Logfile of random's system information tool 1.08 (written by random/random) Run by Дарья at 2011-01-09 17:57:42 Microsoft Windows 7 Домашняя базовая System drive C: has 45 GB (52%) free of 87 GB Total RAM: 3562 MB (73% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:57:54, on 09.01.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\windows\system32\Dwm.exe C:\windows\system32\taskhost.exe C:\windows\Explorer.EXE C:\windows\system32\taskeng.exe C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\ACD Systems\RU\DevDetect.exe C:\Program Files\QIP 2010\qip.exe C:\Users\Дарья\AppData\Roaming\QipGuard\QipGuard.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\windows\explorer.exe C:\Users\Дарья\Downloads\RSIT.exe C:\Program Files\trend micro\Дарья.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?clid=47355 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O1 - Hosts: 91.193.194.146 www.vkontakte.ru O1 - Hosts: 91.193.194.146 vkontakte.ru O1 - Hosts: 91.193.194.146 vk.com O1 - Hosts: 91.193.194.146 www.vk.com O1 - Hosts: 91.193.194.146 www.durov.ru O1 - Hosts: 91.193.194.146 durov.ru O1 - Hosts: 91.193.194.146 my.mail.ru O1 - Hosts: 91.193.194.146 www.my.mail.ru O1 - Hosts: 91.193.194.146 www.loveplanet.ru O1 - Hosts: 91.193.194.146 loveplanet.ru O1 - Hosts: 91.193.194.146 mamba.ru O1 - Hosts: 91.193.194.146 www.mamba.ru O1 - Hosts: 91.193.194.146 www.odnoklassniki.ru O1 - Hosts: 91.193.194.146 odnoklassniki.ru O1 - Hosts: 91.193.194.146 www.google.com O1 - Hosts: 91.193.194.146 google.com O1 - Hosts: 91.193.194.146 www.google.ru O1 - Hosts: 91.193.194.146 google.ru O1 - Hosts: 91.193.194.146 www.google.ua O1 - Hosts: 91.193.194.146 google.ua O1 - Hosts: 91.193.194.146 www.google.kz O1 - Hosts: 91.193.194.146 google.kz O1 - Hosts: 91.193.194.146 www.bing.com O1 - Hosts: 91.193.194.146 bing.com O1 - Hosts: 91.193.194.146 www.yahoo.com O1 - Hosts: 91.193.194.146 yahoo.com O1 - Hosts: 91.193.194.146 www.yandex.ru O1 - Hosts: 91.193.194.146 yandex.ru O1 - Hosts: 91.193.194.146 ya.ru O1 - Hosts: 91.193.194.146 www.ya.ru O1 - Hosts: 91.193.194.146 mail.ru O1 - Hosts: 91.193.194.146 www.mail.ru O1 - Hosts: 91.193.194.146 www.rambler.ru O1 - Hosts: 91.193.194.146 rambler.ru O1 - Hosts: 91.193.194.146 gmail.ru O1 - Hosts: 91.193.194.146 www.gmail.ru O1 - Hosts: 91.193.194.146 www.yandex.com O1 - Hosts: 91.193.194.146 yandex.com O1 - Hosts: 91.193.194.146 www.aport.ru O1 - Hosts: 91.193.194.146 aport.ru O1 - Hosts: 91.193.194.146 gogo.ru O1 - Hosts: 91.193.194.146 www.gogo.ru O1 - Hosts: 91.193.194.146 nigma.ru O1 - Hosts: 91.193.194.146 www.nigma.ru O1 - Hosts: 91.193.194.146 msn.com O1 - Hosts: 91.193.194.146 www.msn.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\Дарья\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Дарья\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Яндекс.Бар - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NortonOnlineBackup] C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [APLangApp] "C:\Program Files\AnyPC Client\APLangApp.exe" O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Дарья\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Device Detector] DevDetect.exe -autorun O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP 2010\qip.exe" /autorun O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Дарья\AppData\Roaming\QipGuard\QipGuard.exe /p O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google ВикиКомментарии... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{3E6665E2-D375-4564-9E2E-5BC64730EB7D}: NameServer = 172.16.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{3E6665E2-D375-4564-9E2E-5BC64730EB7D}: NameServer = 172.16.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{3E6665E2-D375-4564-9E2E-5BC64730EB7D}: NameServer = 172.16.0.1 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: QipGuard - QIP.ru - C:\Program Files\QipGuard\QipGuard.exe O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- End of file - 11663 bytes ======Scheduled tasks folder====== C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3403409807-552430148-2789243855-1000Core.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3403409807-552430148-2789243855-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}] QipLI Class - C:\Users\Дарья\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-11-13 48080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}] QIPBHO Class - C:\Users\Дарья\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-11-13 149968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-09 297648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-25 843832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {91397D20-1446-11D4-8AF4-0040CA1127B6} - Яндекс.Бар - C:\Program Files\Yandex\YandexBarIE\yndbar.dll [2010-06-01 10336584] {8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-09 297648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-04 102400] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-07 8555040] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-03-25 1891720] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "NortonOnlineBackup"=C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [2010-03-05 926040] "APLangApp"=C:\Program Files\AnyPC Client\APLangApp.exe [2009-11-20 13312] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768] "avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912] "Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-05-26 39408] "Google Update"=C:\Users\Дарья\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-11 136176] "Device Detector"=DevDetect.exe -autorun [] "Infium"=C:\Program Files\QIP 2010\qip.exe [2010-11-13 5842384] "QIP Internet Guardian"=C:\Users\Дарья\AppData\Roaming\QipGuard\QipGuard.exe [2010-11-13 194512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\autodetect] C:\windows\system32\SupportAppXL\AutoDect.exe [2009-05-26 122368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Windchill ProductPoint Client Manager.lnk] C:\windows\Installer\{129024FF-A6C9-4696-91BC-570C6C05193A}\_F5BCEE176F60B4DABC6DF8.exe [2010-11-12 1406] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2011-01-09 17:57:42 ----D---- C:\rsit 2011-01-09 17:17:45 ----D---- C:\Users\Дарья\AppData\Roaming\Malwarebytes 2011-01-09 17:17:40 ----D---- C:\ProgramData\Malwarebytes 2011-01-09 17:17:40 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys 2011-01-09 17:17:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2011-01-09 17:17:37 ----A---- C:\windows\system32\drivers\mbam.sys 2011-01-09 15:11:24 ----D---- C:\Program Files\Trend Micro 2011-01-09 15:03:59 ----A---- C:\windows\system32\drivers\uzewntcw.sys 2011-01-09 13:48:08 ----D---- C:\Users\Дарья\AppData\Roaming\QIP 2011-01-09 13:48:03 ----D---- C:\Users\Дарья\AppData\Roaming\QipGuard 2011-01-09 13:48:03 ----D---- C:\Program Files\QipGuard 2011-01-09 13:47:49 ----D---- C:\Program Files\QIP 2010 2010-12-30 21:41:22 ----D---- C:\Users\Дарья\AppData\Roaming\funkitron 2010-12-30 16:42:40 ----D---- C:\windows\Minidump 2010-12-30 15:54:58 ----D---- C:\windows\pss 2010-12-17 16:30:02 ----D---- C:\Users\Дарья\AppData\Roaming\Mozilla 2010-12-17 16:29:39 ----D---- C:\Program Files\Mozilla Firefox 2010-12-17 15:43:33 ----A---- C:\windows\system32\drivers\aswSP.sys 2010-12-17 15:43:33 ----A---- C:\windows\system32\drivers\aswRdr.sys 2010-12-17 15:43:33 ----A---- C:\windows\system32\drivers\aswFsBlk.sys 2010-12-17 15:43:32 ----A---- C:\windows\system32\drivers\aswTdi.sys 2010-12-17 15:43:32 ----A---- C:\windows\system32\drivers\aswMonFlt.sys 2010-12-17 15:43:21 ----A---- C:\windows\system32\aswBoot.exe 2010-12-17 15:43:19 ----D---- C:\ProgramData\Alwil Software 2010-12-17 15:43:19 ----D---- C:\Program Files\Alwil Software 2010-12-17 15:33:03 ----N---- C:\windows\system32\MpSigStub.exe 2010-12-17 11:40:56 ----A---- C:\windows\system32\tzres.dll 2010-12-17 11:40:47 ----A---- C:\windows\system32\iertutil.dll 2010-12-17 11:40:46 ----A---- C:\windows\system32\mstime.dll 2010-12-17 11:40:46 ----A---- C:\windows\system32\mshtml.dll 2010-12-17 11:40:46 ----A---- C:\windows\system32\ieframe.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\wininet.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\urlmon.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\mshtmled.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\msfeedssync.exe 2010-12-17 11:40:45 ----A---- C:\windows\system32\msfeedsbs.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\msfeeds.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\licmgr10.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\jsproxy.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\ieui.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\iepeers.dll 2010-12-17 11:40:45 ----A---- C:\windows\system32\iedkcs32.dll 2010-12-17 11:40:36 ----A---- C:\windows\system32\schedsvc.dll 2010-12-17 11:40:35 ----A---- C:\windows\system32\wmicmiplugin.dll 2010-12-17 11:40:35 ----A---- C:\windows\system32\taskschd.dll 2010-12-17 11:40:35 ----A---- C:\windows\system32\taskeng.exe 2010-12-17 11:40:35 ----A---- C:\windows\system32\taskcomp.dll 2010-12-17 11:40:35 ----A---- C:\windows\system32\schtasks.exe 2010-12-17 11:40:33 ----A---- C:\windows\system32\webio.dll 2010-12-17 11:40:33 ----A---- C:\windows\system32\atmlib.dll 2010-12-17 11:40:33 ----A---- C:\windows\system32\atmfd.dll 2010-12-17 11:36:40 ----A---- C:\windows\system32\consent.exe 2010-12-17 11:36:39 ----A---- C:\windows\system32\oleaut32.dll 2010-12-17 11:36:07 ----A---- C:\windows\system32\win32k.sys 2010-11-12 13:07:55 ----A---- C:\windows\Mathcad 14 Russian Pack Uninstaller.exe.bak 2010-11-12 12:53:07 ----A---- C:\windows\Mathcad 14 Russian Pack Uninstaller.exe 2010-11-12 12:40:51 ----A---- C:\windows\MC_RC_IS_Log.txt 2010-11-12 12:40:13 ----A---- C:\windows\MC_Help_IS_Log.txt 2010-11-12 12:38:18 ----A---- C:\windows\MC14M011_IS_LOG.txt 2010-11-12 12:21:47 ----D---- C:\ProgramData\PTC 2010-11-12 12:21:43 ----D---- C:\Program Files\PTC 2010-10-29 15:02:53 ----D---- C:\windows\ru 2010-10-29 15:02:40 ----A---- C:\windows\system32\drivers\fssfltr.sys 2010-10-29 15:00:56 ----D---- C:\Program Files\MSN Toolbar 2010-10-29 15:00:50 ----D---- C:\Program Files\Bing Bar Installer 2010-10-29 15:00:49 ----A---- C:\windows\system32\XAudio2_5.dll 2010-10-29 15:00:49 ----A---- C:\windows\system32\XAPOFX1_3.dll 2010-10-29 15:00:49 ----A---- C:\windows\system32\d3dx10_42.dll 2010-10-29 15:00:47 ----A---- C:\windows\system32\d3dx9_32.dll 2010-10-29 14:56:52 ----A---- C:\windows\system32\WMVDECOD.DLL 2010-10-29 14:56:52 ----A---- C:\windows\system32\mfreadwrite.dll 2010-10-29 14:56:52 ----A---- C:\windows\system32\mf.dll 2010-10-29 14:54:23 ----A---- C:\windows\system32\MRT.exe 2010-10-27 16:33:29 ----A---- C:\windows\system32\CPFilters.dll 2010-10-27 16:32:35 ----A---- C:\windows\system32\drivers\Diskdump.sys 2010-10-15 16:49:30 ----D---- C:\Users\Дарья\AppData\Roaming\Mathsoft 2010-10-15 16:48:46 ----A---- C:\windows\MC14_RC_IS_Log.txt 2010-10-15 16:48:04 ----D---- C:\Program Files\Mathcad 2010-10-15 16:48:01 ----A---- C:\windows\MC14_Help_IS_Log.txt 2010-10-15 16:47:37 ----A---- C:\windows\MC14_IS_LOG.txt 2010-10-15 16:47:07 ----D---- C:\Program Files\MSXML 4.0 2010-10-15 16:19:28 ----D---- C:\ProgramData\Yandex 2010-10-15 16:19:16 ----D---- C:\Users\Дарья\AppData\Roaming\Yandex 2010-10-15 16:19:16 ----D---- C:\Program Files\Yandex 2010-10-15 16:19:15 ----D---- C:\Users\Дарья\AppData\Roaming\Opera 2010-10-15 16:19:12 ----D---- C:\Program Files\WinDjView 2010-10-15 15:56:35 ----D---- C:\Program Files\Total Commander 2010-10-15 15:53:18 ----D---- C:\Users\Дарья\AppData\Roaming\ACD Systems 2010-10-15 15:52:52 ----D---- C:\ProgramData\ACD Systems 2010-10-15 15:52:48 ----D---- C:\Program Files\Common Files\ACD Systems 2010-10-15 15:52:48 ----D---- C:\Program Files\ACD Systems 2010-10-15 13:19:56 ----D---- C:\Program Files\Microsoft Works 2010-10-15 13:19:38 ----D---- C:\Program Files\Microsoft Visual Studio 2010-10-15 13:19:03 ----D---- C:\Program Files\Microsoft.NET 2010-10-15 13:16:37 ----D---- C:\Program Files\Microsoft Visual Studio 8 2010-10-15 13:16:19 ----D---- C:\windows\SHELLNEW 2010-10-15 13:15:57 ----D---- C:\ProgramData\Microsoft Help 2010-10-13 17:45:18 ----A---- C:\windows\system32\StructuredQuery.dll 2010-10-13 17:45:14 ----A---- C:\windows\system32\ole32.dll 2010-10-13 17:45:00 ----A---- C:\windows\system32\t2embed.dll 2010-10-13 17:45:00 ----A---- C:\windows\system32\schannel.dll 2010-10-13 17:45:00 ----A---- C:\windows\system32\comctl32.dll 2010-10-13 17:44:59 ----A---- C:\windows\system32\mfc40u.dll 2010-10-13 17:44:59 ----A---- C:\windows\system32\mfc40.dll 2010-10-13 17:44:47 ----A---- C:\windows\system32\wmploc.DLL 2010-10-13 17:44:47 ----A---- C:\windows\system32\wmp.dll 2010-10-13 17:44:41 ----A---- C:\windows\system32\srvsvc.dll 2010-10-13 17:44:41 ----A---- C:\windows\system32\drivers\srvnet.sys 2010-10-13 17:44:41 ----A---- C:\windows\system32\drivers\srv2.sys 2010-10-13 17:44:41 ----A---- C:\windows\system32\drivers\srv.sys 2010-10-13 17:26:08 ----A---- C:\windows\system32\wmpmde.dll 2010-10-13 02:04:11 ----RHD---- C:\MSOCache 2010-10-11 21:07:55 ----D---- C:\Users\Дарья\AppData\Roaming\skypePM 2010-10-11 20:08:12 ----A---- C:\windows\system32\psisdecd.dll 2010-10-11 20:03:22 ----A---- C:\windows\system32\lsasrv.dll 2010-10-11 20:03:21 ----A---- C:\windows\system32\drivers\ksecpkg.sys 2010-10-11 20:03:14 ----A---- C:\windows\system32\rtutils.dll 2010-10-11 20:03:13 ----A---- C:\windows\system32\inetcomm.dll 2010-10-11 20:03:12 ----A---- C:\windows\system32\msxml3.dll 2010-10-11 20:03:10 ----A---- C:\windows\system32\ntdll.dll 2010-10-11 20:02:30 ----A---- C:\windows\system32\asycfilt.dll ======List of files/folders modified in the last 3 months====== 2011-01-09 17:57:21 ----D---- C:\windows\Temp 2011-01-09 17:55:29 ----D---- C:\windows\system32\config 2011-01-09 17:54:51 ----D---- C:\windows\system32\drivers 2011-01-09 17:54:51 ----D---- C:\windows\SoftwareDistribution 2011-01-09 17:54:15 ----SHD---- C:\windows\Installer 2011-01-09 17:17:40 ----HD---- C:\ProgramData 2011-01-09 17:17:37 ----RD---- C:\Program Files 2011-01-09 15:11:18 ----SHD---- C:\System Volume Information 2011-01-09 13:46:29 ----D---- C:\Program Files\Microsoft Silverlight 2011-01-09 12:14:21 ----D---- C:\Users\Дарья\AppData\Roaming\Skype 2011-01-09 12:01:42 ----D---- C:\windows\Prefetch 2010-12-30 22:09:36 ----AD---- C:\ProgramData\Temp 2010-12-30 16:42:40 ----D---- C:\Windows 2010-12-30 14:39:16 ----D---- C:\windows\System32 2010-12-30 14:39:16 ----D---- C:\windows\inf 2010-12-30 14:39:16 ----A---- C:\windows\system32\PerfStringBackup.INI 2010-12-29 17:21:14 ----D---- C:\windows\system32\drivers\etc 2010-12-25 16:29:53 ----D---- C:\windows\system32\catroot2 2010-12-24 19:12:07 ----D---- C:\windows\system32\drivers\UMDF 2010-12-20 21:18:53 ----D---- C:\windows\rescache 2010-12-17 15:43:30 ----D---- C:\Program Files\Common Files\microsoft shared 2010-12-17 15:03:31 ----D---- C:\ProgramData\McAfee 2010-12-17 15:03:28 ----D---- C:\Program Files\McAfee 2010-12-17 15:03:24 ----D---- C:\Program Files\Common Files\McAfee 2010-12-17 14:54:30 ----D---- C:\windows\winsxs 2010-12-17 14:53:15 ----D---- C:\windows\system32\ru-RU 2010-12-17 14:53:15 ----D---- C:\windows\system32\en-US 2010-12-17 14:53:15 ----D---- C:\Program Files\Windows Mail 2010-12-17 14:53:14 ----D---- C:\windows\system32\migration 2010-12-17 14:53:14 ----D---- C:\Program Files\Internet Explorer 2010-12-17 11:38:43 ----D---- C:\windows\system32\catroot 2010-12-09 21:02:53 ----D---- C:\Users\Дарья\AppData\Roaming\Adobe 2010-12-09 21:02:45 ----D---- C:\ProgramData\Adobe 2010-12-07 12:43:43 ----D---- C:\windows\system32\NDF 2010-12-06 20:13:56 ----D---- C:\windows\Logs 2010-11-12 12:40:40 ----SD---- C:\Users\Дарья\AppData\Roaming\Microsoft 2010-11-12 12:13:40 ----RSD---- C:\windows\Fonts 2010-11-02 14:29:52 ----RSD---- C:\windows\assembly 2010-11-02 14:29:52 ----D---- C:\windows\Microsoft.NET 2010-10-29 15:02:57 ----D---- C:\Program Files\Windows Live 2010-10-29 15:02:41 ----DC---- C:\windows\system32\DRVSTORE 2010-10-29 15:01:21 ----SD---- C:\ProgramData\Microsoft 2010-10-29 14:54:24 ----D---- C:\windows\debug 2010-10-28 00:37:48 ----D---- C:\windows\AppPatch 2010-10-17 22:54:35 ----A---- C:\windows\win.ini 2010-10-17 22:52:06 ----D---- C:\Users\Дарья\AppData\Roaming\SoftGrid Client 2010-10-15 16:49:26 ----D---- C:\Program Files\Common Files\InstallShield 2010-10-15 15:52:48 ----D---- C:\Program Files\Common Files 2010-10-15 13:26:39 ----D---- C:\Program Files\Common Files\System 2010-10-15 13:19:50 ----D---- C:\Program Files\MSBuild 2010-10-15 13:19:41 ----D---- C:\Program Files\Microsoft Office 2010-10-13 20:41:25 ----D---- C:\windows\system32\LogFiles 2010-10-13 19:58:27 ----D---- C:\Program Files\Windows Media Player 2010-10-13 17:25:20 ----D---- C:\windows\system32\DriverStore 2010-10-13 17:25:12 ----D---- C:\windows\system32\Tasks 2010-10-13 17:25:11 ----D---- C:\windows\Tasks 2010-10-12 11:29:30 ----D---- C:\ProgramData\Partner 2010-10-12 00:19:45 ----D---- C:\Program Files\Microsoft Application Virtualization Client 2010-10-11 21:13:06 ----D---- C:\ProgramData\CyberLink 2010-10-11 21:12:50 ----D---- C:\Users\Дарья\AppData\Roaming\CyberLink 2010-10-11 20:24:49 ----D---- C:\Program Files\Google 2010-10-11 20:24:06 ----D---- C:\ProgramData\VirtualizedApplications ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-04-27 435736] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2010-09-07 23376] R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2010-09-07 165584] R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2010-09-07 46672] R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2010-03-31 10752] R1 uzewntcw;AVZ-RK Kernel Driver; \??\C:\windows\system32\Drivers\uzewntcw.sys [2011-01-09 11264] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744] R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768] R2 TurboB;Turbo Boost UI Monitor driver; C:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 14808] R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592] R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128] R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-12-14 1245696] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-01-29 100352] R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-04-01 109056] R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 132480] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-04-07 3066912] R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760] R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944] R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864] R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304] S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272] S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-11 4756480] S3 massfilter;ZTE Mass Storage Filter Driver; C:\windows\system32\drivers\massfilter.sys [2009-11-02 9216] S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776] S3 rtport;rtport; \??\C:\windows\system32\drivers\rtport.sys [2010-07-15 15656] S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys [2009-11-02 105088] S3 ZTEusbnmea;ZTE NMEA Port; C:\windows\system32\DRIVERS\ZTEusbnmea.sys [2009-11-02 105088] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\windows\system32\DRIVERS\ZTEusbser6k.sys [2009-11-02 105088] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-05-05 172032] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664] R2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-11 135664] R2 NOBU;Norton Online Backup; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2010-03-05 2044248] R2 QipGuard;QipGuard; C:\Program Files\QipGuard\QipGuard.exe [2010-11-13 194512] R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136] R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-26 182768] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 99728] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------