- This topic has 2 ответа, 1 участник, and was last updated 15 years, 5 months назад by
.
-
Сообщения
-
Здравствуйте, помогите вылечить комп.
Пару раз появлялись порно баннеры, после этого комп и инет стали медленно работать. Нод и Касперский ничего не нашли. Cure it и другие утилиты не качаются (обрывается Timeout error)
Логи OTL (RSIT выдет ошибку (Error:Subscript used with non-Array variable)OTL logfile created on: 28.03.2010 12:20:33 — Run 1
OTL by OldTimer — Version 3.1.37.3 Folder = D:
64bit-Windows Vista Ultimate Edition Service Pack 3 (Version = 6.0.6001) — Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 42,65 Gb Free Space | 28,62% Space Free | Partition Type: NTFS
Drive E: | 54,99 Gb Total Space | 28,05 Gb Free Space | 51,02% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: SOFAN-ПК
Current User Name: SoFaN
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard========== Processes (SafeList) ==========
PRC — [2010.03.28 12:20:10 | 000,555,520 | —- | M] (OldTimer Tools) — D:OTL.exe
PRC — [2010.02.27 21:50:03 | 000,189,248 | —- | M] () — C:WindowsSysWOW64PnkBstrB.exe
PRC — [2009.08.21 23:06:39 | 000,075,064 | —- | M] () — C:WindowsSysWOW64PnkBstrA.exe
PRC — [2009.03.21 13:56:37 | 000,267,056 | —- | M] (BitTorrent, Inc.) — C:Program Files (x86)uTorrentuTorrent.exe
PRC — [2009.02.03 06:07:18 | 000,240,544 | R— | M] (Adobe Systems, Inc.) — C:WindowsSysWOW64MacromedFlashFlashUtil10b.exe
PRC — [2008.12.29 14:40:30 | 000,687,560 | —- | M] (DT Soft Ltd) — C:Program Files (x86)DAEMON Tools Litedaemon.exe
PRC — [2008.01.21 06:49:41 | 000,299,520 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerieuser.exe
PRC — [2003.12.13 04:50:34 | 000,033,792 | —- | M] () — C:Program Files (x86)Winampwinampa.exe========== Modules (SafeList) ==========
MOD — [2010.03.28 12:20:10 | 000,555,520 | —- | M] (OldTimer Tools) — D:OTL.exe
MOD — [2008.01.21 06:49:09 | 000,450,048 | —- | M] (Microsoft Corporation) — C:WindowsSysWOW64comdlg32.dll
MOD — [2008.01.21 06:47:14 | 001,684,480 | —- | M] (Microsoft Corporation) — C:Windowswinsxsx86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cccomctl32.dll========== Win32 Services (SafeList) ==========
SRV:64bit: — [2008.01.21 06:51:22 | 000,252,928 | —- | M] () [On_Demand | Stopped] — C:WindowsSysNativeumrdp.dll — (UmRdpService)
SRV:64bit: — [2008.01.21 06:51:03 | 000,598,016 | —- | M] () [Auto | Running] — C:WindowsSysNativecscsvc.dll — (CscService)
SRV:64bit: — [2008.01.21 06:50:23 | 000,195,584 | —- | M] () [On_Demand | Stopped] — C:WindowsSysNativeappmgmts.dll — (AppMgmt)
SRV:64bit: — [2008.01.21 06:47:07 | 000,689,152 | —- | M] () [On_Demand | Stopped] — C:WindowsSysNativefxssvc.exe — (Fax)
SRV:64bit: — [2008.01.21 06:46:39 | 000,383,544 | —- | M] (Microsoft Corporation) [Auto | Running] — C:Program FilesWindows DefenderMpSvc.dll — (WinDefend)
SRV:64bit: — [2008.01.21 06:46:36 | 001,147,904 | —- | M] () [On_Demand | Stopped] — C:WindowsSysNativewbengine.exe — (wbengine)
SRV — [2010.02.27 21:50:03 | 000,189,248 | —- | M] () [Auto | Running] — C:WindowsSysWOW64PnkBstrB.exe — (PnkBstrB)
SRV — [2009.08.21 23:06:39 | 000,075,064 | —- | M] () [Auto | Running] — C:WindowsSysWOW64PnkBstrA.exe — (PnkBstrA)
SRV — [2008.07.27 22:01:49 | 000,093,184 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_64)
SRV — [2008.01.21 06:46:40 | 000,302,080 | —- | M] (Корпорация Майкрософт) [Auto | Running] — C:WindowsSysWow64SearchIndexer.exe — (WSearch)
SRV — [2006.11.02 17:34:14 | 000,000,000 | —D | M] [Unknown | Stopped] — C:WindowsSysWOW64Msdtc — (MSDTC)
SRV — [2006.11.02 10:35:15 | 000,060,994 | —- | M] () [On_Demand | Stopped] — C:WindowsSysWOW64wbemvds.mof — (vds)
SRV — [2006.11.02 10:35:15 | 000,055,846 | —- | M] () [On_Demand | Stopped] — C:WindowsSysWOW64wbemvss.mof — (VSS)
SRV — [2005.11.14 02:06:04 | 000,069,632 | —- | M] (Macrovision Corporation) [On_Demand | Stopped] — C:Program Files (x86)Common FilesInstallShieldDriver1150Intel 32IDriverT.exe — (IDriverT)========== Driver Services (SafeList) ==========
DRV:64bit: — [2010.03.20 12:06:10 | 000,314,016 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativeDRIVERSatksgt.sys — (atksgt)
DRV:64bit: — [2010.03.20 12:06:10 | 000,043,680 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativeDRIVERSlirsgt.sys — (lirsgt)
DRV:64bit: — [2009.03.21 14:13:06 | 000,868,848 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysNativeDriverssptd.sys — (sptd)
DRV:64bit: — [2008.06.27 08:51:10 | 000,088,632 | —- | M] () [Kernel | Auto | Running] — C:WindowsSysNativedriversadfs.sys — (adfs)
DRV:64bit: — [2008.05.02 10:59:08 | 000,008,704 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser_lowerfltx64j.sys — (UsbserFilt)
DRV:64bit: — [2008.05.02 10:58:50 | 000,008,704 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser_lowerfltx64.sys — (upperdev)
DRV:64bit: — [2008.05.02 10:58:48 | 000,023,552 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversccdcmbox64.sys — (nmwcdcx64)
DRV:64bit: — [2008.05.02 10:58:48 | 000,018,432 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversccdcmbx64.sys — (nmwcdx64)
DRV:64bit: — [2008.01.21 06:51:10 | 000,161,848 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysNativeDRIVERSfvevol.sys — (fvevol)
DRV:64bit: — [2008.01.21 06:51:03 | 000,460,800 | —- | M] () [Kernel | System | Running] — C:WindowsSysNativedriverscsc.sys — (CSC)
DRV:64bit: — [2008.01.21 06:46:34 | 000,046,080 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSwpdusb.sys — (WpdUsb)
DRV:64bit: — [2008.01.21 06:46:04 | 000,032,768 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSusbser.sys — (usbser)
DRV:64bit: — [2006.11.02 09:28:10 | 000,273,920 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSysNativedriversHdAudio.sys — (HdAudAddService) Драйвер функции UAA для службы High Definition Audio (Microsoft)
DRV:64bit: — [2006.10.05 06:13:38 | 000,378,368 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSysNativeDRIVERSRTL85n64.sys — (RTL85n64)
DRV:64bit: — [2006.10.03 06:13:44 | 000,051,200 | —- | M] () [Kernel | On_Demand | Running] — C:WindowsSysNativeDRIVERSRtlh64.sys — (RTL8169)
DRV:64bit: — [2006.08.16 08:04:18 | 000,355,328 | —- | M] () [Kernel | On_Demand | Running] — C:WindowsSysNativedriversADIHdAud.sys — (ADIHdAudAddService)
DRV:64bit: — [2005.03.29 02:30:38 | 000,008,192 | —- | M] () [Kernel | On_Demand | Running] — C:WindowsSysNativeDRIVERSASACPI.sys — (MTsensor)
DRV — [2009.03.21 11:55:29 | 000,000,000 | —D | M] [Kernel | System | Running] — C:WindowsCSC — (CSC)
DRV — [2006.09.19 01:36:40 | 000,003,066 | —- | M] () [Kernel | Boot | Running] — C:WindowsSysWOW64wbemtcpip.mof — (Tcpip)
DRV — [2006.09.19 01:35:23 | 000,001,088 | —- | M] () [Kernel | On_Demand | Running] — C:WindowsSysWOW64wbemmpsdrv.mof — (mpsdrv)========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
IE — HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htmIE — HKUS-1-5-21-3635009883-2668258468-1322177832-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://qwerty.ru/
IE — HKUS-1-5-21-3635009883-2668258468-1322177832-1000SOFTWAREMicrosoftInternet ExplorerMain,StartPageCache = 1
IE — HKUS-1-5-21-3635009883-2668258468-1322177832-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: «ProxyEnable» = 0FF — HKLMsoftwaremozillaThunderbirdExtensions\eplgTb@eset.com: C:Program FilesESETESET NOD32 AntivirusMozilla Thunderbird
O1 HOSTS File: ([2006.09.19 01:37:24 | 000,000,761 | —- | M]) — C:WindowsSysNativedriversetcHosts
O1 — Hosts: 127.0.0.1 localhost
O1 — Hosts: ::1 localhost
O2 — BHO: (Adobe PDF Reader Link Helper) — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll (Adobe Systems Incorporated)
O4:64bit: — HKLM..Run: [Windows Defender] C:Program FilesWindows DefenderMSASCui.exe (Microsoft Corporation)
O4 — HKLM..Run: [QuickTime Task] D:GAMESНА УДАЛЕНИЕQTTask.exe (Apple Inc.)
O4 — HKLM..Run: [WinampAgent] C:Program Files (x86)Winampwinampa.exe ()
O4 — HKUS-1-5-19..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
O4 — HKUS-1-5-19..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)
O4 — HKUS-1-5-20..Run: [Sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)
O4 — HKUS-1-5-20..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)
O4 — HKUS-1-5-21-3635009883-2668258468-1322177832-1000..Run: [AdobeBridge] File not found
O4 — HKUS-1-5-21-3635009883-2668258468-1322177832-1000..Run: [DAEMON Tools Lite] C:Program Files (x86)DAEMON Tools Litedaemon.exe (DT Soft Ltd)
O4 — Startup: C:UsersAll Users2GIS [2010.03.17 22:34:00 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersActivision [2009.07.16 17:24:20 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersAdobe [2010.03.26 19:22:57 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersAlawarWrapper [2002.01.17 12:58:49 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersApple [2010.01.08 17:20:27 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersApple Computer [2010.01.08 17:21:54 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersApplication Data [2006.11.02 19:41:02 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersAVP9 [2010.03.11 15:04:49 | 000,000,000 | -H-D | M]
O4 — Startup: C:UsersAll UsersCyberLink [2010.03.20 20:07:31 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersDAEMON Tools Lite [2009.03.21 14:17:15 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersDesktop [2006.11.02 19:41:02 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersDisney Interactive Studios [2009.03.21 15:02:33 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersDocuments [2006.11.02 19:41:02 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersElectronic Arts [2009.10.25 13:49:08 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersESET [2010.03.26 12:05:09 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersFavorites [2006.11.02 19:41:02 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersFLEXnet [2009.12.27 22:06:08 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersKONAMI [2010.03.24 22:30:49 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersMedia Center Programs [2010.01.06 14:02:12 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersMicrosoft [2009.03.26 17:36:48 | 000,000,000 | —SD | M]
O4 — Startup: C:UsersAll UsersMicrosoft Help [2009.03.26 17:46:07 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersMumboJumbo [2009.10.12 22:40:33 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersNero [2009.03.21 13:53:09 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersNVIDIA [2010.03.16 21:33:17 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersnvModes.001 ()
O4 — Startup: C:UsersAll UsersnvModes.dat ()
O4 — Startup: C:UsersAll UsersReal [2009.03.21 13:54:30 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll Userssalvation [2009.05.24 01:07:32 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersSolidshield [2010.01.15 02:19:00 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersStart Menu [2006.11.02 19:41:02 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersTages [2009.05.05 00:28:00 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersTemp [2010.03.20 18:20:20 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersTemplates [2006.11.02 19:41:02 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersTrymedia [2010.03.11 00:20:37 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersUbisoft [2010.03.16 21:34:20 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersВеселаяФерма2 [2009.10.30 22:05:46 | 000,000,000 | —D | M]
O4 — Startup: C:UsersAll UsersГлавное меню [2009.03.21 12:01:37 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersДокументы [2009.03.21 12:01:37 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersИзбранное [2009.03.21 12:01:37 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersРабочий стол [2009.03.21 12:01:37 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersAll UsersШаблоны [2009.03.21 12:01:37 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultAppData [2006.11.02 17:33:54 | 000,000,000 | -H-D | M]
O4 — Startup: C:UsersDefaultApplication Data [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultCookies [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultDesktop [2006.11.02 16:34:32 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersDefaultDocuments [2009.03.21 12:01:37 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersDefaultDownloads [2006.11.02 16:34:32 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersDefaultFavorites [2006.11.02 16:34:32 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersDefaultLinks [2006.11.02 16:34:32 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersDefaultLocal Settings [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultMusic [2006.11.02 16:34:32 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersDefaultMy Documents [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultNetHood [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultNTUSER.DAT ()
O4 — Startup: C:UsersDefaultNTUSER.DAT.LOG ()
O4 — Startup: C:UsersDefaultntuser.dat.LOG1 ()
O4 — Startup: C:UsersDefaultntuser.dat.LOG2 ()
O4 — Startup: C:UsersDefaultNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TM.blf ()
O4 — Startup: C:UsersDefaultNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000001.regtrans-ms ()
O4 — Startup: C:UsersDefaultNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000002.regtrans-ms ()
O4 — Startup: C:UsersDefaultPictures [2006.11.02 16:34:32 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersDefaultPrintHood [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultRecent [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultSaved Games [2006.11.02 16:34:32 | 000,000,000 | —D | M]
O4 — Startup: C:UsersDefaultSendTo [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultStart Menu [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultTemplates [2006.11.02 19:41:01 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultVideos [2006.11.02 16:34:32 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersDefaultГлавное меню [2009.03.21 12:01:37 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultМои документы [2009.03.21 12:01:37 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersDefaultШаблоны [2009.03.21 12:01:37 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersPublicDesktop [2010.03.20 20:07:18 | 000,000,000 | RH-D | M]
O4 — Startup: C:UsersPublicDocuments [2010.03.26 19:25:25 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersPublicFavorites [2006.11.02 16:34:32 | 000,000,000 | RH-D | M]
O4 — Startup: C:UsersPublicMusic [2009.09.19 21:25:51 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersPublicPictures [2002.01.04 03:34:22 | 000,000,000 | —D | M]
O4 — Startup: C:UsersSoFaNAppData [2009.03.21 12:07:23 | 000,000,000 | -H-D | M]
O4 — Startup: C:UsersSoFaNApplication Data [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNCCleaner.lnk = C:Program Files (x86)CCleanerCCleaner.exe (Piriform Ltd)
O4 — Startup: C:UsersSoFaNContacts [2009.03.22 17:40:13 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNCookies [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNDAEMON Tools Lite.lnk = C:Program Files (x86)DAEMON Tools Litedaemon.exe (DT Soft Ltd)
O4 — Startup: C:UsersSoFaNDesktop [2010.03.28 00:07:11 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNDocuments [2010.03.24 23:33:12 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNDownloads [2009.09.19 00:58:56 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNFavorites [2010.03.21 17:31:37 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNLinks [2006.11.02 16:34:32 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNLocal Settings [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNMusic [2009.09.19 00:59:22 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNNero Express.lnk = C:Program Files (x86)NeroNero Burning ROMnero.exe (Nero AG)
O4 — Startup: C:UsersSoFaNNetHood [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNNTUSER.DAT ()
O4 — Startup: C:UsersSoFaNntuser.dat.LOG1 ()
O4 — Startup: C:UsersSoFaNntuser.dat.LOG2 ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{2feb3a0f-8960-11de-8f1c-0018f30abbf5}.TM.blf ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{2feb3a0f-8960-11de-8f1c-0018f30abbf5}.TMContainer00000000000000000001.regtrans-ms ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{2feb3a0f-8960-11de-8f1c-0018f30abbf5}.TMContainer00000000000000000002.regtrans-ms ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{6f2e6c69-2bdf-11de-9b28-0018f30abbf5}.TM.blf ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{6f2e6c69-2bdf-11de-9b28-0018f30abbf5}.TMContainer00000000000000000001.regtrans-ms ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{6f2e6c69-2bdf-11de-9b28-0018f30abbf5}.TMContainer00000000000000000002.regtrans-ms ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TM.blf ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000001.regtrans-ms ()
O4 — Startup: C:UsersSoFaNNTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000002.regtrans-ms ()
O4 — Startup: C:UsersSoFaNntuser.ini ()
O4 — Startup: C:UsersSoFaNPictures [2010.03.03 00:23:53 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNPrintHood [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNRabota — Ярлык.lnk = C:UsersSoFaNDesktopRabota.rdp File not found
O4 — Startup: C:UsersSoFaNRecent [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNSaved Games [2002.01.07 12:23:41 | 000,000,000 | —D | M]
O4 — Startup: C:UsersSoFaNSearches [2010.03.28 10:07:10 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNSendTo [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNVideos [2009.09.19 00:59:06 | 000,000,000 | R—D | M]
O4 — Startup: C:UsersSoFaNГлавное меню [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNКомпьютер — Ярлык.lnk = File not found
O4 — Startup: C:UsersSoFaNКорзина — Ярлык.lnk = File not found
O4 — Startup: C:UsersSoFaNМои документы [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O4 — Startup: C:UsersSoFaNПанель управления — Ярлык.lnk = File not found
O4 — Startup: C:UsersSoFaNСеть — Ярлык.lnk = File not found
O4 — Startup: C:UsersSoFaNЦентр управления сетями и общим доступом — Ярлык.lnk = File not found
O4 — Startup: C:UsersSoFaNЦентр управления.lnk = C:PRINTBOOK.RUSmartStartSmartStart.exe File not found
O4 — Startup: C:UsersSoFaNШаблоны [2009.03.21 12:05:54 | 000,000,000 | -HSD | M]
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1
O6 — HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktopChanges = 1
O7 — HKUS-1-5-21-3635009883-2668258468-1322177832-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DisableTaskMgr = 1
O9 — Extra Button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — D:GAMES1111111111Office12REFIEBAR.DLL (Microsoft Corporation)
O9 — Extra Button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program Files (x86)ICQ6.5ICQ.exe (ICQ, LLC.)
O9 — Extra ‘Tools’ menuitem : ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program Files (x86)ICQ6.5ICQ.exe (ICQ, LLC.)
O13 — gopher Prefix: missing
O13 — gopher Prefix: missing
O16 — DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 — DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 — HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 87.240.1.1 87.240.1.2
O18:64bit: — ProtocolHandlerms-help {314111c7-a502-11d2-bbca-00c04f8ec294} — Reg Error: Key error. File not found
O20:64bit: — HKLM Winlogon: Shell — (explorer.exe) — C:Windowsexplorer.exe (Microsoft Corporation)
O20 — HKLM Winlogon: Shell — (explorer.exe) — C:WindowsSysWow64explorer.exe (Microsoft Corporation)
O24 — Desktop WallPaper: C:UsersSoFaNAppDataRoamingMicrosoftWindows Photo GalleryФоновый рисунок фотоальбома Windows.jpg
O24 — Desktop BackupWallPaper: C:UsersSoFaNAppDataRoamingMicrosoftWindows Photo GalleryФоновый рисунок фотоальбома Windows.jpg
O32 — HKLM CDRom: AutoRun — 1
O33 — MountPoints2{1634e16a-1601-11de-816b-0018f30abbf5}Shell — «» = AutoRun
O33 — MountPoints2{1634e16a-1601-11de-816b-0018f30abbf5}ShellAutoRuncommand — «» = G:SETUP.EXE — File not found
O33 — MountPoints2{1634e16a-1601-11de-816b-0018f30abbf5}Shellconfigurecommand — «» = G:SETUP.EXE — File not found
O33 — MountPoints2{1634e16a-1601-11de-816b-0018f30abbf5}Shellinstallcommand — «» = G:SETUP.EXE — File not found
O33 — MountPoints2{1a1cbe6b-2755-11de-84e5-0018f30abbf5}ShellAutoRuncommand — «» = H:PMB_P.exe — File not found
O34 — HKLM BootExecute: (autocheck autochk *) — File not found
O35:64bit: — HKLM..comfile [open] — «%1» %*
O35:64bit: — HKLM..exefile [open] — «%1» %*
O35 — HKLM..comfile [open] — «%1» %*
O35 — HKLM..exefile [open] — «%1» %*
O37:64bit: — HKLM…com [@ = comfile] — «%1» %*
O37:64bit: — HKLM…exe [@ = exefile] — «%1» %*
O37 — HKLM…com [@ = comfile] — «%1» %*
O37 — HKLM…exe [@ = exefile] — «%1» %*========== Files/Folders — Created Within 30 Days ==========
[2010.03.28 12:09:59 | 000,000,000 | —D | C] — C:Program Files (x86)trend micro
[2010.03.28 12:09:59 | 000,000,000 | —D | C] — C:rsit
[2010.03.26 19:29:23 | 000,000,000 | —D | C] — Foxit Reader
[2010.03.26 19:23:28 | 000,000,000 | -HSD | C] — C:Config.Msi
[2010.03.26 12:05:09 | 000,000,000 | —D | C] — C:ProgramDataESET
[2010.03.24 22:30:49 | 000,000,000 | —D | C] — C:ProgramDataKONAMI
[2010.03.23 11:18:39 | 000,000,000 | —D | C] — rrr
[2010.03.20 18:22:32 | 000,000,000 | —D | C] — C:ProgramDataCyberLink
[2010.03.20 18:22:11 | 000,000,000 | —D | C] — C:Program Files (x86)Common FilesCyberLink
[2010.03.20 18:20:35 | 000,029,480 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64msxml3a.dll
[2010.03.20 18:20:20 | 000,000,000 | —D | C] — C:ProgramDataTemp
[2010.03.20 12:06:00 | 000,000,000 | —D | C] — C:WindowsB83FC356B7C0441F8A4DD71E088E7974.TMP
[2010.03.20 10:20:06 | 000,000,000 | —D | C] — C:Program Files (x86)Common FilesWise Installation Wizard
[2010.03.17 22:09:14 | 000,000,000 | —D | C] — Дубль
[2010.03.17 22:09:14 | 000,000,000 | —D | C] — C:ProgramData2GIS
[2010.03.17 01:36:29 | 000,303,104 | —- | C] (InstallShield Software Corporation) — C:WindowsIsUn041e.exe
[2010.03.17 01:36:19 | 000,155,408 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64LMRT.dll
[2010.03.17 01:36:19 | 000,140,800 | —- | C] (The Duck Corporation) — C:WindowsSysWow64tm20dec.ax
[2010.03.17 01:36:19 | 000,038,160 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64LMRTREND.dll
[2010.03.17 01:36:18 | 000,182,032 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64dxtmsft3.dll
[2010.03.17 01:36:18 | 000,000,000 | —D | C] — C:WindowsProfiles
[2010.03.17 01:36:17 | 000,217,984 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64strmdll.dll
[2010.03.17 01:36:17 | 000,063,488 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64unam4ie.exe
[2010.03.17 01:36:03 | 001,088,272 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64danim.dll
[2010.03.17 01:36:03 | 000,194,320 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64qcut.dll
[2010.03.17 01:36:03 | 000,011,776 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64mciqtz.drv
[2010.03.17 01:36:02 | 000,004,608 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64w95inf32.dll
[2010.03.17 01:36:02 | 000,002,272 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64w95inf16.dll
[2010.03.15 20:59:05 | 000,000,000 | —D | C] — C:UsersPublicDocumentsWhite Gold
[2010.03.11 23:59:15 | 000,000,000 | —D | C] — C:Program FilesNVIDIA Corporation
[2010.03.11 23:57:41 | 000,068,200 | —- | C] (Khronos Group) — C:WindowsSysWow64OpenCL.dll
[2010.03.11 23:57:40 | 004,321,384 | —- | C] (NVIDIA Corporation) — C:WindowsSysWow64nvwgf2um.dll
[2010.03.11 23:57:38 | 014,924,392 | —- | C] (NVIDIA Corporation) — C:WindowsSysWow64nvoglv32.dll
[2010.03.11 23:57:33 | 009,388,648 | —- | C] (NVIDIA Corporation) — C:WindowsSysWow64nvd3dum.dll
[2010.03.11 23:57:33 | 004,077,672 | —- | C] (NVIDIA Corporation) — C:WindowsSysWow64nvcuvenc.dll
[2010.03.11 23:57:33 | 004,061,800 | —- | C] (NVIDIA Corporation) — C:WindowsSysWow64nvcuda.dll
[2010.03.11 23:57:33 | 002,243,176 | —- | C] (NVIDIA Corporation) — C:WindowsSysWow64nvcuvid.dll
[2010.03.11 23:57:30 | 011,639,400 | —- | C] (NVIDIA Corporation) — C:WindowsSysWow64nvcompiler.dll
[2010.03.11 23:57:30 | 001,280,616 | —- | C] (NVIDIA Corporation) — C:WindowsSysWow64nvapi.dll
[2010.03.11 15:04:49 | 000,000,000 | -H-D | C] — C:ProgramDataAVP9
[2010.03.11 00:20:36 | 000,000,000 | —D | C] — C:ProgramDataTrymedia
[2010.03.08 15:39:45 | 000,000,000 | —D | C] — C:Program Files (x86)Common FilesBioWare
[2010.02.28 21:14:09 | 000,000,000 | —D | C] — C:WindowsSysWow64Adobe
[2010.02.28 01:19:25 | 000,528,216 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64XAudio2_6.dll
[2010.02.28 01:19:25 | 000,074,072 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64XAPOFX1_4.dll
[2010.02.28 01:19:23 | 000,238,936 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64xactengine3_6.dll
[2010.02.28 01:19:22 | 000,022,360 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64X3DAudio1_7.dll
[6 C:Windows*.tmp files -> C:Windows*.tmp -> ]
[1 *.tmp files -> *.tmp -> ]
[1 *.tmp files -> *.tmp -> ]========== Files — Modified Within 30 Days ==========
[2010.03.28 12:21:23 | 002,359,296 | -HS- | M] () — C:UsersSoFaNNTUSER.DAT
[2010.03.28 11:51:49 | 000,003,760 | -H— | M] () — C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.28 11:51:49 | 000,003,760 | -H— | M] () — C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.28 09:56:37 | 001,486,824 | —- | M] () — C:WindowsSysNativePerfStringBackup.INI
[2010.03.28 09:56:37 | 000,662,238 | —- | M] () — C:WindowsSysNativeperfh019.dat
[2010.03.28 09:56:37 | 000,595,748 | —- | M] () — C:WindowsSysNativeperfh009.dat
[2010.03.28 09:56:37 | 000,130,374 | —- | M] () — C:WindowsSysNativeperfc019.dat
[2010.03.28 09:56:37 | 000,105,078 | —- | M] () — C:WindowsSysNativeperfc009.dat
[2010.03.28 09:52:01 | 000,052,735 | —- | M] () — C:ProgramDatanvModes.dat
[2010.03.28 09:52:00 | 000,052,735 | —- | M] () — C:ProgramDatanvModes.001
[2010.03.28 09:51:50 | 000,000,006 | -H— | M] () — C:WindowstasksSA.DAT
[2010.03.28 09:51:48 | 000,067,584 | —S- | M] () — C:Windowsbootstat.dat
[2010.03.28 01:27:59 | 000,524,288 | -HS- | M] () — C:UsersSoFaNNTUSER.DAT{2feb3a0f-8960-11de-8f1c-0018f30abbf5}.TMContainer00000000000000000001.regtrans-ms
[2010.03.28 01:27:59 | 000,065,536 | -HS- | M] () — C:UsersSoFaNNTUSER.DAT{2feb3a0f-8960-11de-8f1c-0018f30abbf5}.TM.blf
[2010.03.20 20:04:28 | 000,001,193 | —- | M] () — C:Windowsdisney.ini
[2010.03.20 18:19:52 | 000,505,128 | —- | M] (Microsoft Corporation) — C:WindowsSysWow64msvcp71.dll
[2010.03.20 18:19:52 | 000,353,576 | —- | M] (Microsoft Corporation) — C:WindowsSysWow64msvcr71.dll
[2010.03.20 18:19:52 | 000,029,480 | —- | M] (Microsoft Corporation) — C:WindowsSysWow64msxml3a.dll
[2010.03.20 12:12:58 | 000,000,696 | —- | M] () — C:UsersPublicDesktopPrison Break — The Conspiracy.lnk
[2010.03.20 12:06:10 | 000,314,016 | —- | M] () — C:WindowsSysNativedriversatksgt.sys
[2010.03.20 12:06:10 | 000,043,680 | —- | M] () — C:WindowsSysNativedriverslirsgt.sys
[2010.03.17 22:09:17 | 000,001,400 | —- | M] () — C:UsersPublicDesktopДубльГИС 3.0.lnk
[2010.03.17 01:36:02 | 000,004,608 | —- | M] (Microsoft Corporation) — C:WindowsSysWow64w95inf32.dll
[2010.03.17 01:36:02 | 000,002,272 | —- | M] (Microsoft Corporation) — C:WindowsSysWow64w95inf16.dll
[2010.03.10 21:30:11 | 000,000,723 | —- | M] () — C:UsersPublicDesktop’Алиса в Стране Чудес’.lnk
[2010.02.27 21:50:03 | 000,189,248 | —- | M] () — C:WindowsSysWow64PnkBstrB.exe
[2010.02.27 21:49:56 | 002,434,856 | —- | M] () — C:WindowsSysWow64pbsvc_bc2.exe
[6 C:Windows*.tmp files -> C:Windows*.tmp -> ]========== Files Created — No Company Name ==========
[2010.03.28 12:20:10 | 000,555,520 | —- | C] () — OTL.exe
[2010.03.28 12:09:24 | 000,781,909 | —- | C] () — RSIT.exe
[2010.03.20 12:12:58 | 000,000,696 | —- | C] () — C:UsersPublicDesktopPrison Break — The Conspiracy.lnk
[2010.03.17 22:09:17 | 000,001,400 | —- | C] () — C:UsersPublicDesktopДубльГИС 3.0.lnk
[2010.03.17 01:36:03 | 000,010,240 | —- | C] () — C:WindowsSysWow64vidx16.dll
[2010.03.17 01:36:03 | 000,005,672 | —- | C] () — C:WindowsSysWow64quartz.vxd
[2010.03.12 00:02:21 | 000,052,735 | —- | C] () — C:ProgramDatanvModes.dat
[2010.03.12 00:02:21 | 000,052,735 | —- | C] () — C:ProgramDatanvModes.001
[2010.03.11 23:57:41 | 013,795,688 | —- | C] () — C:WindowsSysNativedriversnvlddmkm.sys
[2010.03.11 23:57:41 | 006,020,712 | —- | C] () — C:WindowsSysNativenvwgf2umx.dll
[2010.03.11 23:57:41 | 000,065,640 | —- | C] () — C:WindowsSysNativeOpenCL.dll
[2010.03.11 23:57:41 | 000,011,240 | —- | C] () — C:WindowsSysNativedriversnvBridge.kmd
[2010.03.11 23:57:39 | 020,469,352 | —- | C] () — C:WindowsSysNativenvoglv64.dll
[2010.03.11 23:57:35 | 011,862,120 | —- | C] () — C:WindowsSysNativenvd3dumx.dll
[2010.03.11 23:57:33 | 004,325,992 | —- | C] () — C:WindowsSysNativenvcuvenc.dll
[2010.03.11 23:57:33 | 002,332,776 | —- | C] () — C:WindowsSysNativenvcuvid.dll
[2010.03.11 23:57:32 | 005,416,552 | —- | C] () — C:WindowsSysNativenvcuda.dll
[2010.03.11 23:57:30 | 016,051,304 | —- | C] () — C:WindowsSysNativenvcompiler.dll
[2010.03.11 23:57:30 | 001,579,112 | —- | C] () — C:WindowsSysNativenvapi64.dll
[2010.03.11 23:57:30 | 000,202,344 | —- | C] () — C:WindowsSysNativenvcod189.dll
[2010.03.11 23:57:30 | 000,202,344 | —- | C] () — C:WindowsSysNativenvcod.dll
[2010.03.10 21:30:11 | 000,000,723 | —- | C] () — C:UsersPublicDesktop’Алиса в Стране Чудес’.lnk
[2010.02.28 01:19:25 | 000,530,776 | —- | C] () — C:WindowsSysNativeXAudio2_6.dll
[2010.02.28 01:19:25 | 000,078,680 | —- | C] () — C:WindowsSysNativeXAPOFX1_4.dll
[2010.02.28 01:19:23 | 000,176,984 | —- | C] () — C:WindowsSysNativexactengine3_6.dll
[2010.02.28 01:19:22 | 000,024,920 | —- | C] () — C:WindowsSysNativeX3DAudio1_7.dll
[2010.02.27 21:49:56 | 002,434,856 | —- | C] () — C:WindowsSysWow64pbsvc_bc2.exe
[2009.10.17 16:15:04 | 001,512,178 | —- | C] () — C:WindowsSysWow64PerfStringBackup.INI
[2009.08.07 19:51:34 | 000,178,430 | —- | C] () — C:WindowsSysWow64xlive.dll.cat
[2009.04.24 21:54:25 | 000,001,193 | —- | C] () — C:Windowsdisney.ini
[2009.03.22 16:51:25 | 000,053,299 | —- | C] () — C:WindowsSysWow64pthreadVC.dll
[2009.03.21 18:07:10 | 000,077,824 | —- | C] () — C:WindowsSysWow64csdlocalmon.dll
[2009.03.21 13:55:12 | 000,000,155 | —- | C] () — C:Windowswinamp.ini
[2009.03.21 13:54:34 | 000,164,352 | —- | C] () — C:WindowsSysWow64unrar.dll
[2009.03.21 13:54:32 | 003,596,288 | —- | C] () — C:WindowsSysWow64qt-dx331.dll
[2009.03.21 13:54:32 | 001,559,040 | —- | C] () — C:WindowsSysWow64xvidcore.dll
[2009.03.21 13:54:32 | 000,282,624 | —- | C] () — C:WindowsSysWow64xvidvfw.dll
[2009.03.21 13:54:31 | 000,007,680 | —- | C] () — C:WindowsSysWow64ff_vfw.dll
[2009.03.21 13:54:31 | 000,000,547 | —- | C] () — C:WindowsSysWow64ff_vfw.dll.manifest
[2008.01.21 06:49:10 | 000,060,124 | —- | C] () — C:WindowsSysWow64tcpmon.ini
[2008.01.21 06:48:56 | 000,368,640 | —- | C] () — C:WindowsSysWow64msjetoledb40.dll
[2004.04.27 11:26:48 | 000,005,824 | —- | C] () — C:WindowsSysWow64driversASUSHWIO.SYS
< End of report >Extras
OTL Extras logfile created on: 28.03.2010 12:20:33 — Run 1
OTL by OldTimer — Version 3.1.37.3 Folder = D:
64bit-Windows Vista Ultimate Edition Service Pack 3 (Version = 6.0.6001) — Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
Drive C: | 19,53 Gb Total Space | 1,00 Gb Free Space | 5,12% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 42,65 Gb Free Space | 28,62% Space Free | Partition Type: NTFS
Drive E: | 54,99 Gb Total Space | 28,05 Gb Free Space | 51,02% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loadedComputer Name: SOFAN-ПК
Current User Name: SoFaN
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses]
[HKEY_LOCAL_MACHINESOFTWAREClasses]
.cpl [@ = cplfile] — C:WindowsSysWow64control.exe (Microsoft Corporation)========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
batfile [open] — «%1» %* File not found
cmdfile [open] — «%1» %* File not found
comfile [open] — «%1» %* File not found
exefile [open] — «%1» %* File not found
helpfile [open] — Reg Error: Key error.
htmlfile [edit] — «D:GAMES1111111111Office12msohtmed.exe» %1 (Microsoft Corporation)
htmlfile [print] — «D:GAMES1111111111Office12msohtmed.exe» /p %1 (Microsoft Corporation)
inffile [install] — %SystemRoot%System32InfDefaultInstall.exe «%1» ()
piffile [open] — «%1» %* File not found
regfile [merge] — Reg Error: Key error.
scrfile [config] — «%1» File not found
scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] — «%1» /S File not found
txtfile [edit] — Reg Error: Key error.
Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] — cmd.exe /s /k pushd «%V» ()
Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] — «C:Program Files (x86)WinampWinamp.exe» /BOOKMARK «%1» (Nullsoft)
Directory [Winamp.Enqueue] — «C:Program Files (x86)WinampWinamp.exe» /ADD «%1» (Nullsoft)
Directory [Winamp.Play] — «C:Program Files (x86)WinampWinamp.exe» «%1» (Nullsoft)
Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)[HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
batfile [open] — «%1» %*
cmdfile [open] — «%1» %*
comfile [open] — «%1» %*
cplfile [cplopen] — %SystemRoot%System32control.exe «%1»,%* (Microsoft Corporation)
exefile [open] — «%1» %*
helpfile [open] — Reg Error: Key error.
htmlfile [edit] — «D:GAMES1111111111Office12msohtmed.exe» %1 (Microsoft Corporation)
htmlfile [print] — «D:GAMES1111111111Office12msohtmed.exe» /p %1 (Microsoft Corporation)
inffile [install] — %SystemRoot%System32InfDefaultInstall.exe «%1» (Microsoft Corporation)
piffile [open] — «%1» %*
regfile [merge] — Reg Error: Key error.
scrfile [config] — «%1»
scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] — «%1» /S
txtfile [edit] — Reg Error: Key error.
Unknown [openas] — %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [cmd] — cmd.exe /s /k pushd «%V» (Microsoft Corporation)
Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] — «C:Program Files (x86)WinampWinamp.exe» /BOOKMARK «%1» (Nullsoft)
Directory [Winamp.Enqueue] — «C:Program Files (x86)WinampWinamp.exe» /ADD «%1» (Nullsoft)
Directory [Winamp.Play] — «C:Program Files (x86)WinampWinamp.exe» «%1» (Nullsoft)
Folder [open] — %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] — %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«cval» = 164bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
«AntiVirusOverride» = 0
«AntiSpywareOverride» = 0
«FirewallOverride» = 0
«VistaSp1» = C2 FE 8D 6A DC 5B C8 01 [binary data]64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
«oobe_av» = 1[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
«EnableFirewall» = 1
«DisableNotifications» = 0[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
«EnableFirewall» = 1
«DisableNotifications» = 0[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
«EnableFirewall» = 1
«DisableNotifications» = 0========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
«{06E7AC03-404D-4651-85B2-CA425EE9C04F}» = lport=3702 | protocol=17 | dir=in | app=%systemroot%system32p2phost.exe |
«{132DA037-D62C-4762-A0AE-CF87CC3C7386}» = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
«{13B3DF30-8756-4B6C-9517-3351B2E653FE}» = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
«{18A7ECDE-1874-46E5-A7DA-3A739B06DF97}» = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%system32svchost.exe |
«{1FAD729F-F535-4FD4-A17A-565FC4FFC901}» = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%system32svchost.exe |
«{2326901E-4A9B-4717-94E2-AAB34BC1BAD7}» = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%system32spoolsv.exe |
«{29B9BFEB-3D8B-4B97-9FB1-8CC055DA45A7}» = rport=445 | protocol=6 | dir=out | app=system |
«{2C1C97A7-1DEC-4BC6-A2B8-2F774F461249}» = rport=139 | protocol=6 | dir=out | app=system |
«{2C6433C8-5341-445F-8602-BD87AD7C1E27}» = lport=137 | protocol=17 | dir=in | app=system |
«{33313590-5672-428E-8C0B-67760D4C3431}» = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%system32svchost.exe |
«{36C74BB9-97C5-461D-89E2-26B876C4E6CA}» = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%system32svchost.exe |
«{51CBAD44-DE33-47B1-92BA-634FA87B4AEF}» = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
«{55A456A0-B476-41A6-9454-4DCB32948051}» = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%system32svchost.exe |
«{5E8A22CB-09E0-4652-A892-D93B586D81FD}» = lport=139 | protocol=6 | dir=in | app=system |
«{61CF4634-AA30-4122-B697-6059F6155DC0}» = rport=3702 | protocol=17 | dir=out | app=%systemroot%system32p2phost.exe |
«{6A3F5C43-C40E-4E3E-BCA5-320769CF6D3C}» = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
«{72F6093C-E446-46D0-BE1A-768337AEF76B}» = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%system32svchost.exe |
«{73C2027E-AC75-403C-8022-AB945BD10220}» = rport=3702 | protocol=17 | dir=out | app=%systemroot%system32p2phost.exe |
«{7968092A-CE52-4AEE-8AC8-48C61F76F366}» = lport=445 | protocol=6 | dir=in | app=system |
«{7A1436E8-8143-4BE4-8D93-3BBBB39DC0D9}» = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
«{8F4CEB5A-CD09-497B-B47A-AAF5A7BDF242}» = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
«{93D495A9-A2C4-4C92-ADEF-238BB74A4A12}» = lport=138 | protocol=17 | dir=in | app=system |
«{9937AC64-42E7-466A-B71F-16E1CF9B9DD6}» = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%system32svchost.exe |
«{AE404DF5-9D8A-4765-AE5F-B05ACCAD338F}» = rport=137 | protocol=17 | dir=out | app=system |
«{AFCAE91E-BB70-4003-8781-A9A4C74CB5CB}» = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%system32svchost.exe |
«{B2A269B0-1DD2-405A-AC03-00CD0B033C41}» = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
«{B609ADD5-4F35-4AD4-B407-05FFC20F441F}» = rport=138 | protocol=17 | dir=out | app=system |
«{C4823BBD-6149-45B5-B97B-5392DABA9718}» = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%system32svchost.exe |
«{DF3D4800-06F3-4479-B863-16E01E78E5AC}» = lport=6004 | protocol=17 | dir=in | app=d:games1111111111office12outlook.exe |
«{E728F4B8-BE09-4F07-A819-FC1C1794E32E}» = lport=3702 | protocol=17 | dir=in | app=%systemroot%system32p2phost.exe |
«{FF0CE0CE-A360-4295-928B-46B33AD39AEE}» = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%system32svchost.exe |========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
«{0A3A85B7-1FB6-493C-9A83-646DD72A5D3B}» = protocol=17 | dir=in | app=d:gamesbattlefield bad company 2bfbc2updater.exe |
«{170061AE-EAA3-4F5E-AD42-9C790F40A969}» = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
«{17566A27-A01F-497F-9782-E4A3A7C8A081}» = protocol=17 | dir=in | app=d:gamescod6steam.exe |
«{17A8B638-CAC1-4F33-90F3-88158CF1E0E7}» = protocol=17 | dir=in | app=d:gamesbatmanbinariesshippingpc-bmgame.exe |
«{27CF42E2-01ED-406A-8FEC-F3164ED3A284}» = protocol=6 | dir=in | app=%systemroot%system32p2phost.exe |
«{2CB88ABF-3E6D-4777-9CF4-0A6B844CC207}» = protocol=17 | dir=in | app=d:gamestom clancy’s h.a.w.xhawx.exe |
«{2D78785C-1285-4ED5-8FB0-A6E31703B45C}» = protocol=6 | dir=in | app=d:gamessilent hunter 5sh5.exe |
«{39A57B19-400D-479A-8955-923D2D2C6BAF}» = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
«{3FAF273B-584D-477F-9DC3-29EA482DACFF}» = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
«{4174297B-814D-41F5-90E7-425164B4AF0D}» = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
«{450A2C0B-B6E1-4A97-94EB-B071AA69564E}» = protocol=6 | dir=in | app=d:gamesaliens vs. predatoravp.exe |
«{53F57A7E-9219-41B4-A0A4-45EB15759323}» = protocol=17 | dir=in | app=c:windowssyswow64pnkbstra.exe |
«{59A6E11A-060B-43D3-B6A5-226C62ACF0FF}» = protocol=6 | dir=in | app=c:windowssyswow64pnkbstrb.exe |
«{5DDDABC9-097B-4AEB-9D1D-3D67A97B50A5}» = protocol=6 | dir=in | app=d:gamestom clancy’s h.a.w.xhawx_dx10.exe |
«{66D8EA79-64DB-404F-9AAE-99CC083086BB}» = protocol=6 | dir=in | app=c:windowssyswow64pnkbstra.exe |
«{68967400-8526-4D05-B3FB-797852B144BE}» = protocol=6 | dir=in | app=%systemroot%system32p2phost.exe |
«{6CFA825B-7A63-45A5-8638-D742599738B5}» = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
«{7A43BCBB-7C0F-48DD-9065-FE936C7B844F}» = protocol=6 | dir=in | app=d:gamesaliens vs. predatoravp_dx11.exe |
«{7A455A22-2887-4B8E-A9C2-B2F3B5017779}» = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
«{7C67E0A4-B56B-4652-B923-02722026D228}» = protocol=17 | dir=in | app=d:gamessilent hunter 5sh5.exe |
«{8137C4DC-4BCB-4827-9465-B1CA53C6ACD6}» = protocol=6 | dir=out | app=%systemroot%system32p2phost.exe |
«{8AA0AB04-2367-44E6-9407-C730E63DC813}» = protocol=17 | dir=in | app=d:gamesaliens vs. predatoravp_dx11.exe |
«{8E47B233-309A-4810-BD82-743371FDACF7}» = protocol=17 | dir=in | app=d:gamesaliens vs. predatoravp.exe |
«{8FAF211D-BA6C-4FC0-AF06-8E7784DC37B3}» = protocol=6 | dir=out | svc=upnphost | app=%systemroot%system32svchost.exe |
«{9589BD1A-9EFE-4142-86BF-C1D28BBDED8D}» = protocol=6 | dir=in | app=d:gamesbattlefield bad company 2bfbc2updater.exe |
«{99655AD4-A370-4B71-BB4C-0E88E46D5E7E}» = protocol=17 | dir=in | app=c:windowssyswow64pnkbstrb.exe |
«{9FE781DC-9696-4702-87B9-5BDC807CB7E6}» = protocol=6 | dir=out | app=%systemroot%system32p2phost.exe |
«{BACC27E0-239E-4C7C-9D10-6A7983EA21BB}» = protocol=58 | dir=in | app=system |
«{BAD6C090-D908-4555-9AD3-B995BA6FE2CF}» = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
«{BEE03382-3445-4C2B-ADE4-F052B464C6C6}» = protocol=17 | dir=in | app=d:gamestom clancy’s h.a.w.xhawx_dx10.exe |
«{E396BA6C-D1BE-4D36-8CFD-C860B91A2FD4}» = protocol=6 | dir=in | app=d:gamescod6steam.exe |
«{E6FA0149-9EEF-4178-85CD-1E74D877D8C5}» = protocol=6 | dir=in | app=d:gamestom clancy’s h.a.w.xhawx.exe |
«{EF43C779-86EB-4D47-85F1-79DD46818323}» = protocol=6 | dir=in | app=d:gamesbatmanbinariesshippingpc-bmgame.exe |
«TCP Query User{111042A0-B40F-4643-8902-6D432D48E39A}D:gamesrise of the argonautsbinariesriseoftheargonauts.exe» = protocol=6 | dir=in | app=d:gamesrise of the argonautsbinariesriseoftheargonauts.exe |
«TCP Query User{17F8F692-D608-4095-8995-E2C083565857}C:program files (x86)internet exploreriexplore.exe» = protocol=6 | dir=in | app=c:program files (x86)internet exploreriexplore.exe |
«TCP Query User{2CD2ED04-EE32-4F13-87F0-E78651A529FF}D:games11580xr_3da.exe» = protocol=6 | dir=in | app=d:games11580xr_3da.exe |
«TCP Query User{2E901BAC-CBF6-4633-9A06-C2A53BCB5A3F}C:program files (x86)electronic artseadmcore.exe» = protocol=6 | dir=in | app=c:program files (x86)electronic artseadmcore.exe |
«TCP Query User{2EFC81AE-12E5-4379-97E8-0FAE84F7DF77}C:program files (x86)icq6.5icq.exe» = protocol=6 | dir=in | app=c:program files (x86)icq6.5icq.exe |
«TCP Query User{331F13A7-56C9-4FCC-A5C6-5E28A3177DA9}C:program files (x86)utorrentutorrent.exe» = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
«TCP Query User{37AB7B60-B4C3-47B5-B397-B3777F4C6A2B}D:gamesfsw ten hammersfsw2.exe» = protocol=6 | dir=in | app=d:gamesfsw ten hammersfsw2.exe |
«TCP Query User{3E919469-D75C-495E-B6B5-1387D12E4D10}D:gamescod6iw4mp.exe» = protocol=6 | dir=in | app=d:gamescod6iw4mp.exe |
«TCP Query User{4B2177D0-2CFD-4FA9-A252-79409C95FE6D}D:gamespes 2009pes2009.exe» = protocol=6 | dir=in | app=d:gamespes 2009pes2009.exe |
«TCP Query User{4B89414C-B895-4AD5-85B7-A48CCC5022F4}D:gamesdark voidnativepcbinariesshippingpc-skygame.exe» = protocol=6 | dir=in | app=d:gamesdark voidnativepcbinariesshippingpc-skygame.exe |
«TCP Query User{567B1D60-31E2-41EA-A4A1-DA7287A0BC94}C:program files (x86)electronic artseadmcore.exe» = protocol=6 | dir=in | app=c:program files (x86)electronic artseadmcore.exe |
«TCP Query User{56E66BC6-FAA3-4389-95FC-95ED0C3E6229}D:gamesпредтечиprecursors.exe» = protocol=6 | dir=in | app=d:gamesпредтечиprecursors.exe |
«TCP Query User{5E953D63-E8BC-4945-AB77-17A59BCA7C11}D:gamesxenus 2 белое золотоxenus.exe» = protocol=6 | dir=in | app=d:gamesxenus 2 белое золотоxenus.exe |
«TCP Query User{96EC7399-973C-4912-93DE-97C6DED02299}D:gamesnbanba2k10.exe» = protocol=6 | dir=in | app=d:gamesnbanba2k10.exe |
«TCP Query User{A590D98C-F6D8-44D2-BBE7-52DCA903CC0E}D:gameskilling floorsystemkillingfloor.exe» = protocol=6 | dir=in | app=d:gameskilling floorsystemkillingfloor.exe |
«TCP Query User{BB12373F-CAED-4152-ABE3-6B6E3F06681C}D:gamesmass effect 2binariesmasseffect2.exe» = protocol=6 | dir=in | app=d:gamesmass effect 2binariesmasseffect2.exe |
«TCP Query User{C27CB618-4BA1-4991-BF9E-038FC6F3A300}D:gamescalda2cod2mp_s.exe» = protocol=6 | dir=in | app=d:gamescalda2cod2mp_s.exe |
«TCP Query User{CC7D73C7-7837-40CD-A2ED-3C716EA78C30}D:gamesrise of the argonautsbinariesriseoftheargonauts.exe» = protocol=6 | dir=in | app=d:gamesrise of the argonautsbinariesriseoftheargonauts.exe |
«TCP Query User{D2BB3EC4-7CCB-4EF0-9C63-D66F4B0230C0}D:gamesoverlord 2overlord2.exe» = protocol=6 | dir=in | app=d:gamesoverlord 2overlord2.exe |
«TCP Query User{D8E2DB27-EC2E-4205-BB08-4FB9D1E368E5}D:gamesвин дизель wheelmanbinarieswheelman.exe» = protocol=6 | dir=in | app=d:gamesвин дизель wheelmanbinarieswheelman.exe |
«TCP Query User{E9CEF6E8-55CB-45A9-A546-DC72C6365CA7}D:games121510xr_3da.exe» = protocol=6 | dir=in | app=d:games121510xr_3da.exe |
«TCP Query User{F24DED89-74B3-4E8A-96EC-458E7DF16601}D:gamespes 2009pes2009.exe» = protocol=6 | dir=in | app=d:gamespes 2009pes2009.exe |
«TCP Query User{FA98D632-E26E-4DE6-BEDA-F0691F9BE9FD}D:gamescallofdutycod2mp_s.exe» = protocol=6 | dir=in | app=d:gamescallofdutycod2mp_s.exe |
«TCP Query User{FFC569AE-FA6F-4744-A170-C2B54C370D45}D:gamesfree runningfreerunning.exe» = protocol=6 | dir=in | app=d:gamesfree runningfreerunning.exe |
«UDP Query User{00E1FAEF-DA64-41B5-95FB-7F451FD9C480}D:gamesoverlord 2overlord2.exe» = protocol=17 | dir=in | app=d:gamesoverlord 2overlord2.exe |
«UDP Query User{08E1C307-0B2B-4769-95FF-BF55DA801ED1}D:gamespes 2009pes2009.exe» = protocol=17 | dir=in | app=d:gamespes 2009pes2009.exe |
«UDP Query User{1626D9FA-3C6E-4997-B61B-358F9F046062}D:gameskilling floorsystemkillingfloor.exe» = protocol=17 | dir=in | app=d:gameskilling floorsystemkillingfloor.exe |
«UDP Query User{1BBB8FA6-C39C-49B0-97AD-1211DC0303AF}D:gamesвин дизель wheelmanbinarieswheelman.exe» = protocol=17 | dir=in | app=d:gamesвин дизель wheelmanbinarieswheelman.exe |
«UDP Query User{1F8202D6-F4EA-4900-9870-6FDC013E1619}C:program files (x86)internet exploreriexplore.exe» = protocol=17 | dir=in | app=c:program files (x86)internet exploreriexplore.exe |
«UDP Query User{21195583-C0F9-48BB-B287-B757C14820E9}C:program files (x86)icq6.5icq.exe» = protocol=17 | dir=in | app=c:program files (x86)icq6.5icq.exe |
«UDP Query User{32BDEE8D-00FA-4380-AA0A-FB6F1904F37F}C:program files (x86)electronic artseadmcore.exe» = protocol=17 | dir=in | app=c:program files (x86)electronic artseadmcore.exe |
«UDP Query User{3AAC27E9-A042-4BBE-9158-49EED01BE74C}D:gamesrise of the argonautsbinariesriseoftheargonauts.exe» = protocol=17 | dir=in | app=d:gamesrise of the argonautsbinariesriseoftheargonauts.exe |
«UDP Query User{405D11D0-A0FB-4C6D-84AC-EEAC78D54F92}D:gamesrise of the argonautsbinariesriseoftheargonauts.exe» = protocol=17 | dir=in | app=d:gamesrise of the argonautsbinariesriseoftheargonauts.exe |
«UDP Query User{585FCD4E-10A9-40CB-A3CD-7818AE78DBFF}C:program files (x86)electronic artseadmcore.exe» = protocol=17 | dir=in | app=c:program files (x86)electronic artseadmcore.exe |
«UDP Query User{6E6DBE41-DE03-43EA-9888-8E60F808092E}D:games11580xr_3da.exe» = protocol=17 | dir=in | app=d:games11580xr_3da.exe |
«UDP Query User{765CF45B-F3B4-42E0-8CDA-AD57ADCFDAB1}D:gamescod6iw4mp.exe» = protocol=17 | dir=in | app=d:gamescod6iw4mp.exe |
«UDP Query User{7EE82EC5-5FDE-4C7B-ACAA-D24726086B73}D:gamespes 2009pes2009.exe» = protocol=17 | dir=in | app=d:gamespes 2009pes2009.exe |
«UDP Query User{8871926B-87B0-46FE-9691-936FDAABACDF}D:gamesdark voidnativepcbinariesshippingpc-skygame.exe» = protocol=17 | dir=in | app=d:gamesdark voidnativepcbinariesshippingpc-skygame.exe |
«UDP Query User{955471A3-D9FB-456B-B7C5-7740A6D91A37}D:gamesfsw ten hammersfsw2.exe» = protocol=17 | dir=in | app=d:gamesfsw ten hammersfsw2.exe |
«UDP Query User{9626771F-79ED-481E-A201-65AA1071A68C}C:program files (x86)utorrentutorrent.exe» = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe |
«UDP Query User{A236668E-D6DE-4DC6-A26F-9BF45076874D}D:gamesfree runningfreerunning.exe» = protocol=17 | dir=in | app=d:gamesfree runningfreerunning.exe |
«UDP Query User{A6B62F5D-707A-43BA-83D9-CDB7B35515E9}D:gamesnbanba2k10.exe» = protocol=17 | dir=in | app=d:gamesnbanba2k10.exe |
«UDP Query User{EAD1E25C-46FC-4950-A8E2-7F11249A84C2}D:gamescalda2cod2mp_s.exe» = protocol=17 | dir=in | app=d:gamescalda2cod2mp_s.exe |
«UDP Query User{EF7F9619-13FB-4A21-860E-B1164D69F4AF}D:gamesmass effect 2binariesmasseffect2.exe» = protocol=17 | dir=in | app=d:gamesmass effect 2binariesmasseffect2.exe |
«UDP Query User{F28B8E51-E74E-44BF-806D-548E8EC18414}D:gamesпредтечиprecursors.exe» = protocol=17 | dir=in | app=d:gamesпредтечиprecursors.exe |
«UDP Query User{F96FD0C6-9530-4A1F-8104-3CAFEC8FDADC}D:gamesxenus 2 белое золотоxenus.exe» = protocol=17 | dir=in | app=d:gamesxenus 2 белое золотоxenus.exe |
«UDP Query User{FD2FDA47-B501-4705-965A-CED2FD387F43}D:gamescallofdutycod2mp_s.exe» = protocol=17 | dir=in | app=d:gamescallofdutycod2mp_s.exe |
«UDP Query User{FFEBE65E-BB82-43E3-9B94-4902242D8792}D:games121510xr_3da.exe» = protocol=17 | dir=in | app=d:games121510xr_3da.exe |========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{071c9b48-7c32-4621-a0ac-3f809523288f}» = Microsoft Visual C++ 2005 Redistributable (x64)
«{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}» = Microsoft .NET Framework 3.5 Language Pack SP1 — rus
«{90120000-002A-0000-1000-0000000FF1CE}» = Microsoft Office Office 64-bit Components 2007
«{90120000-002A-0419-1000-0000000FF1CE}» = Microsoft Office Shared 64-bit MUI (Russian) 2007
«{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}» = Nokia Connectivity Cable Driver
«{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}» = Microsoft .NET Framework 3.5 SP1
«Microsoft .NET Framework 3.5 Language Pack SP1 — rus» = Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS
«Microsoft .NET Framework 3.5 SP1» = Microsoft .NET Framework 3.5 SP1
«NVIDIA Display Control Panel» = NVIDIA Display Control Panel
«NVIDIA Drivers» = NVIDIA Drivers[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}» = QuickTime
«{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}» = Pro Evolution Soccer 2010
«{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}» = Microsoft Games for Windows — LIVE Redistributable
«{3A1B1652-D70A-4D19-981E-BB15D0DBF253}» = Ghostbusters (TM): The Video Game
«{3FA365DF-2D68-45ED-8F83-8C8A33E65143}» = Apple Application Support
«{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}» = Batman: Arkham Asylum
«{501DB48B-1153-4BF5-865C-611519283890}» = Данные ДубльГИС г.Красноярск 01.03.2010
«{54194F60-988C-4D03-B922-C2B00EFDA39A}» = NVIDIA PhysX
«{5B36E222-555D-43DE-B3D8-96330C582D2D}_is1» = Aliens vs. Predator
«{60DE4033-9503-48D1-A483-7846BD217CA9}» = ICQ6.5
«{6956856F-B6B3-4BE0-BA0B-8F495BE32033}» = Apple Software Update
«{716E0306-8318-4364-8B8F-0CC4E9376BAC}» = MSXML 4.0 SP2 Parser and SDK
«{7299052b-02a4-4627-81f2-1818da5d550d}» = Microsoft Visual C++ 2005 Redistributable
«{751DAFAF-980F-4745-AF49-547623DD1CB7}» = ДубльГИС 3.0.6.4
«{837b34e3-7c30-493c-8f6a-2b0f04e2912c}» = Microsoft Visual C++ 2005 Redistributable
«{90120000-0015-0419-0000-0000000FF1CE}» = Microsoft Office Access MUI (Russian) 2007
«{90120000-0016-0419-0000-0000000FF1CE}» = Microsoft Office Excel MUI (Russian) 2007
«{90120000-0018-0419-0000-0000000FF1CE}» = Microsoft Office PowerPoint MUI (Russian) 2007
«{90120000-0019-0419-0000-0000000FF1CE}» = Microsoft Office Publisher MUI (Russian) 2007
«{90120000-001A-0419-0000-0000000FF1CE}» = Microsoft Office Outlook MUI (Russian) 2007
«{90120000-001B-0419-0000-0000000FF1CE}» = Microsoft Office Word MUI (Russian) 2007
«{90120000-001F-0407-0000-0000000FF1CE}» = Microsoft Office Proof (German) 2007
«{90120000-001F-0409-0000-0000000FF1CE}» = Microsoft Office Proof (English) 2007
«{90120000-001F-0419-0000-0000000FF1CE}» = Microsoft Office Proof (Russian) 2007
«{90120000-001F-0422-0000-0000000FF1CE}» = Microsoft Office Proof (Ukrainian) 2007
«{90120000-002C-0419-0000-0000000FF1CE}» = Microsoft Office Proofing (Russian) 2007
«{90120000-0030-0000-0000-0000000FF1CE}» = Microsoft Office Enterprise 2007
«{90120000-0044-0419-0000-0000000FF1CE}» = Microsoft Office InfoPath MUI (Russian) 2007
«{90120000-006E-0419-0000-0000000FF1CE}» = Microsoft Office Shared MUI (Russian) 2007
«{90120000-00A1-0419-0000-0000000FF1CE}» = Microsoft Office OneNote MUI (Russian) 2007
«{90120000-00BA-0419-0000-0000000FF1CE}» = Microsoft Office Groove MUI (Russian) 2007
«{9A25302D-30C0-39D9-BD6F-21E6EC160475}» = Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.17
«{A49F249F-0C91-497F-86DF-B2585E8E76B7}» = Microsoft Visual C++ 2005 Redistributable
«{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}» = Silent Hunter 5
«{AC76BA86-7AD7-1049-7B44-A80000000000}» = Adobe Reader 8 — Russian
«{C5A31DDC-157A-4DD7-9B5C-C692A06F61FD}» = Prison Break
«{C9BED750-1211-4480-B1A5-718A3BE15525}» = REALTEK GbE & FE Ethernet PCI-E NIC Driver
«{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}» = Microsoft .NET Framework 1.1
«{E3E71D07-CD27-46CB-8448-16D4FB29AA13}» = Microsoft WSE 3.0 Runtime
«{F0A37341-D692-11D4-A984-009027EC0A9C}» = SoundMAX
«{F112F66E-25CA-42DD-983C-6118EB38F606}» = Microsoft Games for Windows — LIVE
«{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}» = Microsoft Visual C++ 2008 Redistributable — x86 9.0.21022
««Лунтик учит буквы»_is1» = «Лунтик учит буквы»
«Adobe Flash Player ActiveX» = Adobe Flash Player 10 ActiveX
«Adobe Shockwave Player» = Adobe Shockwave Player 11.5
«BSPlayer1» = BSPlayer
«CCleaner» = CCleaner (remove only)
«ENTERPRISE» = Microsoft Office Enterprise 2007
«Fallout 3_is1» = Fallout 3 v1.0
«FIFA 10_is1» = FIFA 10
«Foxit Reader» = Foxit Reader
«HijackThis» = HijackThis 2.0.2
«InstallShield_{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}» = Wolfenstein(TM) 1.1 Patch
«Just Cause 2_is1» = Just Cause 2
«KLiteCodecPack_is1» = K-Lite Mega Codec Pack 3.5.3
«‘Mass Effect 2’_is1» = ‘Mass Effect 2’ (Английская Версия)
«Metro 2033_is1» = Metro 2033
«Nero8Lite_is1» = Nero 8 Micro 8.1.1.3
«OpenAL» = OpenAL
«Pro Revolution Patch_is1» = Pro Revolution Patch 1.5
«PunkBusterSvc» = PunkBuster Services
«SystemRequirementsLab» = System Requirements Lab
«Toy Story Mania_is1» = Toy Story Mania
«tutors_pshop» = Самоучитель Photoshop CS
«Winamp» = Winamp (remove only)
«Winnie the Pooh Preschool» = Disney’s Winnie the Pooh Preschool
«WinRAR archiver» = WinRAR archiver
«WMV9_VCM» = Microsoft Windows Media Video 9 VCM
«‘Алиса в Стране Чудес’_is1» = ‘Алиса в Стране Чудес’ (Русская Версия)
«Русские комментаторы v1.0_is1» = Русские комментаторы v1.0 для PES2009========== HKEY_USERS Uninstall List ==========
[HKEY_USERSS-1-5-21-3635009883-2668258468-1322177832-1000SOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent» = µTorrent========== Last 10 Event Log Errors ==========
[ Application Events ]
Error — 20.03.2010 2:18:16 | Computer Name = SoFaN-ПК | Source = System Restore | ID = 8193
Description =Error — 20.03.2010 4:04:46 | Computer Name = SoFaN-ПК | Source = System Restore | ID = 8193
Description =Error — 20.03.2010 4:06:02 | Computer Name = SoFaN-ПК | Source = MsiInstaller | ID = 1013
Description =Error — 21.03.2010 7:40:35 | Computer Name = SoFaN-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение MassEffect2.exe, версия 1.0.1593.2, штамп времени
0x4b2845cd, сбойный модуль MassEffect2.exe, версия 1.0.1593.2, штамп времени 0x4b2845cd,
код исключения 0xc0000005, смещение ошибки 0x00511db0, ИД процесса 0xdd8, время
запуска приложения 0x01cac8e66d8e9139.Error — 22.03.2010 15:53:21 | Computer Name = SoFaN-ПК | Source = System Restore | ID = 8193
Description =Error — 24.03.2010 9:51:44 | Computer Name = SoFaN-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение iexplore.exe, версия 7.0.6001.18000, штамп времени
0x47918f11, сбойный модуль unknown, версия 0.0.0.0, штамп времени 0x00000000, код
исключения 0xc0000005, смещение ошибки 0x06b50fd0, ИД процесса 0xf2c, время запуска
приложения 0x01cacb589b9f66a0.Error — 24.03.2010 15:30:31 | Computer Name = SoFaN-ПК | Source = System Restore | ID = 8193
Description =Error — 24.03.2010 16:53:57 | Computer Name = SoFaN-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352,
сбойный модуль JustCause2.exe, версия 1.0.0.1, штамп времени 0x4ba03352, код исключения
0xc0000005, смещение ошибки 0x0082fd76, ИД процесса 0xe18, время запуска приложения
0x01cacb88c4bd02e5.Error — 25.03.2010 10:27:02 | Computer Name = SoFaN-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение iexplore.exe, версия 7.0.6001.18000, штамп времени
0x47918f11, сбойный модуль unknown, версия 0.0.0.0, штамп времени 0x00000000, код
исключения 0xc0000005, смещение ошибки 0x09580fc3, ИД процесса 0x358, время запуска
приложения 0x01cacc18d5d06e74.Error — 26.03.2010 4:22:06 | Computer Name = SoFaN-ПК | Source = Application Error | ID = 1000
Description = Сбойное приложение iexplore.exe, версия 7.0.6001.18000, штамп времени
0x47918f11, сбойный модуль unknown, версия 0.0.0.0, штамп времени 0x00000000, код
исключения 0xc000001d, смещение ошибки 0x05580fe0, ИД процесса 0x75c, время запуска
приложения 0x01caccbafd2f8822.[ System Events ]
Error — 02.12.2009 12:31:40 | Computer Name = SoFaN-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 02.12.2009 12:32:08 | Computer Name = SoFaN-ПК | Source = HTTP | ID = 15016
Description =Error — 03.12.2009 9:40:19 | Computer Name = SoFaN-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 03.12.2009 9:40:47 | Computer Name = SoFaN-ПК | Source = HTTP | ID = 15016
Description =Error — 03.12.2009 13:03:10 | Computer Name = SoFaN-ПК | Source = Dhcp | ID = 1002
Description = Аренда IP-адреса 79.164.158.6 для сетевого адаптера с сетевым адресом
0018F30ABBF5 отклонена DHCP-сервером 10.183.192.1 (DHCP-сервер отправил сообщение
DHCPNACK).Error — 04.12.2009 5:13:02 | Computer Name = SoFaN-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 04.12.2009 5:13:30 | Computer Name = SoFaN-ПК | Source = HTTP | ID = 15016
Description =Error — 04.12.2009 13:50:20 | Computer Name = SoFaN-ПК | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description =Error — 04.12.2009 13:50:48 | Computer Name = SoFaN-ПК | Source = HTTP | ID = 15016
Description =Error — 04.12.2009 13:50:51 | Computer Name = SoFaN-ПК | Source = Dhcp | ID = 1002
Description = Аренда IP-адреса 79.164.149.83 для сетевого адаптера с сетевым адресом
0018F30ABBF5 отклонена DHCP-сервером 10.183.192.1 (DHCP-сервер отправил сообщение
DHCPNACK).Спасибо большое за помощь!
Буду ждать ответа!
- Для ответа в этой теме необходимо авторизоваться.
