Logfile of random's system information tool 1.09 (written by random/random)
Run by Евгений at 2012-01-13 11:42:50
Microsoft Windows XP Professional Service Pack 2
System drive C: has 34 GB (68%) free of 50 GB
Total RAM: 2047 MB (70% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll [2005-04-22 328275]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll [2011-06-27 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll [2005-04-22 328275]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll [2011-06-27 237168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-05-14 111208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-14 13887080]
"KillCopy"=C:\Program Files\KillSoft\KillCopy\kcresume.exe [2002-01-25 295424]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 128568]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 219648]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
"2Gis Update Notifier"=C:\Program Files\2gis\3.0\2GISTrayNotifier.exe [2011-02-28 4599128]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2008-03-06 315392]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-10-20 340456]
"WebSite"=C:\Program Files\JustClicking\JustClicking.exe [2012-01-11 584192]
"Mkey.exe"=C:\Program Files\MKey\Mkey.exe [2005-09-10 640000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"csrcs"=C:\WINDOWS\system32\csrcs.exe [2006-02-28 728104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Punto Switcher"=C:\Program Files\Punto Switcher\ps.exe [2002-12-05 272384]
"MAgent"=C:\Documents and Settings\Евгений\Application Data\Mail.Ru\Agent\MAgent.exe [2002-01-25 8746680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R270 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBNP.EXE [2006-05-19 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo RX610 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICLP.EXE [2007-03-30 182272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3

C:\Documents and Settings\Евгений\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-10-20 219664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:ipsec"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\Miranda IM [Major KGB] [2.10]\miranda32.exe"="C:\Program Files\Miranda IM [Major KGB] [2.10]\miranda32.exe:*:Enabled:Miranda IM"
"C:\zVqqBJ.eXe"="C:\zVqqBJ.eXe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winpoqc.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winpoqc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\retlw.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\retlw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\lmuh.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\lmuh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\uqpf.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\uqpf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wintospec.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wintospec.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wincctm.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wincctm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\lsvvd.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\lsvvd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\jrur.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\jrur.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\windnkva.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\windnkva.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\ayfcvp.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\ayfcvp.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\csrcs.exe"="C:\WINDOWS\system32\csrcs.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhkmo.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhkmo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\vxvf.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\vxvf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winsxslh.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winsxslh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winnrylr.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winnrylr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winadnk.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winadnk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winbekdwf.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winbekdwf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wintefxb.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wintefxb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winlvvmx.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winlvvmx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\cqayfv.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\cqayfv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winsmlcc.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winsmlcc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wiart.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wiart.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winsstau.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winsstau.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\helbf.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\helbf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winxxsn.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winxxsn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhkdpbw.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhkdpbw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winkyocf.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winkyocf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\irgpp.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\irgpp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winttsoks.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winttsoks.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wnubgr.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wnubgr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winakfksb.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winakfksb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\eygi.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\eygi.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\kydp.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\kydp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winqfwlou.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winqfwlou.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\cbsitt.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\cbsitt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winabfe.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winabfe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winykogh.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winykogh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\hropo.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\hropo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wincyie.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wincyie.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winutyfew.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winutyfew.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\dgre.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\dgre.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhosky.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhosky.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\tubhd.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\tubhd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winpton.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winpton.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winwvert.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winwvert.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wingivr.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wingivr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\nrubtt.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\nrubtt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\dbjrp.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\dbjrp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\teruj.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\teruj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\nbnkar.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\nbnkar.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\stws.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\stws.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winfmss.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winfmss.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wineqkb.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wineqkb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winnkqr.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winnkqr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winqbrt.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winqbrt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\cwrj.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\cwrj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winxkcjkd.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winxkcjkd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winymwb.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winymwb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wxkue.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wxkue.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winfkmuv.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winfkmuv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\rigkc.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\rigkc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wintxkd.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wintxkd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\rvbcp.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\rvbcp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\ysrp.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\ysrp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winqsop.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winqsop.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winjfgpyx.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winjfgpyx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wintgkj.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wintgkj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winwhcd.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winwhcd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\rilpie.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\rilpie.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winseafr.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winseafr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\oqbnr.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\oqbnr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winvknjx.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winvknjx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhisxm.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhisxm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\umsknx.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\umsknx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\kyjg.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\kyjg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winfwgfv.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winfwgfv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winsgdf.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winsgdf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\kntf.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\kntf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wineptwbr.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\wineptwbr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\yvsx.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\yvsx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winrkomp.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winrkomp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\tuqfxk.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\tuqfxk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winerfxha.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winerfxha.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\okdukm.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\okdukm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhxjgcg.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winhxjgcg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winumfjv.exe"="C:\DOCUME~1\F8AE~1\LOCALS~1\Temp\winumfjv.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 3 months======

2012-01-13 11:42:50 ----D---- C:\rsit
2012-01-13 11:40:49 ----D---- C:\Program Files\Trend Micro
2012-01-11 17:01:03 ----D---- C:\Documents and Settings\Евгений\Application Data\WinRAR
2012-01-11 16:59:21 ----D---- C:\Program Files\JustClicking
2012-01-11 16:58:48 ----H---- C:\WINDOWS\system32\1.exe
2012-01-11 13:20:08 ----A---- C:\WINDOWS\system32\unrar.dll
2012-01-11 13:20:08 ----A---- C:\WINDOWS\avisplitter.ini
2012-01-11 13:20:07 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2012-01-11 13:20:07 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2012-01-11 13:20:07 ----A---- C:\WINDOWS\system32\xvidcore.dll
2012-01-11 13:20:07 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2012-01-11 13:20:04 ----D---- C:\Program Files\K-Lite Codec Pack
2012-01-10 09:21:28 ----HD---- C:\WINDOWS\system32\GroupPolicy
2012-01-08 13:57:54 ----D---- C:\WINDOWS\pss
2012-01-08 13:36:16 ----A---- C:\WINDOWS\system32\drivers\klin.dat
2012-01-08 13:36:16 ----A---- C:\WINDOWS\system32\drivers\klick.dat
2012-01-08 13:35:48 ----D---- C:\Program Files\Kaspersky Lab
2012-01-08 13:35:48 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2012-01-08 13:35:28 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2012-01-08 13:23:47 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2012-01-06 11:44:24 ----D---- C:\Documents and Settings\Евгений\Application Data\BabylonToolbar
2012-01-06 11:18:03 ----D---- C:\Program Files\Microsoft SDKs
2012-01-06 11:18:02 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2012-01-06 11:18:02 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-01-06 11:15:42 ----D---- C:\Program Files\Common Files\Corel
2012-01-06 11:15:28 ----D---- C:\Program Files\Common Files\Protexis
2012-01-06 11:15:27 ----D---- C:\Documents and Settings\All Users\Application Data\Corel
2012-01-06 11:09:21 ----D---- C:\Program Files\Corel
2011-12-01 13:24:31 ----D---- C:\Program Files\Babylon
2011-12-01 13:10:24 ----D---- C:\Program Files\BabylonToolbar
2011-11-29 11:45:39 ----D---- C:\Program Files\y007.ru
2011-11-29 11:44:46 ----D---- C:\Program Files\Common Files\NalogoplUL421
2011-11-29 11:44:44 ----D---- C:\Program Files\Налогоплательщик ЮЛ
2011-11-27 15:15:19 ----A---- C:\WINDOWS\system32\drivers\FNMAB.tmp
2011-11-27 15:15:19 ----A---- C:\WINDOWS\system32\drivers\FNMAA.tmp
2011-11-27 15:15:19 ----A---- C:\WINDOWS\system32\drivers\FNM87.tmp
2011-11-27 15:15:19 ----A---- C:\WINDOWS\system32\drivers\FNM86.tmp
2011-11-27 15:15:19 ----A---- C:\WINDOWS\system32\drivers\Arfumx86.sys
2011-11-27 15:15:19 ----A---- C:\WINDOWS\system32\drivers\Amps2prt.sys
2011-11-27 15:00:42 ----A---- C:\DevList.txt
2011-11-27 14:58:11 ----A---- C:\WINDOWS\system32\drivers\FNMB.tmp
2011-11-27 14:58:11 ----A---- C:\WINDOWS\system32\drivers\FNMA.tmp
2011-11-27 14:32:32 ----A---- C:\WINDOWS\system32\drivers\FNM93.tmp
2011-11-27 14:32:30 ----A---- C:\WINDOWS\system32\drivers\FNM94.tmp
2011-11-26 13:41:32 ----A---- C:\WINDOWS\system32\E_FLBCLP.DLL
2011-11-26 13:41:32 ----A---- C:\WINDOWS\system32\E_FD4BCLP.DLL
2011-11-26 13:41:23 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2011-11-25 16:46:39 ----A---- C:\WINDOWS\system32\E_FLBBNP.DLL
2011-11-25 16:46:39 ----A---- C:\WINDOWS\system32\E_FD4BBNP.DLL
2011-11-25 16:46:39 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\PICSDK.ini
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\PICSDK.dll
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\PICEntry.dll
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPrinterDB.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_PT.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_IT.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_GE.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_FR.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_ES.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_EN.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_DU.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_CF.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPresetData_BP.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPattern6.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPattern5.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPattern4.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPattern3.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPattern2.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPattern131.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPattern121.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPICPattern1.dat
2011-11-25 16:42:29 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2011-11-25 16:42:25 ----D---- C:\Documents and Settings\Евгений\Application Data\InstallShield
2011-11-25 14:21:40 ----A---- C:\WINDOWS\system32\RegShellSM.exe
2011-11-25 13:51:09 ----A---- C:\WINDOWS\system32\snmptrap.exe
2011-11-25 13:51:09 ----A---- C:\WINDOWS\system32\snmp.exe
2011-11-25 13:51:09 ----A---- C:\WINDOWS\system32\lprmon.dll
2011-11-25 13:51:09 ----A---- C:\WINDOWS\system32\lpdsvc.dll
2011-11-25 13:51:08 ----A---- C:\WINDOWS\system32\snmpmib.dll
2011-11-25 13:51:08 ----A---- C:\WINDOWS\system32\hostmib.dll
2011-11-25 13:51:08 ----A---- C:\WINDOWS\system32\evntwin.exe
2011-11-25 13:51:08 ----A---- C:\WINDOWS\system32\evntcmd.exe
2011-11-25 13:51:08 ----A---- C:\WINDOWS\system32\evntagnt.dll
2011-11-25 13:51:07 ----A---- C:\WINDOWS\system32\lmmib2.dll
2011-11-25 12:28:40 ----D---- C:\Program Files\Installator
2011-11-22 15:33:32 ----D---- C:\dd07f2d626eb8d990736e3891f0f
2011-11-17 17:18:14 ----D---- C:\Documents and Settings\Евгений\Application Data\Remote Queue Manager
2011-11-17 17:16:34 ----D---- C:\Program Files\Print Censor
2011-11-17 16:39:14 ----D---- C:\Documents and Settings\All Users\Application Data\UDL
2011-11-17 16:35:31 ----D---- C:\Program Files\EPSON Print CD
2011-11-17 16:35:31 ----D---- C:\Program Files\EPSON
2011-11-17 12:13:24 ----D---- C:\Program Files\A4Tech
2011-11-17 11:56:34 ----A---- C:\WINDOWS\system32\drivers\FNM4.tmp
2011-11-17 11:56:34 ----A---- C:\WINDOWS\system32\drivers\FNM3.tmp
2011-11-16 15:12:38 ----D---- C:\Program Files\Common Files\Adobe
2011-11-16 14:30:31 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2011-11-15 16:04:23 ----D---- C:\Documents and Settings\Евгений\Application Data\OpenOffice.org
2011-11-15 14:46:52 ----A---- C:\Ярлык для PrnCensor.exe.lnk
2011-11-15 13:50:24 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-11-15 11:42:04 ----D---- C:\Documents and Settings\Евгений\Application Data\XnView
2011-11-15 11:41:33 ----D---- C:\Program Files\XnView
2011-11-15 11:29:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2011-11-15 11:29:15 ----D---- C:\Program Files\Google
2011-11-13 15:41:01 ----D---- C:\Documents and Settings\All Users\Application Data\OPHM
2011-11-12 11:01:02 ----D---- C:\WINDOWS\system32\LogFiles
2011-11-12 10:57:20 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2011-11-11 16:26:33 ----D---- C:\GvTemp
2011-11-11 16:25:37 ----D---- C:\Program Files\WinDjView
2011-11-11 16:25:18 ----D---- C:\Program Files\2gis
2011-11-11 16:25:18 ----D---- C:\Documents and Settings\All Users\Application Data\2GIS
2011-11-11 15:25:46 ----D---- C:\Вроде не нужный хлам
2011-11-11 15:20:29 ----D---- C:\Documents and Settings\Евгений\Application Data\Macromedia
2011-11-11 15:20:28 ----D---- C:\Documents and Settings\Евгений\Application Data\Adobe
2011-11-11 15:06:11 ----D---- C:\Program Files\Foxit Software
2011-11-11 15:06:11 ----D---- C:\Documents and Settings\Евгений\Application Data\Foxit
2011-11-11 15:05:04 ----D---- C:\Documents and Settings\Евгений\Application Data\MKey
2011-11-11 15:05:00 ----D---- C:\Program Files\MKey
2011-11-11 13:34:35 ----A---- C:\WINDOWS\system32\GDS32.DLL
2011-11-11 12:55:17 ----D---- C:\Program Files\Firebird
2011-11-11 12:55:13 ----D---- C:\Program Files\OwnMoney
2011-11-10 21:56:53 ----D---- C:\Asus M2N68 PLUS

======List of files/folders modified in the last 3 months======

2012-01-13 11:40:50 ----SHD---- C:\WINDOWS\Installer
2012-01-13 11:40:49 ----RD---- C:\Program Files
2012-01-13 11:40:49 ----HD---- C:\Config.Msi
2012-01-13 11:40:48 ----D---- C:\WINDOWS\Prefetch
2012-01-13 11:17:33 ----D---- C:\WINDOWS\Temp
2012-01-13 11:17:33 ----D---- C:\WINDOWS\system32\drivers
2012-01-13 11:16:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-13 11:05:15 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-12 16:56:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-12 16:56:25 ----D---- C:\Program Files\NetMeeting
2012-01-12 16:53:48 ----D---- C:\Program Files\Movie Maker
2012-01-12 16:18:02 ----D---- C:\Program Files\Internet Explorer
2012-01-11 17:07:55 ----D---- C:\WINDOWS\system32\Com
2012-01-11 17:01:20 ----D---- C:\Program Files\Windows Media Player
2012-01-11 16:58:48 ----D---- C:\WINDOWS\system32
2012-01-11 13:20:08 ----D---- C:\WINDOWS
2012-01-10 09:23:34 ----SHD---- C:\System Volume Information
2012-01-10 09:23:34 ----D---- C:\WINDOWS\system32\Restore
2012-01-08 14:21:15 ----SH---- C:\boot.ini
2012-01-08 14:21:15 ----A---- C:\WINDOWS\win.ini
2012-01-08 14:21:15 ----A---- C:\WINDOWS\system.ini
2012-01-08 13:36:05 ----HD---- C:\WINDOWS\inf
2012-01-08 13:21:10 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-06 11:40:11 ----SD---- C:\Documents and Settings\Евгений\Application Data\Microsoft
2012-01-06 11:39:11 ----RSD---- C:\WINDOWS\assembly
2012-01-06 11:18:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2012-01-06 11:18:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-01-06 11:18:02 ----D---- C:\Program Files\Microsoft.NET
2012-01-06 11:15:42 ----D---- C:\Program Files\Common Files
2012-01-06 11:15:33 ----RSD---- C:\WINDOWS\Fonts
2012-01-06 11:14:00 ----D---- C:\WINDOWS\WinSxS
2011-12-27 12:59:45 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2011-12-21 12:45:18 ----D---- C:\Documents and Settings\Евгений\Application Data\Mra
2011-12-01 11:38:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-29 13:15:30 ----D---- C:\Documents and Settings\Евгений\Application Data\HP
2011-11-25 16:07:28 ----D---- C:\WINDOWS\security
2011-11-25 13:51:16 ----D---- C:\WINDOWS\system32\wbem
2011-11-22 15:34:08 ----D---- C:\WINDOWS\system32\XPSViewer
2011-11-22 15:34:07 ----D---- C:\WINDOWS\system32\en-us
2011-11-22 15:27:47 ----D---- C:\WINDOWS\system32\CatRoot
2011-11-22 15:21:05 ----D---- C:\WINDOWS\system32\mui
2011-11-17 16:57:05 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-15 12:05:25 ----RD---- C:\ 
2011-11-12 10:57:39 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-11 17:06:43 ----D---- C:\WINDOWS\SoftwareDistribution
2011-11-11 15:22:34 ----D---- C:\WINDOWS\system32\RTCOM
2011-11-11 15:22:11 ----A---- C:\WINDOWS\Language_trs.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 klbg;Kaspersky Lab Boot Guard Driver; C:\WINDOWS\system32\drivers\klbg.sys [2009-10-14 36880]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2009-06-30 164896]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2004-08-25 5120]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\qmekuh.sys []
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2004-08-25 10240]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-02-28 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-05-14 12531648]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2009-10-20 113280]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-09-10 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-10-12 100736]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 Moufiltr;Mouse Test Driver; C:\WINDOWS\system32\DRIVERS\Moufiltr.sys [2005-08-06 9661]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [2009-07-22 81920]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-07-23 387616]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-07-23 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-14 155752]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2006-02-28 32768]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2009-07-22 2736128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 2GISUpdateService;2GIS UpdateService; C:\Program Files\2gis\3.0\2GISUpdateService.exe [2011-02-28 948056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 147456]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;TCP/IP Print Server; C:\WINDOWS\system32\tcpsvcs.exe [2006-02-28 19456]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 166960]
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2006-02-28 8704]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 213944]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------