Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Romper008 at 2012-11-19 18:32:57
Microsoft Windows 7 Максимальная  Service Pack 1
Системный раздел C: размер 9 GB (19%) Свободно 50 GB
Total RAM: 8175 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:32:59, on 19.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\MKey\MKey.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
D:\Steam\Steam.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\XFastUsb\XFastUsb.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Romper008.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=111304&tt=3412_5&babsrc=HP_ss&mntrId=4a39a86d00000000000000ff5df6b9e9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {f999a48b-1950-4d81-9971-79018f807b4b} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Помощник по входу с помощью идентификатора Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MKey] C:\Program Files (x86)\MKey\MKey.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2411132292-4244965111-1904650104-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2411132292-4244965111-1904650104-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Добавить в Анти-Баннер - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O9 - Extra button: &Виртуальная клавиатура - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Проверка ссы&лок - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O9 - Extra button: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASGT - Unknown owner - (no file)
O23 - Service: Служба состояний ASP.NET (aspnet_state) - Unknown owner - (no file)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - (no file)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11006 bytes

======Список процессов======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k apphost
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" -r
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RocketDock\RocketDock.exe" 
"C:\Program Files (x86)\MKey\MKey.exe" 
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
"D:\Steam\Steam.exe" -silent
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" 
"C:\Program Files (x86)\XFastUsb\XFastUsb.exe" 
WLIDSvcM.exe 1104
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\wbengine.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\vds.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536 
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Romper\Desktop\RSIT\RSITx64.exe" 

======Папка назначеных зданий======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Romper\AppData\Roaming\Mozilla\Firefox\Profiles\7c5w10v6.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "http://www.yandex.ru/?vid=101&clid=14003"
prefs.js - "keyword.URL" -  "http://go.mail.ru/search?utf8in=1&fr=fftbUFix&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Romper\AppData\Roaming\raidcall\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.kr/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Romper\AppData\Roaming\RCKR\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
mailru.xml
ozonru.xml
priceru.xml
wikipedia-ru.xml
yandex-slovari.xml
yandex.xml

C:\Users\Romper\AppData\Roaming\Mozilla\Firefox\Profiles\7c5w10v6.default\extensions\
DefaultManager@Microsoft
foxyproxy@eric.h.jung
{20a82645-c095-46ed-80e3-08825760534b}

C:\Users\Romper\AppData\Roaming\Mozilla\Firefox\Profiles\7c5w10v6.default\searchplugins\
askcom.xml
mailru---.xml
ybqs-yandex.xml

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll [2011-04-24 91536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 545152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 193416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll [2011-04-24 292752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-28 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll [2011-04-24 86416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу с помощью идентификатора Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll [2011-04-24 229776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2012-03-20 3340288]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"MKey"=C:\Program Files (x86)\MKey\MKey.exe [2009-09-07 2285568]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17420464]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-05-19 880496]
"Steam"=D:\Steam\steam.exe [2012-08-04 1353080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-28 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Users\Romper\AppData\Local\Akamai\netsession_win.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Romper\AppData\Local\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7311_Monitor]
C:\Windows\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent]
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [2012-02-21 371256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12DMREngine]
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2012-01-02 501544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wmagent.exe]
C:\Program Files (x86)\WebMoney Agent\wmagent.exe [2009-10-19 210400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZDimaSreenshotMaker]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Romper^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Punto Switcher.lnk]
 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2012-11-04 206448]
"XFastUsb"=C:\Program Files (x86)\XFastUsb\XFastUsb.exe [2012-04-15 4942336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll [2011-04-24 234896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"aux3"=wdmaud.drv

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 3 месяца======

2012-11-19 18:31:43 ----D---- C:\rsit
2012-11-19 18:31:43 ----D---- C:\Program Files\trend micro
2012-11-13 21:34:32 ----D---- C:\Users\Romper\AppData\Roaming\Solveig Multimedia
2012-11-13 21:30:22 ----D---- C:\Program Files (x86)\HyperCam 3
2012-11-13 18:26:31 ----D---- C:\Users\Romper\AppData\Roaming\Mumble
2012-11-13 18:26:19 ----D---- C:\Program Files (x86)\Mumble
2012-11-09 13:46:49 ----D---- C:\Program Files (x86)\Google
2012-10-31 20:57:50 ----D---- C:\Users\Romper\AppData\Roaming\RCKR
2012-10-30 18:21:15 ----D---- C:\Users\Romper\AppData\Roaming\Nero
2012-10-30 10:09:29 ----D---- C:\ProgramData\Nikon
2012-10-29 18:04:17 ----A---- C:\Windows\ViewNX2.INI
2012-10-29 18:03:46 ----D---- C:\Users\Romper\AppData\Roaming\Nikon
2012-10-29 18:02:44 ----D---- C:\Program Files (x86)\ArcSoft
2012-10-29 18:01:27 ----D---- C:\Users\Romper\AppData\Roaming\ArcSoft
2012-10-29 17:59:58 ----H---- C:\ProgramData\PKP_DLes.DAT
2012-10-29 17:59:34 ----D---- C:\Program Files\Nikon
2012-10-29 17:59:34 ----D---- C:\Program Files\Common Files\Nikon
2012-10-29 17:59:34 ----D---- C:\Program Files (x86)\Nikon
2012-10-29 17:59:32 ----A---- C:\Windows\SYSWOW64\ATL71.DLL
2012-10-29 17:59:27 ----H---- C:\ProgramData\PKP_DLev.DAT
2012-10-29 17:59:26 ----H---- C:\ProgramData\PKP_DLet.DAT
2012-10-29 17:59:00 ----H---- C:\ProgramData\PKP_DLeo.DAT
2012-10-29 17:59:00 ----D---- C:\ProgramData\Ultima_T15
2012-10-29 17:59:00 ----D---- C:\ProgramData\EnterNHelp
2012-10-28 22:47:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-10-28 22:47:58 ----A---- C:\Windows\system32\mshtmled.dll
2012-10-28 22:47:57 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-10-28 22:47:57 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-10-28 22:47:57 ----A---- C:\Windows\SYSWOW64\url.dll
2012-10-28 22:47:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-10-28 22:47:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-10-28 22:47:57 ----A---- C:\Windows\system32\urlmon.dll
2012-10-28 22:47:57 ----A---- C:\Windows\system32\url.dll
2012-10-28 22:47:57 ----A---- C:\Windows\system32\jscript9.dll
2012-10-28 22:47:57 ----A---- C:\Windows\system32\ieUnatt.exe
2012-10-28 22:47:57 ----A---- C:\Windows\system32\ieui.dll
2012-10-28 22:47:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-10-28 22:47:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-10-28 22:47:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-10-28 22:47:56 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-10-28 22:47:56 ----A---- C:\Windows\system32\wininet.dll
2012-10-28 22:47:56 ----A---- C:\Windows\system32\vbscript.dll
2012-10-28 22:47:56 ----A---- C:\Windows\system32\msfeeds.dll
2012-10-28 22:47:56 ----A---- C:\Windows\system32\jsproxy.dll
2012-10-28 22:47:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-10-28 22:47:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-10-28 22:47:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-10-28 22:47:55 ----A---- C:\Windows\system32\jscript.dll
2012-10-28 22:47:55 ----A---- C:\Windows\system32\iertutil.dll
2012-10-28 22:47:54 ----A---- C:\Windows\system32\mshtml.dll
2012-10-28 22:47:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-10-28 22:47:53 ----A---- C:\Windows\system32\ieframe.dll
2012-10-28 22:46:26 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-10-28 22:46:25 ----A---- C:\Windows\system32\drivers\netio.sys
2012-10-28 22:46:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-10-28 22:46:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-28 22:46:22 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-28 22:46:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-28 22:46:14 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-28 22:46:14 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-28 22:46:14 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-28 22:46:14 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-28 22:46:14 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-28 22:46:14 ----A---- C:\Windows\system32\crypt32.dll
2012-10-28 22:46:11 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-28 22:46:11 ----A---- C:\Windows\system32\tzres.dll
2012-10-28 22:46:08 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-28 22:46:08 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-28 22:46:08 ----A---- C:\Windows\system32\wintrust.dll
2012-10-28 22:46:08 ----A---- C:\Windows\system32\kerberos.dll
2012-10-27 23:52:41 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-22 08:12:06 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-10-22 08:12:06 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-10-22 08:12:06 ----A---- C:\Windows\SYSWOW64\java.exe
2012-10-13 19:08:18 ----D---- C:\Users\Romper\AppData\Roaming\Ventrilo
2012-10-13 19:07:47 ----D---- C:\Program Files\Ventrilo
2012-10-13 19:07:44 ----A---- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2012-10-12 23:00:33 ----D---- C:\Users\Romper\AppData\Roaming\Dishonored_Panky
2012-10-12 20:32:36 ----A---- C:\Windows\system32\nvopencl.dll
2012-10-12 20:32:35 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2012-10-12 20:32:35 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2012-10-12 20:32:35 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2012-10-12 20:32:35 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2012-10-12 20:32:35 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2012-10-12 20:32:35 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2012-10-12 20:32:35 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2012-10-12 20:32:35 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2012-10-12 20:32:35 ----A---- C:\Windows\system32\nvoglv64.dll
2012-10-12 20:32:35 ----A---- C:\Windows\system32\nvinitx.dll
2012-10-12 20:32:35 ----A---- C:\Windows\system32\nvd3dumx.dll
2012-10-12 20:32:35 ----A---- C:\Windows\system32\nvcuvid.dll
2012-10-12 20:32:35 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-10-12 20:32:35 ----A---- C:\Windows\system32\nvcuda.dll
2012-10-12 20:32:35 ----A---- C:\Windows\system32\nvcompiler.dll
2012-10-12 20:32:35 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-10-05 19:21:49 ----D---- C:\ProgramData\CanonIJPLM
2012-10-05 19:20:28 ----A---- C:\Windows\system32\CNMXLMA4.DLL
2012-10-05 19:19:37 ----HD---- C:\ProgramData\CanonBJ
2012-10-05 19:19:28 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2012-10-05 19:19:22 ----A---- C:\Windows\system32\CNMLMA4.DLL
2012-10-05 19:19:15 ----A---- C:\Windows\system32\CNMIUA4.DLL
2012-10-05 19:19:02 ----HD---- C:\Program Files\CanonBJ
2012-10-05 19:17:31 ----D---- C:\Program Files (x86)\Canon
2012-10-02 13:15:52 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2012-09-24 22:06:19 ----D---- C:\Program Files\WinDjView
2012-09-16 10:17:01 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2012-09-16 10:17:01 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-09-11 22:05:06 ----D---- C:\ProgramData\NVIDIA
2012-09-11 22:04:48 ----A---- C:\Windows\system32\nvvsvc.exe
2012-09-11 22:04:48 ----A---- C:\Windows\system32\nvsvcr.dll
2012-09-11 22:04:48 ----A---- C:\Windows\system32\nvsvc64.dll
2012-09-11 22:04:48 ----A---- C:\Windows\system32\nvshext.dll
2012-09-11 22:04:48 ----A---- C:\Windows\system32\nvmctray.dll
2012-09-11 22:04:48 ----A---- C:\Windows\system32\nvcpl.dll
2012-09-11 22:04:33 ----D---- C:\temp
2012-09-11 22:04:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-09-11 22:04:18 ----A---- C:\Windows\system32\OpenCL.dll
2012-09-11 22:04:12 ----D---- C:\ProgramData\NVIDIA Corporation
2012-09-11 21:58:36 ----A---- C:\Windows\system32\nvwgf2umx.dll
2012-09-11 21:58:36 ----A---- C:\Windows\system32\nvhdap64.dll
2012-09-11 21:58:36 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2012-09-11 21:58:36 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2012-09-11 21:58:35 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2012-09-11 21:58:35 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-09-11 21:58:35 ----A---- C:\Windows\system32\nvdispgenco64.dll
2012-09-11 21:58:35 ----A---- C:\Windows\system32\nvdispco64.dll
2012-09-11 21:58:33 ----A---- C:\Windows\system32\nvapi64.dll
2012-09-10 14:03:48 ----D---- C:\Users\Romper\AppData\Roaming\raidcall
2012-09-10 14:03:43 ----D---- C:\Program Files (x86)\RaidCall
2012-08-29 00:22:38 ----A---- C:\Users\Romper\AppData\Roaming\room_v3.dat
2012-08-29 00:21:31 ----D---- C:\Users\Romper\AppData\Roaming\GarenaPlus
2012-08-29 00:21:23 ----D---- C:\Program Files (x86)\Garena Plus
2012-08-25 20:38:56 ----D---- C:\ProgramData\MTA San Andreas All
2012-08-22 19:05:08 ----SHD---- C:\ProgramData\SecuROM
2012-08-22 16:25:14 ----A---- C:\Windows\SplitCam.INI
2012-08-22 16:23:58 ----D---- C:\Windows\PAC7311
2012-08-22 16:23:58 ----D---- C:\Program Files (x86)\D-Link
2012-08-22 16:13:10 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2012-08-22 16:12:21 ----A---- C:\Windows\system32\xvidvfw.dll
2012-08-22 16:12:21 ----A---- C:\Windows\system32\xvidcore.dll
2012-08-22 16:11:38 ----D---- C:\Program Files (x86)\SplitCam
2012-08-22 15:16:22 ----D---- C:\Program Files (x86)\Conduit
2012-08-22 15:16:18 ----D---- C:\Users\Romper\AppData\Roaming\Free MP3 WMA OGG Converter
2012-08-22 15:16:12 ----A---- C:\Windows\SYSWOW64\NCTWMAFile2.dll
2012-08-22 15:16:12 ----A---- C:\Windows\SYSWOW64\NCTAudioRecord2.dll
2012-08-22 15:16:12 ----A---- C:\Windows\SYSWOW64\NCTAudioPlayer2.dll
2012-08-22 15:16:12 ----A---- C:\Windows\SYSWOW64\NCTAudioInformation2.dll
2012-08-22 15:16:12 ----A---- C:\Windows\SYSWOW64\NCTAudioFile2.dll
2012-08-22 15:16:12 ----A---- C:\Windows\SYSWOW64\msvcr70.dll
2012-08-22 15:16:11 ----D---- C:\Program Files (x86)\Free MP3 WMA OGG Converter
2012-08-22 15:10:18 ----D---- C:\Users\Romper\AppData\Roaming\GRETECH
2012-08-22 15:09:19 ----D---- C:\Program Files (x86)\GRETECH
2012-08-20 01:35:56 ----A---- C:\Windows\system32\WinUSBCoInstaller2.dll
2012-08-20 01:35:56 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll

======Список файлов и папок, измененных за последние 3 месяца======

2012-11-19 18:32:58 ----D---- C:\Windows\Temp
2012-11-19 18:32:49 ----D---- C:\Windows\Prefetch
2012-11-19 18:32:14 ----D---- C:\Users\Romper\AppData\Roaming\uTorrent
2012-11-19 18:31:43 ----RD---- C:\Program Files
2012-11-19 18:29:16 ----A---- C:\Windows\SYSWOW64\log.txt
2012-11-19 18:27:55 ----D---- C:\Users\Romper\AppData\Roaming\Skype
2012-11-19 18:27:03 ----D---- C:\ProgramData\Kaspersky Lab
2012-11-19 18:06:43 ----D---- C:\Windows\SYSWOW64\drivers
2012-11-19 17:45:49 ----D---- C:\Windows\system32\config
2012-11-19 17:34:58 ----SHD---- C:\System Volume Information
2012-11-19 16:55:26 ----D---- C:\Users\Romper\AppData\Roaming\vlc
2012-11-19 15:32:33 ----D---- C:\Windows\System32
2012-11-19 15:32:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-19 15:32:32 ----D---- C:\Windows\inf
2012-11-19 15:25:48 ----D---- C:\Users\Romper\AppData\Roaming\MKey
2012-11-19 15:24:55 ----D---- C:\Windows
2012-11-19 14:00:28 ----SHD---- C:\Windows\Installer
2012-11-19 13:03:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-19 13:03:25 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-11-19 13:03:23 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-11-19 13:02:35 ----RSD---- C:\Windows\assembly
2012-11-18 23:38:46 ----AD---- C:\ProgramData\Temp
2012-11-18 23:27:11 ----D---- C:\Windows\debug
2012-11-18 22:01:09 ----D---- C:\Windows\system32\catroot2
2012-11-18 19:11:31 ----D---- C:\Users\Romper\AppData\Roaming\WebMoney
2012-11-17 15:58:56 ----D---- C:\Users\Romper\AppData\Roaming\AIMP3
2012-11-14 00:39:27 ----D---- C:\Users\Romper\AppData\Roaming\Yandex
2012-11-13 21:30:23 ----D---- C:\Program Files (x86)\Common Files
2012-11-13 21:30:22 ----RD---- C:\Program Files (x86)
2012-11-13 18:26:20 ----D---- C:\Windows\SysWOW64
2012-11-13 17:39:01 ----D---- C:\Windows\SYSWOW64\directx
2012-11-09 23:07:08 ----D---- C:\Users\Romper\AppData\Roaming\icq
2012-11-09 18:53:28 ----D---- C:\ProgramData\Tunngle
2012-11-09 18:53:10 ----D---- C:\Program Files (x86)\Tunngle
2012-11-09 18:53:09 ----D---- C:\Users\Romper\AppData\Roaming\Tunngle
2012-11-09 18:34:34 ----AD---- C:\Users\Romper\AppData\Roaming\.minecraft
2012-11-09 17:02:37 ----D---- C:\Windows\system32\Tasks
2012-11-09 13:46:52 ----D---- C:\Windows\Tasks
2012-11-04 10:10:28 ----D---- C:\Windows\system32\drivers
2012-11-02 08:01:29 ----D---- C:\Windows\Minidump
2012-10-31 19:08:40 ----D---- C:\Users\Romper\AppData\Roaming\IP-TV Player
2012-10-31 00:19:21 ----D---- C:\Windows\rescache
2012-10-30 10:09:29 ----HD---- C:\ProgramData
2012-10-29 18:00:19 ----D---- C:\Windows\Downloaded Installations
2012-10-29 17:59:34 ----D---- C:\Program Files\Common Files
2012-10-29 16:47:33 ----D---- C:\Windows\winsxs
2012-10-28 22:59:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-28 22:58:28 ----D---- C:\Windows\SYSWOW64\ru-RU
2012-10-28 22:58:28 ----D---- C:\Windows\SYSWOW64\migration
2012-10-28 22:58:28 ----D---- C:\Windows\SYSWOW64\en-US
2012-10-28 22:58:28 ----D---- C:\Windows\system32\ru-RU
2012-10-28 22:58:28 ----D---- C:\Windows\system32\migration
2012-10-28 22:58:28 ----D---- C:\Windows\system32\en-US
2012-10-28 22:58:28 ----D---- C:\Program Files\Internet Explorer
2012-10-28 22:58:28 ----D---- C:\Program Files (x86)\Internet Explorer
2012-10-28 22:49:43 ----A---- C:\Windows\win.ini
2012-10-28 22:48:54 ----D---- C:\Windows\system32\catroot
2012-10-23 22:52:10 ----D---- C:\Program Files (x86)\Контур Петрозаводск
2012-10-22 08:12:06 ----D---- C:\Program Files (x86)\Java
2012-10-12 23:40:05 ----D---- C:\ProgramData\RELOADED
2012-10-12 20:34:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-10-12 20:34:10 ----D---- C:\Windows\system32\DriverStore
2012-09-28 00:18:28 ----A---- C:\Windows\system32\MRT.exe
2012-09-17 15:23:00 ----D---- C:\Windows\system32\NDF
2012-09-16 01:02:05 ----SD---- C:\Users\Romper\AppData\Roaming\Microsoft
2012-09-11 22:05:04 ----RD---- C:\Users
2012-09-11 22:05:00 ----D---- C:\Program Files\NVIDIA Corporation
2012-09-11 22:04:46 ----D---- C:\Windows\Help
2012-09-06 19:24:26 ----A---- C:\Windows\AviSplitter.INI
2012-09-02 12:14:44 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2012-09-02 12:14:44 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-08-31 18:16:40 ----D---- C:\ProgramData\GarenaMessenger
2012-08-26 02:09:02 ----D---- C:\Program Files (x86)\AIMP3
2012-08-22 15:14:58 ----D---- C:\Windows\Resources
2012-08-22 00:35:57 ----D---- C:\ProgramData\DivX
2012-08-22 00:35:36 ----D---- C:\Program Files (x86)\DivX
2012-08-22 00:35:29 ----D---- C:\Program Files\DivX
2012-08-22 00:14:57 ----D---- C:\Program Files (x86)\TeknoXlive
2012-08-22 00:01:21 ----ASD---- C:\ProgramData\Microsoft

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2011-03-04 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-29 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-24 283200]
R1 FNETURPX;FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [2012-04-15 15936]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2011-03-04 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-11-04 637272]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-04-08 169584]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 ReallusionVirtualAudio;Reallusion Virtual Audio; C:\Windows\system32\DRIVERS\RLVrtAuCbl.sys [2007-03-19 49664]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-06-15 303616]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-06-15 35328]
S3 CisUtMonitor;CisUtMonitor; C:\Windows\system32\DRIVERS\CisUtMonitor.sys [2012-03-30 33360]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FNETTBOH_305;FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-04-15 31808]
S3 GGSAFERDriver;GGSAFER Driver; C:\Windows\system32\drivers\GGSAFERDriver.sys []
S3 PAC7311;Trust Webcam Live; C:\Windows\system32\DRIVERS\PA707UCM.SYS [2007-03-14 524800]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Rockusb;Driver for Rockusb Device; C:\Windows\system32\DRIVERS\rockusb.sys [2012-06-22 64752]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usj;usj; C:\Windows\system32\drivers\usj.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-28 63960]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 AVP;Kaspersky Anti-Virus Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2012-11-04 206448]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-02-21 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-02-21 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-02-21 296232]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-09-09 116104]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-03 1258856]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-19 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-10-02 743320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-12 72704]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]

-----------------EOF-----------------