﻿Лог утилиты random's system information tool 1.12(автор: random/random)
Run by Мария at 2016-01-25 12:16:08
Microsoft Windows 7 Максимальная  Service Pack 1
Системный раздел C: размер 11 GB (26%) Свободно 40 GB
Total RAM: 2047 MB (30% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:24, on 25.01.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe
C:\Program Files\DrWeb\dwservice.exe
C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\svchost.exe
C:\Users\Мария\Pictures\AutoLogger\AVZ\avz.exe
C:\Program Files\DrWeb\spideragent.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe
C:\Windows\System32\GWX\GWXUX.exe
C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
C:\Program Files\DrWeb\frwl_svc.exe
C:\Program Files\DrWeb\dwnetfilter.exe
C:\Program Files\DrWeb\frwl_notify.exe
C:\Program Files\DrWeb\SpiderAgent_Adm.exe
C:\Program Files\DrWeb\spideragent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Мария\Pictures\AutoLogger\RSIT\RSIT.exe
C:\Users\Мария\Pictures\AutoLogger\RSIT\Мария_RSIT.exe
C:\Program Files\Common Files\Doctor Web\Updater\drwupsrv.exe
C:\Windows\system32\conhost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?win=190&clid=2169154
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Визуальные закладки - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - C:\Program Files\Yandex\FastDial\fastdialhost.dll (file missing)
O3 - Toolbar: Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll (file missing)
O4 - HKLM\..\Run: [SpIDerAgent] "C:\Program Files\DrWeb\spideragent.exe"
O4 - HKLM\..\Run: [VKSaver] C:\ProgramData\VKSaver\VKSaver.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Dr.Web Control Service (DrWebAVService) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwservice.exe
O23 - Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) - Doctor Web, Ltd. - C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
O23 - Service: Dr.Web Firewall Service (DrWebFwSvc) - Doctor Web, Ltd. - C:\Program Files\DrWeb\frwl_svc.exe
O23 - Service: Dr.Web Net Filtering Service (DrWebNetFilter) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwnetfilter.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Unknown owner - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7283 bytes

======Папка назначеных зданий======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\{04403BA2-9EF3-43D1-916B-7FBB037A9A8F} - C:\Program Files\Activision\Shrek 2\System\Game.exe 
C:\Windows\system32\tasks\{389B805C-2867-4FC6-8AB8-2F16F4957CB8} - C:\Windows\system32\pcalua.exe -a D:\вид\RTSUVCUninst.exe -d D:\вид
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1818422451-4155555473-1155361123-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" 
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-5d - %windir%\system32\GWX\GWX.exe /event:7
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d - %windir%\system32\GWX\GWX.exe /event:8
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d - %windir%\system32\GWX\GWX.exe /event:6
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d - %windir%\system32\GWX\GWX.exe /event:9
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d - %windir%\system32\GWX\GWX.exe /event:10
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs 
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe 
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent 
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe 
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe 
C:\Windows\system32\tasks\Doctor Web\Dr.Web Daily scan - C:\Program Files\DrWeb\dwscanner.exe /full

=========Google Chrome=========

C:\Users\Мария\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek   
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Документы Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf   
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo   
Extension cncgohepihcekklokhbhiblhfcmipbdh 2 Поиск  Яндексa 1.0.10
Extension coobgpohoikkiipiblmjeljniedjpjpf   
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap   
Extension gehngeifmelphpllncobkmimphfkckne 0 Стартовая — Яндекс 1.2.0
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi   
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.31
Extension mdeldjolamfbcgnndjmjjiinnhbnbnla 2 Поиск и стартовая  – Яндекс 1.0.3
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.1.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 0.1.2.0
Extension pchfckkccldkbclgdepkaonamkignanh 0 Визуальные закладки 2.24.2
Extension pjkljhegncpnkpknbcohdijeoejaedia   
Homepage: 
default_search_provider.search_url: 
C:\Users\Мария\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cncgohepihcekklokhbhiblhfcmipbdh]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gehngeifmelphpllncobkmimphfkckne]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla]
"Path"=


======Снимок реестра======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]
Визуальные закладки - C:\Program Files\Yandex\FastDial\fastdialhost.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Элементы Яндекса - C:\Program Files\Yandex\Elements\bartabhost.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpIDerAgent"=C:\Program Files\DrWeb\spideragent.exe [2016-01-25 16020680]
"VKSaver"=C:\ProgramData\VKSaver\VKSaver.exe []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-12-11 30877280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Мария\AppData\Roaming\uTorrent\uTorrent.exe [2015-11-26 2026520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zona]
C:\Program Files\Zona\Zona.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PlutoTV.lnk]
C:\Program Files\Pluto TV\PlutoTV.exe  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DrWebEngine]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\47.0.2526.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 3 месяца======

2016-01-25 12:03:00 ----A---- C:\Windows\system32\drivers\utmyotg5.sys
2016-01-24 11:40:01 ----HD---- C:\DrWeb Archive
2016-01-24 01:03:49 ----A---- C:\Windows\ntbtlog.txt
2016-01-17 18:29:48 ----D---- C:\Windows\rescache
2016-01-17 12:37:50 ----D---- C:\Windows\pss
2016-01-13 20:18:26 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-01-13 20:18:26 ----A---- C:\Windows\system32\kerberos.dll
2016-01-13 20:18:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-13 20:18:22 ----A---- C:\Windows\system32\schannel.dll
2016-01-13 20:18:21 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-13 20:18:21 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-13 20:18:20 ----A---- C:\Windows\system32\wdigest.dll
2016-01-13 20:18:20 ----A---- C:\Windows\system32\ntdll.dll
2016-01-13 20:18:20 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-13 20:18:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-13 20:18:20 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-01-13 20:18:19 ----A---- C:\Windows\system32\sspicli.dll
2016-01-13 20:18:19 ----A---- C:\Windows\system32\secur32.dll
2016-01-13 20:18:19 ----A---- C:\Windows\system32\rpchttp.dll
2016-01-13 20:18:19 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-13 20:18:19 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-01-13 20:18:19 ----A---- C:\Windows\system32\cryptbase.dll
2016-01-13 20:18:19 ----A---- C:\Windows\system32\credssp.dll
2016-01-13 20:18:19 ----A---- C:\Windows\system32\appidsvc.dll
2016-01-13 20:18:19 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-01-13 20:18:19 ----A---- C:\Windows\system32\appidapi.dll
2016-01-13 20:18:18 ----A---- C:\Windows\system32\TSpkg.dll
2016-01-13 20:18:18 ----A---- C:\Windows\system32\smss.exe
2016-01-13 20:18:18 ----A---- C:\Windows\system32\lsass.exe
2016-01-13 20:18:18 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-13 20:18:18 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-13 20:18:17 ----A---- C:\Windows\system32\sspisrv.dll
2016-01-13 20:18:17 ----A---- C:\Windows\system32\srcore.dll
2016-01-13 20:18:17 ----A---- C:\Windows\system32\srclient.dll
2016-01-13 20:18:17 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-13 20:18:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-01-13 20:18:17 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-13 20:18:17 ----A---- C:\Windows\system32\apisetschema.dll
2016-01-13 20:18:16 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-01-13 20:18:16 ----A---- C:\Windows\system32\rstrui.exe
2016-01-13 20:18:16 ----A---- C:\Windows\system32\auditpol.exe
2016-01-13 20:18:15 ----A---- C:\Windows\system32\msaudite.dll
2016-01-13 20:18:15 ----A---- C:\Windows\system32\adtschema.dll
2016-01-13 20:18:14 ----A---- C:\Windows\system32\msobjs.dll
2016-01-13 20:16:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 20:16:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-01-13 20:16:56 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-01-13 20:16:55 ----A---- C:\Windows\system32\ie4uinit.exe
2016-01-13 20:16:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 20:16:54 ----A---- C:\Windows\system32\iernonce.dll
2016-01-13 20:16:53 ----A---- C:\Windows\system32\urlmon.dll
2016-01-13 20:16:53 ----A---- C:\Windows\system32\occache.dll
2016-01-13 20:16:53 ----A---- C:\Windows\system32\iedkcs32.dll
2016-01-13 20:16:52 ----A---- C:\Windows\system32\jsproxy.dll
2016-01-13 20:16:52 ----A---- C:\Windows\system32\ieUnatt.exe
2016-01-13 20:16:51 ----A---- C:\Windows\system32\jscript9diag.dll
2016-01-13 20:16:51 ----A---- C:\Windows\system32\ieapfltr.dll
2016-01-13 20:16:51 ----A---- C:\Windows\system32\dxtmsft.dll
2016-01-13 20:16:50 ----A---- C:\Windows\system32\msfeeds.dll
2016-01-13 20:16:48 ----A---- C:\Windows\system32\webcheck.dll
2016-01-13 20:16:48 ----A---- C:\Windows\system32\msrating.dll
2016-01-13 20:16:47 ----A---- C:\Windows\system32\wininet.dll
2016-01-13 20:16:47 ----A---- C:\Windows\system32\iesetup.dll
2016-01-13 20:16:47 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 20:16:44 ----A---- C:\Windows\system32\dxtrans.dll
2016-01-13 20:16:42 ----A---- C:\Windows\system32\ieui.dll
2016-01-13 20:16:42 ----A---- C:\Windows\system32\ieframe.dll
2016-01-13 20:16:38 ----A---- C:\Windows\system32\mshtmled.dll
2016-01-13 20:16:37 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-01-13 20:16:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-01-13 20:16:33 ----A---- C:\Windows\system32\iertutil.dll
2016-01-13 20:16:30 ----A---- C:\Windows\system32\mshtml.dll
2016-01-13 20:16:24 ----A---- C:\Windows\system32\jscript9.dll
2016-01-13 20:16:19 ----A---- C:\Windows\system32\jscript.dll
2016-01-13 20:16:18 ----A---- C:\Windows\system32\vbscript.dll
2016-01-13 20:14:00 ----A---- C:\Windows\system32\advapi32.dll
2016-01-13 20:13:49 ----A---- C:\Windows\system32\invagent.dll
2016-01-13 20:13:49 ----A---- C:\Windows\system32\generaltel.dll
2016-01-13 20:13:49 ----A---- C:\Windows\system32\appraiser.dll
2016-01-13 20:13:48 ----A---- C:\Windows\system32\devinv.dll
2016-01-13 20:13:48 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-13 20:13:48 ----A---- C:\Windows\system32\acmigration.dll
2016-01-13 20:13:39 ----A---- C:\Windows\system32\aepic.dll
2016-01-13 20:13:39 ----A---- C:\Windows\system32\aeinv.dll
2016-01-13 20:10:16 ----A---- C:\Windows\system32\gdi32.dll
2016-01-13 20:09:52 ----A---- C:\Windows\system32\qedit.dll
2016-01-13 20:09:42 ----A---- C:\Windows\system32\win32k.sys
2016-01-13 20:09:36 ----A---- C:\Windows\system32\mapistub.dll
2016-01-13 20:09:36 ----A---- C:\Windows\system32\mapi32.dll
2016-01-13 20:09:35 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-13 20:09:17 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-13 20:09:17 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-13 20:09:16 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-13 20:09:16 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 20:09:16 ----A---- C:\Windows\system32\mf.dll
2016-01-13 20:09:15 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 20:09:14 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-13 20:09:14 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-13 20:09:14 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-13 20:09:14 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-13 20:09:13 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-13 20:09:13 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-13 20:09:13 ----A---- C:\Windows\system32\mcmde.dll
2016-01-13 20:09:13 ----A---- C:\Windows\system32\evr.dll
2016-01-13 20:09:12 ----A---- C:\Windows\system32\quartz.dll
2016-01-13 20:09:12 ----A---- C:\Windows\system32\devenum.dll
2016-01-13 20:09:11 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-13 20:09:11 ----A---- C:\Windows\system32\qdvd.dll
2016-01-13 20:09:11 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-13 20:09:11 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 20:09:11 ----A---- C:\Windows\system32\mfplat.dll
2016-01-13 20:09:10 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 20:09:10 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 20:09:10 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-13 20:09:09 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 20:09:09 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-13 20:09:09 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-13 20:09:09 ----A---- C:\Windows\system32\qasf.dll
2016-01-13 20:09:08 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 20:09:08 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-13 20:09:08 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-13 20:09:07 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-13 20:09:07 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-13 20:09:07 ----A---- C:\Windows\system32\mfps.dll
2016-01-13 20:09:07 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-13 20:09:07 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-13 20:09:06 ----A---- C:\Windows\system32\mferror.dll
2016-01-13 20:09:06 ----A---- C:\Windows\system32\ksuser.dll
2016-01-13 20:09:06 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-13 20:09:06 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-01-10 10:13:06 ----ASH---- C:\pagefile.sys
2016-01-06 18:19:37 ----D---- C:\Users\Мария\AppData\Roaming\Adobe
2016-01-06 18:15:11 ----D---- C:\Program Files\WinDirStat
2016-01-06 17:30:33 ----SHD---- C:\DrWeb Quarantine
2016-01-06 17:11:04 ----D---- C:\Users\Мария\AppData\Roaming\WinRAR
2016-01-06 11:30:50 ----A---- C:\Windows\system32\drivers\dwprot.sys
2016-01-06 11:30:47 ----A---- C:\Windows\system32\drivers\DrWebLwf.sys
2016-01-06 11:30:43 ----A---- C:\Windows\system32\drivers\dw_wfp.sys
2016-01-06 11:30:39 ----A---- C:\Windows\system32\drivers\dwdg.sys
2016-01-06 11:30:32 ----A---- C:\Windows\system32\drivers\spiderg3.sys
2016-01-06 11:29:25 ----D---- C:\Program Files\Common Files\Doctor Web
2016-01-06 11:28:35 ----D---- C:\Program Files\DrWeb
2016-01-06 11:27:03 ----D---- C:\ProgramData\Doctor Web
2016-01-05 14:27:06 ----D---- C:\Users\Мария\AppData\Roaming\Skype
2015-12-29 12:25:10 ----D---- C:\Program Files\Common Files\DESIGNER
2015-12-26 08:21:19 ----D---- C:\Program Files\Common Files\Skype
2015-12-18 11:14:50 ----D---- C:\Program Files\UltraISO
2015-12-18 11:14:50 ----D---- C:\Program Files\Common Files\EZB Systems
2015-12-18 11:08:34 ----D---- C:\Program Files\DAEMON Tools Lite
2015-12-18 11:08:19 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-12-13 05:30:24 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-12-13 05:30:23 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-12-13 05:30:23 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-12-09 20:33:42 ----A---- C:\Windows\system32\user32.dll
2015-12-09 20:33:42 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 20:33:42 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 20:33:38 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 20:33:38 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-09 20:32:40 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 20:32:30 ----A---- C:\Windows\system32\wuaueng.dll
2015-12-09 20:32:30 ----A---- C:\Windows\system32\wuapi.dll
2015-12-09 20:32:29 ----A---- C:\Windows\system32\wuwebv.dll
2015-12-09 20:32:29 ----A---- C:\Windows\system32\wups2.dll
2015-12-09 20:32:29 ----A---- C:\Windows\system32\wups.dll
2015-12-09 20:32:29 ----A---- C:\Windows\system32\wudriver.dll
2015-12-09 20:32:29 ----A---- C:\Windows\system32\wucltux.dll
2015-12-09 20:32:29 ----A---- C:\Windows\system32\wuauclt.exe
2015-12-09 20:32:29 ----A---- C:\Windows\system32\wuapp.exe
2015-12-09 20:32:29 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 20:32:29 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-12-09 20:32:26 ----A---- C:\Windows\system32\usp10.dll
2015-12-09 20:32:14 ----A---- C:\Windows\system32\nlsbres.dll
2015-12-09 20:32:14 ----A---- C:\Windows\system32\kbdgeoqw.dll
2015-12-09 20:32:14 ----A---- C:\Windows\system32\KBDAZEL.DLL
2015-12-09 20:32:14 ----A---- C:\Windows\system32\KBDAZE.DLL
2015-12-09 20:32:06 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 20:32:06 ----A---- C:\Windows\system32\els.dll
2015-12-09 20:32:06 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-02 19:03:29 ----D---- C:\Windows\Minidump
2015-11-28 23:21:47 ----D---- C:\Program Files\WinDjView
2015-11-26 22:23:26 ----D---- C:\Users\Мария\AppData\Roaming\vlc
2015-11-26 22:22:08 ----D---- C:\Program Files\VideoLAN
2015-11-26 08:37:57 ----D---- C:\Users\Мария\AppData\Roaming\uTorrent
2015-11-20 11:15:23 ----D---- C:\Program Files\WinRAR
2015-11-20 07:49:31 ----D---- C:\Program Files\Google
2015-11-11 08:20:05 ----A---- C:\Windows\system32\apphelp.dll
2015-11-11 08:20:04 ----A---- C:\Windows\system32\shimeng.dll
2015-11-11 08:20:04 ----A---- C:\Windows\system32\sdbinst.exe
2015-11-11 08:20:04 ----A---- C:\Windows\system32\aelupsvc.dll
2015-11-11 08:19:43 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 08:19:43 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 08:18:51 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-11 08:18:17 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-11 08:18:17 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:17:03 ----A---- C:\Windows\system32\InkEd.dll
2015-11-11 08:17:02 ----A---- C:\Windows\system32\jnwmon.dll

======Список файлов и папок, измененных за последние 3 месяца======

2016-01-25 12:16:59 ----D---- C:\Windows\Temp
2016-01-25 12:16:23 ----D---- C:\Windows\Prefetch
2016-01-25 12:15:10 ----D---- C:\Windows\system32\config
2016-01-25 12:05:04 ----D---- C:\Windows\system32\drivers
2016-01-25 11:40:32 ----SHD---- C:\System Volume Information
2016-01-24 12:32:32 ----D---- C:\Windows\system32\NDF
2016-01-24 11:37:12 ----SD---- C:\Users\Мария\AppData\Roaming\Microsoft
2016-01-24 11:37:12 ----SD---- C:\ProgramData\Microsoft
2016-01-24 01:03:49 ----D---- C:\Windows
2016-01-23 13:48:35 ----SHD---- C:\Windows\Installer
2016-01-23 13:48:30 ----RD---- C:\Program Files\Skype
2016-01-14 12:34:44 ----D---- C:\Windows\System32
2016-01-14 12:34:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-14 12:34:43 ----D---- C:\Windows\inf
2016-01-14 12:25:55 ----D---- C:\Windows\winsxs
2016-01-14 12:23:47 ----D---- C:\Program Files\Internet Explorer
2016-01-14 12:23:46 ----D---- C:\Windows\system32\ru-RU
2016-01-14 12:23:46 ----D---- C:\Windows\system32\en-US
2016-01-14 12:23:45 ----SD---- C:\Windows\system32\CompatTel
2016-01-14 12:23:44 ----D---- C:\Windows\system32\appraiser
2016-01-14 12:23:44 ----D---- C:\Windows\AppPatch
2016-01-14 12:23:32 ----D---- C:\Windows\system32\DriverStore
2016-01-14 03:15:55 ----D---- C:\ProgramData\Microsoft Help
2016-01-14 03:14:54 ----RD---- C:\Users
2016-01-13 20:07:03 ----D---- C:\Windows\system32\catroot2
2016-01-12 11:22:58 ----D---- C:\Windows\system32\wdi
2016-01-06 20:11:25 ----HD---- C:\ProgramData
2016-01-06 20:09:58 ----RD---- C:\Program Files
2016-01-06 20:02:03 ----D---- C:\Program Files\MSXML 4.0
2016-01-06 20:00:49 ----D---- C:\Program Files\Common Files\System
2016-01-06 20:00:49 ----D---- C:\Program Files\Common Files\Services
2016-01-06 20:00:49 ----D---- C:\Program Files\Common Files\microsoft shared
2016-01-06 20:00:49 ----D---- C:\Program Files\Common Files
2016-01-06 20:00:48 ----D---- C:\Program Files\Common Files\InstallShield
2016-01-06 19:10:28 ----D---- C:\Users\Мария\AppData\Roaming\Yandex
2016-01-06 19:10:11 ----D---- C:\Users\Мария\AppData\Roaming\Origin
2016-01-06 19:10:10 ----D---- C:\Users\Мария\AppData\Roaming\Opera Software
2016-01-06 19:09:56 ----D---- C:\Users\Мария\AppData\Roaming\Macromedia
2016-01-06 19:09:56 ----D---- C:\Users\Мария\AppData\Roaming\Identities
2016-01-06 18:01:19 ----D---- C:\ProgramData\MegaFon
2016-01-06 17:59:58 ----D---- C:\ProgramData\DatacardService
2016-01-06 11:39:06 ----D---- C:\Windows\system32\Tasks
2016-01-03 18:59:31 ----D---- C:\ProgramData\Skype
2016-01-01 16:29:16 ----D---- C:\Windows\system32\drivers\UMDF
2015-12-30 10:59:18 ----RSD---- C:\Windows\Fonts
2015-12-29 12:22:09 ----A---- C:\Windows\win.ini
2015-12-29 12:21:03 ----D---- C:\Program Files\MSBuild
2015-12-29 11:38:46 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-12-25 10:20:38 ----D---- C:\Windows\Microsoft.NET
2015-12-24 10:41:13 ----RSD---- C:\Windows\assembly
2015-12-23 23:26:14 ----D---- C:\Program Files\Microsoft Office
2015-12-23 23:23:44 ----D---- C:\Program Files\Microsoft Games
2015-12-23 23:23:29 ----D---- C:\Program Files\Microsoft.NET
2015-12-23 23:23:29 ----D---- C:\Program Files\Microsoft Works
2015-12-23 23:23:28 ----D---- C:\Program Files\Microsoft Visual Studio 8
2015-12-23 23:23:16 ----D---- C:\Program Files\Microsoft Visual Studio
2015-12-23 23:23:15 ----D---- C:\Program Files\IDE
2015-12-23 23:19:41 ----D---- C:\Program Files\Windows Sidebar
2015-12-23 23:19:28 ----D---- C:\Program Files\Windows Media Player
2015-12-23 23:19:08 ----D---- C:\Program Files\Users
2015-12-23 15:13:30 ----D---- C:\Program Files\Windows NT
2015-12-20 03:00:48 ----SD---- C:\Windows\system32\GWX
2015-12-13 05:29:43 ----D---- C:\Windows\Logs
2015-12-10 03:25:13 ----D---- C:\Windows\ehome
2015-12-04 20:55:19 ----D---- C:\Windows\Tasks
2015-12-02 13:25:18 ----N---- C:\Windows\system32\MpSigStub.exe
2015-11-11 11:19:41 ----D---- C:\Windows\system32\migration
2015-11-11 11:19:31 ----D---- C:\Program Files\Windows Journal

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 DrWebLwf;Dr.Web Firewall Kernel-Mode Driver; C:\Windows\system32\drivers\DrWebLwf.sys [2016-01-06 222864]
R0 DwDevGuard;Dr.Web Device Guard; C:\Windows\system32\drivers\dwdg.sys [2016-01-06 86280]
R0 DwProt;DrWeb Protection; C:\Windows\system32\drivers\dwprot.sys [2016-01-25 588416]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 173440]
R0 SpiderG3;DrWeb file system scanner; C:\Windows\system32\drivers\spiderg3.sys [2016-01-06 181552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 388096]
R1 DrWebWfp;DrWebWfp; C:\Windows\system32\drivers\dw_wfp.sys [2016-01-06 66192]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Расширяемый драйвер устройств беспроводной сети Atheros; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2015-06-10 77824]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 RTL8167;Драйвер Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1759872]
R3 utmyotg5;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utmyotg5.sys [2016-01-25 7168]
S1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2015-06-10 95232]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2015-08-14 14848]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [2015-06-10 111872]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [2015-08-14 319872]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-08-15 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2015-08-15 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2015-08-15 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-08-15 26880]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 35968]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DrWebAVService;Dr.Web Control Service; C:\Program Files\DrWeb\dwservice.exe [2016-01-13 11236072]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R3 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2016-01-06 2022688]
R3 DrWebFwSvc;Dr.Web Firewall Service; C:\Program Files\DrWeb\frwl_svc.exe [2016-01-06 2155520]
R3 DrWebNetFilter;Dr.Web Net Filtering Service; C:\Program Files\DrWeb\dwnetfilter.exe [2016-01-06 4940944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-20 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29 269504]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-20 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-12-12 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 aspnet_state;Служба состояний ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
