Лог утилиты random's system information tool 1.08 (автор: random/random)
Run by Admin at 2011-08-20 12:53:14
Microsoft Windows XP Professional Service Pack 3
Системный раздел C: размер 3 GB (17%) Свободно 20 GB
Total RAM: 2047 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:53:21, on 20.08.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21293)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\TEMP\GuardGuard.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VistaDriveIcon\VistaDrv.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Yandex\Updater\praetorian.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Opera\opera.exe
C:\PROGRA~1\THEKMP~1\KMPlayer.exe
D:\Эксперимент\AVZ\avz4\avz.exe
D:\Downloads\программы для удаления вирусов\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?clid=48173
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
R3 - Default URLSearchHook is missing
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: IE 4.x-6.x BHO for Download Master - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll
O2 - BHO: AlterGeo Magic Scanner - {9BFBA68E-E21B-458E-AE12-FE85E903D2C1} - C:\Program Files\AlterGeo\AlterGeo Magic Scanner\2.8.8.615\AlterGeo.BrowserPlugin.dll
O2 - BHO: Визуальные Закладки - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll
O3 - Toolbar: Яндекс.Бар - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Security Suite Pro\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe" /gui
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe
O4 - HKCU\..\Run: [Praetorian] C:\Documents and Settings\Admin\Local Settings\Application Data\Yandex\Updater\praetorian.exe
O4 - HKCU\..\Run: [AnVir Task Manager] "C:\Program Files\AnVir Task Manager\AnVir.exe" Minimized
O4 - HKCU\..\Run: [NBJ] "D:\Эксперимент\Новая папка (3)\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,OnceFirstLogonInstall,0 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%\System32\rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\custom.inf,NewUserFirstLogonInstall,0 (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Закачать ВСЕ при помощи Download Master - C:\Program Files\Download Master\dmieall.htm
O8 - Extra context menu item: Закачать при помощи Download Master - C:\Program Files\Download Master\dmie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Быстрая настройка Outpost Security Suite Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Security Suite Pro\ie_bar.dll
O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{13643EE1-9CFD-43F6-B484-B9E826017454}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6BB1173-39E1-4F3E-AD17-F1CB84A4B3AE}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{13643EE1-9CFD-43F6-B484-B9E826017454}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{13643EE1-9CFD-43F6-B484-B9E826017454}: NameServer = 156.154.70.25,156.154.71.25
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Предзагрузчик Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Демон кэша категорий компонентов - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 3ware Controller Service (3wareSrv) - Unknown owner - C:\WINDOWS\System32\3wareSrv.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Unreal Tournament 3 Drivers Auto Removal (pr2anlqb) (pr2anlqb) - Noviy Disk - C:\WINDOWS\system32\pr2anlqb.exe
O23 - Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) - Корпорация Майкрософт - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Radmin Server V3 (RServer3) - Famatech International Corp. - C:\WINDOWS\system32\rserver30\RServer3.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 12010 bytes

======Папка назначеных зданий======

C:\WINDOWS\tasks\RegistryBooster.job

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll [2008-10-24 157696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C1}]
AlterGeoBHO Class - C:\Program Files\AlterGeo\AlterGeo Magic Scanner\2.8.8.615\AlterGeo.BrowserPlugin.dll [2010-08-31 257384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Визуальные Закладки - C:\Program Files\Yandex\YandexBarIE\fastdial.dll [2011-03-31 2398520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Яндекс.Бар - C:\Program Files\Yandex\YandexBarIE\yndbar.dll [2011-03-31 13508408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-03-17 1040384]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Security Suite Pro\feedback.exe [2008-02-29 419160]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2008-12-18 962160]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2008-12-18 165144]
"Guard.Mail.ru.gui"=C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe [2011-05-24 1472720]
"SoundMax"=C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [2008-03-24 884736]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-05-17 505368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-08-19 30208]
"VistaIcon"=C:\Program Files\VistaDriveIcon\VistaDrv.exe [2008-01-02 132096]
"Praetorian"=C:\Documents and Settings\Admin\Local Settings\Application Data\Yandex\Updater\praetorian.exe [2011-03-30 851768]
"AnVir Task Manager"=C:\Program Files\AnVir Task Manager\AnVir.exe [2011-07-07 5566232]
"NBJ"=D:\Эксперимент\Новая папка (3)\Nero BackItUp\NBJ.exe [2006-09-15 2048000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files\QIP Infium\infium.exe [2008-12-09 5062144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-03-02 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSharedDocuments"=1
"NoSMConfigurePrograms"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Miranda IM UA-Pack\miranda32.exe"="C:\Program Files\Miranda IM UA-Pack\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Mail.Ru\Sputnik\SputnikFlashPlayer.exe"="C:\Program Files\Mail.Ru\Sputnik\SputnikFlashPlayer.exe:*:Enabled:Sputnik@Mail.Ru flash player"
"C:\Program Files\Mail.Ru\Sputnik\SputnikHelper.exe"="C:\Program Files\Mail.Ru\Sputnik\SputnikHelper.exe:*:Enabled:Sputnik@Mail.Ru helper object"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"H:\1\PortableApps\MalwarebytesPortable\App\Malwarebytes\mbam.exe"="H:\1\PortableApps\MalwarebytesPortable\App\Malwarebytes\mbam.exe:*:Enabled:Malwarebytes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\1\PortableApps\MalwarebytesPortable\App\Malwarebytes\mbam.exe"="H:\1\PortableApps\MalwarebytesPortable\App\Malwarebytes\mbam.exe:*:Enabled:Malwarebytes"

======Список файлов и папок, созданных за последние 1 месяц======

2011-08-20 12:45:54 ----D---- C:\rsit
2011-08-20 12:45:54 ----D---- C:\Program Files\trend micro
2011-08-20 12:40:39 ----A---- C:\WINDOWS\system32\drivers\utm5mti2.sys
2011-08-20 04:24:12 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-08-19 05:59:31 ----D---- C:\Program Files\Punto Switcher
2011-08-19 05:59:26 ----D---- C:\Program Files\Mozilla Firefox
2011-08-19 05:59:07 ----D---- C:\Documents and Settings\Admin\Application Data\DRPSu
2011-08-19 04:29:22 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-08-19 03:38:34 ----D---- C:\Documents and Settings\Admin\Application Data\DAEMON Tools Lite
2011-08-19 03:38:25 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2011-08-19 02:28:47 ----D---- C:\Program Files\CCleaner
2011-08-18 07:29:26 ----D---- C:\Program Files\Oracle
2011-08-18 06:29:13 ----A---- C:\WINDOWS\WPI_Log_2011.08.18_06.29.13.txt
2011-08-18 06:29:13 ----A---- C:\rb_config.js
2011-08-18 06:29:13 ----A---- C:\history.js
2011-08-18 06:21:49 ----D---- C:\Documents and Settings\Admin\Application Data\Nvu
2011-08-18 06:08:50 ----D---- C:\Documents and Settings\Admin\Application Data\ABBYY
2011-08-18 03:21:50 ----D---- C:\Program Files\HashTab Shell Extension
2011-08-18 02:49:37 ----D---- C:\Documents and Settings\Admin\Application Data\Carambis
2011-08-18 02:07:32 ----D---- C:\Documents and Settings\Admin\Application Data\Thinstall
2011-08-18 01:43:19 ----D---- C:\Documents and Settings\Admin\Application Data\Uniblue
2011-08-18 01:43:12 ----HDC---- C:\Documents and Settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-08-18 01:43:11 ----D---- C:\Program Files\Uniblue
2011-08-16 18:13:31 ----D---- C:\Documents and Settings\Admin\Application Data\Ahead
2011-08-16 14:34:07 ----D---- C:\Documents and Settings\Admin\Application Data\ChemTable Software
2011-08-16 14:17:20 ----D---- C:\Documents and Settings\Admin\Application Data\Obnovi Soft
2011-08-16 14:16:46 ----D---- C:\Program Files\AnVir Task Manager
2011-08-16 13:00:41 ----D---- C:\Program Files\Common Files\Adobe
2011-08-16 13:00:41 ----D---- C:\Program Files\Adobe
2011-08-16 04:51:16 ----D---- C:\Program Files\Unlocker
2011-08-15 18:16:52 ----A---- C:\WINDOWS\NeroDigital.ini
2011-08-15 16:00:03 ----N---- C:\WINDOWS\system32\drivers\imagesrv.sys
2011-08-15 16:00:03 ----N---- C:\WINDOWS\system32\drivers\imagedrv.sys
2011-08-15 15:59:51 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2011-08-15 15:59:51 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2011-08-15 15:59:50 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2011-08-15 15:59:50 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2011-08-15 15:59:50 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2011-08-15 15:59:50 ----N---- C:\WINDOWS\system32\ImagX7.dll
2011-08-15 15:59:50 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2011-08-15 04:47:32 ----D---- C:\Program Files\Common Files\Ahead
2011-08-15 00:49:08 ----RA---- C:\WINDOWS\system32\3wareSrv.exe
2011-08-15 00:49:08 ----RA---- C:\WINDOWS\system32\3wareRun.exe
2011-08-14 12:26:08 ----D---- C:\Documents and Settings\Admin\Application Data\Acronis
2011-08-14 11:50:42 ----D---- C:\Documents and Settings\All Users\Application Data\Acronis
2011-08-14 11:47:23 ----A---- C:\WINDOWS\system32\drivers\tdrpm174.sys
2011-08-14 11:47:17 ----A---- C:\WINDOWS\system32\drivers\timntr.sys
2011-08-14 11:47:17 ----A---- C:\WINDOWS\system32\drivers\tifsfilt.sys
2011-08-14 11:47:11 ----A---- C:\WINDOWS\system32\drivers\snman380.sys
2011-08-14 11:46:59 ----D---- C:\Program Files\Acronis
2011-08-14 11:46:58 ----D---- C:\Program Files\Common Files\Acronis
2011-07-31 21:05:44 ----D---- C:\Program Files\uTorrent
2011-07-31 21:05:17 ----D---- C:\Documents and Settings\Admin\Application Data\uTorrent
2011-07-31 00:20:27 ----D---- C:\Documents and Settings\Admin\Application Data\ImgBurn
2011-07-28 22:27:54 ----D---- C:\Documents and Settings\All Users\Application Data\CrystalIdea Software

======Список файлов и папок, измененных за последние 1 месяц======

2011-08-20 12:45:54 ----AD---- C:\Program Files
2011-08-20 12:40:39 ----HD---- C:\WINDOWS\system32\drivers
2011-08-20 12:15:41 ----D---- C:\WINDOWS\Temp
2011-08-20 11:53:21 ----D---- C:\Documents and Settings\Admin\Application Data\The Bat!
2011-08-20 06:15:40 ----HD---- C:\WINDOWS
2011-08-20 06:11:57 ----D---- C:\Documents and Settings\Admin\Application Data\Skype
2011-08-20 04:27:56 ----AH---- C:\WINDOWS\system32\perfmon.msc
2011-08-20 04:24:12 ----AHD---- C:\WINDOWS\system32
2011-08-20 03:50:25 ----HD---- C:\WINDOWS\system32\CatRoot2
2011-08-20 03:42:16 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-08-19 06:01:04 ----HD---- C:\WINDOWS\inf
2011-08-19 06:01:03 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-08-19 03:42:59 ----SHD---- C:\WINDOWS\Installer
2011-08-18 13:25:49 ----HD---- C:\WINDOWS\Help
2011-08-18 07:29:37 ----HDC---- C:\WINDOWS\system32\DRVSTORE
2011-08-18 02:18:05 ----D---- C:\WINDOWS\system32\NtmsData
2011-08-18 01:43:21 ----SD---- C:\WINDOWS\Tasks
2011-08-16 19:19:45 ----AH---- C:\WINDOWS\ODBC.INI
2011-08-16 19:00:47 ----D---- C:\Program Files\Steam
2011-08-16 17:42:40 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-08-16 13:00:46 ----D---- C:\WINDOWS\WinSxS
2011-08-16 13:00:45 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-08-16 13:00:41 ----AD---- C:\Program Files\Common Files
2011-08-16 12:30:10 ----A---- C:\WINDOWS\system32\SfcFiles.dll
2011-08-16 12:30:09 ----A---- C:\WINDOWS\system32\uxtheme.dll
2011-08-13 22:30:47 ----D---- C:\Program Files\Total Commander
2011-08-09 14:57:59 ----AH---- C:\WINDOWS\DaemonPlugin.INI
2011-07-22 17:14:33 ----D---- C:\Documents and Settings\Admin\Application Data\IP-TV Player

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-30 97504]
R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2008-05-19 150568]
R0 ohci1394;OHCI-совместимый IEEE 1394 хост-контроллер; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-08-19 61696]
R0 pe3anlqb;Unreal Tournament 3 Environment Driver (pe3anlqb); C:\WINDOWS\system32\drivers\pe3anlqb.sys [2007-11-09 65160]
R0 pf2anlqb;Unreal Tournament 3 File System Driver (pf2anlqb); C:\WINDOWS\system32\drivers\pf2anlqb.sys [2007-11-09 83592]
R0 ps7anlqb;Unreal Tournament 3 Synchronization Driver (ps7anlqb); C:\WINDOWS\system32\drivers\ps7anlqb.sys [2007-11-09 68752]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-29 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 snapman380;Acronis Snapshots Manager (Build 380); C:\WINDOWS\system32\DRIVERS\snman380.sys [2011-08-14 134272]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-08-19 691696]
R0 tdrpman174;Acronis Try&Decide and Restore Points filter (build 174); C:\WINDOWS\system32\DRIVERS\tdrpm174.sys [2011-08-14 971552]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2011-08-14 540000]
R0 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2006-02-14 24320]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2011-06-30 17416]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-30 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-30 29400]
R1 intelppm;Драйвер Intel процессора; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-15 14720]
R1 raddrvv3;raddrvv3; \??\C:\WINDOWS\system32\rserver30\raddrvv3.sys []
R1 SandBox;SandBox; C:\WINDOWS\system32\DRIVERS\SandBox.sys [2008-02-27 446976]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2010-08-05 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2010-08-05 41936]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-совместимый транспортный протокол; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-15 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-15 63232]
R2 NwlnkSpx;Протокол NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-15 55936]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-07-08 62848]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2011-08-14 44704]
R2 WinFLdrv;WinFLdrv; C:\WINDOWS\system32\WinFLdrv.sys [2011-07-12 17984]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-03-24 331264]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2008-02-27 206352]
R3 Arp1394;Протокол клиента 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-08-19 60800]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368]
R3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-05-11 2107808]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-05-11 25888]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-05-12 41888]
R3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 3328]
R3 mouhid;Драйвер мыши HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2006-02-26 5810]
R3 NIC1394;Сетевой драйвер 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-08-19 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-15 163584]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-01-09 47360]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-05-10 14112]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-05-10 1276832]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbaudio;Аудио драйвер USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-08-19 60032]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-15 32128]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-08-19 26368]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-08-19 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 100496]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 111312]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-08-15 265856]
S3 a07jf2i0;a07jf2i0; C:\WINDOWS\system32\drivers\a07jf2i0.sys []
S3 ASWFilt;ASWFilt; C:\WINDOWS\system32\Filt\ASWFilt.dll [2008-02-27 33024]
S3 CCDECODE;Closed Caption декодер; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-08-19 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-09-28 25280]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-05-11 2142752]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-08-19 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-08-19 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-08-19 10880]
S3 nm;Драйвер сетевого монитора; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-15 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-07 34064]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-08-19 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-08-19 15232]
S3 utm5mti2;AVZ Kernel Driver; \??\C:\WINDOWS\system32\Drivers\utm5mti2.sys []
S3 VBEngNT;VBEngNT; C:\WINDOWS\system32\DRIVERS\VBEngNT.sys [2008-02-21 1073745]
S3 VBFilt;VBFilt; C:\WINDOWS\system32\Filt\VBFilt.dll [2008-02-27 158528]
S3 WSTCODEC;World Standard Teletext кодек; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-08-19 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-03-02 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-03-02 82944]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2008-12-18 554264]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe [2011-05-24 1472720]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-05-11 187168]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-05-11 133920]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 NWCWorkstation;Клиент для сетей NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-19 66872]
S2 3wareSrv;3ware Controller Service; C:\WINDOWS\System32\3wareSrv.exe [2006-02-26 45056]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-05-11 142112]
S3 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2008-02-29 1488216]
S3 aspnet_state;Служба состояний ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 pr2anlqb;Unreal Tournament 3 Drivers Auto Removal (pr2anlqb); C:\WINDOWS\system32\pr2anlqb.exe [2007-11-09 411016]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-07 92792]
S3 RServer3;Radmin Server V3; C:\WINDOWS\system32\rserver30\RServer3.exe [2008-04-24 1238344]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]

-----------------EOF-----------------