Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by арбуз at 2014-01-13 22:23:37
Microsoft Windows 7 Домашняя базовая  Service Pack 1
Системный раздел C: размер 9 GB (4%) Свободно 201 GB
Total RAM: 6123 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:23:38, on 13.01.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\ProgramData\VKSaver\VKSaver.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
C:\Users\арбуз\AppData\Local\Yandex\Updater\praetorian.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
C:\Users\арбуз\AppData\Local\Mail.Ru\MailRuUpdater.exe
C:\Program Files (x86)\VuuPC\Connectivity.exe
C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files (x86)\VuuPC\remoteengine.exe
C:\Users\арбуз\AppData\Local\Screeny\Screeny.exe
C:\Users\арбуз\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe
C:\Users\арбуз\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Zaxar\ZaxarLoader.exe
C:\ProgramData\VKSaver\VKSaver.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Users\арбуз\AppData\Local\Temp\UsageTemp.exe
C:\Program Files (x86)\VLC Player GPU+\UsageLog.exe
C:\Program Files\Zaxar\ZaxarGameBrowser.exe
C:\Program Files (x86)\VLC Player GPU+\UsageMonitor.exe
C:\Program Files\Zaxar\JobExecutor.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\28.0.1500.9323\crash_service.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\арбуз\Desktop\AutoLogger.exe
C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe
C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe
C:\Users\арбуз\Desktop\AutoLogger\AVZ\avz.exe
C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\арбуз\Desktop\AutoLogger\RSIT\арбуз.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.yandex.ru/yandsearch?clid=135368&text=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yandex.ru/?clid=135368
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yandex.ru/?clid=135368
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yandex.ru/?clid=135368
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://yandex.ru/yandsearch?clid=135368
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPFEB862D0-84EB-4996-B288-CAE2A98D64A7&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.yandex.ru/?clid=135368
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.yandex.ru/?clid=135368
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Визуальные закладки - {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} - C:\Program Files (x86)\Yandex\FastDial\fastdial.dll
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll (file missing)
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O3 - Toolbar: KMPlayer Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: gtavicecity - {23DD83B5-BDDC-49CE-B77B-514819C6D551} - D:\GTA San Andreas\gtavicecity Toolbar\rubar.dll (file missing)
O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll (file missing)
O3 - Toolbar: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll
O4 - HKLM\..\Run: [VKSaver] C:\ProgramData\VKSaver\VKSaver.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [UsageTemp] "C:\Users\43BC~1\AppData\Local\Temp\UsageTemp.exe"
O4 - HKLM\..\Run: [UsageLoader] "C:\Program Files (x86)\VLC Player GPU+\UsageLog.exe"
O4 - HKCU\..\Run: [Praetorian] C:\Users\арбуз\AppData\Local\Yandex\Updater\praetorian.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [MailRuUpdater] C:\Users\арбуз\AppData\Local\Mail.Ru\MailRuUpdater.exe
O4 - HKCU\..\Run: [PSwitch] C:\Proxy Switcher Standard\ProxySwitcher.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [System Security Application] C:\Users\арбуз\AppData\Local\Temp\RarSFX0\files\chk_ext.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Screeny] C:\Users\арбуз\AppData\Local\Screeny\Screeny.exe
O4 - HKCU\..\Run: [GameCenterMailRu] "C:\Users\арбуз\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe" -autostart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\арбуз\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\арбуз\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe  --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --disable-ssl-false-start --disable-client-side-phishing-detection --disable-breadcrumbs-api --gaia-profile-info --disable-cloud-policy-on-signin --disable-sync-search-engines --disable-sync-tabs --disable-sync-themes --sync-try-ssltcp-first-for-xmpp --external-app-data=57c-c04a8 --restore-last-session -- http://go.microsoft.com/fwlink/?LinkId=123693
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Zaxar Games Browser.lnk = C:\Program Files\Zaxar\ZaxarLoader.exe
O4 - Global Startup: Schedule.lnk = ?
O4 - Global Startup: Zaxar Games Browser.lnk = C:\Program Files\Zaxar\ZaxarLoader.exe
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{DBD07E90-F127-4E6F-9DAC-75D2267306CC}: NameServer = 217.116.128.9 95.191.130.4
O18 - Protocol: rubar - {7A05BDCB-8F81-45C5-B9EC-3764E6FC1439} - D:\GTA San Andreas\gtavicecity Toolbar\rubar.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\movies~1\datamngr\mgrldr.dll c:\progra~3\wincert\win32c~1.dll C:\PROGRA~3\VKSaver\vksaver3.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ???»N??¶?±?° BonanzaDealsLive (bonanzadealslive) (bonanzadealslive) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: ???»N??¶?±?° BonanzaDealsLive (bonanzadealslivem) (bonanzadealslivem) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VuuPC RemoteEngine Service (RemoteEngineService) - ClickMeIn Limited - C:\Program Files (x86)\VuuPC\remoteengine.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Rubar Update Service - Unknown owner - D:\GTA San Andreas\gtavicecity Toolbar\RubarUpdateService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VuuPC Connectivity (VuuPCConnectivity) - ClickMeIn Limited - C:\Program Files (x86)\VuuPC\Connectivity.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14141 bytes

======Список процессов======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
taskeng.exe {0CF14B4A-6D5D-4964-97A5-0C5C4BD1B192}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\ProgramData\VKSaver\VKSaver.exe -autoupdate
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" -monitor 468
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe"
"C:\Users\арбуз\AppData\Local\Yandex\Updater\praetorian.exe" 
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Users\арбуз\AppData\Local\Mail.Ru\MailRuUpdater.exe" 
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\VuuPC\Connectivity.exe"
C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe"
"C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe"
"C:\Program Files (x86)\VuuPC\remoteengine.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\арбуз\AppData\Local\Screeny\Screeny.exe" 
"C:\Users\арбуз\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe" -autostart
"C:\Users\арбуз\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\арбуз\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
"C:\Program Files\Zaxar\ZaxarLoader.exe" /verysilent
"C:\ProgramData\VKSaver\VKSaver.exe" 
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" 
"C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" 
"C:\Users\арбуз\AppData\Local\Temp\UsageTemp.exe" 
"C:\Program Files (x86)\VLC Player GPU+\UsageLog.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
-s
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\VLC Player GPU+\UsageMonitor.exe" -o stratum+tcp://50.7.189.252:61760  -u consea.1 -p x --failover-only -o stratum+tcp://50.7.133.218:61760 -u blockblaster.backup -p x -I 13 --scrypt
\??\C:\Windows\system32\conhost.exe "1367758351699196742-1023396165-737716569-1576859635-907044787-191671896910159321
JobExecutor.exe 
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" 
crash_service.exe --max-reports=10
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --extension-process --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.0.1938931203\1323316725" /prefetch:673131151
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --extension-process --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.1.2126893784\1634432930" /prefetch:673131151
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/TrialInfoBarPanel/Disabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.2.424633436\1127669513" /prefetch:673131151
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/TrialInfoBarPanel/Disabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.3.868529906\1730513078" /prefetch:673131151
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/TrialInfoBarPanel/Disabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.4.33426922\1951425326" /prefetch:673131151
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/TrialInfoBarPanel/Disabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.5.1136474097\825117256" /prefetch:673131151
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/TrialInfoBarPanel/Disabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.6.306808927\568702443" /prefetch:673131151
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/TrialInfoBarPanel/Disabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.7.452672359\1378316683" /prefetch:673131151
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=plugin --plugin-path="C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\28.0.1500.9323\plugins\npswf32_11_8_800_168.dll" --lang=ru --channel="4936.8.926934236\1432094947" --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D /prefetch:-390060480
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --channel="4936.9.410387870\1003745807" --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x1002 --gpu-device-id=0x9640 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.881.0.0 --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\арбуз\Desktop\AutoLogger.exe" 
"C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe" /Helper
"C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe" /HelperHelper /Mux 256 /Map 244 /Req 248 /Resp 252 /MasterMux 260
"C:\Windows\system32\wuauclt.exe"
taskeng.exe {069DAF84-40C8-4D91-8BED-06072FC497AC}
"C:\Users\арбуз\Desktop\AutoLogger\AVZ\avz.exe" Script=AVZ\GeneralScript.txt HiddenMode=0
"C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --lang=ru --force-fieldtrials=PrerenderLoggedInPredictor/Enabled/TrialInfoBarPanel/Disabled/ --user-id=F93BD2FA-8731-4EC5-9953-E84DDA653C8D --disable-client-side-phishing-detection --renderer-print-preview --brand-id=yandex --help-url=http://help.yandex.ru/yabrowser/ --user-agent-info --disable-html-notifications --channel="4936.10.515039232\1293571102" /prefetch:673131151
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" http://forum.oszone.net
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6488 CREDAT:275457 /prefetch:2
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 
C:\Users\арбуз\Desktop\AutoLogger\RSIT\RSITx64.exe 
mgusb.exe  list
\??\C:\Windows\system32\conhost.exe "984935554-11259461876407009385718775107556763-21301300-328418075-963684631

======Папка назначеных зданий======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\APSnotifierCA.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll [2013-12-17 1918496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
KMPlayer Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414a-9456-AF95AC9ED7B5}]
Визуальные закладки - C:\Program Files (x86)\Yandex\FastDial\fastdial.dll [2013-01-24 1311000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ec2bae47-25af-4ce9-9e78-10627a49c9ea}]
Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}]
BonanzaDeals - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll [2013-08-21 100336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - KMPlayer Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432]
{23DD83B5-BDDC-49CE-B77B-514819C6D551} - gtavicecity - D:\GTA San Andreas\gtavicecity Toolbar\rubar.dll []
{ec2bae47-25af-4ce9-9e78-10627a49c9ea} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []
{09900DE8-1DCA-443F-9243-26FF581438AF} - Спутник@Mail.Ru - C:\Program Files (x86)\Mail.Ru\Sputnik\MailRuSputnik.dll [2013-12-17 1918496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Praetorian"=C:\Users\арбуз\AppData\Local\Yandex\Updater\praetorian.exe [2012-11-14 1618304]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20588192]
"MailRuUpdater"=C:\Users\арбуз\AppData\Local\Mail.Ru\MailRuUpdater.exe [2013-12-06 1731616]
"PSwitch"=C:\Proxy Switcher Standard\ProxySwitcher.exe [2013-07-16 5401148]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
"System Security Application"=C:\Users\арбуз\AppData\Local\Temp\RarSFX0\files\chk_ext.exe [2013-08-13 65536]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Screeny"=C:\Users\арбуз\AppData\Local\Screeny\Screeny.exe [2013-11-14 1174488]
"GameCenterMailRu"=C:\Users\арбуз\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe [2014-01-04 4541952]
"uTorrent"=C:\Users\арбуз\AppData\Roaming\uTorrent\uTorrent.exe [2013-12-26 1309016]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Users\арбуз\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2013-11-12 896816]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VKSaver"=C:\ProgramData\VKSaver\VKSaver.exe [2013-12-21 240128]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-04-30 1721480]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [2013-12-10 761024]
"UsageTemp"=C:\Users\43BC~1\AppData\Local\Temp\UsageTemp.exe [2014-01-13 1305824]
"UsageLoader"=C:\Program Files (x86)\VLC Player GPU+\UsageLog.exe [2014-01-14 1358560]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Schedule.lnk - C:\Users\арбуз\AppData\Local\Schedule\Schedule.exe
Zaxar Games Browser.lnk - C:\Program Files\Zaxar\ZaxarLoader.exe

C:\Users\арбуз\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Zaxar Games Browser.lnk - C:\Program Files\Zaxar\ZaxarLoader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 3 месяца======

2014-01-13 22:23:37 ----D---- C:\rsit
2014-01-13 21:16:49 ----A---- C:\Windows\SYSWOW64\drivers\uty2ndi0.sys
2014-01-13 20:55:33 ----A---- C:\ProgramData\ntuser.dat
2014-01-13 20:55:12 ----SHD---- C:\Config.Msi
2014-01-09 01:52:29 ----D---- C:\Program Files (x86)\VLC Player GPU+
2014-01-09 01:48:06 ----D---- C:\Program Files (x86)\SearchProtect
2014-01-09 01:46:42 ----D---- C:\ProgramData\BonanzaDealsLive
2014-01-09 01:46:42 ----D---- C:\Program Files (x86)\BonanzaDealsLive
2014-01-09 01:46:33 ----D---- C:\Program Files (x86)\VuuPC
2014-01-09 01:46:30 ----D---- C:\Program Files (x86)\BonanzaDeals
2014-01-01 15:34:09 ----D---- C:\Users\арбуз\AppData\Roaming\newnext.me
2014-01-01 15:33:25 ----D---- C:\Program Files (x86)\Mobogenie
2014-01-01 15:32:26 ----D---- C:\Users\арбуз\AppData\Roaming\HamsterSoft
2014-01-01 15:32:00 ----A---- C:\Windows\unins001.exe
2014-01-01 15:32:00 ----A---- C:\Windows\unins001.dat
2014-01-01 15:31:03 ----A---- C:\Windows\unins000.exe
2014-01-01 15:31:03 ----A---- C:\Windows\unins000.dat
2013-12-18 16:44:43 ----D---- C:\ProgramData\Package Cache
2013-12-18 13:24:52 ----D---- C:\Windows\54194F60988C4D03B922C2B00EFDA39A.TMP
2013-12-11 01:00:45 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-11 01:00:45 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-11 01:00:44 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-11 01:00:43 ----A---- C:\Windows\system32\wmp.dll
2013-12-10 12:02:58 ----A---- C:\Windows\system32\ieui.dll
2013-12-10 12:02:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 12:02:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-10 12:02:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-10 12:02:57 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-10 12:02:57 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-10 12:02:57 ----A---- C:\Windows\system32\iesetup.dll
2013-12-10 12:02:57 ----A---- C:\Windows\system32\iernonce.dll
2013-12-10 12:02:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-10 12:02:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-10 12:02:57 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-10 12:02:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-10 12:02:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-10 12:02:56 ----A---- C:\Windows\system32\mshtml.dll
2013-12-10 12:02:56 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-10 12:02:56 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-10 12:02:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-10 12:02:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-10 12:02:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-10 12:02:55 ----A---- C:\Windows\system32\wininet.dll
2013-12-10 12:02:55 ----A---- C:\Windows\system32\urlmon.dll
2013-12-10 12:02:55 ----A---- C:\Windows\system32\iertutil.dll
2013-12-10 12:02:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-10 12:02:54 ----A---- C:\Windows\system32\ieframe.dll
2013-12-10 12:02:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-10 12:02:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-10 12:02:52 ----A---- C:\Windows\system32\jscript9.dll
2013-12-10 07:18:59 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-10 07:18:59 ----A---- C:\Windows\system32\win32k.sys
2013-12-10 07:18:59 ----A---- C:\Windows\system32\msieftp.dll
2013-12-10 07:18:58 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-10 07:18:58 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-10 07:18:58 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-10 07:18:57 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-10 07:18:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-10 07:18:55 ----A---- C:\Windows\system32\tzres.dll
2013-12-10 07:18:52 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-10 07:18:52 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-10 07:18:52 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-10 07:18:52 ----A---- C:\Windows\system32\wscript.exe
2013-12-10 07:18:52 ----A---- C:\Windows\system32\scrrun.dll
2013-12-10 07:18:52 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-10 07:18:52 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-10 07:18:52 ----A---- C:\Windows\system32\cscript.exe
2013-12-09 19:51:08 ----D---- C:\Star Wars - Republic Commando
2013-12-09 18:53:13 ----A---- C:\del_bat.cmd
2013-11-30 20:40:48 ----D---- C:\Users\арбуз\AppData\Roaming\Mediahit
2013-11-30 20:40:47 ----D---- C:\Users\арбуз\AppData\Roaming\ZBrowser
2013-11-29 19:24:29 ----D---- C:\Users\арбуз\AppData\Roaming\Systweak
2013-11-29 19:24:27 ----A---- C:\Windows\system32\roboot64.exe
2013-11-25 09:37:15 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-25 09:33:50 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-25 09:33:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-25 09:33:47 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\wextract.exe
2013-11-25 09:33:47 ----A---- C:\Windows\system32\webcheck.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\vbscript.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\url.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-25 09:33:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-25 09:33:47 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\occache.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\msrating.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\msls31.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\mshta.exe
2013-11-25 09:33:47 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-25 09:33:47 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\jscript.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\inseng.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\imgutil.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\iexpress.exe
2013-11-25 09:33:47 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\iepeers.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-25 09:33:47 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\icardie.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\elshyph.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-25 09:33:47 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-21 21:21:07 ----D---- C:\Windows\Minidump
2013-11-15 12:31:01 ----D---- C:\Users\арбуз\AppData\Roaming\Awesomium
2013-11-15 09:06:30 ----ASH---- C:\pagefile.sys
2013-11-14 19:35:58 ----D---- C:\Users\арбуз\AppData\Roaming\ZZima
2013-11-14 19:35:58 ----D---- C:\Users\арбуз\AppData\Roaming\nloader
2013-11-14 19:35:58 ----D---- C:\ProgramData\nloader
2013-11-14 19:26:49 ----D---- C:\Program Files (x86)\AffectedZone
2013-11-12 10:34:43 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-12 10:34:43 ----A---- C:\Windows\system32\crypt32.dll
2013-11-12 10:34:41 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-12 10:34:40 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-12 10:34:40 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-12 10:34:40 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-12 10:34:40 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 10:34:40 ----A---- C:\Windows\system32\credui.dll
2013-11-12 10:34:40 ----A---- C:\Windows\system32\authui.dll
2013-11-12 10:34:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-12 10:34:36 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-12 10:34:36 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-12 10:34:36 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-12 10:34:36 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-12 10:34:36 ----A---- C:\Windows\system32\sspicli.dll
2013-11-12 10:34:36 ----A---- C:\Windows\system32\secur32.dll
2013-11-12 10:34:36 ----A---- C:\Windows\system32\schannel.dll
2013-11-12 10:34:36 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-12 10:34:36 ----A---- C:\Windows\system32\lsass.exe
2013-11-12 10:34:36 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-12 10:34:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-12 10:34:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-12 10:34:36 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-12 10:34:33 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-12 10:34:33 ----A---- C:\Windows\system32\gdi32.dll
2013-11-12 10:34:32 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-12 10:34:32 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-12 10:34:32 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-12 10:34:32 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-12 10:34:32 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-07 14:36:28 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-11-06 17:02:41 ----A---- C:\Windows\SYSWOW64\Vb5db.dll
2013-11-06 17:02:41 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msxml4r.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msxml4a.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcr71d.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcr70d.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\Msvcr70.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcp71d.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcp70d.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\Msvcp70.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\Msvcp60d.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcp50.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvcm80.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvci70d.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvci70.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\msvbvm50.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\MFC71u.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\mfc70u.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\mfc70.dll
2013-11-06 17:02:40 ----A---- C:\Windows\SYSWOW64\eax.dll
2013-11-06 17:02:39 ----A---- C:\Windows\SYSWOW64\Cc3250mt.dll
2013-11-06 17:02:39 ----A---- C:\Windows\SYSWOW64\Borlndmm.dll
2013-11-06 17:02:38 ----A---- C:\Windows\SYSWOW64\xmltok.dll
2013-11-06 17:02:38 ----A---- C:\Windows\SYSWOW64\xmlparse.dll
2013-11-06 17:02:38 ----A---- C:\Windows\SYSWOW64\xmlinst.exe
2013-11-06 17:02:38 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2013-11-06 17:02:38 ----A---- C:\Windows\SYSWOW64\vp6vfw.dll
2013-11-06 17:02:38 ----A---- C:\Windows\SYSWOW64\vp6install.exe
2013-10-30 20:54:06 ----D---- C:\Program Files (x86)\NVIDIA Corporation

======Список файлов и папок, измененных за последние 3 месяца======

2014-01-13 22:23:37 ----D---- C:\Windows\Temp
2014-01-13 22:22:23 ----D---- C:\Users\арбуз\AppData\Roaming\uTorrent
2014-01-13 22:21:04 ----D---- C:\ProgramData\Datamngr
2014-01-13 22:18:14 ----D---- C:\Users\арбуз\AppData\Roaming\Skype
2014-01-13 22:14:37 ----D---- C:\Windows\system32\config
2014-01-13 21:46:03 ----A---- C:\Windows\system.ini
2014-01-13 21:31:09 ----D---- C:\Windows\system32\NDF
2014-01-13 21:16:49 ----D---- C:\Windows\SYSWOW64\drivers
2014-01-13 20:57:30 ----SHD---- C:\System Volume Information
2014-01-13 20:56:27 ----SHD---- C:\Windows\Installer
2014-01-13 20:56:14 ----RD---- C:\Program Files (x86)
2014-01-13 20:56:14 ----D---- C:\ProgramData\Kaspersky Lab
2014-01-13 20:56:00 ----D---- C:\Windows\SysWOW64
2014-01-13 20:55:58 ----D---- C:\Windows
2014-01-13 20:55:47 ----D---- C:\Windows\system32\DriverStore
2014-01-13 20:55:47 ----D---- C:\Windows\system32\drivers
2014-01-13 20:55:47 ----D---- C:\Windows\system32\catroot
2014-01-13 20:55:47 ----D---- C:\Windows\System32
2014-01-13 20:55:47 ----D---- C:\Windows\inf
2014-01-13 20:55:39 ----HD---- C:\ProgramData
2014-01-13 20:55:38 ----DC---- C:\Windows\system32\DRVSTORE
2014-01-13 16:36:53 ----D---- C:\Program Files\Zaxar
2014-01-09 22:55:18 ----D---- C:\Users\арбуз\AppData\Roaming\AIMP3
2014-01-09 02:19:18 ----D---- C:\Windows\system32\Tasks
2014-01-09 02:19:17 ----D---- C:\Windows\Tasks
2014-01-09 01:51:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-01-06 14:03:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-01 15:30:38 ----D---- C:\Windows\Prefetch
2014-01-01 15:30:37 ----D---- C:\Users\арбуз\AppData\Roaming\OpenCandy
2014-01-01 15:09:14 ----D---- C:\Program Files (x86)\RaidCall
2013-12-29 11:58:45 ----D---- C:\твоя
2013-12-27 22:19:44 ----D---- C:\ProgramData\VKSaver
2013-12-20 13:26:58 ----D---- C:\Windows\system32\catroot2
2013-12-18 13:26:19 ----RSD---- C:\Windows\assembly
2013-12-18 13:24:47 ----D---- C:\Program Files (x86)\Common Files
2013-12-17 18:28:03 ----D---- C:\Windows\system32\drivers\etc
2013-12-13 12:40:44 ----D---- C:\Windows\winsxs
2013-12-12 00:45:09 ----D---- C:\Windows\rescache
2013-12-11 01:00:51 ----D---- C:\Program Files\Windows Media Player
2013-12-11 01:00:51 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-10 14:10:02 ----D---- C:\Program Files\Internet Explorer
2013-12-10 14:10:02 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-10 14:09:59 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-12-10 14:09:59 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-10 14:09:59 ----D---- C:\Windows\system32\ru-RU
2013-12-10 14:09:59 ----D---- C:\Windows\system32\en-US
2013-12-09 19:39:13 ----D---- C:\Users\арбуз\AppData\Roaming\Ubisoft
2013-12-09 19:16:49 ----D---- C:\Program Files (x86)\Mail.Ru
2013-11-25 13:45:09 ----D---- C:\ProgramData\Skype
2013-11-25 13:45:06 ----RD---- C:\Program Files (x86)\Skype
2013-11-25 13:43:18 ----D---- C:\Windows\SYSWOW64\migration
2013-11-25 13:43:16 ----D---- C:\Windows\system32\migration
2013-11-25 13:43:16 ----D---- C:\Windows\PolicyDefinitions
2013-11-25 09:37:15 ----D---- C:\Windows\Logs
2013-11-21 21:19:12 ----D---- C:\Windows\LiveKernelReports
2013-11-19 19:30:42 ----SD---- C:\Users\арбуз\AppData\Roaming\Microsoft
2013-11-19 03:33:38 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-15 19:37:44 ----D---- C:\Fraps
2013-11-14 19:54:24 ----D---- C:\Windows\SYSWOW64\directx
2013-10-31 14:50:10 ----D---- C:\ProgramData\Guard.Mail.Ru

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-08-08 564824]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-09 283064]
R1 TICAPDRV;Traffic Inspector Filter (NDIS 6.0 rev.194); C:\Windows\system32\DRIVERS\ticap.sys [2013-05-27 268480]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 32544]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 9980416]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-29 309248]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 a0jefq4e;a0jefq4e; C:\Windows\system32\drivers\a0jefq4e.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 48416]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Драйвер USB-сканера; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 uty2ndi0;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\uty2ndi0.sys []
S3 X6va012;X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 []
S3 X6va016;X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 []

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-29 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 361984]
R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2013-12-16 2251552]
R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2013-09-24 3419136]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 RemoteEngineService;VuuPC RemoteEngine Service; C:\Program Files (x86)\VuuPC\remoteengine.exe [2014-01-05 2967568]
R2 VuuPCConnectivity;VuuPC Connectivity; C:\Program Files (x86)\VuuPC\Connectivity.exe [2014-01-05 4747280]
S2 bonanzadealslive;Ð¡Ð»ÑƒÐ¶Ð±Ð° BonanzaDealsLive (bonanzadealslive); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2014-01-09 148976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22 136176]
S2 Rubar Update Service;Rubar Update Service; D:\GTA San Andreas\gtavicecity Toolbar\RubarUpdateService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-09 257416]
S3 bonanzadealslivem;Ð¡Ð»ÑƒÐ¶Ð±Ð° BonanzaDealsLive (bonanzadealslivem); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2014-01-09 148976]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------