Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by I_BLV_I_CAN_FLY at 2012-05-09 08:54:35
Microsoft Windows 7 Максимальная  Service Pack 1
Системный раздел C: размер 20 GB (47%) Свободно 42 GB
Total RAM: 4064 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:55:06, on 09.05.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AnVir Task Manager\anvir.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Winstep\Nexus.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\I_BLV_I_CAN_FLY.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?clid=46126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Html5 geolocation provider - {9BFBA68E-E21B-458E-AE12-FE85E903D2C0} - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5loc.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /isolated /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe (User 'система')
O4 - HKUS\.DEFAULT\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe (User 'Default user')
O9 - Extra button: Mail.Ru Agent - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files (x86)\Mail.Ru\Agent\magent.exe
O9 - Extra 'Tools' menuitem: Mail.Ru Agent - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files (x86)\Mail.Ru\Agent\magent.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://127.0.0.1
O20 - AppInit_DLLs:  
O23 - Service: Acronis Remote Agent Service (AcronisAgent) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files (x86)\Online Armor\oasrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\Windows\system32\UTSCSI.EXE
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9262 bytes

======Список процессов======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Winstep\WsxService"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
taskeng.exe {E701252B-234C-4C1A-A5D1-8EFACDA2B221}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {FF8E6300-253A-43B2-A692-EF551FC1F53B}
"C:\Program Files (x86)\AnVir Task Manager\anvir.exe" Minimized
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\OO Software\Defrag\oodtray.exe" 
"C:\Program Files (x86)\QIP 2012\qip.exe" /isolated /autorun
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" 
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 
OAreg.exe av /off
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\compmgmt.msc" /s
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Winstep\Nexus.exe" autostart
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" 
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.0.1131582312\2009785170" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.1.500648879\1464290752" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.2.663853487\393085318" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.3.893881379\1190536125" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.4.1839777416\2092814877" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.5.404501712\1286543695" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.6.1125143558\138214797" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.7.880478562\631921910" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.8.1064174400\1523918366" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.9.1954581830\486041481" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.10.233272681\184149300" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.11.363646682\216037511" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\Desktop\RSITx64.exe" 
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=CacheListSize/CacheListSize_13/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.12.1919940971\1847648695" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtest=CacheListSize/CacheListSize_13/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/SilentExperimentB/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/ --disable-client-side-phishing-detection --renderer-print-preview --channel="4604.13.1826689959\1680395376" /prefetch:3
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\plugin/screen_capture.dll" --lang=ru --channel="4604.14.1234133513\1970006337" /prefetch:4
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4604.17.817104478\851168971" --reduce-gpu-sandbox --disable-image-transport-surface /prefetch:12
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\wuauclt.exe"
taskhost.exe $(Arg0)

======Папка назначеных зданий======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AlterGeoUpdaterS-1-5-18.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344804666-1074881642-3493715490-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3344804666-1074881642-3493715490-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Mozilla\Firefox\Profiles\1u9fvhzu.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "http://battlelog.battlefield.com/bf3/"
prefs.js - "keyword.URL" -  "http://go.mail.ru/search?utf8in=1&fr=fftbUFix&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
quickstores@quickstores.de
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
mailru.xml
ozonru.xml
priceru.xml
wikipedia-ru.xml
yandex-slovari.xml
yandex.xml

C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Mozilla\Firefox\Profiles\1u9fvhzu.default\extensions\
fastdial@telega.phpnet.us

C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Mozilla\Firefox\Profiles\1u9fvhzu.default\searchplugins\
mailru---.xml
qip-search.xml

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-05-19 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-15 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2012-03-15 142288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C0}]
AlterGeoBHO Class - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5loc.dll [2012-04-06 286752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-15 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-12-12 7560296]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-11-17 3994960]
"@OnlineArmor GUI"=C:\Program Files (x86)\Online Armor\oaui.exe [2012-02-10 2645440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LG LinkAir"= []
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-03-23 7351760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-10-17 284440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 1 месяц======

2012-05-09 08:54:35 ----D---- C:\rsit
2012-05-09 08:54:35 ----D---- C:\Program Files\trend micro
2012-05-08 21:56:38 ----A---- C:\Windows\ntbtlog.txt
2012-05-08 13:59:44 ----D---- C:\Program Files\Realmware
2012-05-08 13:57:12 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-05-06 16:26:05 ----D---- C:\ProgramData\Apache
2012-05-04 19:06:32 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Obnovi Soft
2012-05-04 16:23:47 ----A---- C:\Windows\SYSWOW64\drivers\vdewnzk5.sys
2012-05-04 16:23:43 ----A---- C:\Windows\SYSWOW64\drivers\utewnzk5.sys
2012-05-04 15:17:14 ----D---- C:\ProgramData\cFos
2012-05-02 11:09:41 ----A---- C:\Windows\SYSWOW64\UTSCSI.EXE
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-05-01 20:53:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\url.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-05-01 20:53:09 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-05-01 20:53:09 ----A---- C:\Windows\system32\wininet.dll
2012-05-01 20:53:09 ----A---- C:\Windows\system32\urlmon.dll
2012-05-01 20:53:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-05-01 20:53:09 ----A---- C:\Windows\system32\msrating.dll
2012-05-01 20:53:09 ----A---- C:\Windows\system32\msls31.dll
2012-05-01 20:53:09 ----A---- C:\Windows\system32\jsproxy.dll
2012-05-01 20:53:09 ----A---- C:\Windows\system32\iertutil.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\wextract.exe
2012-05-01 20:53:08 ----A---- C:\Windows\system32\webcheck.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\vbscript.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\url.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-05-01 20:53:08 ----A---- C:\Windows\system32\pngfilt.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\occache.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\mshtmler.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\mshtmled.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\mshtml.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\mshta.exe
2012-05-01 20:53:08 ----A---- C:\Windows\system32\msfeedssync.exe
2012-05-01 20:53:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\msfeeds.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\licmgr10.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\jscript9.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\jscript.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\inseng.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\imgutil.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\iexpress.exe
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ieUnatt.exe
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ieui.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\iesysprep.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\iesetup.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\iernonce.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\iepeers.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ieframe.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\iedkcs32.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ieapfltr.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ieapfltr.dat
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ieakui.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ieaksie.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ieakeng.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\ie4uinit.exe
2012-05-01 20:53:08 ----A---- C:\Windows\system32\icardie.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\dxtrans.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\dxtmsft.dll
2012-05-01 20:53:08 ----A---- C:\Windows\system32\admparse.dll
2012-04-30 21:54:26 ----D---- C:\Program Files\Yandex
2012-04-29 20:11:23 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Opera
2012-04-29 20:10:55 ----D---- C:\Program Files (x86)\Opera
2012-04-28 21:52:22 ----A---- C:\Windows\system32\drivers\oanet.sys
2012-04-28 16:21:16 ----D---- C:\ProgramData\NortonInstaller
2012-04-28 16:16:01 ----D---- C:\ProgramData\Norton
2012-04-28 15:50:14 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\OnlineArmor
2012-04-28 15:50:14 ----D---- C:\ProgramData\OnlineArmor
2012-04-28 15:49:45 ----A---- C:\Windows\SYSWOW64\drivers\OAmon.sys
2012-04-28 15:49:45 ----A---- C:\Windows\SYSWOW64\drivers\oahlp64.sys
2012-04-28 15:49:45 ----A---- C:\Windows\SYSWOW64\drivers\OADriver.sys
2012-04-28 15:49:43 ----D---- C:\Program Files (x86)\Online Armor
2012-04-28 15:15:23 ----D---- C:\Program Files (x86)\PC Tools
2012-04-28 15:02:59 ----A---- C:\Windows\system32\drivers\Cat.DB
2012-04-28 15:02:58 ----A---- C:\Windows\system32\drivers\PCTSD64.sys
2012-04-28 15:02:24 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\TestApp
2012-04-28 15:02:24 ----D---- C:\ProgramData\PC Tools
2012-04-28 15:02:24 ----AD---- C:\ProgramData\TEMP
2012-04-28 11:35:07 ----A---- C:\Windows\system32\hccoin.dll
2012-04-28 09:57:03 ----HD---- C:\Gladinet
2012-04-28 08:41:06 ----D---- C:\ProgramData\ATI
2012-04-28 08:41:02 ----D---- C:\Program Files (x86)\AMD AVT
2012-04-28 08:40:54 ----D---- C:\Program Files (x86)\AMD APP
2012-04-28 08:40:11 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Uninstaller Tool(Comodo Forums)
2012-04-27 23:47:24 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Dropbox
2012-04-26 16:00:27 ----D---- C:\Program Files (x86)\VID_0C12&PID_0005
2012-04-26 15:48:38 ----A---- C:\Windows\system32\drivers\sfi.dat
2012-04-26 15:47:36 ----D---- C:\Program Files (x86)\Comodo
2012-04-26 15:47:35 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2012-04-26 15:47:35 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2012-04-26 14:15:16 ----HD---- C:\kleaner.tmp
2012-04-26 14:14:31 ----A---- C:\ProgramData\ntuser.dat
2012-04-26 11:58:01 ----D---- C:\Windows\system32\2C0A
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0C0A
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0C04
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0816
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0804
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0424
2012-04-26 11:58:01 ----D---- C:\Windows\system32\041F
2012-04-26 11:58:01 ----D---- C:\Windows\system32\041E
2012-04-26 11:58:01 ----D---- C:\Windows\system32\041D
2012-04-26 11:58:01 ----D---- C:\Windows\system32\041B
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0419
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0416
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0415
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0414
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0413
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0412
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0411
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0410
2012-04-26 11:58:01 ----D---- C:\Windows\system32\040E
2012-04-26 11:58:01 ----D---- C:\Windows\system32\040D
2012-04-26 11:58:01 ----D---- C:\Windows\system32\040C
2012-04-26 11:58:01 ----D---- C:\Windows\system32\040B
2012-04-26 11:58:01 ----D---- C:\Windows\system32\040A
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0408
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0407
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0406
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0405
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0404
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0401
2012-04-26 11:57:58 ----D---- C:\Program Files (x86)\Renesas Electronics
2012-04-16 21:25:55 ----D---- C:\Program Files (x86)\Winstep
2012-04-16 21:25:55 ----A---- C:\Windows\SYSWOW64\msvbvm50.dll
2012-04-16 14:44:21 ----D---- C:\Program Files (x86)\Stardock
2012-04-14 17:51:14 ----D---- C:\ProgramData\Ubisoft
2012-04-14 16:10:51 ----D---- C:\ProgramData\Ticno
2012-04-14 16:10:49 ----D---- C:\Program Files (x86)\Ticno
2012-04-14 16:10:43 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\TicnoTemp
2012-04-14 08:49:07 ----N---- C:\Windows\SYSWOW64\wbload.dll
2012-04-14 08:40:11 ----A---- C:\Windows\system32\wbload.dll
2012-04-14 08:40:10 ----N---- C:\Windows\SYSWOW64\wbsys.dll

======Список файлов и папок, измененных за последние 1 месяц======

2012-05-09 08:54:35 ----RD---- C:\Program Files
2012-05-09 08:53:42 ----D---- C:\Windows\Temp
2012-05-09 08:51:17 ----RD---- C:\Program Files (x86)
2012-05-09 08:51:16 ----SHD---- C:\System Volume Information
2012-05-09 08:47:41 ----D---- C:\Windows\system32\drivers
2012-05-09 08:47:35 ----D---- C:\Windows\system32\Tasks
2012-05-09 08:47:35 ----D---- C:\Program Files\Common Files
2012-05-09 08:43:04 ----D---- C:\Windows\Prefetch
2012-05-09 00:05:29 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\AIMP3
2012-05-08 22:31:14 ----D---- C:\Windows
2012-05-08 22:20:27 ----D---- C:\Windows\system32\catroot2
2012-05-08 19:40:39 ----D---- C:\Windows\SysWOW64
2012-05-08 19:40:35 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-05-08 14:01:21 ----SHD---- C:\Windows\Installer
2012-05-08 14:00:13 ----D---- C:\Windows\Tasks
2012-05-08 13:59:11 ----RSD---- C:\Windows\assembly
2012-05-08 13:59:11 ----RD---- C:\Windows\inf
2012-05-08 13:59:11 ----D---- C:\Windows\System32
2012-05-08 13:59:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-08 13:57:49 ----D---- C:\Windows\Microsoft.NET
2012-05-08 13:57:13 ----D---- C:\Windows\SYSWOW64\en-US
2012-05-08 13:57:13 ----D---- C:\Windows\system32\en-US
2012-05-08 13:07:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-05-08 10:27:58 ----RD---- C:\Users
2012-05-08 10:27:37 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\uTorrent
2012-05-08 09:53:35 ----D---- C:\Windows\system32\config
2012-05-08 09:27:39 ----D---- C:\Windows\system32\DriverStore
2012-05-07 11:08:27 ----D---- C:\Windows\Panther
2012-05-07 11:08:27 ----D---- C:\Windows\Logs
2012-05-07 11:08:27 ----D---- C:\Windows\debug
2012-05-07 11:00:19 ----D---- C:\Windows\winsxs
2012-05-07 10:54:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-05-07 10:50:42 ----HD---- C:\ProgramData
2012-05-07 10:49:00 ----D---- C:\Program Files (x86)\Western Digital Corporation
2012-05-07 09:44:20 ----D---- C:\Program Files (x86)\The KMPlayer
2012-05-06 19:34:53 ----D---- C:\Windows\rescache
2012-05-06 16:20:29 ----D---- C:\Windows\SYSWOW64\directx
2012-05-05 07:03:11 ----D---- C:\Program Files (x86)\AnVir Task Manager
2012-05-04 19:06:52 ----D---- C:\Program Files (x86)\Reg Organizer
2012-05-04 19:06:15 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Yandex
2012-05-04 16:23:47 ----D---- C:\Windows\SYSWOW64\drivers
2012-05-04 15:17:54 ----D---- C:\Windows\system32\catroot
2012-05-02 11:01:01 ----D---- C:\Program Files (x86)\Marvell
2012-05-01 23:43:42 ----D---- C:\Windows\SYSWOW64\ru-RU
2012-05-01 23:43:42 ----D---- C:\Program Files\Internet Explorer
2012-05-01 23:43:42 ----D---- C:\Program Files (x86)\Internet Explorer
2012-05-01 23:43:41 ----D---- C:\Windows\system32\ru-RU
2012-05-01 23:43:40 ----D---- C:\Windows\SYSWOW64\migration
2012-05-01 23:43:37 ----D---- C:\Windows\PolicyDefinitions
2012-05-01 23:43:36 ----D---- C:\Windows\system32\migration
2012-05-01 12:20:56 ----D---- C:\Program Files (x86)\Mail.Ru
2012-04-30 21:54:26 ----D---- C:\Program Files (x86)\Yandex
2012-04-28 20:12:17 ----D---- C:\Windows\system32\wdi
2012-04-28 16:38:47 ----D---- C:\Program Files (x86)\Common Files
2012-04-28 14:29:38 ----SHD---- C:\$Recycle.Bin
2012-04-28 14:05:51 ----HD---- C:\Windows\system32\GroupPolicy
2012-04-28 14:00:20 ----D---- C:\Program Files (x86)\LG Electronics
2012-04-28 14:00:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-04-28 11:54:50 ----SD---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Microsoft
2012-04-28 11:02:27 ----D---- C:\Users\I_BLV_I_CAN_FLY\AppData\Roaming\Acronis
2012-04-28 08:41:03 ----D---- C:\ProgramData\AMD
2012-04-28 08:40:44 ----D---- C:\Program Files\ATI Technologies
2012-04-26 11:58:01 ----D---- C:\Windows\system32\0409
2012-04-22 11:54:42 ----D---- C:\Program Files (x86)\Origin
2012-04-22 11:52:16 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-04-18 15:42:09 ----D---- C:\Windows\system32\wbem
2012-04-16 21:26:35 ----RSD---- C:\Windows\Fonts
2012-04-14 09:26:07 ----A---- C:\Windows\win.ini
2012-04-14 00:07:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-04-10 08:38:29 ----D---- C:\Program Files (x86)\The Geek

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-10-17 559384]
R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [2010-03-17 302632]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-03-03 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-02-06 530488]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2012-03-03 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-03-03 970336]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\Drivers\ISODrv64.sys [2010-01-29 115600]
R1 OADevice;OADriver; \??\C:\Windows\SysWow64\Drivers\OADriver.sys [2012-02-10 59176]
R1 OAmon;OAmon; \??\C:\Windows\SysWOW64\Drivers\OAmon.sys [2012-02-10 38064]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-02-15 10856960]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-02-15 327680]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
S0 TFSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys []
S1 oahlpXX;Online Armor helper driver; \??\C:\Windows\syswow64\drivers\oahlp64.sys [2012-02-10 59176]
S1 vdewnzk5;AVZ-BC Kernel Driver; \??\C:\Windows\system32\Drivers\vdewnzk5.sys []
S1 vdqyndqx;AVZ-BC Kernel Driver; \??\C:\Windows\system32\Drivers\vdqyndqx.sys []
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-03-03 279136]
S3 afkvnom4;afkvnom4; C:\Windows\system32\drivers\afkvnom4.sys []
S3 ALSysIO;ALSysIO; C:\Windows\system32\drivers\ALSysIO.sys []
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\lgandadb.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys [2007-09-25 18128]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7681v1I0\NTIOLib_X64.sys [2011-01-06 11888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PortTalk;PortTalk; C:\Windows\System32\Drivers\PortTalk.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TfNetMon;TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 utewnzk5;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utewnzk5.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2011-12-25 200576]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Users\I_BLV_I_CAN_FLY\AppData\Local\Temp\tmpD29.tmp []

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 AcronisAgent;Acronis Remote Agent Service; C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe [2010-10-22 1906576]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 1079520]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-02-14 76888]
R2 Winstep Xtreme Service;Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService []
S2 SvcOnlineArmor;Online Armor; C:\Program Files (x86)\Online Armor\oasrv.exe [2012-02-10 4369208]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UTSCSI;CLCV0; C:\Windows\syswow64\UTSCSI.EXE [2012-05-02 45056]
S4 afcdpsrv;Служба Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-03-03 3975088]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-02-15 235520]
S4 DMS;Acronis Disk Management Service; C:\Program Files (x86)\Acronis\DiskDirectorAdvanced\mms.exe [2010-10-22 4632864]
S4 OAcat;Online Armor Helper Service; C:\Program Files (x86)\Online Armor\OAcat.exe [2012-02-10 208472]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-24 370688]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]

-----------------EOF-----------------