,520 | —- | C] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
    [2010.03.26 10:50:22 | 000,000,000 | —D | C] — C:Program Files (x86)Common FilesSkype
    [2010.03.25 19:59:42 | 000,000,000 | —D | C] — C:UsersСаняDocumentsSquare Enix
    [2010.03.25 16:50:37 | 000,000,000 | —D | C] — C:UsersСаняAppDataRoamingMalwarebytes
    [2010.03.25 16:34:02 | 000,038,224 | —- | C] (Malwarebytes Corporation) — C:WindowsSysWow64driversmbamswissarmy.sys
    [2010.03.25 16:33:56 | 000,000,000 | —D | C] — C:ProgramDataMalwarebytes
    [2010.03.25 16:33:55 | 000,024,664 | —- | C] (Malwarebytes Corporation) — C:WindowsSysNativedriversmbam.sys
    [2010.03.25 16:33:55 | 000,000,000 | —D | C] — C:Program Files (x86)Malwarebytes’ Anti-Malware
    [2010.03.25 16:21:41 | 000,000,000 | —D | C] — C:Program Files (x86)Just Cause 2
    [2010.03.25 11:47:04 | 000,000,000 | —D | C] — C:Program Files (x86)trend micro
    [2010.03.25 11:47:03 | 000,000,000 | —D | C] — C:rsit
    [2010.03.22 20:51:40 | 000,000,000 | —D | C] — C:Program Files (x86)4GAME
    [2010.03.22 12:46:32 | 000,000,000 | —D | C] — C:UsersСаняDesktopAion
    [2010.03.22 11:46:11 | 000,000,000 | —D | C] — C:UsersСаняDesktopНовая папка (2)
    [2010.03.22 10:41:27 | 000,000,000 | —D | C] — C:UsersСаняAppDataRoamingMozilla
    [2010.03.21 19:50:25 | 000,000,000 | —D | C] — C:UsersСаняDesktopaion rus
    [2010.03.21 13:38:39 | 000,000,000 | —D | C] — C:UsersСаняAppDataLocalassembly
    [2010.03.16 18:08:41 | 000,000,000 | —D | C] — C:UsersСаняDesktopRus_Client_Infiniteaion
    [2010.03.15 23:10:08 | 000,000,000 | —D | C] — C:Program Files (x86)Planet Updater
    [2010.03.14 21:58:26 | 000,000,000 | —D | C] — C:Program Files (x86)Aion
    [2010.03.11 09:35:43 | 000,032,768 | —- | C] (Microsoft Corporation) — C:WindowsSysNativenshhttp.dll
    [2010.03.11 09:35:43 | 000,024,064 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64nshhttp.dll
    [2010.03.11 09:35:37 | 000,033,792 | —- | C] (Microsoft Corporation) — C:WindowsSysNativehttpapi.dll
    [2010.03.11 09:35:37 | 000,030,720 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64httpapi.dll
    [2010.03.09 23:31:06 | 000,000,000 | —D | C] — C:Program Files (x86)LineageII
    [2010.03.04 00:19:56 | 000,000,000 | —D | C] — C:UsersСаняDocumentsLiberation Studio
    [2010.03.03 11:47:36 | 000,000,000 | —D | C] — C:ProgramDatat01x97GIiTqrf7M2Q
    [2010.03.02 19:28:51 | 000,000,000 | —D | C] — C:Windows1C4551A64743409391E41477CD655043.TMP
    [2010.03.02 19:22:41 | 000,000,000 | —D | C] — C:Program Files (x86)Deep Silver
    [2010.03.01 16:53:40 | 000,000,000 | —D | C] — C:UsersСаняDocumentsWBGames
    [2010.03.01 15:36:36 | 000,000,000 | —D | C] — C:Program Files (x86)F.E.A.R. 2 Complete
    [2010.02.27 23:57:48 | 000,000,000 | —D | C] — C:UsersСаняAppDataLocalRisen
    [2010.02.27 22:48:59 | 000,530,776 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeXAudio2_6.dll
    [2010.02.27 22:48:59 | 000,528,216 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64XAudio2_6.dll
    [2010.02.27 22:48:59 | 000,078,680 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeXAPOFX1_4.dll
    [2010.02.27 22:48:59 | 000,074,072 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64XAPOFX1_4.dll
    [2010.02.27 22:48:57 | 000,238,936 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64xactengine3_6.dll
    [2010.02.27 22:48:57 | 000,176,984 | —- | C] (Microsoft Corporation) — C:WindowsSysNativexactengine3_6.dll
    [2010.02.27 22:48:57 | 000,024,920 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeX3DAudio1_7.dll
    [2010.02.27 22:48:57 | 000,022,360 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64X3DAudio1_7.dll
    [2010.02.27 22:13:47 | 002,605,920 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeD3DCompiler_40.dll
    [2010.02.27 22:13:47 | 002,036,576 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64D3DCompiler_40.dll
    [2010.02.27 22:13:47 | 000,519,000 | —- | C] (Microsoft Corporation) — C:WindowsSysNatived3dx10_40.dll
    [2010.02.27 22:13:47 | 000,452,440 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64d3dx10_40.dll
    [2010.02.27 22:13:45 | 005,631,312 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeD3DX9_40.dll
    [2010.02.27 22:13:45 | 004,379,984 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64D3DX9_40.dll
    [2010.02.27 22:05:45 | 000,000,000 | —D | C] — C:Program Files (x86)Section 8
    [2 C:Windows*.tmp files -> C:Windows*.tmp -> ]

    ========== Files — Modified Within 30 Days ==========

    [2010.03.27 21:07:25 | 001,572,864 | -HS- | M] () — C:UsersСаняNTUSER.DAT
    [2010.03.27 21:07:14 | 028,388,924 | -HS- | M] () — C:WindowsSysNativedriversfidbox.dat
    [2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
    [2010.03.27 20:58:51 | 000,034,800 | —- | M] () — C:ProgramDatanvModes.dat
    [2010.03.27 20:58:51 | 000,034,800 | —- | M] () — C:ProgramDatanvModes.001
    [2010.03.27 20:58:41 | 000,003,760 | -H— | M] () — C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.03.27 20:58:41 | 000,003,760 | -H— | M] () — C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.03.27 20:58:35 | 000,000,006 | -H— | M] () — C:WindowstasksSA.DAT
    [2010.03.27 20:58:31 | 000,067,584 | —S- | M] () — C:Windowsbootstat.dat
    [2010.03.27 15:32:24 | 000,508,852 | -HS- | M] () — C:WindowsSysNativedriversfidbox.idx
    [2010.03.27 15:32:23 | 000,524,288 | -HS- | M] () — C:UsersСаняNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000001.regtrans-ms
    [2010.03.27 15:32:23 | 000,065,536 | -HS- | M] () — C:UsersСаняNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TM.blf
    [2010.03.27 15:32:15 | 002,404,610 | -H— | M] () — C:UsersСаняAppDataLocalIconCache.db
    [2010.03.25 16:34:05 | 000,000,814 | —- | M] () — C:UsersPublicDesktopMalwarebytes’ Anti-Malware.lnk
    [2010.03.25 16:21:42 | 000,000,667 | —- | M] () — C:UsersPublicDesktopJust Cause 2.lnk
    [2010.03.25 12:44:13 | 000,021,085 | —- | M] () — C:UsersСаняDesktop[rutracker.org].t2848506.torrent
    [2010.03.25 11:46:52 | 000,781,909 | —- | M] () — C:UsersСаняDesktopRSIT.exe
    [2010.03.23 14:40:57 | 000,043,520 | —- | M] () — C:UsersСаняAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010.03.23 12:03:19 | 001,459,114 | —- | M] () — C:WindowsSysNativePerfStringBackup.INI
    [2010.03.23 12:03:19 | 000,653,074 | —- | M] () — C:WindowsSysNativeperfh019.dat
    [2010.03.23 12:03:19 | 000,586,980 | —- | M] () — C:WindowsSysNativeperfh009.dat
    [2010.03.23 12:03:19 | 000,125,594 | —- | M] () — C:WindowsSysNativeperfc019.dat
    [2010.03.23 12:03:19 | 000,101,052 | —- | M] () — C:WindowsSysNativeperfc009.dat
    [2010.03.22 22:36:26 | 000,038,224 | —- | M] (Malwarebytes Corporation) — C:WindowsSysWow64driversmbamswissarmy.sys
    [2010.03.22 22:36:00 | 000,024,664 | —- | M] (Malwarebytes Corporation) — C:WindowsSysNativedriversmbam.sys
    [2010.03.22 21:15:40 | 000,144,400 | —- | M] (Kaspersky Lab) — C:WindowsSysNativedriverskl1.sys
    [2010.03.22 20:22:00 | 000,000,559 | —- | M] () — C:UsersСаняDesktopAionForseti — Ярлык.lnk
    [2010.03.22 11:34:33 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.dat
    [2010.03.22 10:41:28 | 000,000,000 | —- | M] () — C:Windowsnsreg.dat
    [2010.03.21 22:34:54 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_a068 5fe.dat
    [2010.03.21 21:34:12 | 000,000,921 | —- | M] () — C:UsersPublicDesktopPlanet Updater.lnk
    [2010.03.21 14:12:33 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.bak
    [2010.03.21 12:54:48 | 000,000,169 | —- | M] () — C:UsersСаняDesktopродители для вас ).url
    [2010.03.17 22:47:04 | 000,000,032 | —- | M] () — C:ProgramDataezsid.dat
    [2010.03.17 22:41:48 | 005,852,160 | —- | M] () — C:UsersСаняDesktoprserv34ru.msi
    [2010.03.16 20:24:20 | 000,000,694 | —- | M] () — C:UsersСаняDesktopPvP World Aion Launcher — Ярлык.lnk
    [2010.03.16 20:24:20 | 000,000,583 | —- | M] () — C:UsersСаняDesktopcc — Ярлык.lnk
    [2010.03.16 20:24:20 | 000,000,479 | —- | M] () — C:UsersСаняDesktopData — Ярлык.lnk
    [2010.03.15 22:48:25 | 000,000,083 | —- | M] () — C:Program Files (x86).config
    [2010.03.14 22:42:59 | 028,815,126 | —- | M] () — C:UsersСаняDesktopPatch_Aion.rar
    [2010.03.14 21:58:43 | 000,350,985 | —- | M] () — C:UsersСаняDesktopPlanetUpdater.zip
    [2010.03.12 07:59:41 | 000,001,157 | —- | M] () — C:UsersСаняDesktopl2.lnk
    [2010.03.09 15:10:08 | 000,044,544 | —- | M] (AudioVkontakte.Ru) — C:WindowsSysWow64vksaver.dll
    [2010.03.01 16:45:49 | 000,000,912 | —- | M] () — C:UsersСаняDesktopF.E.A.R. 2 Complete.lnk
    [2010.02.27 22:56:33 | 000,314,016 | —- | M] () — C:WindowsSysNativedriversatksgt.sys
    [2010.02.27 22:56:32 | 000,043,680 | —- | M] () — C:WindowsSysNativedriverslirsgt.sys
    [2010.02.27 22:11:23 | 000,000,823 | —- | M] () — C:UsersСаняDesktopSection 8.lnk
    [2 C:Windows*.tmp files -> C:Windows*.tmp -> ]

    ========== Files Created — No Company Name ==========

    [2010.03.25 16:34:05 | 000,000,814 | —- | C] () — C:UsersPublicDesktopMalwarebytes’ Anti-Malware.lnk
    [2010.03.25 16:21:42 | 000,000,667 | —- | C] () — C:UsersPublicDesktopJust Cause 2.lnk
    [2010.03.25 12:44:11 | 000,021,085 | —- | C] () — C:UsersСаняDesktop[rutracker.org].t2848506.torrent
    [2010.03.25 11:46:49 | 000,781,909 | —- | C] () — C:UsersСаняDesktopRSIT.exe
    [2010.03.22 20:22:00 | 000,000,559 | —- | C] () — C:UsersСаняDesktopAionForseti — Ярлык.lnk
    [2010.03.22 10:41:28 | 000,000,000 | —- | C] () — C:Windowsnsreg.dat
    [2010.03.21 21:34:12 | 000,000,921 | —- | C] () — C:UsersPublicDesktopPlanet Updater.lnk
    [2010.03.21 20:33:37 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.bak
    [2010.03.17 22:47:04 | 000,000,032 | —- | C] () — C:ProgramDataezsid.dat
    [2010.03.17 22:39:55 | 005,852,160 | —- | C] () — C:UsersСаняDesktoprserv34ru.msi
    [2010.03.17 20:49:07 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.dat
    [2010.03.16 20:24:20 | 000,000,694 | —- | C] () — C:UsersСаняDesktopPvP World Aion Launcher — Ярлык.lnk
    [2010.03.16 20:24:20 | 000,000,583 | —- | C] () — C:UsersСаняDesktopcc — Ярлык.lnk
    [2010.03.16 20:24:20 | 000,000,479 | —- | C] () — C:UsersСаняDesktopData — Ярлык.lnk
    [2010.03.15 22:11:42 | 000,000,083 | —- | C] () — C:Program Files (x86).config
    [2010.03.15 09:20:19 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_a068 5fe.dat
    [2010.03.14 22:41:37 | 028,815,126 | —- | C] () — C:UsersСаняDesktopPatch_Aion.rar
    [2010.03.14 21:58:41 | 000,350,985 | —- | C] () — C:UsersСаняDesktopPlanetUpdater.zip
    [2010.03.10 21:47:16 | 000,001,157 | —- | C] () — C:UsersСаняDesktopl2.lnk
    [2010.03.01 16:45:49 | 000,000,912 | —- | C] () — C:UsersСаняDesktopF.E.A.R. 2 Complete.lnk
    [2010.02.27 22:56:33 | 000,314,016 | —- | C] () — C:WindowsSysNativedriversatksgt.sys
    [2010.02.27 22:56:32 | 000,043,680 | —- | C] () — C:WindowsSysNativedriverslirsgt.sys
    [2010.02.27 22:11:23 | 000,000,823 | —- | C] () — C:UsersСаняDesktopSection 8.lnk
    [2010.02.05 13:48:06 | 000,594,946 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistMSI31C8.txt
    [2010.02.05 13:48:05 | 000,014,390 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistUI31C8.txt
    [2010.01.19 16:46:28 | 000,123,242 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistMSI0A06.txt
    [2010.01.19 16:46:26 | 000,014,576 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistUI0A06.txt
    [2009.12.30 19:35:21 | 000,000,008 | —- | C] () — C:UsersСаняAppDataRoamingNMM-MetaData.db
    [2009.12.23 22:18:46 | 000,040,960 | —- | C] () — C:WindowsSysWow64psfind.dll
    [2009.12.22 18:30:30 | 000,043,520 | —- | C] () — C:UsersСаняAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.12.21 18:38:15 | 000,034,800 | —- | C] () — C:ProgramDatanvModes.dat
    [2009.12.21 18:38:15 | 000,034,800 | —- | C] () — C:ProgramDatanvModes.001
    [2009.12.21 16:14:02 | 000,000,732 | —- | C] () — C:UsersСаняAppDataLocald3d9caps64.dat
    [2009.08.07 19:51:34 | 000,178,430 | —- | C] () — C:WindowsSysWow64xlive.dll.cat
    [2009.04.11 19:24:20 | 000,368,640 | —- | C] () — C:WindowsSysWow64msjetoledb40.dll
    [2009.04.11 19:23:28 | 000,117,248 | —- | C] () — C:WindowsSysWow64EhStorAuthn.dll
    [2008.10.07 09:13:30 | 000,197,912 | —- | C] () — C:WindowsSysWow64physxcudart_20.dll
    [2008.10.07 09:13:22 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelTraditionalChinese.dll
    [2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSwedish.dll
    [2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSpanish.dll
    [2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSimplifiedChinese.dll
    [2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelPortugese.dll
    [2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelKorean.dll
    [2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelJapanese.dll
    [2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelGerman.dll
    [2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelFrench.dll
    [2008.01.21 05:49:10 | 000,060,124 | —- | C] () — C:WindowsSysWow64tcpmon.ini
    [2007.03.29 23:00:40 | 000,203,264 | R— | C] () — C:WindowsSysWow64CddbCdda.dll

    21 августа, 2009 в 2:06 пп в ответ на: Помогите проанализировать лог HijackThis #25367
    100992
    Participant
    • Темы:3
    • Сообщений:8
    • ☆

    Да вроде исчез,не появился после перезаг))
    Спс большое.

    21 августа, 2009 в 12:38 пп в ответ на: Помогите проанализировать лог HijackThis #25365
    100992
    Participant
    • Темы:3
    • Сообщений:8
    • ☆

    Стоит зверь,ставил панду,но удалил ее…

    21 августа, 2009 в 11:26 дп в ответ на: Помогите проанализировать лог HijackThis #25363
    100992
    Participant
    • Темы:3
    • Сообщений:8
    • ☆

    ComboFix 09-08-20.07 — Admin 21.08.2009 15:16.1.2 — NTFSx86
    Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2047.1578 [GMT 4:00]
    Running from: e:documents and settingsAdminРабочий столComboFix.exe
    AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:resycled
    e:windowsDelete.bat
    e:windowsFontsimg hearts.ttf
    e:windowsFontsimg travel.ttf
    e:windowssystem32uninstall.exe

    .
    ((((((((((((((((((((((((( Files Created from 2009-07-21 to 2009-08-21 )))))))))))))))))))))))))))))))
    .

    2009-09-03 19:09 . 2009-09-03 19:09

    d

    w- e:windowssystem32RTCOM
    2009-09-03 19:09 . 2008-04-14 21:40 4096

    w- e:windowssystem32ksuser.dll
    2009-09-03 19:09 . 2008-04-14 00:49 146048

    w- e:windowssystem32driversportcls.sys
    2009-09-03 19:09 . 2008-04-14 00:15 60160

    w- e:windowssystem32driversdrmk.sys
    2009-09-03 19:09 . 2008-04-14 21:40 21504

    w- e:windowssystem32hidserv.dll
    2009-09-03 19:09 . 2008-04-14 21:11 58368

    w- e:windowssystem32driversredbook.sys
    2009-09-03 19:07 . 2009-08-21 09:06

    d-sh—w- e:windowsInstaller
    2009-09-03 19:07 . 2008-04-15 16:00 77824 -c—-w- e:windowssystem32dllcachespcommon.dll
    2009-09-03 19:07 . 2008-04-15 16:00 61440 -c—-w- e:windowssystem32dllcachespcplui.dll
    2009-09-03 19:07 . 2008-04-15 16:00 774144 -c—-w- e:windowssystem32dllcachespttseng.dll
    2009-09-03 19:07 . 2009-08-21 11:03

    d

    r- E:Program Files
    2009-09-03 19:07 . 2008-04-15 16:00 741376 -c—-w- e:windowssystem32dllcachesapi.dll
    2009-09-03 19:07 . 2008-04-15 16:00 36864 -c—-w- e:windowssystem32dllcachesapisvr.exe
    2009-09-03 19:03 . 2005-08-17 13:43 330240

    w- e:windowssystem32driversZD1211BU.sys
    2009-09-03 19:03 . 2008-04-17 14:33 4707328

    w- e:windowssystem32driversRtkHDAud.sys
    2009-09-03 19:03 . 2008-04-02 07:27 1196032 —-a-w- e:windowsRtlUpd.exe
    2009-09-03 19:03 . 2007-11-20 16:15 1826816 —-a-w- e:windowsSkyTel.exe
    2009-09-03 19:03 . 2006-07-21 14:14 86016 —-a-w- e:windowsSOUNDMAN.EXE
    2009-09-03 19:03 . 2007-03-23 17:19 9715200 —-a-w- e:windowsRTLCPL.EXE
    2009-09-03 19:03 . 2008-04-10 14:52 16861184 —-a-w- e:windowsRTHDCPL.EXE
    2009-09-03 19:03 . 2007-06-28 14:44 2165760 —-a-w- e:windowsMicCal.exe
    2009-09-03 19:03 . 2006-05-04 14:26 2808832 —-a-w- e:windowsALCWZRD.EXE
    2009-09-03 19:03 . 2005-05-03 16:43 69632 —-a-w- e:windowsALCMTR.EXE
    2009-09-03 19:01 . 2008-08-20 18:35 122880

    w- e:windowssystem32NVCOSMB.DLL
    2009-09-03 19:01 . 2008-08-20 18:35 453152

    w- e:windowssystem32nvusmb.exe
    2009-09-03 19:00 . 2009-08-21 11:16

    d

    w- e:windowssystem32CatRoot2
    2009-09-03 19:00 . 2009-08-15 19:33

    d

    w- e:windowssystem32CatRoot

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-09-03 16:47 . 2009-09-03 16:47 56

    w- e:windowssystem32ezsidmv.dat
    2009-09-03 16:46 . 2009-09-03 16:46

    d

    w- e:program filesCommon FilesSkype
    2009-09-03 16:46 . 2009-09-03 16:46

    d

    r- e:program filesSkype
    2009-09-03 16:46 . 2009-09-03 16:19

    d

    w- e:documents and settingsAll UsersApplication DataSkype
    2009-09-03 16:40 . 2009-09-03 16:40 29926 —-a-r- e:documents and settingsAdminApplication DataMicrosoftInstaller{5EB90C06-964F-4195-B83E-BD7E55C88415}ARPPRODUCTICON.exe
    2009-09-03 16:40 . 2009-09-03 16:40

    d

    w- e:program filesCommon FilesPinnacle
    2009-09-03 16:40 . 2009-09-03 16:40

    d

    w- e:documents and settingsAll UsersApplication DataPinnacle Studio Ultimate
    2009-09-03 16:38 . 2009-09-03 16:38

    d

    w- e:documents and settingsAll UsersApplication DataCrystalIdea Software
    2009-09-03 16:34 . 2009-09-03 16:34

    d

    w- e:program filesBluetooth Remote Control
    2009-09-03 16:14 . 2009-09-03 16:14

    d

    w- e:documents and settingsAdminApplication DataQIP
    2009-09-03 15:45 . 2009-09-03 15:45

    d

    w- e:program filesUltraISO
    2009-09-03 15:45 . 2009-09-03 15:45

    d

    w- e:program filesCommon FilesEZB Systems
    2009-09-03 15:45 . 2009-09-03 15:45

    d

    w- e:program filesAhead
    2009-09-03 15:45 . 2009-09-03 15:45

    d

    w- e:program filesCommon FilesAhead
    2009-09-03 15:44 . 2009-09-03 15:44

    d

    w- e:program filesuTorrent
    2009-09-03 15:44 . 2009-09-03 15:44

    d

    w- e:documents and settingsDefault UserApplication DatauTorrent
    2009-09-03 15:44 . 2009-09-03 15:44

    d

    w- e:program filesTotal Commander
    2009-09-03 15:44 . 2009-09-03 15:44

    d

    w- e:program filesSmart Install Maker
    2009-09-03 15:44 . 2009-09-03 15:44

    d

    w- e:program filesRegshot
    2009-09-03 15:44 . 2009-09-03 15:44

    d

    w- e:program filesVDSoft
    2009-09-03 15:44 . 2009-09-03 15:44

    d

    w- e:program filesCCleaner
    2009-09-03 15:44 . 2009-09-03 15:44

    d

    w- e:program filesUninstall Tool
    2009-09-03 15:42 . 2009-09-03 15:42

    d

    w- e:program filesBonjour
    2009-09-03 15:37 . 2009-09-03 15:37

    d

    w- e:program filesCommon FilesMacrovision Shared
    2009-09-03 15:37 . 2009-09-03 15:37

    d

    w- e:program filesCommon FilesAdobe
    2009-09-03 15:36 . 2009-09-03 15:36

    d

    w- e:program filesTechSmith
    2009-09-03 15:36 . 2009-09-03 15:36

    d

    w- e:documents and settingsAll UsersApplication DataTechSmith
    2009-09-03 15:36 . 2009-09-03 15:36

    d

    w- e:program filesVuescan
    2009-09-03 15:35 . 2009-09-03 15:35

    d

    w- e:program filesCommon FilesMacromedia
    2009-09-03 15:35 . 2009-09-03 15:35

    d

    w- e:program filesMacromedia
    2009-09-03 15:34 . 2009-09-03 15:26

    d

    w- e:documents and settingsAll UsersApplication DataMicrosoft Help
    2009-09-03 15:27 . 2009-09-03 15:27

    d

    w- e:program filesMicrosoft Works
    2009-09-03 15:27 . 2009-09-03 15:27

    d

    w- e:program filesMicrosoft.NET
    2009-09-03 15:26 . 2009-09-03 15:26

    d

    w- e:program filesFoxit Reader
    2009-09-03 15:26 . 2009-09-03 15:26

    d—a-w- e:documents and settingsAdminApplication DataYandex
    2009-09-03 15:18 . 2009-09-03 15:18

    d

    w- e:program filesVistaDriveIcon
    2009-09-03 15:18 . 2009-09-03 15:18

    d—a-w- e:program filesPaint.NET
    2009-09-03 15:18 . 2009-09-03 15:18 410984

    w- e:windowssystem32deploytk.dll
    2009-09-03 15:17 . 2009-09-03 15:17

    d

    w- e:program filesJava
    2009-09-03 15:12 . 2009-09-03 15:12 22564

    w- e:windowssystem32emptyregdb.dat
    2009-09-03 15:12 . 2009-09-03 15:12

    d

    w- e:program filesWindows Media Connect 2
    2009-08-21 11:12 . 2009-09-03 15:44

    d

    w- e:documents and settingsAdminApplication DatauTorrent
    2009-08-21 11:08 . 2009-08-11 00:06 174576 —-a-w- e:documents and settingsLocalServiceLocal SettingsApplication DataFontCache3.0.0.0.dat
    2009-08-21 11:01 . 2009-08-19 12:24

    d

    w- e:documents and settingsAll UsersApplication Dataavg8
    2009-08-21 10:47 . 2009-08-21 08:43

    d

    w- e:documents and settingsAdminApplication DataBitTorrent
    2009-08-21 09:12 . 2009-08-21 09:12

    d

    w- e:program filesTrend Micro
    2009-08-21 08:43 . 2009-08-21 08:43

    d

    w- e:program filesBitTorrent
    2009-08-20 18:54 . 2009-08-03 13:24 138464 —-a-w- e:windowssystem32driversPnkBstrK.sys
    2009-08-20 18:53 . 2009-08-03 13:24 111928 —-a-w- e:windowssystem32PnkBstrB.exe
    2009-08-20 18:18 . 2009-08-20 18:16

    d

    w- e:program filesPortal
    2009-08-20 16:36 . 2009-08-12 09:21

    d—a-w- e:documents and settingsAll UsersApplication DataTEMP
    2009-08-20 15:58 . 2009-09-03 16:46

    d

    w- e:documents and settingsAdminApplication DataSkype
    2009-08-20 14:34 . 2009-08-20 14:34 2560 —-a-w- e:windows_MSRSTRT.EXE
    2009-08-20 14:28 . 2009-08-20 14:28

    d

    w- e:documents and settingsAdminApplication DataAuslogics
    2009-08-20 14:27 . 2009-08-20 14:27

    d

    w- e:program filesAuslogics
    2009-08-20 12:03 . 2009-09-03 16:47

    d

    w- e:documents and settingsAdminApplication DataskypePM
    2009-08-20 10:52 . 2009-08-03 13:24 65136 —-a-w- e:documents and settingsAdminLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
    2009-08-19 13:31 . 2009-08-03 14:12

    d

    w- e:program filesOpenAL
    2009-08-19 12:45 . 2009-08-19 12:45 12552 —-a-w- e:windowssystem32driversavgrkx86.sys
    2009-08-19 12:45 . 2009-08-19 12:45 11952 —-a-w- e:windowssystem32avgrsstx.dll
    2009-08-19 12:45 . 2009-08-19 12:45 335240 —-a-w- e:windowssystem32driversavgldx86.sys
    2009-08-19 12:45 . 2009-08-19 12:45 27784 —-a-w- e:windowssystem32driversavgmfx86.sys
    2009-08-19 12:45 . 2009-08-19 12:45

    d

    w- e:documents and settingsAll UsersApplication DataAVG Security Toolbar
    2009-08-19 11:26 . 2009-08-13 19:30

    d

    w- e:program filesAtomPark
    2009-08-19 10:29 . 2009-08-10 10:03

    d

    w- e:program filesDrWeb
    2009-08-18 20:48 . 2008-04-15 16:00 484934 —-a-w- e:windowssystem32perfh019.dat
    2009-08-18 20:48 . 2008-04-15 16:00 84458 —-a-w- e:windowssystem32perfc019.dat
    2009-08-18 20:09 . 2009-08-07 04:57

    d—h—w- e:program filesInstallShield Installation Information
    2009-08-18 19:36 . 2009-09-03 15:35

    d

    w- e:program filesCommon FilesInstallShield
    2009-08-18 18:56 . 2009-08-18 18:56 22328 —-a-w- e:documents and settingsAdminApplication DataPnkBstrK.sys
    2009-08-18 18:56 . 2009-08-18 18:56 22328 —-a-w- e:documents and settingsAdminApplication DataPnkBstrK.sys
    2009-08-18 18:55 . 2009-08-03 13:24 66872 —-a-w- e:windowssystem32PnkBstrA.exe
    2009-08-18 18:55 . 2009-08-18 18:55 682280 —-a-w- e:windowssystem32pbsvc.exe
    2009-08-18 18:33 . 2009-08-17 16:26

    d

    w- e:documents and settingsAll UsersApplication DataKaspersky Lab
    2009-08-17 16:26 . 2009-08-17 16:26

    d

    w- e:program filesKaspersky Lab
    2009-08-17 16:14 . 2009-09-03 16:35

    d

    w- e:documents and settingsAll UsersApplication DataPinnacle
    2009-08-16 12:27 . 2009-08-15 16:20

    d

    w- e:documents and settingsAdminApplication DataBioshock
    2009-08-15 17:44 . 2009-08-15 17:44

    d

    w- e:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
    2009-08-15 15:52 . 2009-08-15 15:52

    d

    w- e:program files2K Games
    2009-08-15 15:52 . 2009-08-15 15:52

    d

    w- e:documents and settingsAdminApplication DataInstallShield
    2009-08-15 12:13 . 2009-09-03 15:36

    d

    w- e:program filesCommon FilesWise Installation Wizard
    2009-08-14 17:16 . 2009-08-14 17:16

    d

    w- e:program filesCommon FilesINCA Shared
    2009-08-14 10:53 . 2009-08-13 13:46

    d

    w- e:program filesDAEMON Tools Lite
    2009-08-13 22:00 . 2009-09-03 15:44

    d

    w- e:program filesUnlocker
    2009-08-13 18:42 . 2009-08-13 15:22

    d

    w- e:documents and settingsAdminApplication DataPro Cycling Manager 2009
    2009-08-13 12:36 . 2009-08-13 12:36

    d—h—r- e:documents and settingsAdminApplication DataSecuROM
    2009-08-13 07:44 . 2009-08-13 07:44

    d

    w- e:documents and settingsAdminApplication DataRadmin
    2009-08-13 07:44 . 2009-08-13 07:44

    d

    w- e:program filesRadmin Viewer 3
    2009-08-13 07:21 . 2009-08-13 07:21

    d

    w- e:documents and settingsAdminApplication DataTeamViewer
    2009-08-13 07:19 . 2009-08-04 12:23

    d

    w- e:program filesMiranda IM zeleboba’s pack
    2009-08-12 15:29 . 2009-08-12 06:57

    d

    w- e:documents and settingsAdminApplication DataWinamp
    2009-08-12 08:19 . 2009-08-12 07:41

    d

    w- e:documents and settingsAdminApplication DataDAEMON Tools Lite
    2009-08-12 07:45 . 2009-08-12 07:45

    d

    w- e:documents and settingsAll UsersApplication DataDAEMON Tools Lite
    2009-08-12 07:41 . 2009-09-03 15:18 721904

    w- e:windowssystem32driverssptd.sys
    2009-08-12 06:58 . 2009-08-12 06:48

    d

    w- e:program filesWinamp
    2009-08-11 00:06 . 2009-08-11 00:06

    d

    w- e:program filesMSBuild
    2009-08-10 23:50 . 2009-08-10 23:50

    d

    w- e:program filesReference Assemblies
    2009-08-10 11:23 . 2009-08-10 11:22

    d

    w- e:program filesHalf-life 1.1.2.0
    2009-08-10 09:31 . 2009-08-05 11:01

    d

    w- e:program filesKillingFloor
    2009-08-08 19:31 . 2009-08-08 19:21

    d

    w- e:documents and settingsAdminApplication DataDownload Master
    .

    Sigcheck


    [-] 2009-02-19 17:18 579072 23B7D3F3F5EC8FEEA75EC381C71CBD5E e:windowssystem32user32.dll

    [-] 2009-02-19 17:18 952832 8D462CDD4769F07C7A03384436B45C0B e:windowssystem32wininet.dll

    [-] 2009-02-19 17:20 361600 6A104BA98D99D53AB0C91825CE659FC6 e:windowssystem32driverstcpip.sys

    [-] 2009-02-19 17:17 1721344 DD08EDC9648AFF1E064B2FAF24743BF6 e:windowsexplorer.exe

    [-] 2009-02-19 17:17 30208 0C03910993057CC8BD5762441F5ABDF6 e:windowssystem32ctfmon.exe

    [-] 2009-02-19 17:18 78360 0717E8AF3CD28E24C7A0903BFE60B1B0 e:windowssystem32wuauclt.exe

    [-] 2009-02-19 17:17 855040 741FBE6EC177F09F49A448DE2FBF8F01 e:windowssystem32comres.dll

    [-] 2009-02-19 17:21 1571840 8F51D3D08E9FFF9113EFDFA7A7511F2C e:windowssystem32sfcfiles.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
    «VistaIcon»=»e:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
    «uTorrent»=»e:program filesuTorrentuTorrent.exe» [2009-08-03 288048]
    «RocketDock»=»e:program filesRocketDockRocketDock.exe» [2007-09-02 495616]
    «TBPanel»=»e:program filesVtuneTBPanel.exe» [2009-03-17 2158592]
    «Download Master»=»e:program filesDownload Masterdmaster.exe» [2009-08-05 3777536]
    «RGSC»=»c:program filesRockstar GamesRockstar Games Social ClubRGSCLauncher.exe» [2009-08-13 306088]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
    «NvCplDaemon»=»e:windowssystem32NvCpl.dll» [2009-03-17 13680640]
    «NvMediaCenter»=»e:windowssystem32NvMcTray.dll» [2009-03-17 86016]
    «nwiz»=»nwiz.exe» — e:windowssystem32nwiz.exe [2009-03-17 1657376]
    «RTHDCPL»=»RTHDCPL.EXE» — e:windowsRTHDCPL.EXE [2008-04-10 16861184]

    [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
    «VistaIcon»=»e:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]

    [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
    «IE7_011″=»shell32» [X]
    «ZZZZ2_FirstLogonSetting»=»advpack.dll» — e:windowssystem32advpack.dll [2009-02-19 124928]
    «IE7_012″=»advpack.dll» — e:windowssystem32advpack.dll [2009-02-19 124928]

    e:documents and settingsAdminѓ« ў­®Ґ ¬Ґ­оЏа®Ја ¬¬лЂўв®§ Јаг§Є 
    data.exe [2009-7-17 166400]

    e:documents and settingsAdminѓ« ў­®Ґ ¬Ґ­оЏа®Ја ¬¬лЂўв®§ Јаг§Є 
    data.exe [2009-7-17 166400]

    e:documents and settingsAdminѓ« ў­®Ґ ¬Ґ­оЏа®Ја ¬¬лЂўв®§ Јаг§Є 
    data.exe [2009-7-17 166400]

    e:documents and settingsAdminѓ« ў­®Ґ ¬Ґ­оЏа®Ја ¬¬лЂўв®§ Јаг§Є 
    data.exe [2009-7-17 166400]

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
    «NoSMConfigurePrograms»= 1 (0x1)

    [HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
    «NoSMConfigurePrograms»= 1 (0x1)

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavgrsstarter]
    2009-08-19 12:45 11952 —-a-w- e:windowssystem32avgrsstx.dll

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
    «FirewallOverride»=dword:00000001
    «UpdatesDisableNotify»=dword:00000001
    «UpdatesOverride»=dword:00000001
    «AntiVirusOverride»=dword:00000001

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
    «EnableFirewall»= 0 (0x0)

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
    «%windir%\Network Diagnostic\xpnetdiag.exe»=
    «%windir%\system32\sessmgr.exe»=
    «e:\Program Files\uTorrent\uTorrent.exe»=
    «e:\WINDOWS\system32\rserver30\rserver3.exe»=
    «c:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
    «c:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
    «c:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
    «e:\WINDOWS\system32\PnkBstrA.exe»=
    «e:\WINDOWS\system32\PnkBstrB.exe»=
    «c:\Activision\Call of Duty — World at War\CoDWaWmp.exe»=
    «c:\Activision\Call of Duty — World at War\CoDWaW.exe»=
    «c:\Race Driver GRID\GRID.exe»=
    «e:\Program Files\Skype\Phone\Skype.exe»=
    «e:\Program Files\BitTorrent\bittorrent.exe»=

    R0 AvgRkx86;avgrkx86.sys;e:windowssystem32driversavgrkx86.sys [19.08.2009 16:45 12552]
    R1 AvgLdx86;AVG AVI Loader Driver x86;e:windowssystem32driversavgldx86.sys [19.08.2009 16:45 335240]
    R1 raddrvv3;raddrvv3;e:windowssystem32rserver30raddrvv3.sys [24.04.2008 8:49 45848]
    R1 VBoxDrv;VirtualBox Service;e:windowssystem32driversVBoxDrv.sys [03.09.2009 19:47 100560]
    R1 VBoxUSBMon;VirtualBox USB Monitor Driver;e:windowssystem32driversVBoxUSBMon.sys [03.09.2009 19:46 41744]
    R3 mirrorv3;mirrorv3;e:windowssystem32driversrminiv3.sys [01.11.2006 6:01 3328]
    R3 VBoxNetFlt;VBoxNetFlt Service;e:windowssystem32driversVBoxNetFlt.sys [03.09.2009 20:19 87568]
    S1 AvgTdiX;AVG8 Network Redirector;e:windowssystem32Driversavgtdix.sys —> e:windowssystem32Driversavgtdix.sys [?]
    S1 ShldDrv;Panda File Shield Driver;e:windowssystem32DRIVERSShlDrv51.sys —> e:windowssystem32DRIVERSShlDrv51.sys [?]
    S2 ATE_PROCMON;ATE_PROCMON;??e:program filesAnti Trojan EliteATEPMon.sys —> e:program filesAnti Trojan EliteATEPMon.sys [?]
    S2 avg8emc;AVG8 E-mail Scanner;e:progra~1AVGAVG8avgemc.exe —> e:progra~1AVGAVG8avgemc.exe [?]
    S2 avg8wd;AVG8 WatchDog;e:progra~1AVGAVG8avgwdsvc.exe —> e:progra~1AVGAVG8avgwdsvc.exe [?]
    S2 PavProc;Panda Process Protection Driver;??e:windowssystem32DRIVERSPavProc.sys —> e:windowssystem32DRIVERSPavProc.sys [?]
    S2 RServer3;Radmin Server V3;e:windowssystem32rserver30rserver3.exe [24.04.2008 8:44 1238344]
    S3 RkPavproc1;RkPavproc1;e:windowssystem32driversRkPavproc1.sys [18.08.2009 23:38 16952]
    S3 tap0901;TAP-Win32 Adapter V9;e:windowssystem32driverstap0901.sys [19.11.2008 22:22 25216]

    — Other Services/Drivers In Memory —

    *NewlyCreated* — SRSERVICE
    .
    — — — — ORPHANS REMOVED — — — —

    URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} — e:program filesAVGAVG8ToolbarIEToolbar.dll
    URLSearchHooks-*CFBFAE00-17A6-11D0-99CB-00C04FD64497} — (no file)
    BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} — e:program filesAVGAVG8ToolbarIEToolbar.dll
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} — e:program filesAVGAVG8ToolbarIEToolbar.dll
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} — e:program filesAVGAVG8ToolbarIEToolbar.dll
    HKLM-Run-AVG8_TRAY — e:progra~1AVGAVG8avgtray.exe

    .

    Supplementary Scan

    .
    uStart Page = hxxp://www.ask.com/?o=101764&l=dis
    uDefault_Search_URL = hxxp://search.qip.ru
    uInternet Connection Wizard,ShellNext = hxxp://www.zvercd.com/
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
    IE: &Экспорт в Microsoft Excel — e:progra~1MICROS~1Office12EXCEL.EXE/3000
    IE: Закачать ВСЕ при помощи Download Master — e:program filesDownload Masterdmieall.htm
    IE: Закачать при помощи Download Master — e:program filesDownload Masterdmie.htm
    IE: Передать на удаленную закачку DM — e:program filesDownload Masterremdown.htm
    IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — e:program filesDownload Masterdmaster.exe
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-08-21 15:19
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .

    DLLs Loaded Under Running Processes


    — — — — — — — > ‘winlogon.exe'(2020)
    e:windowsSYSTEM32cscui.dll
    .
    Completion time: 2009-08-21 15:20
    ComboFix-quarantined-files.txt 2009-08-21 11:20

    Pre-Run: 10 021 961 728 байт свободно
    Post-Run: 10 007 093 248 байт свободно

    Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
    276

  • Автор
    Сообщения
Просмотр 5 сообщений - с 1 по 5 (из 5 всего)

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Важные инструкции

Как удалить рекламный вирус в браузере (Chrome, Opera, Firefox, Internet Explorer, Edge)
Установлено в соответствии с корпоративным правилом (Удалить из Хрома)
Как восстановить зашифрованные файлы (Инструкция)
вредоносные программы
Как удалить вредоносные программы, лучшие утилиты
Проверка на вирусы Андроид телефона
Как удалить вирус с телефона Андроид (Инструкция)

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)