﻿Лог утилиты random's system information tool 1.12(автор: random/random)
Run by Ольга at 2015-03-20 15:42:05
Microsoft Windows 7 Максимальная  Service Pack 1
Системный раздел C: размер 52 GB (52%) Свободно 100 GB
Total RAM: 3063 MB (64% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:42:08, on 20.03.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\hasplms.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Torrent Search\Basement\ExtensionUpdaterService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
E:\AutoLogger\AutoLogger\AVZ\avz.exe
C:\Program Files\2gis\3.0\2GISTrayNotifier.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Torrent Search\BackgroundSingleton.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe
E:\AutoLogger\AutoLogger\RSIT\RSIT.exe
E:\AutoLogger\AutoLogger\RSIT\Ольга_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/7227
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Torrent Search - {05EB6920-D8AD-4350-BEF1-4F7107F70431} - C:\Program Files\Torrent Search\Toolbar32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: Html5 geolocation provider - {9BFBA68E-E21B-458E-AE12-FE85E903D2C0} - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [2Gis Update Notifier] "C:\Program Files\2gis\3.0\2GISTrayNotifier.exe" -delayed_start
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Torrent Search - {44627DAE-18B6-4ABC-8B22-13979EDFC56D} - C:\Program Files\Torrent Search\Toolbar32.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Ольга\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU)
O9 - Extra 'Tools' menuitem: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Ольга\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {22F20922-94B4-4B9C-B073-B0531E0ACA68} - https://dbo.uralsibbank.ru/CODE/3.17.6.800/bssslus.cab
O23 - Service: 2GIS UpdateService (2GISUpdateService) - ООО ДубльГИС - C:\Program Files\2gis\3.0\2GISUpdateService.exe
O23 - Service: Pulse Design Spooler (DesignSpooler) - Pulse Microsystem Ltd. - C:\Program Files\Tajima\DGML By Pulse\DesignSpooler.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel Local License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Service for Torrent Search - Unknown owner - C:\Program Files\Torrent Search\Basement\ExtensionUpdaterService.exe

--
End of file - 8212 bytes

======Папка назначеных зданий======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-olya-Ольга - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\MailRuUpdateTask - C:\Users\Ольга\AppData\Local\Mail.Ru\MailRuUpdater.exe --scheduler
C:\Windows\system32\tasks\SystemScript - C:\Users\Ольга\AppData\Local\Microsoft\Windows\toolbar.exe 
C:\Windows\system32\tasks\{1B9B8F4A-23F5-4E17-931B-3ACC85742559} - C:\Windows\system32\pcalua.exe -a "C:\Налогоплательщик ЮЛ\4331\idw4331.exe" -d "C:\Налогоплательщик ЮЛ\4331"
C:\Windows\system32\tasks\{1D9D6819-479E-4CF7-8B94-7360A42C4AC1} - C:\Windows\system32\pcalua.exe -a "K:\27_03_14_15_44_48\Налогоплательщик ЮЛ\438\idw438.exe" -d "K:\27_03_14_15_44_48\Налогоплательщик ЮЛ\438"
C:\Windows\system32\tasks\{2DC94582-5123-4FB3-863A-347E6EFE775B} - C:\Windows\system32\pcalua.exe -a L:\Налогоплательщик\Налогоплательщик_ЮЛ\428_1\idw4281.exe -d L:\Налогоплательщик\Налогоплательщик_ЮЛ\428_1
C:\Windows\system32\tasks\{35AA0FCE-4876-41AF-8CD0-C53E3F227E85} - C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -c /M{8860C5B7-D1D8-4297-826C-7789694753C5} /l1033
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-3033772356-403470913-1968366924-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" 
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs 
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe 
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent 
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe 
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe 

=========Google Chrome=========

C:\Users\Ольга\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension apdfllckaahabafndbhieahigkjlhalf 1 Диск Google 6.4
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.7
Extension cfhdojbkjhnklbpkdaibdccddilifddb 1 Adblock Plus 1.8.12
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Поиск Google 0.0.0.20
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.10
Extension lccekmodgklaepjeofjdjpbminllajkg 1 Chrome Hotword Shared Module 0.3.0.2
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension nbpagnldghgfoolbancepceaanlmhfmd 1 Hotword triggering 0.0.1.3
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nhgcieglcpdegkhamigiokdphfhhnlhh 2 Altergeo расширение 3.5.4
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google+ Hangouts 1.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Google Кошелек 0.1.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8
Homepage: 
default_search_provider.search_url: 
C:\Users\Ольга\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nhgcieglcpdegkhamigiokdphfhhnlhh]
"Path"=C:\Program Files\AlterGeo\Html5 geolocation provider\altergeo.crx


======Снимок реестра======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EB6920-D8AD-4350-BEF1-4F7107F70431}]
Torrent Search - C:\Program Files\Torrent Search\Toolbar32.dll [2015-01-30 250376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-03 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C0}]
AlterGeoBHO Class - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll [2014-08-01 670416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-03 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"2Gis Update Notifier"=C:\Program Files\2gis\3.0\2GISTrayNotifier.exe [2014-12-18 4582936]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-10-05 9742952]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816]
"USB Antivirus"=C:\Program Files\USB Disk Security\USBGuard.exe [2011-12-25 1466893]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlterGeoUpdater]
C:\Program Files\AlterGeo\Html5 geolocation provider\html5locsvc.exe [2012-06-06 29256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amigo]
C:\Users\Ольга\AppData\Local\Amigo\Application\amigo.exe --no-startup-window []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MAgent]
C:\Users\Ольга\AppData\Roaming\Mail.Ru\Agent\magent.exe [2012-11-28 27972712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailRuUpdater]
C:\Users\Ольга\AppData\Local\Mail.Ru\MailRuUpdater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\progrmma]
C:\Program Files\xexe\engine.exe []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\PotPlayer\potplayermini.exe"="C:\Program Files\PotPlayer\potplayermini.exe:*:Enabled:Daum PotPlayer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"StubPath"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 3 месяца======

2015-03-20 15:35:20 ----A---- C:\Windows\system32\drivers\ute2odqx.sys
2015-03-18 12:02:05 ----D---- C:\Windows\PCHEALTH
2015-03-18 12:02:05 ----D---- C:\Program Files\Microsoft.NET
2015-03-18 12:00:34 ----RHD---- C:\MSOCache
2015-03-18 11:58:48 ----SHD---- C:\Config.Msi
2015-03-18 11:51:06 ----D---- C:\ProgramData\Microsoft Help
2015-03-16 12:50:11 ----D---- C:\Device
2015-03-16 12:40:53 ----A---- C:\Windows\ntbtlog.txt
2015-03-16 11:55:30 ----A---- C:\cureit.exe
2015-03-16 11:41:42 ----D---- C:\Program Files\Google
2015-03-16 09:36:10 ----D---- C:\Program Files\xexe
2015-03-16 09:35:55 ----D---- C:\Program Files\Закупки
2015-02-23 18:09:53 ----D---- C:\Users\Ольга\AppData\Roaming\Torrent Search
2015-02-23 18:06:45 ----D---- C:\Program Files\Torrent Search
2015-02-23 18:06:09 ----D---- C:\Users\Ольга\AppData\Roaming\SPI
2015-02-23 18:06:09 ----D---- C:\Users\Ольга\AppData\Roaming\Browsers

======Список файлов и папок, измененных за последние 3 месяца======

2015-03-20 15:42:09 ----D---- C:\Windows\Prefetch
2015-03-20 15:39:45 ----A---- C:\Windows\system32\log.txt
2015-03-20 15:37:32 ----D---- C:\ProgramData\NVIDIA
2015-03-20 15:35:20 ----D---- C:\Windows\system32\drivers
2015-03-20 15:34:43 ----D---- C:\Windows\System32
2015-03-20 15:34:43 ----D---- C:\Windows\inf
2015-03-20 15:34:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-20 15:33:46 ----D---- C:\Windows\Temp
2015-03-20 09:50:03 ----D---- C:\Windows\tracing
2015-03-19 09:48:23 ----D---- C:\Windows\system32\config
2015-03-18 12:03:47 ----SD---- C:\Users\Ольга\AppData\Roaming\Microsoft
2015-03-18 12:03:07 ----SHD---- C:\Windows\Installer
2015-03-18 12:02:55 ----RSD---- C:\Windows\assembly
2015-03-18 12:02:21 ----D---- C:\Program Files\Microsoft Works
2015-03-18 12:02:14 ----D---- C:\Program Files\Microsoft Office
2015-03-18 12:02:13 ----D---- C:\Program Files\Common Files\DESIGNER
2015-03-18 12:02:12 ----D---- C:\Program Files\Common Files\microsoft shared
2015-03-18 12:02:07 ----RSD---- C:\Windows\Fonts
2015-03-18 12:02:05 ----RD---- C:\Program Files
2015-03-18 12:02:05 ----D---- C:\Windows
2015-03-18 12:01:22 ----D---- C:\Windows\ShellNew
2015-03-18 12:01:19 ----A---- C:\Windows\win.ini
2015-03-18 12:01:18 ----D---- C:\Program Files\Common Files\System
2015-03-18 12:00:33 ----SHD---- C:\System Volume Information
2015-03-18 11:56:04 ----D---- C:\Windows\Help
2015-03-18 11:53:48 ----D---- C:\Windows\winsxs
2015-03-18 11:53:14 ----D---- C:\Program Files\Mail.Ru
2015-03-18 11:51:06 ----HD---- C:\ProgramData
2015-03-16 12:41:52 ----D---- C:\Windows\system32\catroot2
2015-03-16 11:41:45 ----D---- C:\Windows\Tasks
2015-03-16 11:41:45 ----D---- C:\Windows\system32\Tasks
2015-03-16 11:41:21 ----D---- C:\Windows\system32\appmgmt
2015-03-16 11:40:21 ----D---- C:\Users\Ольга\AppData\Roaming\Yandex
2015-03-16 09:47:40 ----D---- C:\Users\Ольга\AppData\Roaming\Skype
2015-03-16 09:47:40 ----D---- C:\Users\Ольга\AppData\Roaming\Mra
2015-03-16 09:47:33 ----D---- C:\Users\Ольга\AppData\Roaming\DAEMON Tools Lite
2015-03-16 09:38:39 ----D---- C:\Spu_orb
2015-03-16 09:38:28 ----D---- C:\Program Files\WinRAR
2015-03-16 09:38:12 ----D---- C:\Program Files\EMBIRD32
2015-03-16 09:36:21 ----D---- C:\CheckXml
2015-03-16 09:36:21 ----D---- C:\2_НДФЛ_2010_(новый приказ)
2015-03-16 09:16:56 ----D---- C:\ProgramData\CanonIJPLM
2015-03-15 14:23:07 ----D---- C:\ProgramData\CanonIJ
2015-03-03 20:16:52 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-25 15:13:27 ----D---- C:\ProgramData\Guard.Mail.Ru
2015-02-23 18:06:51 ----D---- C:\Windows\system32\GroupPolicy
2015-01-22 12:36:05 ----D---- C:\Users\Ольга\AppData\Roaming\.minecraft

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 oem-drv86;OEM-SLP2.1 Driver (HPD86); C:\Windows\system32\DRIVERS\oem-drv86.sys [2015-03-20 28160]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-30 239168]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2012-08-07 365056]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2012-09-27 605128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2005-03-02 90168]
R3 iKeyEnum;Rainbow iKey Enumerator; C:\Windows\system32\DRIVERS\ikeyenum.sys [2004-03-16 11464]
R3 iKeyIFD;Rainbow iKey Virtual Reader; C:\Windows\system32\DRIVERS\ikeyifd.sys [2004-03-16 17928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-10-05 3211432]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-09-21 41088]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-01-17 148800]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-12-29 327784]
R3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 ute2odqx;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\ute2odqx.sys [2015-03-20 7168]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 fdrawcmd;Low-level Floppy Driver; \??\C:\Windows\system32\drivers\fdrawcmd.sys []
S3 HWHandSet;HWUSBSERSP; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [2011-10-24 195200]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 15872]
S3 RnbToken;Rainbow iKey Token Service; C:\Windows\system32\DRIVERS\rnbtoken.sys [2004-03-16 18536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 35968]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2012-08-23 4412872]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R2 Update Service for Torrent Search;Update Service for Torrent Search; C:\Program Files\Torrent Search\Basement\ExtensionUpdaterService.exe [2015-01-30 136200]
S2 DesignSpooler;Pulse Design Spooler; C:\Program Files\Tajima\DGML By Pulse\DesignSpooler.exe [2005-05-07 684032]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-16 107848]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S3 2GISUpdateService;2GIS UpdateService; C:\Program Files\2gis\3.0\2GISUpdateService.exe [2014-12-18 3764760]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-16 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-27 1343400]

-----------------EOF-----------------
