Лог утилиты random's system information tool 1.09 (автор: random/random) Run by Александр at 2013-12-13 22:01:33 Microsoft Windows 7 Профессиональная Service Pack 1 Системный раздел C: размер 36 GB (24%) Свободно 150 GB Total RAM: 16289 MB (79% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:01:36, on 13.12.2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exe C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPrintWebAPIShell.exe C:\Program Files (x86)\Opera\opera.exe D:\Мои\Прогр\1 Вирусинфо\антивирусные утилиты\RSIT\RSIT.exe C:\Program Files (x86)\trend micro\Александр.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yambler.net/?im R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/7829 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll R3 - URLSearchHook: BrotherSoft Extreme3 Toolbar - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll O2 - BHO: BrotherSoft Extreme3 - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Html5 geolocation provider - {9BFBA68E-E21B-458E-AE12-FE85E903D2C0} - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5loc.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll O3 - Toolbar: BrotherSoft Extreme3 Toolbar - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll O4 - HKLM\..\Run: [PUStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe O4 - HKLM\..\Run: [RunPUTasktray] "C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe" --regkeypath=Software\Hewlett-Packard\HP Printer Utility\HPPURun --valuename=InstallTTM O4 - HKLM\..\Run: [Heleni Uploader] C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HeleniProxyUI.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe" O4 - HKCU\..\Run: [MAgent] C:\Users\Александр\AppData\Roaming\Mail.Ru\Agent\magent.exe -CU O4 - HKCU\..\Run: [Google Update] "C:\Users\Александр\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Punto Switcher.lnk = C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe O4 - Global Startup: AutorunsDisabled O8 - Extra context menu item: &Отправить в OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Загрузить с помощью &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll O9 - Extra button: Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Виртуальная клавиатура - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe O9 - Extra button: &Связанные заметки OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Связанные заметки OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Проверка ссы&лок - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll O9 - Extra button: Показать или скрыть HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Александр\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU) O9 - Extra 'Tools' menuitem: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Александр\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.hp.com (HKLM) O17 - HKLM\System\CCS\Services\Tcpip\..\{02E64050-9470-49DF-842D-6502EE2443F0}: NameServer = 8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{02E64050-9470-49DF-842D-6502EE2443F0}: NameServer = 8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{02E64050-9470-49DF-842D-6502EE2443F0}: NameServer = 8.8.8.8 O18 - Protocol: HPPUDCS - {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll O18 - Protocol: hppufile - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll O18 - Protocol: hppusam - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll O18 - Protocol: hppuzip - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Kaspersky Anti-Virus Service Yandex-version (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe O23 - Service: Служба Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Сервис iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\D-Link\DWA-547 revA\jswpsapi.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 64-bit 64-bit (mi-raysat_3dsMax2009_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Сетевой вход в систему (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15469 bytes ======Папка назначеных зданий====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2528588098-1588919794-1766682866-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2528588098-1588919794-1766682866-1000UA.job =========Mozilla firefox========= ProfilePath - C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles\3uiqdmze.default "smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 "virtualKeyboard@kaspersky.ru"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=Плагин Детектора iTunes "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0] "Description"=DivX Web Player "Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0] "Description"=DivX® Player Plugin for VOD Content "Path"=C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Users\Александр\AppData\Roaming\Mozilla\Firefox\Profiles\3uiqdmze.default\extensions\ rambler_toolbar@rambler.ru ======Снимок реестра====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}] IE7Pro BHO - C:\Program Files (x86)\IEPro\iepro.dll [2010-06-02 777392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}] HistoryTriggerBHO Class - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-01-13 35688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll [2013-01-25 86896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62d40876-df18-411f-9d34-a9dd7a197bc5}] BrotherSoft Extreme3 Toolbar - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll [2011-05-09 176936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}] MailRuBHO Class - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll [2012-04-24 1590336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C0}] AlterGeoBHO Class - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5loc.dll [2012-08-10 310344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll [2013-01-25 230256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {09900DE8-1DCA-443F-9243-26FF581438AF} - Спутник@Mail.Ru - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll [2012-04-24 1590336] {62d40876-df18-411f-9d34-a9dd7a197bc5} - BrotherSoft Extreme3 Toolbar - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll [2011-05-09 176936] {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files (x86)\IEPro\IEProRecorder.dll [2010-06-02 662736] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PUStarter"=C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe [2012-07-17 73728] "RunPUTasktray"=C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe [2012-07-17 68608] "Heleni Uploader"=C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HeleniProxyUI.exe [2011-05-13 130560] ""= [] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [2013-01-25 202768] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LG LinkAir"= [] "MAgent"=C:\Users\Александр\AppData\Roaming\Mail.Ru\Agent\magent.exe [2013-11-01 31477280] "Google Update"=C:\Users\Александр\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17 116648] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup AutorunsDisabled C:\Users\Александр\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Punto Switcher.lnk - C:\Program Files (x86)\Yandex\Punto Switcher\punto.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\IEPro\MiniDM.exe"="C:\Program Files (x86)\IEPro\MiniDM.exe:*:Enabled:MiniDM" "C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe:*:Enabled:HP Printer Utility HPPURun" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe:*:Enabled:HP Printer Utility HPPURun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.DIVX"=DivX.dll "vidc.yv12"=DivX.dll "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv ======Ассоциации файлов====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======Список файлов и папок, созданных за последние 3 месяца====== 2013-12-13 22:01:33 ----D---- C:\rsit 2013-12-13 22:01:33 ----D---- C:\Program Files (x86)\trend micro 2013-12-13 19:20:22 ----D---- C:\SecurityCheck 2013-12-11 19:15:01 ----A---- C:\Windows\SysWOW64\wmploc.DLL 2013-12-11 19:15:01 ----A---- C:\Windows\SysWOW64\wmp.dll 2013-12-11 19:14:18 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2013-12-11 19:14:18 ----A---- C:\Windows\SysWOW64\jscript9diag.dll 2013-12-11 19:14:18 ----A---- C:\Windows\SysWOW64\ieui.dll 2013-12-11 19:14:18 ----A---- C:\Windows\SysWOW64\ieapfltr.dll 2013-12-11 19:14:17 ----A---- C:\Windows\SysWOW64\wininet.dll 2013-12-11 19:14:17 ----A---- C:\Windows\SysWOW64\urlmon.dll 2013-12-11 19:14:17 ----A---- C:\Windows\SysWOW64\iertutil.dll 2013-12-11 19:14:16 ----A---- C:\Windows\SysWOW64\mshtml.dll 2013-12-11 19:14:16 ----A---- C:\Windows\SysWOW64\jscript9.dll 2013-12-11 19:14:16 ----A---- C:\Windows\SysWOW64\ieframe.dll 2013-12-11 10:17:08 ----A---- C:\Windows\SysWOW64\msieftp.dll 2013-12-11 10:17:07 ----A---- C:\Windows\SysWOW64\WMPhoto.dll 2013-12-11 10:17:07 ----A---- C:\Windows\SysWOW64\tzres.dll 2013-12-11 10:17:07 ----A---- C:\Windows\SysWOW64\imagehlp.dll 2013-12-11 10:17:06 ----A---- C:\Windows\SysWOW64\wscript.exe 2013-12-11 10:17:06 ----A---- C:\Windows\SysWOW64\scrrun.dll 2013-12-11 10:17:06 ----A---- C:\Windows\SysWOW64\cscript.exe 2013-12-02 15:28:24 ----D---- C:\ProgramData\Kaspersky Lab 2013-12-02 15:28:24 ----D---- C:\Program Files (x86)\Kaspersky Lab 2013-11-29 12:24:16 ----A---- C:\vraylog.txt 2013-11-22 13:59:48 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-22 13:59:48 ----D---- C:\Program Files (x86)\iTunes 2013-11-22 13:30:09 ----AH---- C:\Windows\SysWOW64\mlfcache.dat 2013-11-22 13:03:47 ----D---- C:\Users\Александр\AppData\Roaming\Apple Computer 2013-11-22 13:03:05 ----D---- C:\ProgramData\Apple Computer 2013-11-22 13:02:49 ----D---- C:\Program Files (x86)\Apple Software Update 2013-11-22 13:02:41 ----D---- C:\Program Files (x86)\Bonjour 2013-11-22 13:02:38 ----D---- C:\ProgramData\Apple 2013-11-22 13:01:44 ----D---- C:\Windows\XSxS 2013-11-22 13:01:44 ----D---- C:\Windows\SysWOW64\winevt 2013-11-22 13:01:44 ----D---- C:\Windows\SysWOW64\SMI 2013-11-22 13:01:44 ----D---- C:\Program Files (x86)\Java 2013-11-22 13:01:44 ----D---- C:\Program Files (x86)\Common Files\Apple 2013-11-20 12:54:09 ----A---- C:\Windows\SysWOW64\elshyph.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\wextract.exe 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\webcheck.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\vbscript.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\url.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\pngfilt.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\occache.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\msrating.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\msls31.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\mshtmled.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\mshta.exe 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\msfeedssync.exe 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\licmgr10.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\jsIntl.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\jscript.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\inseng.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\imgutil.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\iexpress.exe 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\iesetup.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\iernonce.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\iepeers.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\iedkcs32.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\ieapfltr.dat 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\icardie.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\dxtrans.dll 2013-11-20 12:54:04 ----A---- C:\Windows\SysWOW64\dxtmsft.dll 2013-11-20 12:54:03 ----A---- C:\Windows\SysWOW64\mshtmler.dll 2013-11-20 12:54:03 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2013-11-18 15:22:38 ----D---- C:\ProgramData\Aktiv Co 2013-11-18 15:22:15 ----D---- C:\Program Files (x86)\Crypto Pro 2013-11-18 15:22:15 ----D---- C:\Program Files (x86)\Common Files\Crypto Pro 2013-11-13 10:20:24 ----A---- C:\Windows\SysWOW64\crypt32.dll 2013-11-13 10:20:22 ----A---- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 10:20:22 ----A---- C:\Windows\SysWOW64\credui.dll 2013-11-13 10:20:22 ----A---- C:\Windows\SysWOW64\authui.dll 2013-11-13 10:20:21 ----A---- C:\Windows\SysWOW64\sspicli.dll 2013-11-13 10:20:21 ----A---- C:\Windows\SysWOW64\secur32.dll 2013-11-13 10:20:21 ----A---- C:\Windows\SysWOW64\schannel.dll 2013-11-13 10:20:21 ----A---- C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 10:20:20 ----A---- C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 10:20:20 ----A---- C:\Windows\SysWOW64\gdi32.dll 2013-11-13 10:20:20 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-07 01:52:56 ----A---- C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfxexps32.dll 2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfxdv32.dll 2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfxcmrt32.dll 2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfxcmjit32.dll 2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfx11cmrt32.dll 2013-11-07 01:52:48 ----A---- C:\Windows\SysWOW64\igdumd32.dll 2013-11-07 01:52:42 ----A---- C:\Windows\SysWOW64\igdde32.dll 2013-11-07 01:52:40 ----A---- C:\Windows\SysWOW64\igd10umd32.dll 2013-11-07 01:52:36 ----A---- C:\Windows\SysWOW64\ig4icd32.dll 2013-10-30 14:44:21 ----D---- C:\Users\Александр\AppData\Roaming\TeamViewer 2013-10-30 11:37:59 ----D---- C:\Program Files (x86)\TeamViewer 2013-10-27 09:12:50 ----A---- C:\Windows\SysWOW64\nvumdshim.dll 2013-10-27 09:12:48 ----A---- C:\Windows\SysWOW64\nvopencl.dll 2013-10-27 09:12:46 ----A---- C:\Windows\SysWOW64\nvoglv32.dll 2013-10-27 09:12:46 ----A---- C:\Windows\SysWOW64\nvoglshim32.dll 2013-10-27 09:12:44 ----A---- C:\Windows\SysWOW64\NvIFR.dll 2013-10-27 09:12:42 ----A---- C:\Windows\SysWOW64\NvFBC.dll 2013-10-27 09:12:40 ----A---- C:\Windows\SysWOW64\nvcuvid.dll 2013-10-27 09:12:40 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-27 09:12:40 ----A---- C:\Windows\SysWOW64\nvcuda.dll 2013-10-27 09:12:28 ----A---- C:\Windows\SysWOW64\nvcompiler.dll 2013-10-27 09:12:28 ----A---- C:\Windows\SysWOW64\nvapi.dll 2013-10-23 14:17:18 ----A---- C:\ProgramData\Ament.ini 2013-10-23 14:16:02 ----HD---- C:\GrandeDevice 2013-10-23 03:02:36 ----A---- C:\Windows\SysWOW64\nvStreaming.exe 2013-10-09 10:54:45 ----A---- C:\Windows\SysWOW64\lpk.dll 2013-10-09 10:54:45 ----A---- C:\Windows\SysWOW64\fontsub.dll 2013-10-09 10:54:45 ----A---- C:\Windows\SysWOW64\dciman32.dll 2013-10-09 10:54:45 ----A---- C:\Windows\SysWOW64\comctl32.dll 2013-10-09 10:54:45 ----A---- C:\Windows\SysWOW64\atmlib.dll 2013-10-09 10:54:45 ----A---- C:\Windows\SysWOW64\atmfd.dll 2013-10-09 10:54:36 ----A---- C:\Windows\SysWOW64\WebClnt.dll 2013-10-09 10:54:36 ----A---- C:\Windows\SysWOW64\davclnt.dll 2013-10-09 10:54:35 ----A---- C:\Windows\SysWOW64\mswsock.dll 2013-10-09 10:54:34 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 10:54:33 ----A---- C:\Windows\SysWOW64\tdh.dll 2013-10-09 10:54:33 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 10:54:33 ----A---- C:\Windows\SysWOW64\ntdll.dll 2013-10-09 10:54:33 ----A---- C:\Windows\SysWOW64\advapi32.dll 2013-10-09 10:54:32 ----A---- C:\Windows\SysWOW64\wow32.dll 2013-10-09 10:54:32 ----A---- C:\Windows\SysWOW64\user.exe 2013-10-09 10:54:32 ----A---- C:\Windows\SysWOW64\setup16.exe 2013-10-09 10:54:32 ----A---- C:\Windows\SysWOW64\ntvdm64.dll 2013-10-09 10:54:32 ----A---- C:\Windows\SysWOW64\instnm.exe 2013-10-09 10:54:28 ----A---- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll ======Список файлов и папок, измененных за последние 3 месяца====== 2013-12-13 22:01:36 ----D---- C:\Windows\Prefetch 2013-12-13 22:01:34 ----D---- C:\Windows\Temp 2013-12-13 22:01:33 ----RD---- C:\Program Files (x86) 2013-12-13 21:55:23 ----D---- C:\Windows\SysWOW64\drivers 2013-12-13 21:35:06 ----D---- C:\Windows\System32 2013-12-13 21:35:06 ----D---- C:\Windows\inf 2013-12-13 21:30:44 ----D---- C:\ProgramData\NVIDIA 2013-12-12 13:36:42 ----D---- C:\Windows\rescache 2013-12-12 13:03:53 ----D---- C:\Windows\Minidump 2013-12-12 13:03:52 ----D---- C:\Windows 2013-12-12 10:09:13 ----D---- C:\Windows\winsxs 2013-12-12 10:07:11 ----D---- C:\Windows\SysWOW64 2013-12-12 10:07:11 ----D---- C:\Program Files (x86)\Windows Media Player 2013-12-12 10:07:10 ----D---- C:\Program Files (x86)\Internet Explorer 2013-12-12 10:07:09 ----D---- C:\Windows\SysWOW64\en-US 2013-12-12 10:07:08 ----D---- C:\Windows\SysWOW64\ru-RU 2013-12-11 19:14:53 ----SHD---- C:\Windows\Installer 2013-12-11 19:14:51 ----D---- C:\ProgramData\Microsoft Help 2013-12-11 19:13:41 ----SHD---- C:\System Volume Information 2013-12-11 13:25:28 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-12-03 19:49:32 ----D---- C:\Program Files (x86)\Yandex 2013-12-02 15:28:24 ----HD---- C:\ProgramData 2013-12-02 15:27:39 ----RD---- C:\Program Files 2013-11-29 12:10:34 ----D---- C:\Program Files (x86)\Техплан здания 2013-11-22 14:42:29 ----SD---- C:\Users\Александр\AppData\Roaming\Microsoft 2013-11-22 14:42:19 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI 2013-11-22 13:01:44 ----D---- C:\Program Files (x86)\Common Files 2013-11-22 12:49:17 ----RD---- C:\Users 2013-11-20 13:59:42 ----D---- C:\Windows\SysWOW64\migration 2013-11-20 13:59:42 ----D---- C:\Windows\PolicyDefinitions 2013-11-20 13:04:14 ----D---- C:\Windows\Microsoft.NET 2013-11-20 13:04:13 ----RSD---- C:\Windows\assembly 2013-11-20 12:56:16 ----D---- C:\Windows\Logs 2013-11-20 12:50:56 ----A---- C:\Windows\win.ini 2013-11-20 12:49:32 ----D---- C:\ProgramData\NVIDIA Corporation 2013-11-20 12:49:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2013-11-19 15:23:40 ----D---- C:\Users\Александр\AppData\Roaming\Mra 2013-11-18 15:22:16 ----D---- C:\Windows\SysWOW64\GroupPolicy 2013-11-15 18:15:04 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-11-15 18:15:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-15 13:59:02 ----RSD---- C:\Windows\Fonts 2013-11-05 14:43:11 ----D---- C:\Users\Александр\AppData\Roaming\Mail.Ru 2013-11-05 14:43:01 ----D---- C:\Program Files (x86)\Common Files\Adobe 2013-11-05 14:42:59 ----D---- C:\ProgramData\Adobe 2013-11-05 14:42:58 ----D---- C:\Program Files (x86)\Adobe 2013-11-01 11:03:47 ----D---- C:\ProgramData\Guard.Mail.Ru 2013-10-27 09:12:50 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll 2013-10-27 09:12:44 ----A---- C:\Windows\SysWOW64\nvinit.dll 2013-10-27 09:12:40 ----A---- C:\Windows\SysWOW64\nvd3dum.dll 2013-10-23 14:22:37 ----D---- C:\Users\Александр\AppData\Roaming\HpUpdate 2013-10-23 14:17:33 ----D---- C:\Program Files (x86)\HP 2013-10-23 14:17:21 ----D---- C:\ProgramData\HP 2013-10-15 16:48:42 ----A---- C:\Windows\hpntwksetup.ini 2013-10-10 10:02:03 ----D---- C:\Windows\AppPatch 2013-10-10 10:01:27 ----D---- C:\Program Files (x86)\Microsoft Silverlight ======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [] R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [] R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [] R0 mvs91xx;mvs91xx; C:\Windows\system32\DRIVERS\mvs91xx.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [] R1 CProCtrl;КриптоПро CSP драйвер; C:\Windows\system32\DRIVERS\CProCtrl.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2008-05-15 26624] R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [] R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [] R3 GrdKey;Guardant LPT Dongle Service; C:\Windows\system32\DRIVERS\grdkey.sys [] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 IntcDAud;Аудио Intel(R) для дисплеев; C:\Windows\system32\DRIVERS\IntcDAud.sys [] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [] R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [] R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [] R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [] R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] R3 RTIFDH;RTIFDH; C:\Windows\system32\DRIVERS\rtIFDH.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [] S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [] S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [] S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [] S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [] S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] S3 GrdUsb;Guardant USB Dongle Service; C:\Windows\system32\DRIVERS\grdusb.sys [] S3 MonitorFunction;Driver for Monitor; C:\Windows\system32\DRIVERS\TVMonitor.sys [] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [] S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2012-04-24 79360] R2 AVP;Kaspersky Anti-Virus Service Yandex-version; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [2013-01-25 202768] R2 Bonjour Service;Служба Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe [2013-11-01 6677536] R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [] R2 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [2008-03-10 65536] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496] R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992] R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-07-31 72704] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-24 1431888] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V [] S3 iPod Service;Сервис iPod; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352] S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files (x86)\D-Link\DWA-547 revA\jswpsapi.exe [2008-09-26 954368] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-31 117656] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------