Лог утилиты random's system information tool 1.08 (автор: random/random)
Run by vova at 2012-02-18 15:39:12
Microsoft Windows 7 Enterprise N  Service Pack 1
Системный раздел C: размер 2 GB (14%) Свободно 15 GB
Total RAM: 2043 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:39:33, on 18.02.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WebMoney Agent\wmagent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Lock Folder XP\LFService.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Users\vova\AppData\Local\Yandex\Updater\praetorian.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\NOTEPAD.EXE
E:\Программы\установленные\Firefox\firefox.exe
E:\Программы\установленные\Firefox\plugin-container.exe
E:\Программы\Системные\SVCHOST\RSIT.exe
C:\Program Files\trend micro\vova.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ru.msn.com/?ocid=OIE9HP
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer предоставлен: MSN and Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing
O2 - BHO: BFlix - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - C:\Program Files\BFlix\BFlix.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\50F3~1\82D8~1\Office14\URLREDIR.DLL
O2 - BHO: Визуальные Закладки - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O3 - Toolbar: Яндекс.Бар - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [wmagent.exe] "C:\Program Files\WebMoney Agent\wmagent.exe"
O4 - HKLM\..\Run: [VKSaver] C:\ProgramData\VKSaver\VKSaver.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LFService] C:\Program Files\Lock Folder XP\LFService.exe -start
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [BCSSync] "E:\Программы\установленные\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [VKHacker] C:\Temp\Rar$EX02.576\VKHacker.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avp] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKCU\..\Run: [DrvUpdater] C:\Users\vova\AppData\Roaming\DRPSu\DrvUpdater.exe
O4 - HKCU\..\Run: [Praetorian] C:\Users\vova\AppData\Local\Yandex\Updater\praetorian.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Predator] C:\Program Files\Predator2\Predator.exe /AUTORUN
O4 - HKCU\..\Run: [SSMaker] C:\Program Files\SSmaker\SSmaker.exe
O4 - HKCU\..\Run: [ABBYY Screenshot Reader Bonus] "C:\Program Files\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Punto Switcher.lnk = C:\Program Files\Yandex\Punto Switcher\punto.exe
O4 - Global Startup: Tabs.lnk = C:\Program Files\Ticno\Tabs\Ticno Tabs.exe
O8 - Extra context menu item: &Отправить в OneNote - res://C:\Program Files\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\Program Files\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Программы\установленные\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Программы\установленные\Office14\ONBttnIE.dll
O9 - Extra button: &Виртуальная клавиатура - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: &Связанные заметки OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Программы\установленные\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Связанные заметки OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Программы\установленные\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Проверка ссы&лок - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ProgramData\VKSaver\vksaver3.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: O2FLASH - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe

--
End of file - 8929 bytes

======Папка назначеных зданий======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E}]
BFlix Class - C:\Program Files\BFlix\BFlix.dll [2011-12-30 167936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll [2011-04-24 86416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll [2011-11-28 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\50F3~1\82D8~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Визуальные Закладки - C:\Program Files\Yandex\YandexBarIE\fastdial.dll [2011-03-31 2398520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll [2011-04-24 229776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Яндекс.Бар - C:\Program Files\Yandex\YandexBarIE\yndbar.dll [2011-03-31 13508408]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll [2011-11-28 269312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-02-24 10025576]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-17 2200872]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2010-06-09 251248]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]
"wmagent.exe"=C:\Program Files\WebMoney Agent\wmagent.exe [2009-10-19 210400]
"VKSaver"=C:\ProgramData\VKSaver\VKSaver.exe [2011-06-30 224768]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"LFService"=C:\Program Files\Lock Folder XP\LFService.exe [2009-07-23 40960]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"BCSSync"=E:\Программы\установленные\Office14\BCSSync.exe [2010-03-13 91520]
"VKHacker"=C:\Temp\Rar$EX02.576\VKHacker.exe []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"avp"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-04-24 202296]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DrvUpdater"=C:\Users\vova\AppData\Roaming\DRPSu\DrvUpdater.exe [2011-08-01 192856]
"Praetorian"=C:\Users\vova\AppData\Local\Yandex\Updater\praetorian.exe [2011-03-30 851768]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Predator"=C:\Program Files\Predator2\Predator.exe /AUTORUN []
"SSMaker"=C:\Program Files\SSmaker\SSmaker.exe [2010-08-04 600588]
"ABBYY Screenshot Reader Bonus"=C:\Program Files\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:\Program Files\ManyCam\Bin\ManyCam.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Total Commander.lnk]
C:\Program Files\TOTALC~1\Totalcmd.exe [2010-06-02 3677496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Tabs.lnk - C:\Program Files\Ticno\Tabs\Ticno Tabs.exe

C:\Users\vova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Punto Switcher.lnk - C:\Program Files\Yandex\Punto Switcher\punto.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\VKSaver\vksaver3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2011-04-24 229776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 3 месяца======

2012-02-18 15:39:12 ----D---- C:\rsit
2012-02-18 15:11:22 ----D---- C:\Program Files\trend micro
2012-02-03 00:47:19 ----D---- C:\Users\vova\AppData\Roaming\Rovio
2012-02-02 23:35:57 ----D---- C:\Program Files\FsCapture
2012-01-31 19:15:39 ----D---- C:\Users\vova\AppData\Roaming\Mozilla
2012-01-31 16:39:18 ----D---- C:\Program Files\WebMoney
2012-01-31 16:06:20 ----D---- C:\Program Files\Recuva
2012-01-28 15:25:33 ----D---- C:\Program Files\BFlix
2012-01-28 15:24:45 ----D---- C:\Program Files\Incredibar.com
2012-01-28 15:23:17 ----D---- C:\ProgramData\Premium
2012-01-28 15:23:14 ----D---- C:\ProgramData\InstallMate
2012-01-26 15:22:45 ----D---- C:\Users\vova\AppData\Roaming\Site-Reporter
2012-01-18 20:37:12 ----D---- C:\Program Files\Etxt Antiplagiat
2012-01-10 20:32:49 ----D---- C:\Users\vova\AppData\Roaming\MindTerm
2012-01-10 19:41:20 ----D---- C:\Users\vova\AppData\Roaming\Nero
2012-01-10 19:12:32 ----A---- C:\Windows\system32\drivers\imagesrv.sys
2012-01-10 19:12:32 ----A---- C:\Windows\system32\drivers\imagedrv.sys
2012-01-10 19:12:14 ----A---- C:\Windows\system32\TwnLib20.dll
2012-01-10 19:12:14 ----A---- C:\Windows\system32\picn20.dll
2012-01-10 19:12:14 ----A---- C:\Windows\system32\ImagXpr5.dll
2012-01-10 19:12:14 ----A---- C:\Windows\system32\imagx5.dll
2012-01-10 19:12:14 ----A---- C:\Windows\system32\imagr5.dll
2012-01-10 19:12:13 ----D---- C:\Program Files\Common Files\Ahead
2012-01-10 19:12:13 ----A---- C:\Windows\system32\NeroCheck.exe
2012-01-10 19:12:07 ----D---- C:\Program Files\Ahead
2012-01-07 12:19:31 ----D---- C:\ProgramData\Uniblue
2012-01-05 15:35:24 ----D---- C:\Users\vova\AppData\Roaming\AnvSoft
2012-01-05 15:30:08 ----D---- C:\Users\vova\AppData\Roaming\OpenCandy
2012-01-02 16:26:34 ----D---- C:\Windows\Sun
2012-01-01 20:55:48 ----D---- C:\Users\vova\AppData\Roaming\AIMP3
2012-01-01 02:24:38 ----D---- C:\Windows\Minidump
2011-12-26 15:16:01 ----D---- C:\Users\vova\AppData\Roaming\Ticno
2011-12-26 15:15:40 ----D---- C:\ProgramData\Ticno
2011-12-26 15:15:35 ----D---- C:\Program Files\Ticno
2011-12-26 15:14:21 ----D---- C:\Users\vova\AppData\Roaming\Installer
2011-12-24 17:16:10 ----D---- C:\Program Files\Xenu
2011-12-22 18:05:43 ----A---- C:\Windows\PSEXESVC.EXE
2011-12-22 15:10:20 ----D---- C:\ProgramData\Kaspersky Lab
2011-12-22 15:10:20 ----D---- C:\Program Files\Kaspersky Lab
2011-12-22 15:10:07 ----A---- C:\Windows\system32\drivers\klif.sys
2011-12-19 22:32:44 ----D---- C:\Program Files\Advego Plagiatus
2011-12-16 22:32:01 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-12-16 22:32:01 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-12-16 22:32:01 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-12-16 22:32:01 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-12-16 22:32:01 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-12-16 22:32:00 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-12-16 22:32:00 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-12-16 22:32:00 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-12-16 22:32:00 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-12-16 22:32:00 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-12-16 22:32:00 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-12-16 22:31:59 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-12-16 13:44:34 ----D---- C:\Program Files\Common Files\Java
2011-12-16 13:43:56 ----A---- C:\Windows\system32\javaws.exe
2011-12-16 13:43:56 ----A---- C:\Windows\system32\javaw.exe
2011-12-16 13:43:56 ----A---- C:\Windows\system32\java.exe
2011-12-14 18:06:12 ----D---- C:\ProgramData\ABBYY
2011-12-14 18:06:12 ----D---- C:\Program Files\ABBYY PDF Transformer 3.0
2011-12-11 21:21:55 ----D---- C:\Program Files\Meow.fr
2011-12-10 00:23:30 ----D---- C:\ProgramData\Guard.Mail.Ru

======Список файлов и папок, измененных за последние 3 месяца======

2012-02-18 15:39:33 ----D---- C:\Temp
2012-02-18 15:39:30 ----D---- C:\Windows\Prefetch
2012-02-18 15:38:59 ----D---- C:\Windows\system32\drivers
2012-02-18 15:34:10 ----D---- C:\Windows\System32
2012-02-18 15:34:10 ----D---- C:\Windows\inf
2012-02-18 15:34:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-18 15:26:24 ----D---- C:\Windows
2012-02-18 15:11:22 ----RD---- C:\Program Files
2012-02-18 15:06:12 ----D---- C:\Windows\system32\config
2012-02-18 14:55:52 ----D---- C:\Windows\Downloaded Program Files
2012-02-18 14:25:36 ----D---- C:\Users\vova\AppData\Roaming\FileZilla
2012-02-18 13:42:40 ----AD---- C:\ProgramData\TEMP
2012-02-18 13:34:39 ----D---- C:\Users\vova\AppData\Roaming\WebMoney
2012-02-16 12:50:43 ----D---- C:\Users\vova\AppData\Roaming\Skype
2012-02-14 22:00:24 ----D---- C:\Windows\winsxs
2012-02-14 21:50:56 ----D---- C:\Users\vova\AppData\Roaming\uTorrent
2012-02-14 21:50:25 ----SHD---- C:\Windows\Installer
2012-02-14 21:50:13 ----D---- C:\Program Files\Common Files\ACD Systems
2012-02-14 21:50:13 ----D---- C:\Program Files\ACD Systems
2012-02-14 21:50:10 ----D---- C:\ProgramData\ACD Systems
2012-02-14 15:57:20 ----D---- C:\Users\vova\AppData\Roaming\VK
2012-02-14 15:36:42 ----D---- C:\Program Files\VKPaint
2012-02-14 13:46:22 ----D---- C:\Windows\system32\Tasks
2012-02-14 13:46:18 ----RD---- C:\Program Files\Skype
2012-02-14 13:45:23 ----D---- C:\ProgramData\Skype
2012-02-03 20:49:49 ----D---- C:\Program Files\Yandex
2012-01-28 15:23:17 ----HD---- C:\ProgramData
2012-01-28 10:39:09 ----D---- C:\Program Files\Nokia
2012-01-28 10:39:09 ----D---- C:\Program Files\Common Files
2012-01-25 21:10:29 ----D---- C:\Program Files\Opera
2012-01-20 15:48:34 ----D---- C:\Windows\Temp
2012-01-20 15:47:32 ----SHD---- C:\System Volume Information
2012-01-18 20:37:12 ----SD---- C:\Users\vova\AppData\Roaming\Microsoft
2012-01-18 19:28:42 ----D---- C:\Windows\system32\catroot2
2012-01-17 22:51:58 ----D---- C:\Windows\system32\LogFiles
2012-01-16 18:56:32 ----D---- C:\Program Files\FileZilla FTP Client
2012-01-14 05:32:51 ----D---- C:\Program Files\Common Files\Adobe
2012-01-07 18:11:31 ----D---- C:\Windows\Tasks
2012-01-03 17:47:08 ----SHD---- C:\Boot
2012-01-01 20:55:50 ----D---- C:\Program Files\AIMP2
2011-12-22 15:10:53 ----D---- C:\Windows\system32\catroot
2011-12-22 15:10:47 ----D---- C:\Windows\system32\DriverStore
2011-12-22 15:06:50 ----D---- C:\ProgramData\McAfee
2011-12-16 22:13:44 ----D---- C:\Windows\Logs
2011-12-16 13:43:51 ----D---- C:\Program Files\Java
2011-12-11 15:53:26 ----D---- C:\Program Files\Google
2011-11-30 21:15:50 ----D---- C:\ProgramData\Microsoft Help
2011-11-26 18:05:18 ----SD---- C:\ProgramData\Microsoft

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2011-03-04 133208]
R0 LFSys;LFSys; C:\Windows\System32\Drivers\LFSys.sys [2009-07-09 77312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-04-02 173440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2011-04-02 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-23 218688]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-12-22 570160]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2010-07-30 343080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-02-24 3408808]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
R3 NETwNs32;___ Драйвер адаптера Intel(R) Wireless WiFi Link серии 5000 для Windows Vista 32 Bit ; C:\Windows\system32\DRIVERS\NETwNs32.sys [2011-01-19 7087616]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2009-05-07 52128]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2009-05-07 42144]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-02-17 1330864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD - драйвер фильтра шины AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-06-21 255096]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2011-04-02 62464]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2011-09-21 24576]
S3 netw5v32;Драйвер адаптера беспроводной связи серии Intel(R) Wireless WiFi Link 5000 для 32-разрядной версии Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 NVENETFD;Драйвер сетевого контроллера NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2011-04-02 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2011-04-02 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2011-04-02 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2011-04-02 84992]
S3 sisagp;SIS - фильтр шины AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2011-04-02 28032]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver; C:\Windows\system32\drivers\Synth3dVsc.sys [2011-04-02 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2011-04-02 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2011-04-02 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2011-04-02 27264]
S3 tsusbhub;Remote Deskotop USB Hub; C:\Windows\system32\drivers\tsusbhub.sys [2011-04-02 112640]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2011-04-02 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA - фильтр шины AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 драйвер процессора; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2011-04-02 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2011-04-02 17920]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-25 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 O2FLASH;O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [2007-02-12 65536]
S2 AVP;Kaspersky Anti-Virus Service; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-04-24 202296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-02 136176]
S2 KMService;KMService; C:\Windows\system32\srvany.exe [2011-06-23 8192]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-02 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-23 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------