Лог утилиты random's system information tool 1.08 (автор: random/random) Run by ev at 2012-03-01 15:18:12 Microsoft Windows XP Professional Service Pack 3 Системный раздел C: размер 57 GB (75%) Свободно 76 GB Total RAM: 1023 MB (46% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:18:21, on 01.03.2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Kebrum VPN\KebrumDaemon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Iconic Tray\it.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Documents and Settings\ev\Desktop\antivirus\RSIT.exe C:\Program Files\trend micro\ev.exe C:\WINDOWS\system32\mstsc.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=; O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Iconic Tray] C:\Program Files\Iconic Tray\it.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: E1xyXv6W6I0.exe O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm O8 - Extra context menu item: Копировать в Semagic - C:\Program Files\Semagic\copy.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245405625893 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lionko.lv O17 - HKLM\Software\..\Telephony: DomainName = lionko.lv O17 - HKLM\System\CCS\Services\Tcpip\..\{8FBAF18A-2EA8-48E7-A242-F902883D4A0B}: NameServer = 10.10.10.244,10.10.10.252 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lionko.lv O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Kebrum - - C:\Program Files\Kebrum VPN\KebrumDaemon.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 6192 bytes ======Папка назначеных зданий====== C:\WINDOWS\tasks\User_Feed_Synchronization-{B04B5209-B594-45AD-9801-9E19D71D7CD3}.job ======Снимок реестра====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-02-28 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-28 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-28 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-01-13 460872] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Iconic Tray"=C:\Program Files\Iconic Tray\it.exe [2002-11-09 37888] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Documents and Settings\ev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-03 133104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HCEmployee] C:\Program Files\Oleansoft\Hc\servemp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-09-29 929680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-09-29 20880] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-09-29 3508112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSWUpdate] C:\Documents and Settings\ev\Application Data\lsass.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe /tray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2005-11-11 90112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager] C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrafficMonitor] C:\Documents and Settings\ev\Application Data\mmv software\TrafficMonitor 2.1\StartupServer.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UStorag] c:\program files\u-storage tool2.9\ustorage.exe sys_auto_run C:\Program Files\U-Storage Tool2.9 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Program Files\uTorrent\uTorrent.exe [2011-05-23 399736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wmagent.exe] C:\Program Files\WebMoney Agent\wmagent.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wlidsvc"=2 "Wi2GeoMagicScanner"=2 "gupdate1c9fbbfa6086c7d"=2 "UTSCSI"=2 "PnkBstrA"=2 "gusvc"=3 "Ati HotKey Poller"=2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\ICQLite\ICQ.exe"="C:\Program Files\ICQLite\ICQ.exe:*:Enabled:ICQ Lite" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\Opera10\opera.exe"="C:\Program Files\Opera10\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\4game\PointBlank\pointblank.exe"="C:\Program Files\4game\PointBlank\pointblank.exe:*:Enabled:PointBlank" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Программа установки AVG" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\DOCUME~1\ev\LOCALS~1\Temp\Rar$EX00.329\SETUP2.exe"="C:\DOCUME~1\ev\LOCALS~1\Temp\Rar$EX00.329\SETUP2.exe:*:Enabled:Windows Messanger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\RealVNC\VNC4\vncviewer.exe"="C:\Program Files\RealVNC\VNC4\vncviewer.exe:*:Enabled:VNC Viewer Free Edition for Win32" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\ICQLite\ICQ.exe"="C:\Program Files\ICQLite\ICQ.exe:*:Enabled:ICQ Library" "C:\Program Files\Armagetron Advanced\armagetronad.exe"="C:\Program Files\Armagetron Advanced\armagetronad.exe:*:Enabled:armagetronad" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.422\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.422\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX01.282\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX01.282\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.156\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.156\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.391\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.391\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Program Files\RndLabs\BaboViolent 2\bv2.exe"="C:\Program Files\RndLabs\BaboViolent 2\bv2.exe:*:Enabled:bv2" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.266\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.266\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Opera10\opera.exe"="C:\Program Files\Opera10\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\RevConnect\DCPlusPlus.exe"="C:\Program Files\RevConnect\DCPlusPlus.exe:*:Enabled:DC++" "C:\RASplus\RASplus_Runner.exe"="C:\RASplus\RASplus_Runner.exe:*:Enabled:RASplus" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.547\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.547\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth" "C:\Documents and Settings\ev\Desktop\teamviewer\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Desktop\teamviewer\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Desktop\GPP_Remote_Server_1.2\GPP Remote Server 1.2\GPP Remote Server.exe"="C:\Documents and Settings\ev\Desktop\GPP_Remote_Server_1.2\GPP Remote Server 1.2\GPP Remote Server.exe:*:Enabled:GPP Remote Server" "C:\Program Files\SoftwareForMe.com\PhoneMyPC\PhoneMyPC.exe"="C:\Program Files\SoftwareForMe.com\PhoneMyPC\PhoneMyPC.exe:*:Enabled:PhoneMyPC" "C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Программа установки AVG" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.406\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.406\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.532\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.532\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.703\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.703\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.844\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.844\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.250\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.250\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Program Files\Stunlock Studios\Bloodline Champions Beta\Binary\BloodlineChampionsLoader.exe"="C:\Program Files\Stunlock Studios\Bloodline Champions Beta\Binary\BloodlineChampionsLoader.exe:*:Enabled:BloodlineChampionsLoader" "C:\Program Files\Growl for Windows\Growl.exe"="C:\Program Files\Growl for Windows\Growl.exe:*:Enabled:Growl" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.141\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.141\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\My Documents\World_of_Tanks\WorldOfTanks.exe"="C:\My Documents\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX01.062\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX01.062\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.000\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.000\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.625\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.625\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.390\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.390\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\GreylinkDC++\greylinkmod.exe"="C:\GreylinkDC++\greylinkmod.exe:*:Enabled:Greylink DC++ Mod: a new generation dc++ client" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX01.750\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX01.750\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.281\teamviewer\Portable teamviewer rus\TeamViewer.exe"="C:\Documents and Settings\ev\Local Settings\Temp\Rar$EX00.281\teamviewer\Portable teamviewer rus\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player" "C:\Program Files\WebMoney\WebMoney.exe"="C:\Program Files\WebMoney\WebMoney.exe:*:Enabled:WebMoney Keeper Classic Runner Module" "C:\Documents and Settings\ev\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\ev\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" ======Список файлов и папок, созданных за последние 3 месяца====== 2012-03-01 10:23:25 ----D---- C:\Documents and Settings\ev\Application Data\MicroST 2012-02-29 11:32:31 ----A---- C:\TDSSKiller.2.7.15.0_29.02.2012_11.32.31_log.txt 2012-02-29 11:22:15 ----D---- C:\Documents and Settings\ev\Application Data\Malwarebytes 2012-02-29 11:22:09 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2012-02-29 11:22:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2012-02-29 11:22:08 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2012-02-29 10:31:33 ----D---- C:\Program Files\trend micro 2012-02-29 10:31:32 ----D---- C:\rsit 2012-02-28 15:24:46 ----D---- C:\Program Files\UFO Online 2012-02-20 09:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$ 2012-02-20 09:09:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$ 2012-02-17 09:07:04 ----N---- C:\WINDOWS\system32\iacenc.dll 2012-01-27 09:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$ 2012-01-16 13:21:39 ----A---- C:\WINDOWS\ntbtlog.txt 2012-01-12 09:22:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$ 2012-01-12 09:22:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$ 2012-01-12 09:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$ 2012-01-12 09:12:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$ 2012-01-12 09:06:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$ 2012-01-02 11:14:46 ----A---- C:\WINDOWS\system32\hidserv.dll 2012-01-02 11:14:43 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys 2012-01-02 11:14:36 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys 2011-12-16 09:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$ 2011-12-16 09:15:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$ 2011-12-16 09:08:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$ 2011-12-16 09:08:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$ 2011-12-16 09:08:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$ 2011-12-16 09:07:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$ 2011-12-16 09:07:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$ ======Список файлов и папок, измененных за последние 3 месяца====== 2012-03-01 15:18:01 ----D---- C:\Documents and Settings\ev\Application Data\Skype 2012-03-01 15:16:54 ----D---- C:\WINDOWS\Temp 2012-03-01 15:16:32 ----SHD---- C:\WINDOWS\CSC 2012-03-01 15:16:21 ----D---- C:\WINDOWS\system32\drivers 2012-03-01 13:21:40 ----D---- C:\WINDOWS\Prefetch 2012-03-01 10:23:26 ----D---- C:\WINDOWS\system32 2012-03-01 09:35:01 ----A---- C:\WINDOWS\SchedLgU.Txt 2012-03-01 09:13:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2012-03-01 01:40:05 ----D---- C:\WINDOWS\security 2012-02-29 16:14:43 ----D---- C:\NewVision 2012-02-29 14:34:51 ----D---- C:\Program Files\Opera10 2012-02-29 12:39:54 ----D---- C:\WINDOWS\system32\CatRoot2 2012-02-29 11:36:57 ----D---- C:\WINDOWS\msagent 2012-02-29 11:22:08 ----D---- C:\Program Files 2012-02-29 09:46:49 ----D---- C:\WINDOWS 2012-02-28 15:27:29 ----D---- C:\WINDOWS\system32\DirectX 2012-02-28 15:27:28 ----HD---- C:\WINDOWS\inf 2012-02-21 09:07:06 ----D---- C:\Program Files\Microsoft Silverlight 2012-02-21 09:07:06 ----D---- C:\Program Files\Internet Explorer 2012-02-20 12:55:19 ----D---- C:\Documents and Settings\ev\Application Data\uTorrent 2012-02-20 12:45:29 ----RSD---- C:\WINDOWS\assembly 2012-02-20 12:45:29 ----D---- C:\WINDOWS\Microsoft.NET 2012-02-20 09:28:31 ----SHD---- C:\WINDOWS\Installer 2012-02-20 09:28:31 ----D---- C:\Config.Msi 2012-02-20 09:27:19 ----D---- C:\WINDOWS\WinSxS 2012-02-20 09:21:43 ----A---- C:\WINDOWS\system32\MRT.exe 2012-02-20 09:21:16 ----RSHDC---- C:\WINDOWS\system32\dllcache 2012-02-20 09:21:03 ----A---- C:\WINDOWS\imsins.BAK 2012-02-20 09:20:20 ----D---- C:\WINDOWS\ie8updates 2012-02-20 09:20:13 ----HD---- C:\WINDOWS\$hf_mig$ 2012-02-15 11:30:07 ----D---- C:\WINDOWS\system32\config 2012-02-15 11:29:46 ----D---- C:\WINDOWS\system32\wbem 2012-02-15 11:29:45 ----D---- C:\WINDOWS\Registration 2012-02-13 11:20:06 ----D---- C:\Program Files\Blender Foundation 2012-02-07 10:11:07 ----D---- C:\RASplus 2012-01-16 13:31:20 ----SH---- C:\boot.ini 2012-01-16 13:31:20 ----A---- C:\WINDOWS\win.ini 2012-01-16 13:31:20 ----A---- C:\WINDOWS\system.ini 2012-01-16 13:23:44 ----SHD---- C:\RECYCLER 2012-01-10 12:48:47 ----D---- C:\eclipse 2012-01-10 11:39:33 ----D---- C:\Documents and Settings\ev\Application Data\TeamViewer 2011-12-18 14:46:38 ----A---- C:\WINDOWS\system32\ieframe.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\wininet.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\urlmon.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\url.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\occache.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\mstime.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\mshtmled.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\mshtml.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\msfeedsbs.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\msfeeds.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\licmgr10.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\jsproxy.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\iertutil.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\iepeers.dll 2011-12-17 21:46:36 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2011-12-16 14:23:08 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2011-12-14 11:57:10 ----D---- C:\Program Files\Semagic 2011-12-06 17:06:41 ----D---- C:\Program Files\The KMPlayer ======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)====== R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys [] R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys [] R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-11-22 3804416] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056] R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-05-18 25984] R3 ULI5261XP;ULi M526X Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280] S2 Scutum50;Scutum50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\Scutum50.sys [] S2 VirtualCam;VirtualCamera; C:\WINDOWS\system32\DRIVERS\VirtualCam.sys [2007-02-21 192512] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-07-20 30312] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808] S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [] S3 GENPWDM;GENPWDM; \??\C:\DOCUME~1\ev\LOCALS~1\Temp\RarSFX3\GENPWDM.SYS [] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [] S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [] S3 mcdevice;mcdevice; C:\WINDOWS\system32\DRIVERS\mcdevice.sys [2008-07-03 323584] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NLNdisMP;NLNdisMP; C:\WINDOWS\system32\DRIVERS\nlndis.sys [] S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\WINDOWS\system32\DRIVERS\nlndis.sys [] S3 PsSdk40;PsSdk40; \??\C:\WINDOWS\system32\Drivers\pssdk40.sys [] S3 PsSdkLBF;PsSdkLBF; \??\C:\WINDOWS\system32\Drivers\pssdklbf.sys [] S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [] S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\Sandra.sys [] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-07-20 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-07-20 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-07-20 136808] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2011-07-20 104648] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2011-07-20 14920] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2011-07-20 132424] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-10-01 26624] S3 tmeter;TMeter Service; C:\WINDOWS\system32\DRIVERS\tmeter.sys [] S3 tmeterMP;tmeterMP; C:\WINDOWS\system32\DRIVERS\tmeter.sys [] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 USTOR;U-Storage Controller; C:\WINDOWS\system32\DRIVERS\UStork.sys [2004-08-17 20218] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys [] ======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112] R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-28 153376] R2 Kebrum;Kebrum; C:\Program Files\Kebrum VPN\KebrumDaemon.exe [2011-05-18 6144] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2006-05-12 439248] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-10-18 75136] S4 UTSCSI;CLCV0; C:\WINDOWS\system32\UTSCSI.EXE [2010-02-10 45056] -----------------EOF-----------------