Созданные ответы форума
-
Сообщения
-
OTL Extras logfile created on: 27.03.2010 21:07:32 — Run 1
OTL by OldTimer — Version 3.1.37.3 Folder = C:UsersСаняDesktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) — Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:pagefile.sys%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 465,76 Gb Total Space | 111,49 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: САНЯ-ПК
Current User Name: Саня
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses]
[HKEY_LOCAL_MACHINESOFTWAREClasses]
.cpl [@ = cplfile] — C:WindowsSysWow64control.exe (Microsoft Corporation)[HKEY_USERSS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREClasses]
.html [@ = FirefoxHTML] — C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation)========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
batfile [open] — «%1» %* File not found
cmdfile [open] — «%1» %* File not found
comfile [open] — «%1» %* File not found
exefile [open] — «%1» %* File not found
helpfile [open] — Reg Error: Key error.
htmlfile [edit] — Reg Error: Key error.
htmlfile [print] — rundll32.exe %windir%system32mshtml.dll,PrintHTML «%1» File not found
inffile [install] — %SystemRoot%System32InfDefaultInstall.exe «%1» (Microsoft Corporation)
piffile [open] — «%1» %* File not found
regfile [merge] — Reg Error: Key error.
scrfile [config] — «%1» File not found
scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] — «%1» /S File not found
txtfile [edit] — Reg Error: Key error.
Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)[HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
batfile [open] — «%1» %*
cmdfile [open] — «%1» %*
comfile [open] — «%1» %*
cplfile [cplopen] — %SystemRoot%System32control.exe «%1»,%* (Microsoft Corporation)
exefile [open] — «%1» %*
helpfile [open] — Reg Error: Key error.
htmlfile [edit] — Reg Error: Key error.
htmlfile [print] — rundll32.exe %windir%system32mshtml.dll,PrintHTML «%1»
inffile [install] — %SystemRoot%System32InfDefaultInstall.exe «%1» (Microsoft Corporation)
piffile [open] — «%1» %*
regfile [merge] — Reg Error: Key error.
scrfile [config] — «%1»
scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] — «%1» /S
txtfile [edit] — Reg Error: Key error.
Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«cval» = 164bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
«AntiVirusOverride» = 0
«AntiSpywareOverride» = 0
«FirewallOverride» = 0
«VistaSp1» = C2 FE 8D 6A DC 5B C8 01 [binary data]
«VistaSp2» = 00 AF B5 BE C4 BA C9 01 [binary data]64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]
«DisableMonitoring» = 1
«» =[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
«oobe_av» = 1[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
«EnableFirewall» = 0
«DisableNotifications» = 0[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
«EnableFirewall» = 0
«DisableNotifications» = 0[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
«EnableFirewall» = 0
«DisableNotifications» = 0========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
«{AB8C7350-C2F1-4F4C-810F-07289BFE29A8}» = lport=3389 | protocol=6 | dir=in | app=system |========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
«{207AF17E-2A05-410A-B198-FB5CEACE6F60}» = protocol=17 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
«{2135EE56-35E6-43EC-8A45-880C9C153B48}» = protocol=17 | dir=in | app=c:program files (x86)dragon agedaoriginslauncher.exe |
«{29B9F4B4-CDFD-446C-A9B4-CDBD2BE615E9}» = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
«{2C7F7E6D-3B9C-4F56-BF82-20CE4757D788}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutparadise.exe |
«{2CAF3E70-8010-4F2A-806B-D31B1F88A99C}» = protocol=6 | dir=in | app=c:program files (x86)dragon agebin_shipdaorigins.exe |
«{356B0065-1245-4242-9C2C-B0BC8B273A06}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutconfigtool.exe |
«{511DB63D-6B5C-4919-8D76-C39C101C98E2}» = protocol=6 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
«{65424E30-A609-46FD-858C-A8014DEF2FD1}» = protocol=6 | dir=in | app=c:program files (x86)dragon agebin_shipdaupdatersvc.service.exe |
«{78E064B0-4A1E-4DF3-AE7D-E87CBE63DCED}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutparadise.exe |
«{7F334F50-D2B1-41D6-BA7F-839B4DCF802F}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutlauncher.exe |
«{83777A59-9B73-4282-B129-4B6DFDB7215E}» = protocol=17 | dir=in | app=c:program files (x86)f.e.a.r. 2 completefear2.exe |
«{8399922C-CB75-4F8F-ABD1-CFEC511B0936}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«{8518AFA3-7930-4A90-82D7-B569543114F5}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«{B08745DA-52AB-4D02-A2C0-7FE9645B3258}» = protocol=6 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
«{B1A68284-4D35-4B65-953F-B2101344C5C3}» = protocol=17 | dir=in | app=c:program files (x86)skypeplugin managerskypepm.exe |
«{B3CA4813-FB5A-41B9-AF7B-45D214DD21B1}» = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
«{B4CD4D3F-4491-4B3C-AEFE-5BB93F4AD032}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«{B52894A1-26DE-4431-BA24-7A03743B4F3F}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«{B5FF52EF-17FD-44B0-BDBC-9BD3F9C64363}» = protocol=6 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutlauncher.exe |
«{B9D648F9-B49D-493E-83E4-F0E42D1755D8}» = protocol=17 | dir=in | app=c:program files (x86)electronic artsburnout(tm) paradise the ultimate boxburnoutconfigtool.exe |
«{D7E57C7C-A051-4C0A-A5C4-2A957DE39048}» = protocol=17 | dir=in | app=c:program files (x86)dragon agebin_shipdaupdatersvc.service.exe |
«{E69C5AD2-DF5E-4AEB-89F1-70A3ED8D7EF8}» = protocol=6 | dir=in | app=c:program files (x86)f.e.a.r. 2 completefear2.exe |
«{F8F70645-8D1A-4078-95A3-BE108A56B492}» = protocol=6 | dir=in | app=c:program files (x86)dragon agedaoriginslauncher.exe |
«{FD97DA46-87CF-437C-A02E-6F821333054B}» = protocol=17 | dir=in | app=c:program files (x86)dragon agebin_shipdaorigins.exe |
«{FE269C31-240C-414D-A668-0C3171EE6D37}» = dir=in | app=c:program files (x86)skypephoneskype.exe |
«TCP Query User{993EF6E1-D1E0-4FE3-8CF6-8F2F86448F49}C:program files (x86)qipqip.exe» = protocol=6 | dir=in | app=c:program files (x86)qipqip.exe |
«UDP Query User{94DFCDEA-823D-47CE-9702-FDAC774D6579}C:program files (x86)qipqip.exe» = protocol=17 | dir=in | app=c:program files (x86)qipqip.exe |========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{23170F69-40C1-2702-0465-000001000000}» = 7-Zip 4.65 (x64 edition)
«{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}» = Microsoft .NET Framework 3.5 Language Pack SP1 — rus
«{3D3E663D-4E7E-4577-A560-7ECDDD45548A}» = PVSonyDll
«{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}» = Nokia Connectivity Cable Driver
«{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}» = Microsoft .NET Framework 3.5 SP1
«0C5EDC3653FED5B121F464339EAC12534D253B25» = Пакет драйверов Windows — Nokia Modem (02/15/2007 3.1)
«4077F884D1BB007055BDB83B621D87220A73F30F» = Пакет драйверов Windows — Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
«B726756F5B5A5AA9D798B399386FC6205A45F19E» = Пакет драйверов Windows — Nokia Modem (02/15/2007 3.1)
«CD8424B9400BFF7D34AA18F816C71322AC4BDAA7» = Пакет драйверов Windows — Nokia Modem (05/24/2007 6.84.0.1)
«Crysis Warhead_is1» = Crysis Warhead
«Microsoft .NET Framework 3.5 Language Pack SP1 — rus» = Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS
«Microsoft .NET Framework 3.5 SP1» = Microsoft .NET Framework 3.5 SP1
«NVIDIA Display Control Panel» = NVIDIA Display Control Panel
«NVIDIA Drivers» = NVIDIA Drivers[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{06C26FAF-2C9F-4CA2-945E-A75CC2B5D410}» = Fabrika Futbola
«{11964613-805F-432D-A12B-169554B793E7}» = Nokia Connectivity Cable Driver
«{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}» = Risen
«{217EC467-61C4-1939-3BBF-4FA4CAEA42FF}» = EA Shared Game Component: Activation
«{2B9C002D-F3C1-4F8A-B29A-7F9E9B473D4D}» = Яндекс.Бар 4.3 для Internet Explorer
«{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}» = Microsoft Games for Windows — LIVE Redistributable
«{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}» = Titan Quest
«{4C496EA3-C94B-4D03-80AD-455283F43342}_is1» = F.E.A.R. 2 Complete
«{7299052b-02a4-4627-81f2-1818da5d550d}» = Microsoft Visual C++ 2005 Redistributable
«{79B986AD-54D8-4498-AA06-89808829ACC0}» = Антивирус Касперского 6.0 для Windows Workstations
«{837b34e3-7c30-493c-8f6a-2b0f04e2912c}» = Microsoft Visual C++ 2005 Redistributable
«{8DAB9102-F91C-47EE-AADF-5436A6A77DGB}_is1» = Fallout 3 v.1.7
«{981029E0-7FC9-4CF3-AB39-6F133621921A}» = Skype Toolbars
«{99A40651-0BC2-4095-8F9A-A40FAB224FEF}» = PC Connectivity Solution
«{9A25302D-30C0-39D9-BD6F-21E6EC160475}» = Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.17
«{9A996B6A-846E-4A89-B9C4-17546B7BE49F}» = Burnout(TM) Paradise The Ultimate Box
«{A2BCA9F1-566C-4805-97D1-7FDC93386723}» = Adobe AIR
«{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}» = Nokia PC Suite
«{AEC81925-9C76-4707-84A9-40696C613ED3}» = Dragon Age: Начало
«{C008F6C5-0647-4433-8755-12D89389EF4F}» = Planet Updater
«{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}» = NVIDIA PhysX
«{D103C4BA-F905-437A-8049-DB24763BBE36}» = Skype™ 4.2
«{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1» = Rapture3D 2.3.22 Game
«{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}» = jetAudio Basic
«{F112F66E-25CA-42DD-983C-6118EB38F606}» = Microsoft Games for Windows — LIVE
«Adobe AIR» = Adobe AIR
«Adobe Flash Player ActiveX» = Adobe Flash Player 10 ActiveX
«Adobe Flash Player Plugin» = Adobe Flash Player 10 Plugin
«Bytescout XLS Viewer_is1» = Bytescout XLS Viewer 2.30a (FREEWARE)
«com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1» = EA Shared Game Component: Activation
«DirectX Update OnLine_is1» = DirectX Update for Xp/Vista
«Dirt 2_is1» = Dirt 2
«Download Master_is1» = Download Master version 5.5.15.1179
«Dream Stripper_is1» = Dream Stripper
«EA Installer.1635480076» = EA Installer
«Grand Casino_is1» = Grand Casino v.1.0
«HijackThis» = HijackThis 2.0.2
«InstallWIX_{79B986AD-54D8-4498-AA06-89808829ACC0}» = Антивирус Касперского 6.0 для Windows Workstations
«Just Cause 2_is1» = Just Cause 2
«Malwarebytes’ Anti-Malware_is1» = Malwarebytes’ Anti-Malware
«Mozilla Firefox (3.6)» = Mozilla Firefox (3.6)
«MRA» = Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)
«myAC.Client_is1» = myAC.Client 1.5.9
«Nokia PC Suite» = Nokia PC Suite
«NVIDIAStereo» = NVIDIA Stereoscopic 3D Driver
«OpenAL» = OpenAL
«Planet Updater» = Planet Updater
«Prototype_is1» = Prototype
«RocketDock_is1» = RocketDock 1.3.5
«Section 8_is1» = Section 8
«Teamspeak 2 RC2_is1» = TeamSpeak 2 RC2
«uTorrent» = µTorrent
«VKSaver» = VKSaver
«Шустрый жучок 3. Дело об убийстве в снегах_is1» = Шустрый жучок 3. Дело об убийстве в снегах========== Last 10 Event Log Errors ==========
[ Application Events ]
Error — 25.03.2010 6:27:38 | Computer Name = Саня-ПК | Source = Windows Search Service | ID = 3013
Description =Error — 25.03.2010 6:27:38 | Computer Name = Саня-ПК | Source = Windows Search Service | ID = 3013
Description =Error — 25.03.2010 9:21:58 | Computer Name = Саня-ПК | Source = System Restore | ID = 8193
Description =Error — 26.03.2010 7:24:22 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
0xc0000005, смещение ошибки 0x000cea30, ИД процесса 0xa78, время запуска приложения
0x01cacccc3a8862be.Error — 26.03.2010 7:24:25 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
0xc0000005, смещение ошибки 0x000cea30, ИД процесса 0xa78, время запуска приложения
0x01cacccc3a8862be.Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = VSS | ID = 12293
Description =Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = System Restore | ID = 8193
Description =Error — 26.03.2010 8:23:40 | Computer Name = Саня-ПК | Source = System Restore | ID = 8210
Description =Error — 26.03.2010 8:55:37 | Computer Name = Саня-ПК | Source = VSS | ID = 12293
Description =Error — 26.03.2010 10:31:29 | Computer Name = Саня-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
0xc0000005, смещение ошибки 0x0082fd76, ИД процесса 0xb24, время запуска приложения
0x01cacceced951ab3.[ System Events ]
Error — 24.03.2010 4:24:41 | Computer Name = Саня-ПК | Source = Dhcp | ID = 1000
Description = Компьютер утерял аренду на IP-адрес 192.168.100.10 для сетевого адаптера
с сетевым адресом 001966CE9918.Error — 24.03.2010 13:22:53 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 24.03.2010 14:35:01 | Computer Name = Саня-ПК | Source = Service Control Manager | ID = 7000
Description =Error — 24.03.2010 14:35:01 | Computer Name = Саня-ПК | Source = Application Popup | ID = 1060
Description = Загрузка ??C:Program Files (x86)RFOnlineFrostfrost.sys заблокирована
из-за несовместимости с данной системой. Обратитесь к поставщику программного обеспечения
за совместимой версией драйвера.Error — 25.03.2010 4:38:44 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 25.03.2010 12:56:47 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 26.03.2010 3:47:21 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 26.03.2010 13:11:02 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 27.03.2010 8:20:54 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 27.03.2010 13:58:20 | Computer Name = Саня-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =OTL logfile created on: 27.03.2010 21:07:32 — Run 1
OTL by OldTimer — Version 3.1.37.3 Folder = C:UsersСаняDesktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) — Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:pagefile.sys%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 465,76 Gb Total Space | 111,49 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: САНЯ-ПК
Current User Name: Саня
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard========== Processes (SafeList) ==========
PRC — [2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
PRC — [2010.03.22 22:36:08 | 000,302,928 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe
PRC — [2010.03.22 22:36:06 | 000,437,584 | —- | M] (Malwarebytes Corporation) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe
PRC — [2010.02.14 18:19:12 | 000,056,832 | —- | M] (AudioVkontakte.Ru) — C:Program Files (x86)VKSaverVKSaverUpdater.exe
PRC — [2009.11.20 19:17:00 | 000,240,232 | —- | M] (NVIDIA Corporation) — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
PRC — [2007.09.02 13:58:52 | 000,495,616 | —- | M] () — C:Program Files (x86)RocketDockRocketDock.exe========== Modules (SafeList) ==========
MOD — [2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
MOD — [2010.03.09 15:10:08 | 000,044,544 | —- | M] (AudioVkontakte.Ru) — C:WindowsSysWOW64vksaver.dll
MOD — [2010.01.19 14:21:39 | 000,158,224 | —- | M] (Kaspersky Lab) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsscrchpg.dll
MOD — [2009.04.11 19:24:25 | 000,450,560 | —- | M] (Microsoft Corporation) — C:WindowsSysWOW64comdlg32.dll
MOD — [2007.11.19 14:42:24 | 000,072,208 | —- | M] (Kaspersky Lab) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsr3hook.dll
MOD — [2007.09.02 13:57:36 | 000,069,632 | —- | M] () — C:Program Files (x86)RocketDockRocketDock.dll========== Win32 Services (SafeList) ==========
SRV:64bit: — [2009.09.25 04:26:26 | 001,142,272 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativeFntCache.dll — (FontCache)
SRV:64bit: — [2009.04.11 19:25:35 | 000,252,928 | —- | M] (Microsoft Corporation) [On_Demand | Running] — C:WindowsSysNativeumrdp.dll — (UmRdpService)
SRV:64bit: — [2009.04.11 19:25:25 | 000,604,672 | —- | M] (Microsoft Corporation) [Auto | Running] — C:WindowsSysNativecscsvc.dll — (CscService)
SRV:64bit: — [2009.04.11 19:23:10 | 001,149,440 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativewbengine.exe — (wbengine)
SRV:64bit: — [2008.01.21 05:50:23 | 000,195,584 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativeappmgmts.dll — (AppMgmt)
SRV:64bit: — [2008.01.21 05:47:07 | 000,689,152 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysNativefxssvc.exe — (Fax)
SRV:64bit: — [2008.01.21 05:46:39 | 000,383,544 | —- | M] (Microsoft Corporation) [Auto | Running] — C:Program FilesWindows DefenderMpSvc.dll — (WinDefend)
SRV — [2010.03.22 22:36:08 | 000,302,928 | —- | M] (Malwarebytes Corporation) [Auto | Running] — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe — (MBAMService)
SRV — [2010.01.19 14:21:37 | 000,231,952 | —- | M] (Kaspersky Lab) [On_Demand | Stopped] — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe — (AVP)
SRV — [2009.11.20 19:17:00 | 000,240,232 | —- | M] (NVIDIA Corporation) [Auto | Running] — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe — (Stereo Service)
SRV — [2009.04.11 19:24:46 | 000,089,920 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_64)
SRV — [2007.06.15 16:55:00 | 000,300,544 | —- | M] (Nokia.) [On_Demand | Stopped] — C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe — (ServiceLayer)
SRV — [2006.11.02 16:34:14 | 000,000,000 | —D | M] [Unknown | Stopped] — C:WindowsSysWOW64Msdtc — (MSDTC)
SRV — [2006.11.02 09:35:15 | 000,060,994 | —- | M] () [On_Demand | Stopped] — C:WindowsSysWOW64wbemvds.mof — (vds)
SRV — [2006.11.02 09:35:15 | 000,055,846 | —- | M] () [On_Demand | Stopped] — C:WindowsSysWOW64wbemvss.mof — (VSS)========== Driver Services (SafeList) ==========
DRV:64bit: — [2010.03.22 22:36:00 | 000,024,664 | —- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] — C:WindowsSysNativedriversmbam.sys — (MBAMProtector)
DRV:64bit: — [2010.03.22 21:15:40 | 000,144,400 | —- | M] (Kaspersky Lab) [Kernel | System | Running] — C:WindowsSysNativeDRIVERSkl1.sys — (kl1)
DRV:64bit: — [2010.02.27 22:56:33 | 000,314,016 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativeDRIVERSatksgt.sys — (atksgt)
DRV:64bit: — [2010.02.27 22:56:32 | 000,043,680 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativeDRIVERSlirsgt.sys — (lirsgt)
DRV:64bit: — [2010.01.19 14:21:39 | 000,202,768 | —- | M] (Kaspersky Lab) [File_System | System | Running] — C:WindowsSysNativeDRIVERSklif.sys — (KLIF)
DRV:64bit: — [2010.01.19 13:52:40 | 000,834,544 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysNativeDriverssptd.sys — (sptd)
DRV:64bit: — [2009.10.01 03:51:42 | 000,046,592 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSwpdusb.sys — (WpdUsb)
DRV:64bit: — [2009.04.11 19:25:30 | 000,160,744 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSysNativeDRIVERSfvevol.sys — (fvevol)
DRV:64bit: — [2009.04.11 19:25:24 | 000,460,800 | —- | M] (Microsoft Corporation) [Kernel | System | Running] — C:WindowsSysNativedriverscsc.sys — (CSC)
DRV:64bit: — [2009.04.11 19:23:09 | 000,032,768 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser.sys — (usbser)
DRV:64bit: — [2009.04.11 19:23:06 | 000,275,456 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativedriversHdAudio.sys — (HdAudAddService) Драйвер функции UAA для службы High Definition Audio (Microsoft)
DRV:64bit: — [2008.05.02 10:58:50 | 000,008,704 | —- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser_lowerfltx64.sys — (upperdev)
DRV:64bit: — [2008.05.02 10:58:48 | 000,023,552 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversccdcmbox64.sys — (nmwcdcx64)
DRV:64bit: — [2008.05.02 10:58:48 | 000,018,432 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversccdcmbx64.sys — (nmwcdx64)
DRV:64bit: — [2007.04.04 13:59:20 | 000,026,392 | —- | M] (Kaspersky Lab) [Kernel | System | Running] — C:WindowsSysNativeDRIVERSklim6.sys — (KLIM6)
DRV:64bit: — [2007.02.22 11:18:14 | 000,017,408 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversnmwcdcjx64.sys — (nmwcdcjx64)
DRV:64bit: — [2006.10.10 05:09:03 | 000,742,696 | —- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] — C:WindowsSysNativeDRIVERSnvm60x64.sys — (NVENETFD)
DRV — [2010.03.22 20:30:35 | 000,036,264 | —- | M] (Innova) [Kernel | On_Demand | Stopped] — C:Program Files (x86)RFOnlineFrostfrost.sys — (Frost)
DRV — [2009.12.21 16:02:40 | 000,000,000 | —D | M] [Kernel | System | Running] — C:WindowsCSC — (CSC)
DRV — [2006.09.19 00:36:40 | 000,003,066 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysWOW64wbemtcpip.mof — (Tcpip)
DRV — [2006.09.19 00:35:23 | 000,001,088 | —- | M] () [Kernel | On_Demand | Running] — C:WindowsSysWOW64wbemmpsdrv.mof — (mpsdrv)========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htmIE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=135293
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerMain,StartPageCache = 1
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: — Reg Error: Key error. File not found
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program Files (x86)Mail.RuAgentMradllnewmrasearch.dll ()
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersСаняAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll (qip.ru)
IE — HKUS-1-5-21-2389684437-3395458029-2734596173-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0========== FireFox ==========
FF — prefs.js..extensions.enabledItems: yasearch@yandex.ru:4.3.0
FF — prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198FF — HKLMsoftwaremozillaMozilla Firefox 3.5.8extensions\Components: C:Program Files (x86)Mozilla Firefoxcomponents [2010.03.22 10:41:28 | 000,000,000 | —D | M]
FF — HKLMsoftwaremozillaMozilla Firefox 3.5.8extensions\Plugins: C:Program Files (x86)Mozilla Firefoxplugins [2010.03.22 10:40:59 | 000,000,000 | —D | M]
FF — HKLMsoftwaremozillaMozilla Firefox 3.6extensions\Components: C:Program Files (x86)Mozilla Firefoxcomponents [2010.03.22 10:41:28 | 000,000,000 | —D | M]
FF — HKLMsoftwaremozillaMozilla Firefox 3.6extensions\Plugins: C:Program Files (x86)Mozilla Firefoxplugins [2010.03.22 10:40:59 | 000,000,000 | —D | M][2010.03.22 10:41:43 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaExtensions
[2010.03.26 11:11:02 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensions
[2010.03.22 10:53:35 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensions{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.22 10:53:33 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensionsyasearch@yandex.ru
[2010.03.22 10:53:33 | 000,000,000 | —D | M] — C:UsersСаняAppDataRoamingmozillaFirefoxProfilesdpaol8zy.defaultextensionsyasearch@yandex.ruchromeskinextensions-hacks
[2010.03.26 11:11:02 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensions
[2010.03.26 10:50:35 | 000,000,000 | —D | M] (Skype extension for Firefox) — C:Program Files (x86)Mozilla Firefoxextensions{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.03.22 10:41:00 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensionsyasearch@yandex.ru
[2010.03.22 10:41:01 | 000,000,000 | —D | M] — C:Program Files (x86)Mozilla Firefoxextensionsyasearch@yandex.ruchromeskinextensions-hacks
[2008.09.16 07:18:20 | 000,122,880 | —- | M] (WestByte) — C:Program Files (x86)Mozilla Firefoxpluginsnpdm.dll
[2010.01.16 03:56:03 | 000,001,122 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginspriceru.xml
[2010.01.16 03:56:03 | 000,002,395 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsrambler.xml
[2010.01.16 03:56:03 | 000,001,945 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginstorgmailru.xml
[2010.01.16 03:56:03 | 000,001,304 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginswikipedia-ru.xml
[2010.01.16 03:56:03 | 000,004,072 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsyandex-slovari.xml
[2010.01.16 03:56:03 | 000,004,281 | —- | M] () — C:Program Files (x86)Mozilla Firefoxsearchpluginsyandex.xmlO1 HOSTS File: ([2006.09.19 00:37:24 | 000,000,761 | —- | M]) — C:WindowsSysNativedriversetcHosts
O1 — Hosts: 127.0.0.1 localhost
O1 — Hosts: ::1 localhost
O2 — BHO: (IE 4.x-6.x BHO for Download Master) — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:Program Files (x86)Download Masterdmiehlp.dll (WestByte)
O2 — BHO: (QIPBHO Class) — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersСаняAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll (qip.ru)
O3 — HKLM..Toolbar: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
O3 — HKU.DEFAULT..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
O3 — HKUS-1-5-18..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
O3 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..ToolbarWebBrowser: (Яндекс.Бар) — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll (ООО «ЯНДЕКС»)
O4:64bit: — HKLM..Run: [Windows Defender] C:Program FilesWindows DefenderMSASCui.exe (Microsoft Corporation)
O4 — HKLM..Run: [MAgent] C:Program Files (x86)Mail.RuAgentMAgent.exe (Mail.Ru)
O4 — HKLM..Run: [Malwarebytes’ Anti-Malware] C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe (Malwarebytes Corporation)
O4 — HKLM..Run: [msvmon32] C:ProgramDatamsvmon32keygen.exe File not found
O4 — HKLM..Run: [PCSuiteTrayApplication] C:UsersPublicNokia PC Suite 6LaunchApplication.exe (Nokia)
O4 — HKLM..Run: [VKSaverUpdater] C:Program Files (x86)VKSaverVKSaverUpdater.exe (AudioVkontakte.Ru)
O4 — HKU.DEFAULT..Run: [Nokia.PCSync] C:UsersPublicNokia PC Suite 6PcSync2.exe (Time Information Services Ltd.)
O4 — HKUS-1-5-18..Run: [Nokia.PCSync] C:UsersPublicNokia PC Suite 6PcSync2.exe (Time Information Services Ltd.)
O4 — HKUS-1-5-19..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
O4 — HKUS-1-5-19..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)
O4 — HKUS-1-5-20..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
O4 — HKUS-1-5-20..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [DAEMON Tools Lite] C:Program Files (x86)DAEMON Tools LiteDTLite.exe (DT Soft Ltd)
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [Download Master] C:Program Files (x86)Download Masterdmaster.exe (WestByte)
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [RocketDock] C:Program Files (x86)RocketDockRocketDock.exe ()
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [uTorrent] C:Program Files (x86)uTorrentuTorrent.exe (BitTorrent, Inc.)
O4 — HKUS-1-5-21-2389684437-3395458029-2734596173-1000..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe File not found
O6 — HKLMSoftwarePoliciesMicrosoftInternet ExplorerLow Rights present
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableLUA = 0
O8:64bit: — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program Files (x86)Download Masterdmieall.htm ()
O8:64bit: — Extra context menu item: Закачать при помощи Download Master — C:Program Files (x86)Download Masterdmie.htm ()
O8:64bit: — Extra context menu item: Передать на удаленную закачку DM — C:Program Files (x86)Download Masterremdown.htm ()
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program Files (x86)Download Masterdmieall.htm ()
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program Files (x86)Download Masterdmie.htm ()
O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program Files (x86)Download Masterremdown.htm ()
O9:64bit: — Extra Button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64SCIEPlgn.dll (Kaspersky Lab)
O9 — Extra Button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows WorkstationsSCIEPlgn.dll (Kaspersky Lab)
O9 — Extra Button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe (Mail.Ru)
O9 — Extra ‘Tools’ menuitem : Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe (Mail.Ru)
O9 — Extra Button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program Files (x86)Download Masterdmaster.exe (WestByte)
O9 — Extra ‘Tools’ menuitem : &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program Files (x86)Download Masterdmaster.exe (WestByte)
O13 — gopher Prefix: missing
O13 — gopher Prefix: missing
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 — HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 217.10.39.4 217.10.32.4 217.10.36.5 217.10.44.35
O18:64bit: — ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — Reg Error: Key error. File not found
O18 — ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies)
O20:64bit: — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOx64adialhk.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64adialhk.dll (Kaspersky Lab)
O20:64bit: — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOx64r3hook.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsx64r3hook.dll (Kaspersky Lab)
O20 — AppInit_DLLs: (C:Windowssystem32vksaver.dll) — C:WindowsSysWOW64vksaver.dll (AudioVkontakte.Ru)
O20 — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOadialhk.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsadialhk.dll (Kaspersky Lab)
O20 — AppInit_DLLs: (C:PROGRA~2KASPER~1KASPER~1.0FOr3hook.dll C:Windowssystem32vksaver.dll) — C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsr3hook.dll (Kaspersky Lab)
O20:64bit: — HKLM Winlogon: Shell — (explorer.exe) — C:Windowsexplorer.exe (Microsoft Corporation)
O20 — HKLM Winlogon: Shell — (explorer.exe) — C:WindowsSysWow64explorer.exe (Microsoft Corporation)
O20:64bit: — WinlogonNotifyklogon: DllName — Reg Error: Key error. — C:WindowsSysNativeklogon.dll (Kaspersky Lab)
O24 — Desktop WallPaper: C:UsersСаняAppDataRoamingMicrosoftWindows Photo GalleryФоновый рисунок фотоальбома Windows.jpg
O24 — Desktop BackupWallPaper: C:UsersСаняAppDataRoamingMicrosoftWindows Photo GalleryФоновый рисунок фотоальбома Windows.jpg
O32 — HKLM CDRom: AutoRun — 1
O33 — MountPoints2{087702d3-04e9-11df-b1b5-001966ce9918}Shell — «» = AutoRun
O33 — MountPoints2{087702d3-04e9-11df-b1b5-001966ce9918}ShellAutoRuncommand — «» = E:setup.exe — File not found
O33 — MountPoints2{2787484c-ef02-11de-929f-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{2787484c-ef02-11de-929f-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{3ed7779b-1249-11df-be94-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{3ed7779b-1249-11df-be94-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{433824c4-f582-11de-8642-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{433824c4-f582-11de-8642-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{5b2b9289-19fd-11df-af40-001966ce9918}ShellAutoRuncommand — «» = F:keygen.exe — File not found
O33 — MountPoints2{5b2b9289-19fd-11df-af40-001966ce9918}ShellopenCommand — «» = F:keygen.exe — File not found
O34 — HKLM BootExecute: (autocheck autochk *) — File not found
O35:64bit: — HKLM..comfile [open] — «%1» %*
O35:64bit: — HKLM..exefile [open] — «%1» %*
O35 — HKLM..comfile [open] — «%1» %*
O35 — HKLM..exefile [open] — «%1» %*
O37:64bit: — HKLM…com [@ = comfile] — «%1» %*
O37:64bit: — HKLM…exe [@ = exefile] — «%1» %*
O37 — HKLM…com [@ = comfile] — «%1» %*
O37 — HKLM…exe [@ = exefile] — «%1» %*========== Files/Folders — Created Within 30 Days ==========
[2010.03.27 21:05:42 | 000,555,520 | —- | C] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
[2010.03.26 10:50:22 | 000,000,000 | —D | C] — C:Program Files (x86)Common FilesSkype
[2010.03.25 19:59:42 | 000,000,000 | —D | C] — C:UsersСаняDocumentsSquare Enix
[2010.03.25 16:50:37 | 000,000,000 | —D | C] — C:UsersСаняAppDataRoamingMalwarebytes
[2010.03.25 16:34:02 | 000,038,224 | —- | C] (Malwarebytes Corporation) — C:WindowsSysWow64driversmbamswissarmy.sys
[2010.03.25 16:33:56 | 000,000,000 | —D | C] — C:ProgramDataMalwarebytes
[2010.03.25 16:33:55 | 000,024,664 | —- | C] (Malwarebytes Corporation) — C:WindowsSysNativedriversmbam.sys
[2010.03.25 16:33:55 | 000,000,000 | —D | C] — C:Program Files (x86)Malwarebytes’ Anti-Malware
[2010.03.25 16:21:41 | 000,000,000 | —D | C] — C:Program Files (x86)Just Cause 2
[2010.03.25 11:47:04 | 000,000,000 | —D | C] — C:Program Files (x86)trend micro
[2010.03.25 11:47:03 | 000,000,000 | —D | C] — C:rsit
[2010.03.22 20:51:40 | 000,000,000 | —D | C] — C:Program Files (x86)4GAME
[2010.03.22 12:46:32 | 000,000,000 | —D | C] — C:UsersСаняDesktopAion
[2010.03.22 11:46:11 | 000,000,000 | —D | C] — C:UsersСаняDesktopНовая папка (2)
[2010.03.22 10:41:27 | 000,000,000 | —D | C] — C:UsersСаняAppDataRoamingMozilla
[2010.03.21 19:50:25 | 000,000,000 | —D | C] — C:UsersСаняDesktopaion rus
[2010.03.21 13:38:39 | 000,000,000 | —D | C] — C:UsersСаняAppDataLocalassembly
[2010.03.16 18:08:41 | 000,000,000 | —D | C] — C:UsersСаняDesktopRus_Client_Infiniteaion
[2010.03.15 23:10:08 | 000,000,000 | —D | C] — C:Program Files (x86)Planet Updater
[2010.03.14 21:58:26 | 000,000,000 | —D | C] — C:Program Files (x86)Aion
[2010.03.11 09:35:43 | 000,032,768 | —- | C] (Microsoft Corporation) — C:WindowsSysNativenshhttp.dll
[2010.03.11 09:35:43 | 000,024,064 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64nshhttp.dll
[2010.03.11 09:35:37 | 000,033,792 | —- | C] (Microsoft Corporation) — C:WindowsSysNativehttpapi.dll
[2010.03.11 09:35:37 | 000,030,720 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64httpapi.dll
[2010.03.09 23:31:06 | 000,000,000 | —D | C] — C:Program Files (x86)LineageII
[2010.03.04 00:19:56 | 000,000,000 | —D | C] — C:UsersСаняDocumentsLiberation Studio
[2010.03.03 11:47:36 | 000,000,000 | —D | C] — C:ProgramDatat01x97GIiTqrf7M2Q
[2010.03.02 19:28:51 | 000,000,000 | —D | C] — C:Windows1C4551A64743409391E41477CD655043.TMP
[2010.03.02 19:22:41 | 000,000,000 | —D | C] — C:Program Files (x86)Deep Silver
[2010.03.01 16:53:40 | 000,000,000 | —D | C] — C:UsersСаняDocumentsWBGames
[2010.03.01 15:36:36 | 000,000,000 | —D | C] — C:Program Files (x86)F.E.A.R. 2 Complete
[2010.02.27 23:57:48 | 000,000,000 | —D | C] — C:UsersСаняAppDataLocalRisen
[2010.02.27 22:48:59 | 000,530,776 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeXAudio2_6.dll
[2010.02.27 22:48:59 | 000,528,216 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64XAudio2_6.dll
[2010.02.27 22:48:59 | 000,078,680 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeXAPOFX1_4.dll
[2010.02.27 22:48:59 | 000,074,072 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64XAPOFX1_4.dll
[2010.02.27 22:48:57 | 000,238,936 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64xactengine3_6.dll
[2010.02.27 22:48:57 | 000,176,984 | —- | C] (Microsoft Corporation) — C:WindowsSysNativexactengine3_6.dll
[2010.02.27 22:48:57 | 000,024,920 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeX3DAudio1_7.dll
[2010.02.27 22:48:57 | 000,022,360 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64X3DAudio1_7.dll
[2010.02.27 22:13:47 | 002,605,920 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeD3DCompiler_40.dll
[2010.02.27 22:13:47 | 002,036,576 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64D3DCompiler_40.dll
[2010.02.27 22:13:47 | 000,519,000 | —- | C] (Microsoft Corporation) — C:WindowsSysNatived3dx10_40.dll
[2010.02.27 22:13:47 | 000,452,440 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64d3dx10_40.dll
[2010.02.27 22:13:45 | 005,631,312 | —- | C] (Microsoft Corporation) — C:WindowsSysNativeD3DX9_40.dll
[2010.02.27 22:13:45 | 004,379,984 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64D3DX9_40.dll
[2010.02.27 22:05:45 | 000,000,000 | —D | C] — C:Program Files (x86)Section 8
[2 C:Windows*.tmp files -> C:Windows*.tmp -> ]========== Files — Modified Within 30 Days ==========
[2010.03.27 21:07:25 | 001,572,864 | -HS- | M] () — C:UsersСаняNTUSER.DAT
[2010.03.27 21:07:14 | 028,388,924 | -HS- | M] () — C:WindowsSysNativedriversfidbox.dat
[2010.03.27 21:07:13 | 000,555,520 | —- | M] (OldTimer Tools) — C:UsersСаняDesktopOTL.exe
[2010.03.27 20:58:51 | 000,034,800 | —- | M] () — C:ProgramDatanvModes.dat
[2010.03.27 20:58:51 | 000,034,800 | —- | M] () — C:ProgramDatanvModes.001
[2010.03.27 20:58:41 | 000,003,760 | -H— | M] () — C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.27 20:58:41 | 000,003,760 | -H— | M] () — C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.27 20:58:35 | 000,000,006 | -H— | M] () — C:WindowstasksSA.DAT
[2010.03.27 20:58:31 | 000,067,584 | —S- | M] () — C:Windowsbootstat.dat
[2010.03.27 15:32:24 | 000,508,852 | -HS- | M] () — C:WindowsSysNativedriversfidbox.idx
[2010.03.27 15:32:23 | 000,524,288 | -HS- | M] () — C:UsersСаняNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000001.regtrans-ms
[2010.03.27 15:32:23 | 000,065,536 | -HS- | M] () — C:UsersСаняNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TM.blf
[2010.03.27 15:32:15 | 002,404,610 | -H— | M] () — C:UsersСаняAppDataLocalIconCache.db
[2010.03.25 16:34:05 | 000,000,814 | —- | M] () — C:UsersPublicDesktopMalwarebytes’ Anti-Malware.lnk
[2010.03.25 16:21:42 | 000,000,667 | —- | M] () — C:UsersPublicDesktopJust Cause 2.lnk
[2010.03.25 12:44:13 | 000,021,085 | —- | M] () — C:UsersСаняDesktop[rutracker.org].t2848506.torrent
[2010.03.25 11:46:52 | 000,781,909 | —- | M] () — C:UsersСаняDesktopRSIT.exe
[2010.03.23 14:40:57 | 000,043,520 | —- | M] () — C:UsersСаняAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.23 12:03:19 | 001,459,114 | —- | M] () — C:WindowsSysNativePerfStringBackup.INI
[2010.03.23 12:03:19 | 000,653,074 | —- | M] () — C:WindowsSysNativeperfh019.dat
[2010.03.23 12:03:19 | 000,586,980 | —- | M] () — C:WindowsSysNativeperfh009.dat
[2010.03.23 12:03:19 | 000,125,594 | —- | M] () — C:WindowsSysNativeperfc019.dat
[2010.03.23 12:03:19 | 000,101,052 | —- | M] () — C:WindowsSysNativeperfc009.dat
[2010.03.22 22:36:26 | 000,038,224 | —- | M] (Malwarebytes Corporation) — C:WindowsSysWow64driversmbamswissarmy.sys
[2010.03.22 22:36:00 | 000,024,664 | —- | M] (Malwarebytes Corporation) — C:WindowsSysNativedriversmbam.sys
[2010.03.22 21:15:40 | 000,144,400 | —- | M] (Kaspersky Lab) — C:WindowsSysNativedriverskl1.sys
[2010.03.22 20:22:00 | 000,000,559 | —- | M] () — C:UsersСаняDesktopAionForseti — Ярлык.lnk
[2010.03.22 11:34:33 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.dat
[2010.03.22 10:41:28 | 000,000,000 | —- | M] () — C:Windowsnsreg.dat
[2010.03.21 22:34:54 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_a068 5fe.dat
[2010.03.21 21:34:12 | 000,000,921 | —- | M] () — C:UsersPublicDesktopPlanet Updater.lnk
[2010.03.21 14:12:33 | 000,000,020 | —- | M] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.bak
[2010.03.21 12:54:48 | 000,000,169 | —- | M] () — C:UsersСаняDesktopродители для вас ).url
[2010.03.17 22:47:04 | 000,000,032 | —- | M] () — C:ProgramDataezsid.dat
[2010.03.17 22:41:48 | 005,852,160 | —- | M] () — C:UsersСаняDesktoprserv34ru.msi
[2010.03.16 20:24:20 | 000,000,694 | —- | M] () — C:UsersСаняDesktopPvP World Aion Launcher — Ярлык.lnk
[2010.03.16 20:24:20 | 000,000,583 | —- | M] () — C:UsersСаняDesktopcc — Ярлык.lnk
[2010.03.16 20:24:20 | 000,000,479 | —- | M] () — C:UsersСаняDesktopData — Ярлык.lnk
[2010.03.15 22:48:25 | 000,000,083 | —- | M] () — C:Program Files (x86).config
[2010.03.14 22:42:59 | 028,815,126 | —- | M] () — C:UsersСаняDesktopPatch_Aion.rar
[2010.03.14 21:58:43 | 000,350,985 | —- | M] () — C:UsersСаняDesktopPlanetUpdater.zip
[2010.03.12 07:59:41 | 000,001,157 | —- | M] () — C:UsersСаняDesktopl2.lnk
[2010.03.09 15:10:08 | 000,044,544 | —- | M] (AudioVkontakte.Ru) — C:WindowsSysWow64vksaver.dll
[2010.03.01 16:45:49 | 000,000,912 | —- | M] () — C:UsersСаняDesktopF.E.A.R. 2 Complete.lnk
[2010.02.27 22:56:33 | 000,314,016 | —- | M] () — C:WindowsSysNativedriversatksgt.sys
[2010.02.27 22:56:32 | 000,043,680 | —- | M] () — C:WindowsSysNativedriverslirsgt.sys
[2010.02.27 22:11:23 | 000,000,823 | —- | M] () — C:UsersСаняDesktopSection 8.lnk
[2 C:Windows*.tmp files -> C:Windows*.tmp -> ]========== Files Created — No Company Name ==========
[2010.03.25 16:34:05 | 000,000,814 | —- | C] () — C:UsersPublicDesktopMalwarebytes’ Anti-Malware.lnk
[2010.03.25 16:21:42 | 000,000,667 | —- | C] () — C:UsersPublicDesktopJust Cause 2.lnk
[2010.03.25 12:44:11 | 000,021,085 | —- | C] () — C:UsersСаняDesktop[rutracker.org].t2848506.torrent
[2010.03.25 11:46:49 | 000,781,909 | —- | C] () — C:UsersСаняDesktopRSIT.exe
[2010.03.22 20:22:00 | 000,000,559 | —- | C] () — C:UsersСаняDesktopAionForseti — Ярлык.lnk
[2010.03.22 10:41:28 | 000,000,000 | —- | C] () — C:Windowsnsreg.dat
[2010.03.21 21:34:12 | 000,000,921 | —- | C] () — C:UsersPublicDesktopPlanet Updater.lnk
[2010.03.21 20:33:37 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.bak
[2010.03.17 22:47:04 | 000,000,032 | —- | C] () — C:ProgramDataezsid.dat
[2010.03.17 22:39:55 | 005,852,160 | —- | C] () — C:UsersСаняDesktoprserv34ru.msi
[2010.03.17 20:49:07 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_ 1dd4367.dat
[2010.03.16 20:24:20 | 000,000,694 | —- | C] () — C:UsersСаняDesktopPvP World Aion Launcher — Ярлык.lnk
[2010.03.16 20:24:20 | 000,000,583 | —- | C] () — C:UsersСаняDesktopcc — Ярлык.lnk
[2010.03.16 20:24:20 | 000,000,479 | —- | C] () — C:UsersСаняDesktopData — Ярлык.lnk
[2010.03.15 22:11:42 | 000,000,083 | —- | C] () — C:Program Files (x86).config
[2010.03.15 09:20:19 | 000,000,020 | —- | C] () — C:UsersСаняDocumentsaionmemo_a068 5fe.dat
[2010.03.14 22:41:37 | 028,815,126 | —- | C] () — C:UsersСаняDesktopPatch_Aion.rar
[2010.03.14 21:58:41 | 000,350,985 | —- | C] () — C:UsersСаняDesktopPlanetUpdater.zip
[2010.03.10 21:47:16 | 000,001,157 | —- | C] () — C:UsersСаняDesktopl2.lnk
[2010.03.01 16:45:49 | 000,000,912 | —- | C] () — C:UsersСаняDesktopF.E.A.R. 2 Complete.lnk
[2010.02.27 22:56:33 | 000,314,016 | —- | C] () — C:WindowsSysNativedriversatksgt.sys
[2010.02.27 22:56:32 | 000,043,680 | —- | C] () — C:WindowsSysNativedriverslirsgt.sys
[2010.02.27 22:11:23 | 000,000,823 | —- | C] () — C:UsersСаняDesktopSection 8.lnk
[2010.02.05 13:48:06 | 000,594,946 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistMSI31C8.txt
[2010.02.05 13:48:05 | 000,014,390 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistUI31C8.txt
[2010.01.19 16:46:28 | 000,123,242 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistMSI0A06.txt
[2010.01.19 16:46:26 | 000,014,576 | —- | C] () — C:UsersСаняAppDataLocaldd_vcredistUI0A06.txt
[2009.12.30 19:35:21 | 000,000,008 | —- | C] () — C:UsersСаняAppDataRoamingNMM-MetaData.db
[2009.12.23 22:18:46 | 000,040,960 | —- | C] () — C:WindowsSysWow64psfind.dll
[2009.12.22 18:30:30 | 000,043,520 | —- | C] () — C:UsersСаняAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.21 18:38:15 | 000,034,800 | —- | C] () — C:ProgramDatanvModes.dat
[2009.12.21 18:38:15 | 000,034,800 | —- | C] () — C:ProgramDatanvModes.001
[2009.12.21 16:14:02 | 000,000,732 | —- | C] () — C:UsersСаняAppDataLocald3d9caps64.dat
[2009.08.07 19:51:34 | 000,178,430 | —- | C] () — C:WindowsSysWow64xlive.dll.cat
[2009.04.11 19:24:20 | 000,368,640 | —- | C] () — C:WindowsSysWow64msjetoledb40.dll
[2009.04.11 19:23:28 | 000,117,248 | —- | C] () — C:WindowsSysWow64EhStorAuthn.dll
[2008.10.07 09:13:30 | 000,197,912 | —- | C] () — C:WindowsSysWow64physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | —- | C] () — C:WindowsSysWow64AgCPanelFrench.dll
[2008.01.21 05:49:10 | 000,060,124 | —- | C] () — C:WindowsSysWow64tcpmon.ini
[2007.03.29 23:00:40 | 000,203,264 | R— | C] () — C:WindowsSysWow64CddbCdda.dllComboFix 09-08-20.07 — Admin 21.08.2009 15:16.1.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2047.1578 [GMT 4:00]
Running from: e:documents and settingsAdminРабочий столComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.C:resycled
e:windowsDelete.bat
e:windowsFontsimg hearts.ttf
e:windowsFontsimg travel.ttf
e:windowssystem32uninstall.exe.
((((((((((((((((((((((((( Files Created from 2009-07-21 to 2009-08-21 )))))))))))))))))))))))))))))))
.2009-09-03 19:09 . 2009-09-03 19:09
d
w- e:windowssystem32RTCOM
2009-09-03 19:09 . 2008-04-14 21:40 4096
w- e:windowssystem32ksuser.dll
2009-09-03 19:09 . 2008-04-14 00:49 146048
w- e:windowssystem32driversportcls.sys
2009-09-03 19:09 . 2008-04-14 00:15 60160
w- e:windowssystem32driversdrmk.sys
2009-09-03 19:09 . 2008-04-14 21:40 21504
w- e:windowssystem32hidserv.dll
2009-09-03 19:09 . 2008-04-14 21:11 58368
w- e:windowssystem32driversredbook.sys
2009-09-03 19:07 . 2009-08-21 09:06
d-sh—w- e:windowsInstaller
2009-09-03 19:07 . 2008-04-15 16:00 77824 -c—-w- e:windowssystem32dllcachespcommon.dll
2009-09-03 19:07 . 2008-04-15 16:00 61440 -c—-w- e:windowssystem32dllcachespcplui.dll
2009-09-03 19:07 . 2008-04-15 16:00 774144 -c—-w- e:windowssystem32dllcachespttseng.dll
2009-09-03 19:07 . 2009-08-21 11:03
d
r- E:Program Files
2009-09-03 19:07 . 2008-04-15 16:00 741376 -c—-w- e:windowssystem32dllcachesapi.dll
2009-09-03 19:07 . 2008-04-15 16:00 36864 -c—-w- e:windowssystem32dllcachesapisvr.exe
2009-09-03 19:03 . 2005-08-17 13:43 330240
w- e:windowssystem32driversZD1211BU.sys
2009-09-03 19:03 . 2008-04-17 14:33 4707328
w- e:windowssystem32driversRtkHDAud.sys
2009-09-03 19:03 . 2008-04-02 07:27 1196032 —-a-w- e:windowsRtlUpd.exe
2009-09-03 19:03 . 2007-11-20 16:15 1826816 —-a-w- e:windowsSkyTel.exe
2009-09-03 19:03 . 2006-07-21 14:14 86016 —-a-w- e:windowsSOUNDMAN.EXE
2009-09-03 19:03 . 2007-03-23 17:19 9715200 —-a-w- e:windowsRTLCPL.EXE
2009-09-03 19:03 . 2008-04-10 14:52 16861184 —-a-w- e:windowsRTHDCPL.EXE
2009-09-03 19:03 . 2007-06-28 14:44 2165760 —-a-w- e:windowsMicCal.exe
2009-09-03 19:03 . 2006-05-04 14:26 2808832 —-a-w- e:windowsALCWZRD.EXE
2009-09-03 19:03 . 2005-05-03 16:43 69632 —-a-w- e:windowsALCMTR.EXE
2009-09-03 19:01 . 2008-08-20 18:35 122880
w- e:windowssystem32NVCOSMB.DLL
2009-09-03 19:01 . 2008-08-20 18:35 453152
w- e:windowssystem32nvusmb.exe
2009-09-03 19:00 . 2009-08-21 11:16
d
w- e:windowssystem32CatRoot2
2009-09-03 19:00 . 2009-08-15 19:33
d
w- e:windowssystem32CatRoot.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-03 16:47 . 2009-09-03 16:47 56
w- e:windowssystem32ezsidmv.dat
2009-09-03 16:46 . 2009-09-03 16:46
d
w- e:program filesCommon FilesSkype
2009-09-03 16:46 . 2009-09-03 16:46
d
r- e:program filesSkype
2009-09-03 16:46 . 2009-09-03 16:19
d
w- e:documents and settingsAll UsersApplication DataSkype
2009-09-03 16:40 . 2009-09-03 16:40 29926 —-a-r- e:documents and settingsAdminApplication DataMicrosoftInstaller{5EB90C06-964F-4195-B83E-BD7E55C88415}ARPPRODUCTICON.exe
2009-09-03 16:40 . 2009-09-03 16:40
d
w- e:program filesCommon FilesPinnacle
2009-09-03 16:40 . 2009-09-03 16:40
d
w- e:documents and settingsAll UsersApplication DataPinnacle Studio Ultimate
2009-09-03 16:38 . 2009-09-03 16:38
d
w- e:documents and settingsAll UsersApplication DataCrystalIdea Software
2009-09-03 16:34 . 2009-09-03 16:34
d
w- e:program filesBluetooth Remote Control
2009-09-03 16:14 . 2009-09-03 16:14
d
w- e:documents and settingsAdminApplication DataQIP
2009-09-03 15:45 . 2009-09-03 15:45
d
w- e:program filesUltraISO
2009-09-03 15:45 . 2009-09-03 15:45
d
w- e:program filesCommon FilesEZB Systems
2009-09-03 15:45 . 2009-09-03 15:45
d
w- e:program filesAhead
2009-09-03 15:45 . 2009-09-03 15:45
d
w- e:program filesCommon FilesAhead
2009-09-03 15:44 . 2009-09-03 15:44
d
w- e:program filesuTorrent
2009-09-03 15:44 . 2009-09-03 15:44
d
w- e:documents and settingsDefault UserApplication DatauTorrent
2009-09-03 15:44 . 2009-09-03 15:44
d
w- e:program filesTotal Commander
2009-09-03 15:44 . 2009-09-03 15:44
d
w- e:program filesSmart Install Maker
2009-09-03 15:44 . 2009-09-03 15:44
d
w- e:program filesRegshot
2009-09-03 15:44 . 2009-09-03 15:44
d
w- e:program filesVDSoft
2009-09-03 15:44 . 2009-09-03 15:44
d
w- e:program filesCCleaner
2009-09-03 15:44 . 2009-09-03 15:44
d
w- e:program filesUninstall Tool
2009-09-03 15:42 . 2009-09-03 15:42
d
w- e:program filesBonjour
2009-09-03 15:37 . 2009-09-03 15:37
d
w- e:program filesCommon FilesMacrovision Shared
2009-09-03 15:37 . 2009-09-03 15:37
d
w- e:program filesCommon FilesAdobe
2009-09-03 15:36 . 2009-09-03 15:36
d
w- e:program filesTechSmith
2009-09-03 15:36 . 2009-09-03 15:36
d
w- e:documents and settingsAll UsersApplication DataTechSmith
2009-09-03 15:36 . 2009-09-03 15:36
d
w- e:program filesVuescan
2009-09-03 15:35 . 2009-09-03 15:35
d
w- e:program filesCommon FilesMacromedia
2009-09-03 15:35 . 2009-09-03 15:35
d
w- e:program filesMacromedia
2009-09-03 15:34 . 2009-09-03 15:26
d
w- e:documents and settingsAll UsersApplication DataMicrosoft Help
2009-09-03 15:27 . 2009-09-03 15:27
d
w- e:program filesMicrosoft Works
2009-09-03 15:27 . 2009-09-03 15:27
d
w- e:program filesMicrosoft.NET
2009-09-03 15:26 . 2009-09-03 15:26
d
w- e:program filesFoxit Reader
2009-09-03 15:26 . 2009-09-03 15:26
d—a-w- e:documents and settingsAdminApplication DataYandex
2009-09-03 15:18 . 2009-09-03 15:18
d
w- e:program filesVistaDriveIcon
2009-09-03 15:18 . 2009-09-03 15:18
d—a-w- e:program filesPaint.NET
2009-09-03 15:18 . 2009-09-03 15:18 410984
w- e:windowssystem32deploytk.dll
2009-09-03 15:17 . 2009-09-03 15:17
d
w- e:program filesJava
2009-09-03 15:12 . 2009-09-03 15:12 22564
w- e:windowssystem32emptyregdb.dat
2009-09-03 15:12 . 2009-09-03 15:12
d
w- e:program filesWindows Media Connect 2
2009-08-21 11:12 . 2009-09-03 15:44
d
w- e:documents and settingsAdminApplication DatauTorrent
2009-08-21 11:08 . 2009-08-11 00:06 174576 —-a-w- e:documents and settingsLocalServiceLocal SettingsApplication DataFontCache3.0.0.0.dat
2009-08-21 11:01 . 2009-08-19 12:24
d
w- e:documents and settingsAll UsersApplication Dataavg8
2009-08-21 10:47 . 2009-08-21 08:43
d
w- e:documents and settingsAdminApplication DataBitTorrent
2009-08-21 09:12 . 2009-08-21 09:12
d
w- e:program filesTrend Micro
2009-08-21 08:43 . 2009-08-21 08:43
d
w- e:program filesBitTorrent
2009-08-20 18:54 . 2009-08-03 13:24 138464 —-a-w- e:windowssystem32driversPnkBstrK.sys
2009-08-20 18:53 . 2009-08-03 13:24 111928 —-a-w- e:windowssystem32PnkBstrB.exe
2009-08-20 18:18 . 2009-08-20 18:16
d
w- e:program filesPortal
2009-08-20 16:36 . 2009-08-12 09:21
d—a-w- e:documents and settingsAll UsersApplication DataTEMP
2009-08-20 15:58 . 2009-09-03 16:46
d
w- e:documents and settingsAdminApplication DataSkype
2009-08-20 14:34 . 2009-08-20 14:34 2560 —-a-w- e:windows_MSRSTRT.EXE
2009-08-20 14:28 . 2009-08-20 14:28
d
w- e:documents and settingsAdminApplication DataAuslogics
2009-08-20 14:27 . 2009-08-20 14:27
d
w- e:program filesAuslogics
2009-08-20 12:03 . 2009-09-03 16:47
d
w- e:documents and settingsAdminApplication DataskypePM
2009-08-20 10:52 . 2009-08-03 13:24 65136 —-a-w- e:documents and settingsAdminLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-08-19 13:31 . 2009-08-03 14:12
d
w- e:program filesOpenAL
2009-08-19 12:45 . 2009-08-19 12:45 12552 —-a-w- e:windowssystem32driversavgrkx86.sys
2009-08-19 12:45 . 2009-08-19 12:45 11952 —-a-w- e:windowssystem32avgrsstx.dll
2009-08-19 12:45 . 2009-08-19 12:45 335240 —-a-w- e:windowssystem32driversavgldx86.sys
2009-08-19 12:45 . 2009-08-19 12:45 27784 —-a-w- e:windowssystem32driversavgmfx86.sys
2009-08-19 12:45 . 2009-08-19 12:45
d
w- e:documents and settingsAll UsersApplication DataAVG Security Toolbar
2009-08-19 11:26 . 2009-08-13 19:30
d
w- e:program filesAtomPark
2009-08-19 10:29 . 2009-08-10 10:03
d
w- e:program filesDrWeb
2009-08-18 20:48 . 2008-04-15 16:00 484934 —-a-w- e:windowssystem32perfh019.dat
2009-08-18 20:48 . 2008-04-15 16:00 84458 —-a-w- e:windowssystem32perfc019.dat
2009-08-18 20:09 . 2009-08-07 04:57
d—h—w- e:program filesInstallShield Installation Information
2009-08-18 19:36 . 2009-09-03 15:35
d
w- e:program filesCommon FilesInstallShield
2009-08-18 18:56 . 2009-08-18 18:56 22328 —-a-w- e:documents and settingsAdminApplication DataPnkBstrK.sys
2009-08-18 18:56 . 2009-08-18 18:56 22328 —-a-w- e:documents and settingsAdminApplication DataPnkBstrK.sys
2009-08-18 18:55 . 2009-08-03 13:24 66872 —-a-w- e:windowssystem32PnkBstrA.exe
2009-08-18 18:55 . 2009-08-18 18:55 682280 —-a-w- e:windowssystem32pbsvc.exe
2009-08-18 18:33 . 2009-08-17 16:26
d
w- e:documents and settingsAll UsersApplication DataKaspersky Lab
2009-08-17 16:26 . 2009-08-17 16:26
d
w- e:program filesKaspersky Lab
2009-08-17 16:14 . 2009-09-03 16:35
d
w- e:documents and settingsAll UsersApplication DataPinnacle
2009-08-16 12:27 . 2009-08-15 16:20
d
w- e:documents and settingsAdminApplication DataBioshock
2009-08-15 17:44 . 2009-08-15 17:44
d
w- e:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
2009-08-15 15:52 . 2009-08-15 15:52
d
w- e:program files2K Games
2009-08-15 15:52 . 2009-08-15 15:52
d
w- e:documents and settingsAdminApplication DataInstallShield
2009-08-15 12:13 . 2009-09-03 15:36
d
w- e:program filesCommon FilesWise Installation Wizard
2009-08-14 17:16 . 2009-08-14 17:16
d
w- e:program filesCommon FilesINCA Shared
2009-08-14 10:53 . 2009-08-13 13:46
d
w- e:program filesDAEMON Tools Lite
2009-08-13 22:00 . 2009-09-03 15:44
d
w- e:program filesUnlocker
2009-08-13 18:42 . 2009-08-13 15:22
d
w- e:documents and settingsAdminApplication DataPro Cycling Manager 2009
2009-08-13 12:36 . 2009-08-13 12:36
d—h—r- e:documents and settingsAdminApplication DataSecuROM
2009-08-13 07:44 . 2009-08-13 07:44
d
w- e:documents and settingsAdminApplication DataRadmin
2009-08-13 07:44 . 2009-08-13 07:44
d
w- e:program filesRadmin Viewer 3
2009-08-13 07:21 . 2009-08-13 07:21
d
w- e:documents and settingsAdminApplication DataTeamViewer
2009-08-13 07:19 . 2009-08-04 12:23
d
w- e:program filesMiranda IM zeleboba’s pack
2009-08-12 15:29 . 2009-08-12 06:57
d
w- e:documents and settingsAdminApplication DataWinamp
2009-08-12 08:19 . 2009-08-12 07:41
d
w- e:documents and settingsAdminApplication DataDAEMON Tools Lite
2009-08-12 07:45 . 2009-08-12 07:45
d
w- e:documents and settingsAll UsersApplication DataDAEMON Tools Lite
2009-08-12 07:41 . 2009-09-03 15:18 721904
w- e:windowssystem32driverssptd.sys
2009-08-12 06:58 . 2009-08-12 06:48
d
w- e:program filesWinamp
2009-08-11 00:06 . 2009-08-11 00:06
d
w- e:program filesMSBuild
2009-08-10 23:50 . 2009-08-10 23:50
d
w- e:program filesReference Assemblies
2009-08-10 11:23 . 2009-08-10 11:22
d
w- e:program filesHalf-life 1.1.2.0
2009-08-10 09:31 . 2009-08-05 11:01
d
w- e:program filesKillingFloor
2009-08-08 19:31 . 2009-08-08 19:21
d
w- e:documents and settingsAdminApplication DataDownload Master
.
Sigcheck
[-] 2009-02-19 17:18 579072 23B7D3F3F5EC8FEEA75EC381C71CBD5E e:windowssystem32user32.dll[-] 2009-02-19 17:18 952832 8D462CDD4769F07C7A03384436B45C0B e:windowssystem32wininet.dll
[-] 2009-02-19 17:20 361600 6A104BA98D99D53AB0C91825CE659FC6 e:windowssystem32driverstcpip.sys
[-] 2009-02-19 17:17 1721344 DD08EDC9648AFF1E064B2FAF24743BF6 e:windowsexplorer.exe
[-] 2009-02-19 17:17 30208 0C03910993057CC8BD5762441F5ABDF6 e:windowssystem32ctfmon.exe
[-] 2009-02-19 17:18 78360 0717E8AF3CD28E24C7A0903BFE60B1B0 e:windowssystem32wuauclt.exe
[-] 2009-02-19 17:17 855040 741FBE6EC177F09F49A448DE2FBF8F01 e:windowssystem32comres.dll
[-] 2009-02-19 17:21 1571840 8F51D3D08E9FFF9113EFDFA7A7511F2C e:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»e:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«uTorrent»=»e:program filesuTorrentuTorrent.exe» [2009-08-03 288048]
«RocketDock»=»e:program filesRocketDockRocketDock.exe» [2007-09-02 495616]
«TBPanel»=»e:program filesVtuneTBPanel.exe» [2009-03-17 2158592]
«Download Master»=»e:program filesDownload Masterdmaster.exe» [2009-08-05 3777536]
«RGSC»=»c:program filesRockstar GamesRockstar Games Social ClubRGSCLauncher.exe» [2009-08-13 306088][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»e:windowssystem32NvCpl.dll» [2009-03-17 13680640]
«NvMediaCenter»=»e:windowssystem32NvMcTray.dll» [2009-03-17 86016]
«nwiz»=»nwiz.exe» — e:windowssystem32nwiz.exe [2009-03-17 1657376]
«RTHDCPL»=»RTHDCPL.EXE» — e:windowsRTHDCPL.EXE [2008-04-10 16861184][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»e:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«ZZZZ2_FirstLogonSetting»=»advpack.dll» — e:windowssystem32advpack.dll [2009-02-19 124928]
«IE7_012″=»advpack.dll» — e:windowssystem32advpack.dll [2009-02-19 124928]e:documents and settingsAdminѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
data.exe [2009-7-17 166400]e:documents and settingsAdminѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
data.exe [2009-7-17 166400]e:documents and settingsAdminѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
data.exe [2009-7-17 166400]e:documents and settingsAdminѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
data.exe [2009-7-17 166400][HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMConfigurePrograms»= 1 (0x1)[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMConfigurePrograms»= 1 (0x1)[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavgrsstarter]
2009-08-19 12:45 11952 —-a-w- e:windowssystem32avgrsstx.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«FirewallOverride»=dword:00000001
«UpdatesDisableNotify»=dword:00000001
«UpdatesOverride»=dword:00000001
«AntiVirusOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«e:\Program Files\uTorrent\uTorrent.exe»=
«e:\WINDOWS\system32\rserver30\rserver3.exe»=
«c:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«c:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«c:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«e:\WINDOWS\system32\PnkBstrA.exe»=
«e:\WINDOWS\system32\PnkBstrB.exe»=
«c:\Activision\Call of Duty — World at War\CoDWaWmp.exe»=
«c:\Activision\Call of Duty — World at War\CoDWaW.exe»=
«c:\Race Driver GRID\GRID.exe»=
«e:\Program Files\Skype\Phone\Skype.exe»=
«e:\Program Files\BitTorrent\bittorrent.exe»=R0 AvgRkx86;avgrkx86.sys;e:windowssystem32driversavgrkx86.sys [19.08.2009 16:45 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;e:windowssystem32driversavgldx86.sys [19.08.2009 16:45 335240]
R1 raddrvv3;raddrvv3;e:windowssystem32rserver30raddrvv3.sys [24.04.2008 8:49 45848]
R1 VBoxDrv;VirtualBox Service;e:windowssystem32driversVBoxDrv.sys [03.09.2009 19:47 100560]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;e:windowssystem32driversVBoxUSBMon.sys [03.09.2009 19:46 41744]
R3 mirrorv3;mirrorv3;e:windowssystem32driversrminiv3.sys [01.11.2006 6:01 3328]
R3 VBoxNetFlt;VBoxNetFlt Service;e:windowssystem32driversVBoxNetFlt.sys [03.09.2009 20:19 87568]
S1 AvgTdiX;AVG8 Network Redirector;e:windowssystem32Driversavgtdix.sys —> e:windowssystem32Driversavgtdix.sys [?]
S1 ShldDrv;Panda File Shield Driver;e:windowssystem32DRIVERSShlDrv51.sys —> e:windowssystem32DRIVERSShlDrv51.sys [?]
S2 ATE_PROCMON;ATE_PROCMON;??e:program filesAnti Trojan EliteATEPMon.sys —> e:program filesAnti Trojan EliteATEPMon.sys [?]
S2 avg8emc;AVG8 E-mail Scanner;e:progra~1AVGAVG8avgemc.exe —> e:progra~1AVGAVG8avgemc.exe [?]
S2 avg8wd;AVG8 WatchDog;e:progra~1AVGAVG8avgwdsvc.exe —> e:progra~1AVGAVG8avgwdsvc.exe [?]
S2 PavProc;Panda Process Protection Driver;??e:windowssystem32DRIVERSPavProc.sys —> e:windowssystem32DRIVERSPavProc.sys [?]
S2 RServer3;Radmin Server V3;e:windowssystem32rserver30rserver3.exe [24.04.2008 8:44 1238344]
S3 RkPavproc1;RkPavproc1;e:windowssystem32driversRkPavproc1.sys [18.08.2009 23:38 16952]
S3 tap0901;TAP-Win32 Adapter V9;e:windowssystem32driverstap0901.sys [19.11.2008 22:22 25216]— Other Services/Drivers In Memory —
*NewlyCreated* — SRSERVICE
.
— — — — ORPHANS REMOVED — — — —URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} — e:program filesAVGAVG8ToolbarIEToolbar.dll
URLSearchHooks-*CFBFAE00-17A6-11D0-99CB-00C04FD64497} — (no file)
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} — e:program filesAVGAVG8ToolbarIEToolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} — e:program filesAVGAVG8ToolbarIEToolbar.dll
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} — e:program filesAVGAVG8ToolbarIEToolbar.dll
HKLM-Run-AVG8_TRAY — e:progra~1AVGAVG8avgtray.exe.
Supplementary Scan
.
uStart Page = hxxp://www.ask.com/?o=101764&l=dis
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = hxxp://www.zvercd.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Экспорт в Microsoft Excel — e:progra~1MICROS~1Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — e:program filesDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — e:program filesDownload Masterdmie.htm
IE: Передать на удаленную закачку DM — e:program filesDownload Masterremdown.htm
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — e:program filesDownload Masterdmaster.exe
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-21 15:19
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(2020)
e:windowsSYSTEM32cscui.dll
.
Completion time: 2009-08-21 15:20
ComboFix-quarantined-files.txt 2009-08-21 11:20Pre-Run: 10 021 961 728 байт свободно
Post-Run: 10 007 093 248 байт свободноCurrent=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
276
