вылеты в играх . синий экран

[Gendalf]

проблема в следующем:
все игры , хоть новые хоть старые не могут работать долго и вылетают либо с ошибкой приложения , либо с синим экраном смерти.
думал что греется видеокарта — увеличил с помощью рива тюнера мощность кулеров.
тоже не помогает
железо не разгонял
помогите пожалуйста , заранее спасибо.

лог.тхт

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Langley at 2009-05-24 19:19:23
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 5 GB (15%) free of 31 GB
Total RAM: 3326 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:24, on 24.05.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:WindowsWindowsMobilewmdSync.exe
C:WindowsRtHDVCpl.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesJavajre6binjusched.exe
C:UsersLangleyAppDataLocalGoogleUpdateGoogleUpdate.exe
D:Steamsteam.exe
C:Program FilesAuslogicsAuslogics BoostSpeedBoostSpeed.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesICQ6.5ICQ.exe
C:Windowsehomeehtray.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:Program FilesHamachihamachi.exe
C:Windowsehomeehmsas.exe
C:Program FilesCommon FilesLogitechKhalSharedKHALMNPR.EXE
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:Windowssystem32wuauclt.exe
C:UsersLangleyAppDataLocalGoogleChromeApplicationchrome.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesDAEMON Tools LiteYASU.exe
C:UsersLangleyAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersLangleyAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersLangleyDesktopEVEREST Ultimate.5.Portable Ruseverest.exe
C:UsersLangleyAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersLangleyDesktopRSIT.exe
C:Program Filestrend microLangley.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.timezero.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O1 — Hosts: ::1 localhost
O2 — BHO: &Yahoo! Toolbar Helper — {02478D38-C3F9-4efb-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [RivaTunerStartupDaemon] «C:Program FilesRivaTuner v2.23RivaTunerWrapper.exe» /S
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [Windows Mobile-based device management] %windir%WindowsMobilewmdSync.exe
O4 — HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKCU..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 — HKCU..Run: [Google Update] «C:UsersLangleyAppDataLocalGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [Steam] «D:SteamSteam.exe» -silent
O4 — HKCU..Run: [Skype] «C:Program FilesSkype\PhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [Auslogics BoostSpeed 4] C:Program FilesAuslogicsAuslogics BoostSpeedboostspeed.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [AlcoholAutomount] «C:Program FilesAlcohol SoftAlcohol 120axcmd.exe» /automount
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — Startup: hamachi.lnk = C:Program FilesHamachihamachi.exe
O4 — Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Rambler-Закладки — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/zakladki.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O13 — Gopher Prefix:
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O18 — Filter: x-sdch — {B1759355-3EEC-4C1E-B0F1-B719FE26E377} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: PnkBstrA — Unknown owner — C:Windowssystem32PnkBstrA.exe
O23 — Service: PnkBstrB — Unknown owner — C:Windowssystem32PnkBstrB.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
O23 — Service: Steam Client Service — Valve Corporation — C:Program FilesCommon FilesSteamSteamService.exe

—
End of file — 9778 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskUserS-1-5-21-3968815855-410488736-958280393-1000.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2007-03-21 803864]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2009-03-16 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper — C:Program FilesJavajre6binssv.dll [2009-05-13 320920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-04-24 259696]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll [2009-04-17 668656]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll [2009-04-24 470512]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-13 34816]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2009-04-11 849392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2007-03-21 803864]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-04-24 259696]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-10-16 1578248]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-21 1008184]
«RivaTunerStartupDaemon»=C:Program FilesRivaTuner v2.23RivaTunerWrapper.exe [2009-02-15 24576]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-02-06 81000]
«Windows Mobile-based device management»=C:WindowsWindowsMobilewmdSync.exe [2008-01-21 215552]
«RtHDVCpl»=C:WindowsRtHDVCpl.exe [2007-04-23 4435968]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2009-01-05 413696]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-04-02 342312]
«Kernel and Hardware Abstraction Layer»=C:WindowsKHALMNPR.EXE [2007-04-11 56080]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-13 136600]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2009-05-01 13781536]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«WindowsWelcomeCenter»=oobefldr.dll,ShowWelcomeCenter []
«Google Update»=C:UsersLangleyAppDataLocalGoogleUpdateGoogleUpdate.exe [2009-03-21 133104]
«Steam»=D:SteamSteam.exe [2009-05-19 1217784]
«Skype»=C:Program FilesSkype\PhoneSkype.exe [2009-04-16 24264488]
«Auslogics BoostSpeed 4″=C:Program FilesAuslogicsAuslogics BoostSpeedboostspeed.exe [2008-10-30 363632]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-03-27 39408]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-03-01 172792]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-21 125952]
«AlcoholAutomount»=C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-08-01 222592]
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2009-04-23 691656]
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2008-10-20 479496]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exe

C:UsersLangleyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
hamachi.lnk — C:Program FilesHamachihamachi.exe

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{42e36dfa-3586-11de-9fe5-001d60453495}]
shellAutoRuncommand — J:Autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{8a3e3840-264d-11de-b963-001d60453495}]
shellAutoRuncommand — akapll.exe
shellexplorecommand — akapll.exe
shellopencommand — akapll.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ae4f454d-47b0-11de-b15a-001d60453495}]
shellAutoRuncommand — K:Autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cf63e613-15af-11de-ac12-001d60453495}]
shellAutoRuncommand — akapll.exe
shellexplorecommand — akapll.exe
shellopencommand — akapll.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e99f435a-47b3-11de-8cce-001d60453495}]
shellAutoRuncommand — K:Autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e99f4365-47b3-11de-8cce-001d60453495}]
shellAutoRuncommand — L:autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f61e9e67-47a9-11de-a95b-001d60453495}]
shellAutoRuncommand — K:Autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{fac73e5b-2cac-11de-88f4-001d60453495}]
shellAutoRuncommand — akapll.exe
shellexplorecommand — akapll.exe
shellopencommand — akapll.exe

======List of files/folders created in the last 1 months======

2009-05-24 14:32:19 —-D—- C:Windows1C4551A64743409391E41477CD655043.TMP
2009-05-24 14:31:04 —-A—- C:Windowssystem32NVUNINST.EXE
2009-05-24 01:41:41 —-D—- C:temp
2009-05-23 20:12:33 —-D—- C:ProgramDatasalvation
2009-05-23 20:10:59 —-D—- C:ProgramDataDAEMON Tools Lite
2009-05-23 20:10:43 —-D—- C:UsersLangleyAppDataRoamingYandex
2009-05-23 20:10:43 —-D—- C:Program FilesYandex
2009-05-23 20:10:43 —-D—- C:Program FilesCommon FilesYandex
2009-05-23 20:10:43 —-A—- C:ProgramDataVistaLib32.dll
2009-05-23 20:10:26 —-D—- C:Program FilesDAEMON Tools Lite
2009-05-23 20:05:53 —-D—- C:UsersLangleyAppDataRoamingDAEMON Tools Lite
2009-05-23 18:22:19 —-A—- C:Windowssystem32BASSMOD.dll
2009-05-23 15:39:59 —-RA—- C:Windowssystem32tmp1E63.tmp
2009-05-23 15:39:59 —-D—- C:Program FilesOpenAL
2009-05-23 15:39:59 —-A—- C:Windowssystem32wrap_oal.dll
2009-05-23 15:39:59 —-A—- C:Windowssystem32OpenAL32.dll
2009-05-23 15:39:58 —-D—- C:Windows8AAB4176A747493AA42CB63CFADFD8E3.TMP
2009-05-23 15:39:26 —-A—- C:Windowssystem32D3DX9_40.dll
2009-05-23 15:39:26 —-A—- C:Windowssystem32d3dx10_40.dll
2009-05-23 15:39:26 —-A—- C:Windowssystem32D3DCompiler_40.dll
2009-05-23 15:39:25 —-A—- C:Windowssystem32xactengine3_3.dll
2009-05-23 00:10:25 —-D—- C:Program FilesURUSoft
2009-05-13 21:38:49 —-A—- C:Windowssystem32javaws.exe
2009-05-13 21:38:49 —-A—- C:Windowssystem32javaw.exe
2009-05-13 21:38:49 —-A—- C:Windowssystem32java.exe
2009-05-13 21:38:49 —-A—- C:Windowssystem32deploytk.dll
2009-05-13 21:38:34 —-D—- C:Program FilesJava
2009-05-13 21:36:47 —-D—- C:Program FilesPS3 Media Server
2009-05-07 21:31:08 —-D—- C:Windows64F6748976BB4CDDA236F954BE774B35.TMP
2009-05-01 00:08:08 —-A—- C:Windowssystem32nvcpluir.dll
2009-05-01 00:08:08 —-A—- C:Windowssystem32nvcplui.exe
2009-05-01 00:08:00 —-A—- C:Windowssystem32nvsvsr.dll
2009-05-01 00:08:00 —-A—- C:Windowssystem32nvsvs.dll
2009-05-01 00:07:54 —-A—- C:Windowssystem32nvwssr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvwss.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvvsvc.exe
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvvitvsr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvvitvs.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvsvcr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvsvc.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvshext.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmoblsr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmobls.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmctray.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmccssr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmccss.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvgamesr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvgames.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvdispsr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvdisps.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvcpl.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvwgf2um.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvudisp.exe
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvoglv32.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvd3dum.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcuvid.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcuvenc.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcuda.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcod146.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcod.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvapi.dll
2009-04-30 17:03:53 —-D—- C:Program FilesAlcohol Soft
2009-04-30 16:57:53 —-D—- C:Program FilesDAEMON Tools Pro
2009-04-30 16:12:10 —-D—- C:UsersLangleyAppDataRoamingDAEMON Tools Pro
2009-04-28 22:06:39 —-D—- C:UsersLangleyAppDataRoamingHamachi
2009-04-28 22:06:17 —-D—- C:Program FilesHamachi

======List of files/folders modified in the last 1 months======

2009-05-24 19:19:23 —-D—- C:Program Filestrend micro
2009-05-24 19:18:57 —-D—- C:UsersLangleyAppDataRoaminguTorrent
2009-05-24 19:13:55 —-D—- C:WindowsTemp
2009-05-24 19:11:59 —-D—- C:WindowsPrefetch
2009-05-24 19:05:30 —-D—- C:UsersLangleyAppDataRoamingSkype
2009-05-24 17:50:52 —-D—- C:WindowsSystem32
2009-05-24 17:50:52 —-D—- C:Windowsinf
2009-05-24 17:50:52 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-05-24 17:45:20 —-D—- C:UsersLangleyAppDataRoamingskypePM
2009-05-24 14:37:04 —-D—- C:Windows
2009-05-24 14:35:59 —-HD—- C:ProgramData
2009-05-24 14:35:59 —-D—- C:ProgramDataNVIDIA
2009-05-24 14:33:51 —-SHD—- C:WindowsInstaller
2009-05-24 14:32:16 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-05-24 14:32:05 —-D—- C:Windowssystem32drivers
2009-05-24 14:31:58 —-D—- C:Windowssystem32catroot
2009-05-24 14:31:50 —-SHD—- C:System Volume Information
2009-05-24 14:30:44 —-D—- C:Windowssystem32LogFiles
2009-05-24 14:29:49 —-D—- C:WindowsDebug
2009-05-24 14:27:45 —-D—- C:Windowssystem32catroot2
2009-05-24 03:35:55 —-RSD—- C:Windowsassembly
2009-05-24 03:35:55 —-D—- C:WindowsMicrosoft.NET
2009-05-24 01:41:01 —-D—- C:ProgramDataMedia Center Programs
2009-05-24 01:24:02 —-HD—- C:Program FilesInstallShield Installation Information
2009-05-23 23:43:21 —-D—- C:TimeZero
2009-05-23 20:10:43 —-RD—- C:Program Files
2009-05-23 20:10:43 —-D—- C:Program FilesCommon Files
2009-05-19 21:43:11 —-D—- C:Program FilesLogitech
2009-05-19 21:42:28 —-D—- C:Program FilesCommon FilesSteam
2009-05-19 21:41:49 —-D—- C:WindowsMinidump
2009-05-19 09:09:20 —-D—- C:Windowswinsxs
2009-05-17 16:56:23 —-SD—- C:UsersLangleyAppDataRoamingMicrosoft
2009-05-14 08:57:00 —-D—- C:Program FilesWindows Mail
2009-05-13 21:00:34 —-D—- C:Windowssystem32Tasks
2009-05-06 21:46:19 —-A—- C:Windowssystem32PnkBstrB.exe
2009-05-06 13:54:40 —-D—- C:WindowsTasks
2009-04-26 19:31:19 —-D—- C:UsersLangleyAppDataRoamingICQ
2009-04-26 10:25:28 —-D—- C:Program FilesuTorrent
2009-04-26 03:31:03 —-A—- C:Windowssystem32PnkBstrA.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-02-06 23152]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-02-06 51376]
R1 CSC;Offline Files Driver; C:Windowssystem32driverscsc.sys [2008-01-21 350720]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-02-06 51792]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:Windowssystem32DRIVERSatl01v32.sys [2007-04-12 48128]
R3 Dot4;Драйвер MS IEEE-1284.4; C:Windowssystem32DRIVERSDot4.sys [2008-01-21 131584]
R3 Dot4Print;Драйвер класса принтеров для IEEE-1284.4; C:Windowssystem32DRIVERSDot4Prt.sys [2008-01-21 16384]
R3 dot4usb;Dot4USB фильтр Dot4USB Filter; C:Windowssystem32DRIVERSdot4usb.sys [2008-01-21 36864]
R3 EverestDriver;Lavalys EVEREST Kernel Driver; ??C:UsersLangleyDesktopEVEREST Ultimate.5.Portable Ruskerneld.wnt [2009-02-16 26224]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys [2009-03-19 23400]
R3 hamachi;Hamachi Network Interface; C:Windowssystem32DRIVERShamachi.sys [2009-04-28 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2007-04-23 1769952]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:Windowssystem32DRIVERSL8042Kbd.sys [2007-04-11 20496]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:Windowssystem32DRIVERSLHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:Windowssystem32DRIVERSLMouFilt.Sys [2007-04-11 36112]
R3 MTsensor;ATK0110 ACPI UTILITY; C:Windowssystem32DRIVERSASACPI.sys [2006-10-19 7680]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-04-30 9850016]
R3 pcouffin;VSO Software pcouffin; C:WindowsSystem32Driverspcouffin.sys [2009-04-12 47360]
R3 RivaTuner32;RivaTuner32; ??C:Program FilesRivaTuner v2.24RivaTuner32.sys [2009-02-25 9088]
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-21 83328]
S3 agm1yfa0;agm1yfa0; C:Windowssystem32driversagm1yfa0.sys []
S3 aoi5kx95;aoi5kx95; C:Windowssystem32driversaoi5kx95.sys []
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-21 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-21 6016]
S3 usb_rndisx;Адаптер USB RNDIS; C:Windowssystem32DRIVERSusb8023x.sys [2008-01-21 15872]
S3 usbscan;Драйвер USB-сканера; C:Windowssystem32DRIVERSusbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2008-01-21 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-03-26 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-02-06 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-02-06 138680]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 CscService;@%systemroot%system32cscsvc.dll,-200; C:WindowsSystem32svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-05-01 211488]
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2009-04-26 75064]
R2 PnkBstrB;PnkBstrB; C:Windowssystem32PnkBstrB.exe [2009-05-06 189496]
R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2008-01-21 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-02-06 352920]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2009-04-02 656168]
R3 Steam Client Service;Steam Client Service; C:Program FilesCommon FilesSteamSteamService.exe [2009-05-19 322032]
S3 AppMgmt;@appmgmts.dll,-3250; C:Windowssystem32svchost.exe [2008-01-21 21504]
S3 Fax;@%systemroot%system32fxsresm.dll,-118; C:Windowssystem32fxssvc.exe [2008-01-21 523776]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-24 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%system32umrdp.dll,-1000; C:WindowsSystem32svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%system32wbengine.exe,-104; C:Windowssystem32wbengine.exe [2008-01-21 917504]

---

EOF

---

инфо файл несоздается почемуто =(

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Судя по логу, вы вставляли в компьютер заражённую флешку.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов.

* Отключите ваш антивирус.
* Скачайте и запустите Flash_Disinfector.
* По требованию программы вставьте ваш флэш диск или подключите другие внешние устройства хранения информации.

Примечание: запускайте программу столько раз, сколько нужно чтобы очистить все ваши подключаемые диски.

Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.

:Processes

explorer.exe



:reg

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{42e36dfa-3586-11de-9fe5-001d60453495}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{8a3e3840-264d-11de-b963-001d60453495}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ae4f454d-47b0-11de-b15a-001d60453495}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cf63e613-15af-11de-ac12-001d60453495}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e99f435a-47b3-11de-8cce-001d60453495}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e99f4365-47b3-11de-8cce-001d60453495}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f61e9e67-47a9-11de-a95b-001d60453495}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{fac73e5b-2cac-11de-88f4-001d60453495}]



:Commands

[emptytemp]

[start explorer]

[Reboot]

Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.

Вставьте в ваше ответное сообщение содержимое этого лога. И приложите так же свежий RSIT лог (только log.txt).

либо с синим экраном смерти.

Если опять выскочит, то запишите название драйвера/процесса, который вызвал такую реакцию.

[Gendalf]

вроде по инструкции сделал

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{42e36dfa-3586-11de-9fe5-001d60453495}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{8a3e3840-264d-11de-b963-001d60453495}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ae4f454d-47b0-11de-b15a-001d60453495}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cf63e613-15af-11de-ac12-001d60453495}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e99f435a-47b3-11de-8cce-001d60453495}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e99f4365-47b3-11de-8cce-001d60453495}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f61e9e67-47a9-11de-a95b-001d60453495}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{fac73e5b-2cac-11de-88f4-001d60453495}\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:UsersLangleyAppDataLocalTempetilqs_1rCGeTXWVHEahMW scheduled to be deleted on reboot.
File delete failed. C:UsersLangleyAppDataLocalTempJETBB52.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Internet Explorer cache folder emptied.
File delete failed. C:Windowstemp_avast4_Webshlock.txt scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer — Version 1.0.11.0 log created on 05262009_213213

Files moved on Reboot…
File C:UsersLangleyAppDataLocalTempetilqs_1rCGeTXWVHEahMW not found!
File C:UsersLangleyAppDataLocalTempJETBB52.tmp not found!
File C:Windowstemp_avast4_Webshlock.txt not found!

[Gendalf]

…и лог файл

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Langley at 2009-05-26 21:37:26
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 7 GB (23%) free of 31 GB
Total RAM: 3326 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:37:38, on 26.05.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowsnotepad.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:WindowsRtHDVCpl.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesJavajre6binjusched.exe
C:WindowsWindowsMobilewmdc.exe
C:UsersLangleyAppDataLocalGoogleUpdateGoogleUpdate.exe
D:Steamsteam.exe
C:Program FilesAuslogicsAuslogics BoostSpeedBoostSpeed.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesICQ6.5ICQ.exe
C:Windowsehomeehtray.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Windowsehomeehmsas.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:Program FilesHamachihamachi.exe
C:Program FilesCommon FilesLogitechKhalSharedKHALMNPR.EXE
C:WindowsSystem32mobsync.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:UsersLangleyAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersLangleyAppDataLocalGoogleChromeApplicationchrome.exe
C:Windowssystem32SearchFilterHost.exe
C:Windowssystem32SearchProtocolHost.exe
C:UsersLangleyDesktopRSIT.exe
C:Program Filestrend microLangley.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.timezero.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O1 — Hosts: ::1 localhost
O2 — BHO: &Yahoo! Toolbar Helper — {02478D38-C3F9-4efb-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [RivaTunerStartupDaemon] «C:Program FilesRivaTuner v2.23RivaTunerWrapper.exe» /S
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [Windows Mobile Device Center] %windir%WindowsMobilewmdc.exe
O4 — HKCU..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 — HKCU..Run: [Google Update] «C:UsersLangleyAppDataLocalGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [Steam] «D:SteamSteam.exe» -silent
O4 — HKCU..Run: [Skype] «C:Program FilesSkype\PhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [Auslogics BoostSpeed 4] C:Program FilesAuslogicsAuslogics BoostSpeedboostspeed.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [AlcoholAutomount] «C:Program FilesAlcohol SoftAlcohol 120axcmd.exe» /automount
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — Startup: hamachi.lnk = C:Program FilesHamachihamachi.exe
O4 — Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Rambler-Закладки — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/zakladki.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O9 — Extra button: @C:WindowsWindowsMobileINetRepl.dll,-222 — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra ‘Tools’ menuitem: @C:WindowsWindowsMobileINetRepl.dll,-223 — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O13 — Gopher Prefix:
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O18 — Filter: x-sdch — {B1759355-3EEC-4C1E-B0F1-B719FE26E377} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: PnkBstrA — Unknown owner — C:Windowssystem32PnkBstrA.exe
O23 — Service: PnkBstrB — Unknown owner — C:Windowssystem32PnkBstrB.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
O23 — Service: Steam Client Service — Valve Corporation — C:Program FilesCommon FilesSteamSteamService.exe

—
End of file — 10123 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskUserS-1-5-21-3968815855-410488736-958280393-1000.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2007-03-21 803864]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2009-03-16 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper — C:Program FilesJavajre6binssv.dll [2009-05-13 320920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-04-24 259696]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll [2009-04-17 668656]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll [2009-04-24 470512]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-13 34816]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2009-04-11 849392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2007-03-21 803864]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-04-24 259696]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-10-16 1578248]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-21 1008184]
«RivaTunerStartupDaemon»=C:Program FilesRivaTuner v2.23RivaTunerWrapper.exe [2009-02-15 24576]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-02-06 81000]
«RtHDVCpl»=C:WindowsRtHDVCpl.exe [2007-04-23 4435968]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2009-01-05 413696]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-04-02 342312]
«Kernel and Hardware Abstraction Layer»=C:WindowsKHALMNPR.EXE [2007-04-11 56080]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-13 136600]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2009-05-01 13781536]
«Windows Mobile Device Center»=C:WindowsWindowsMobilewmdc.exe [2007-05-31 648072]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«WindowsWelcomeCenter»=oobefldr.dll,ShowWelcomeCenter []
«Google Update»=C:UsersLangleyAppDataLocalGoogleUpdateGoogleUpdate.exe [2009-03-21 133104]
«Steam»=D:SteamSteam.exe [2009-05-19 1217784]
«Skype»=C:Program FilesSkype\PhoneSkype.exe [2009-04-16 24264488]
«Auslogics BoostSpeed 4″=C:Program FilesAuslogicsAuslogics BoostSpeedboostspeed.exe [2008-10-30 363632]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-03-27 39408]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-03-01 172792]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-21 125952]
«AlcoholAutomount»=C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-08-01 222592]
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2009-04-23 691656]
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2008-10-20 479496]
«WMPNSCFG»=C:Program FilesWindows Media PlayerWMPNSCFG.exe [2008-01-21 202240]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exe

C:UsersLangleyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
hamachi.lnk — C:Program FilesHamachihamachi.exe

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=FFFFFFFF
«NoDriveTypeAutoRun»=36

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«d:The Sims 3gamebinTS3.exe»=»d:The Sims 3gamebinTS3.exe:127.0.0.1/255.255.255.255:Enabled:TS3.exe»
«d:The Sims 3gamebinSims3Launcher.exe»=»d:The Sims 3gamebinSims3Launcher.exe:127.0.0.1/255.255.255.255:Enabled:Sims3Launcher.exe»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2009-05-26 21:32:13 —-D—- C:_OTMoveIt
2009-05-26 21:29:21 —-RASHD—- C:autorun.inf
2009-05-25 22:31:44 —-A—- C:Windowssystem32XAudio2_3.dll
2009-05-25 22:31:44 —-A—- C:Windowssystem32XAPOFX1_2.dll
2009-05-25 22:31:43 —-A—- C:Windowssystem32X3DAudio1_5.dll
2009-05-25 22:07:49 —-A—- C:Windowssystem32mshtmled.dll
2009-05-25 22:07:49 —-A—- C:Windowssystem32ieui.dll
2009-05-25 22:07:49 —-A—- C:Windowssystem32icardie.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32msls31.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32mshtmler.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32jsproxy.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32imgutil.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32iernonce.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32ieakeng.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32dxtrans.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32dxtmsft.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32corpol.dll
2009-05-25 22:07:48 —-A—- C:Windowssystem32admparse.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32wextract.exe
2009-05-25 22:07:47 —-A—- C:Windowssystem32webcheck.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32occache.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32msrating.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32msfeedsbs.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32licmgr10.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32inseng.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32iesetup.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32iepeers.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32ieakui.dll
2009-05-25 22:07:47 —-A—- C:Windowssystem32ieaksie.dll
2009-05-25 22:07:46 —-A—- C:Windowssystem32WinFXDocObj.exe
2009-05-25 22:07:46 —-A—- C:Windowssystem32vbscript.dll
2009-05-25 22:07:46 —-A—- C:Windowssystem32pngfilt.dll
2009-05-25 22:07:46 —-A—- C:Windowssystem32mstime.dll
2009-05-25 22:07:46 —-A—- C:Windowssystem32msfeedssync.exe
2009-05-25 22:07:46 —-A—- C:Windowssystem32msfeeds.dll
2009-05-25 22:07:46 —-A—- C:Windowssystem32ieapfltr.dll
2009-05-25 22:07:46 —-A—- C:Windowssystem32advpack.dll
2009-05-25 22:07:45 —-A—- C:Windowssystem32url.dll
2009-05-25 22:07:45 —-A—- C:Windowssystem32mshta.exe
2009-05-25 22:07:45 —-A—- C:Windowssystem32jscript.dll
2009-05-25 22:07:45 —-A—- C:Windowssystem32iexpress.exe
2009-05-25 22:07:45 —-A—- C:Windowssystem32iedkcs32.dll
2009-05-25 22:07:44 —-A—- C:Windowssystem32wininet.dll
2009-05-25 22:07:44 —-A—- C:Windowssystem32SetIEInstalledDate.exe
2009-05-25 22:07:44 —-A—- C:Windowssystem32SetDepNx.exe
2009-05-25 22:07:44 —-A—- C:Windowssystem32RegisterIEPKEYs.exe
2009-05-25 22:07:44 —-A—- C:Windowssystem32PDMSetup.exe
2009-05-25 22:07:44 —-A—- C:Windowssystem32ieUnatt.exe
2009-05-25 22:07:44 —-A—- C:Windowssystem32iesysprep.dll
2009-05-25 22:07:44 —-A—- C:Windowssystem32iertutil.dll
2009-05-25 22:07:44 —-A—- C:Windowssystem32ie4uinit.exe
2009-05-25 22:07:43 —-A—- C:Windowssystem32urlmon.dll
2009-05-25 22:07:42 —-A—- C:Windowssystem32mshtml.dll
2009-05-25 22:07:42 —-A—- C:Windowssystem32ieframe.dll
2009-05-25 21:38:07 —-A—- C:Windowssystem32gpprefcl.dll
2009-05-25 21:32:41 —-A—- C:Windowssystem32infocardapi.dll
2009-05-25 21:32:40 —-A—- C:Windowssystem32PresentationCFFRasterizerNative_v0300.dll
2009-05-25 21:32:39 —-A—- C:Windowssystem32PresentationHostProxy.dll
2009-05-25 21:32:39 —-A—- C:Windowssystem32icardres.dll
2009-05-25 21:32:39 —-A—- C:Windowssystem32icardagt.exe
2009-05-25 21:32:37 —-A—- C:Windowssystem32PresentationNative_v0300.dll
2009-05-25 21:32:35 —-A—- C:Windowssystem32PresentationHost.exe
2009-05-25 21:31:42 —-D—- C:ProgramDataSteam
2009-05-25 21:31:26 —-D—- C:ProgramDataPopCap Games
2009-05-25 21:24:39 —-A—- C:Windowssystem32dfshim.dll
2009-05-25 21:24:36 —-A—- C:Windowssystem32mscoree.dll
2009-05-25 21:24:35 —-A—- C:Windowssystem32netfxperf.dll
2009-05-25 21:24:23 —-A—- C:Windowssystem32mscorier.dll
2009-05-25 21:24:19 —-A—- C:Windowssystem32mscories.dll
2009-05-25 21:23:37 —-D—- C:Windowssystem32WindowsPowerShell
2009-05-24 14:32:19 —-D—- C:Windows1C4551A64743409391E41477CD655043.TMP
2009-05-24 14:31:04 —-A—- C:Windowssystem32NVUNINST.EXE
2009-05-24 01:41:41 —-D—- C:temp
2009-05-23 20:12:33 —-D—- C:ProgramDatasalvation
2009-05-23 20:10:59 —-D—- C:ProgramDataDAEMON Tools Lite
2009-05-23 20:10:43 —-D—- C:UsersLangleyAppDataRoamingYandex
2009-05-23 20:10:43 —-D—- C:Program FilesYandex
2009-05-23 20:10:43 —-D—- C:Program FilesCommon FilesYandex
2009-05-23 20:10:43 —-A—- C:ProgramDataVistaLib32.dll
2009-05-23 20:10:26 —-D—- C:Program FilesDAEMON Tools Lite
2009-05-23 20:05:53 —-D—- C:UsersLangleyAppDataRoamingDAEMON Tools Lite
2009-05-23 18:22:19 —-A—- C:Windowssystem32BASSMOD.dll
2009-05-23 15:39:59 —-RA—- C:Windowssystem32tmp1E63.tmp
2009-05-23 15:39:59 —-D—- C:Program FilesOpenAL
2009-05-23 15:39:59 —-A—- C:Windowssystem32wrap_oal.dll
2009-05-23 15:39:59 —-A—- C:Windowssystem32OpenAL32.dll
2009-05-23 15:39:58 —-D—- C:Windows8AAB4176A747493AA42CB63CFADFD8E3.TMP
2009-05-23 15:39:26 —-A—- C:Windowssystem32D3DX9_40.dll
2009-05-23 15:39:26 —-A—- C:Windowssystem32d3dx10_40.dll
2009-05-23 15:39:26 —-A—- C:Windowssystem32D3DCompiler_40.dll
2009-05-23 15:39:25 —-A—- C:Windowssystem32xactengine3_3.dll
2009-05-23 00:10:25 —-D—- C:Program FilesURUSoft
2009-05-13 21:38:49 —-A—- C:Windowssystem32javaws.exe
2009-05-13 21:38:49 —-A—- C:Windowssystem32javaw.exe
2009-05-13 21:38:49 —-A—- C:Windowssystem32java.exe
2009-05-13 21:38:49 —-A—- C:Windowssystem32deploytk.dll
2009-05-13 21:38:34 —-D—- C:Program FilesJava
2009-05-13 21:36:47 —-D—- C:Program FilesPS3 Media Server
2009-05-07 21:31:08 —-D—- C:Windows64F6748976BB4CDDA236F954BE774B35.TMP
2009-05-01 00:08:08 —-A—- C:Windowssystem32nvcpluir.dll
2009-05-01 00:08:08 —-A—- C:Windowssystem32nvcplui.exe
2009-05-01 00:08:00 —-A—- C:Windowssystem32nvsvsr.dll
2009-05-01 00:08:00 —-A—- C:Windowssystem32nvsvs.dll
2009-05-01 00:07:54 —-A—- C:Windowssystem32nvwssr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvwss.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvvsvc.exe
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvvitvsr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvvitvs.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvsvcr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvsvc.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvshext.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmoblsr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmobls.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmctray.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmccssr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvmccss.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvgamesr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvgames.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvdispsr.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvdisps.dll
2009-05-01 00:07:52 —-A—- C:Windowssystem32nvcpl.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvwgf2um.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvudisp.exe
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvoglv32.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvd3dum.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcuvid.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcuvenc.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcuda.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcod146.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvcod.dll
2009-04-30 22:02:00 —-A—- C:Windowssystem32nvapi.dll
2009-04-30 17:03:53 —-D—- C:Program FilesAlcohol Soft
2009-04-30 16:57:53 —-D—- C:Program FilesDAEMON Tools Pro
2009-04-30 16:12:10 —-D—- C:UsersLangleyAppDataRoamingDAEMON Tools Pro
2009-04-28 22:06:39 —-D—- C:UsersLangleyAppDataRoamingHamachi
2009-04-28 22:06:17 —-D—- C:Program FilesHamachi

======List of files/folders modified in the last 1 months======

2009-05-26 21:37:36 —-D—- C:Program Filestrend micro
2009-05-26 21:37:27 —-D—- C:WindowsTemp
2009-05-26 21:36:04 —-D—- C:WindowsPrefetch
2009-05-26 21:32:22 —-D—- C:WindowsSystem32
2009-05-26 21:32:22 —-D—- C:Windowsinf
2009-05-26 21:32:22 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-05-26 21:27:05 —-D—- C:UsersLangleyAppDataRoamingSkype
2009-05-26 21:27:02 —-D—- C:UsersLangleyAppDataRoamingskypePM
2009-05-26 20:39:34 —-D—- C:UsersLangleyAppDataRoaminguTorrent
2009-05-26 08:46:53 —-D—- C:Windowsrescache
2009-05-26 08:42:16 —-D—- C:WindowsMicrosoft.NET
2009-05-26 08:42:10 —-RSD—- C:Windowsassembly
2009-05-26 08:36:55 —-SHD—- C:System Volume Information
2009-05-26 08:30:22 —-D—- C:WindowsWindowsMobile
2009-05-26 00:09:24 —-D—- C:Program FilesInternet Explorer
2009-05-26 00:09:23 —-D—- C:Windowssystem32ru-RU
2009-05-26 00:09:22 —-D—- C:WindowsPolicyDefinitions
2009-05-26 00:09:21 —-D—- C:Windowssystem32migration
2009-05-26 00:09:21 —-D—- C:Windowssystem32en-US
2009-05-26 00:09:20 —-D—- C:Windowssystem32wbem
2009-05-26 00:09:16 —-D—- C:Windowssystem32XPSViewer
2009-05-25 22:10:16 —-D—- C:Windowswinsxs
2009-05-25 22:10:09 —-D—- C:Windowssystem32catroot
2009-05-25 22:09:37 —-HD—- C:Program FilesInstallShield Installation Information
2009-05-25 22:09:06 —-D—- C:Windowssystem32catroot2
2009-05-25 21:38:31 —-D—- C:Windows
2009-05-25 21:36:07 —-SHD—- C:WindowsInstaller
2009-05-25 21:31:42 —-HD—- C:ProgramData
2009-05-25 21:28:20 —-SD—- C:UsersLangleyAppDataRoamingMicrosoft
2009-05-25 21:28:08 —-D—- C:Windowssystem32drivers
2009-05-25 21:27:37 —-D—- C:Windowssystem32LogFiles
2009-05-25 21:20:53 —-D—- C:WindowsDebug
2009-05-24 20:19:46 —-D—- C:TimeZero
2009-05-24 14:35:59 —-D—- C:ProgramDataNVIDIA
2009-05-24 14:32:16 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-05-24 01:41:01 —-D—- C:ProgramDataMedia Center Programs
2009-05-23 20:10:43 —-RD—- C:Program Files
2009-05-23 20:10:43 —-D—- C:Program FilesCommon Files
2009-05-19 21:43:11 —-D—- C:Program FilesLogitech
2009-05-19 21:42:28 —-D—- C:Program FilesCommon FilesSteam
2009-05-19 21:41:49 —-D—- C:WindowsMinidump
2009-05-14 08:57:00 —-D—- C:Program FilesWindows Mail
2009-05-13 21:00:34 —-D—- C:Windowssystem32Tasks
2009-05-07 00:16:30 —-A—- C:Windowssystem32mrt.exe
2009-05-06 21:46:19 —-A—- C:Windowssystem32PnkBstrB.exe
2009-05-06 13:54:40 —-D—- C:WindowsTasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-02-06 23152]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-02-06 51376]
R1 CSC;Offline Files Driver; C:Windowssystem32driverscsc.sys [2008-01-21 350720]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-02-06 51792]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:Windowssystem32DRIVERSatl01v32.sys [2007-04-12 48128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys [2009-03-19 23400]
R3 hamachi;Hamachi Network Interface; C:Windowssystem32DRIVERShamachi.sys [2009-04-28 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2007-04-23 1769952]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:Windowssystem32DRIVERSL8042Kbd.sys [2007-04-11 20496]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:Windowssystem32DRIVERSLHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:Windowssystem32DRIVERSLMouFilt.Sys [2007-04-11 36112]
R3 MTsensor;ATK0110 ACPI UTILITY; C:Windowssystem32DRIVERSASACPI.sys [2006-10-19 7680]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-04-30 9850016]
R3 pcouffin;VSO Software pcouffin; C:WindowsSystem32Driverspcouffin.sys [2009-04-12 47360]
R3 RivaTuner32;RivaTuner32; ??C:Program FilesRivaTuner v2.24RivaTuner32.sys [2009-02-25 9088]
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-21 83328]
S3 a1puttax;a1puttax; C:Windowssystem32driversa1puttax.sys []
S3 alitg56x;alitg56x; C:Windowssystem32driversalitg56x.sys []
S3 Dot4;Драйвер MS IEEE-1284.4; C:Windowssystem32DRIVERSDot4.sys [2008-01-21 131584]
S3 Dot4Print;Драйвер класса принтеров для IEEE-1284.4; C:Windowssystem32DRIVERSDot4Prt.sys [2008-01-21 16384]
S3 dot4usb;Dot4USB фильтр Dot4USB Filter; C:Windowssystem32DRIVERSdot4usb.sys [2008-01-21 36864]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-21 5632]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; ??C:UsersLangleyDesktopEVEREST Ultimate.5.Portable Ruskerneld.wnt [2009-02-16 26224]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-21 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-21 6016]
S3 usb_rndisx;Адаптер USB RNDIS; C:Windowssystem32DRIVERSusb8023x.sys [2008-01-21 15872]
S3 usbscan;Драйвер USB-сканера; C:Windowssystem32DRIVERSusbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2008-01-21 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-03-26 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-02-06 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-02-06 138680]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 CscService;@%systemroot%system32cscsvc.dll,-200; C:WindowsSystem32svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-05-01 211488]
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2009-04-26 75064]
R2 PnkBstrB;PnkBstrB; C:Windowssystem32PnkBstrB.exe [2009-05-06 189496]
R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2008-01-21 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-02-06 352920]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2009-04-02 656168]
R3 Steam Client Service;Steam Client Service; C:Program FilesCommon FilesSteamSteamService.exe [2009-05-19 322032]
S3 AppMgmt;@appmgmts.dll,-3250; C:Windowssystem32svchost.exe [2008-01-21 21504]
S3 Fax;@%systemroot%system32fxsresm.dll,-118; C:Windowssystem32fxssvc.exe [2008-01-21 523776]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-24 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%system32umrdp.dll,-1000; C:WindowsSystem32svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%system32wbengine.exe,-104; C:Windowssystem32wbengine.exe [2008-01-21 917504]

---

EOF

---

[Admin]

Лог выглядит нормально. Как сейчас работает компьютер.

[Gendalf]

все также вылетает в играх или синий экран
возможно ли такие только изза того что видеокарта например греется ?

[Admin]

возможно ли такие только изза того что видеокарта например греется ?

Конечно, легко.
Так же если изменяли частоту системной шины, напряжение питания памяти и тд, то зависания, сбои и синий экран, верные знаки нестабильной работы компьютера в этом режиме.

[Gendalf]

а как все это проверить или вернуть к первоначальным настройкам ? я много раз винду переставлял но всегда вылетает…

[Admin]

А вы меняли что либо из перечисленного выше ?

[Gendalf]

я не помню чтобы я чтото менял вобще =

[Admin]

я много раз винду переставлял но всегда вылетает…

И каждый раз одна и таже проблема ?
Даже в случае установки Windows на чистый диск ?
В этом случае вероятнее всего проблема именно с железом.

[Gendalf]

а есть какаянить програмка ,чтобы определила , совместимо ли мое железо в принципе ?

[Admin]

Извините, но это выходит за рамки этого форум. Советую обратитесь на компьютерный форум, который посвящен именно компьютерному железу.

[Автор]

Сообщения