Лог утилиты random's system information tool 1.09 (автор: random/random) Run by Chief at 2013-03-11 10:20:49 Microsoft Windows 7 Профессиональная Service Pack 1 Системный раздел C: размер 62 GB (62%) Свободно 100 GB Total RAM: 3037 MB (61% free) HijackThis download failed ======Список процессов====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\LiteManagerFree - Server\ROMServer.exe" "C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\LiteManagerFree - Server\ROMFUSClient.exe" "taskhost.exe" "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5a6ada0c-3eeb-42c5-b7fd-52998b17ec2c -SystemEventPortName:HostProcess-99c041be-a301-44ec-a7b6-2e758b19101d -IoCancelEventPortName:HostProcess-1f2054e1-73d8-4933-8ae3-27a12c83517d -NonStateChangingEventPortName:HostProcess-a15404da-a258-4ff7-a828-c4e1b7a890ef -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:197917ab-f8a6-455f-8958-979e0b274f12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\LiteManagerFree - Server\ROMFUSClient.exe" /tray "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Windows\System32\ctfmon.exe" "C:\Program Files (x86)\Mail.Ru\Agent\magent.exe" -LM "C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe" C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\system32\mmc.exe" C:\Windows\system32\eventvwr.msc "C:\Windows\System32\cmd.exe" \??\C:\Windows\system32\conhost.exe "-2139725462678570128-997822228-1088243710-823153213707786162-1498227871-1556031874 sfc /scannow C:\Windows\servicing\TrustedInstaller.exe "J:\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Папка назначеных зданий====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\Chief\AppData\Roaming\Mozilla\Firefox\Profiles\2rnggvdv.default prefs.js - "browser.startup.homepage" - "http://www.mail.ru/" prefs.js - "keyword.URL" - "http://go.mail.ru/search?fr=fftb&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.149 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] "Description"= "Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.149 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0-git-20120422-0403] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ linkfilter@kaspersky.ru {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\searchplugins\ google.xml mailru.xml ozonru.xml priceru.xml wikipedia-ru.xml yandex-slovari.xml yandex.xml C:\Users\Chief\AppData\Roaming\Mozilla\Firefox\Profiles\2rnggvdv.default\extensions\ yasearch@yandex.ru {37964A3C-4EE8-47b1-8321-34DE2C39BA4D} C:\Users\Chief\AppData\Roaming\Mozilla\Firefox\Profiles\2rnggvdv.default\searchplugins\ mailru.xml webalta-search.xml yandex.ru-103408.xml ybqs-yandex.xml ======Снимок реестра====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-07 49440] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C1}] AlterGeoBHO Class - C:\Program Files (x86)\AlterGeo\AlterGeo Magic Scanner\2.8.8.615\AlterGeo.BrowserPlugin.dll [2010-08-31 257384] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {09900DE8-1DCA-443F-9243-26FF581438AF} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-18 8067616] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON"=C:\Windows\system32\ctfmon.exe [2009-07-14 9728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10] C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [2010-01-20 941320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui] C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe /gui [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyChat Client] C:\Program Files (x86)\MyChat Client\mcclient.exe [2012-07-24 13634560] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "MAgent"=C:\Program Files (x86)\Mail.Ru\Agent\MAgent.exe [2012-08-07 12263616] "SCX4623_Scan2Pc"=C:\Windows\Twain_32\Samsung\SCX4623\Scan2pc.exe [2011-06-24 1990144] "4623 Scan2PC"=C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe [2011-06-24 1990144] C:\Users\Chief\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ctfmon - Ярлык.lnk - C:\Windows\System32\ctfmon.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-02-11 272896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableCAD"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======Ассоциации файлов====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======Список файлов и папок, созданных за последние 3 месяца====== 2013-03-11 10:20:49 ----D---- C:\rsit 2013-03-11 10:20:49 ----D---- C:\Program Files\trend micro 2013-03-01 11:38:48 ----D---- C:\Program Files (x86)\Abyssmedia 2013-03-01 11:32:47 ----D---- C:\Program Files (x86)\NirSoft 2013-02-20 09:47:55 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-02-13 09:45:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe 2013-02-05 14:10:09 ----A---- C:\MyChat.lnk 2013-01-17 09:10:30 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services 2013-01-17 09:10:03 ----D---- C:\Windows\PCHEALTH 2013-01-17 09:10:03 ----D---- C:\Program Files (x86)\Microsoft Sync Framework 2013-01-17 09:10:03 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2013-01-17 09:08:11 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8 2013-01-17 09:07:47 ----D---- C:\Program Files\Microsoft Office 2013-01-17 09:07:35 ----D---- C:\Program Files (x86)\Microsoft Analysis Services 2013-01-17 09:06:56 ----D---- C:\Program Files (x86)\Microsoft Office 2013-01-17 09:06:45 ----RHD---- C:\MSOCache 2013-01-17 08:52:33 ----SHD---- C:\Config.Msi 2013-01-16 10:52:29 ----D---- C:\Program Files (x86)\MyChat Client ======Список файлов и папок, измененных за последние 3 месяца====== 2013-03-11 10:20:51 ----D---- C:\Windows\Temp 2013-03-11 10:20:51 ----D---- C:\Windows\Prefetch 2013-03-11 10:20:49 ----RD---- C:\Program Files 2013-03-11 10:20:36 ----D---- C:\Windows\system32\config 2013-03-11 10:07:41 ----D---- C:\Windows\System32 2013-03-11 10:07:41 ----D---- C:\Windows\inf 2013-03-11 10:07:41 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-03-11 09:57:13 ----SHD---- C:\Windows\Installer 2013-03-11 09:57:13 ----RD---- C:\Program Files (x86) 2013-03-11 09:57:05 ----D---- C:\Windows\system32\drivers 2013-03-11 09:55:31 ----SD---- C:\Users\Chief\AppData\Roaming\Microsoft 2013-03-11 09:55:31 ----D---- C:\Windows\system32\appmgmt 2013-03-11 09:55:30 ----D---- C:\Program Files (x86)\10-Strike Bandwidth Monitor Agent 2013-03-11 09:55:17 ----SHD---- C:\System Volume Information 2013-03-11 09:49:00 ----D---- C:\Windows\system32\wfp 2013-03-11 09:48:59 ----D---- C:\Windows\system32\wbem 2013-03-11 09:48:59 ----D---- C:\Windows 2013-03-11 09:48:17 ----D---- C:\Windows\Tasks 2013-03-11 09:48:17 ----D---- C:\Windows\system32\DriverStore 2013-03-11 09:48:17 ----D---- C:\Windows\system32\catroot2 2013-03-11 09:48:16 ----D---- C:\Windows\SYSWOW64\Atheros_L1e 2013-03-11 09:48:16 ----D---- C:\Windows\SysWOW64 2013-03-11 09:48:16 ----D---- C:\Windows\system32\Tasks 2013-03-11 09:48:16 ----D---- C:\Windows\system32\NDF 2013-03-11 09:48:16 ----D---- C:\Windows\system32\Macromed 2013-03-11 09:48:16 ----D---- C:\Windows\system32\drivers\UMDF 2013-03-11 09:48:16 ----D---- C:\Windows\security 2013-03-11 09:48:16 ----D---- C:\Windows\AppCompat 2013-03-11 09:48:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-03-11 09:48:16 ----D---- C:\Program Files (x86)\LiteManagerFree - Server 2013-03-11 09:48:09 ----D---- C:\Windows\registration 2013-03-11 09:48:07 ----D---- C:\Windows\winsxs 2013-03-11 09:48:02 ----D---- C:\Windows\system32\catroot 2013-03-11 09:48:00 ----RSD---- C:\Windows\assembly 2013-03-11 09:33:57 ----D---- C:\Windows\debug 2013-03-11 09:31:38 ----D---- C:\ProgramData\Adobe 2013-03-11 09:10:21 ----D---- C:\Windows\system32\LogFiles 2013-02-13 09:45:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-02-13 09:22:22 ----HD---- C:\ProgramData 2013-02-06 18:16:08 ----D---- C:\Windows\system32\drivers\etc 2013-01-30 14:53:22 ----A---- C:\Windows\system32\MpSigStub.exe 2013-01-30 13:25:34 ----D---- C:\Program Files (x86)\Mozilla Thunderbird 2013-01-25 01:53:02 ----D---- C:\Users\Chief\AppData\Roaming\Mra 2013-01-23 12:15:06 ----D---- C:\Program Files (x86)\Common Files 2013-01-17 09:49:55 ----D---- C:\Windows\Microsoft.NET 2013-01-17 09:13:57 ----D---- C:\ProgramData\Microsoft Help 2013-01-17 09:11:29 ----RSD---- C:\Windows\Fonts 2013-01-17 09:11:18 ----D---- C:\Windows\ShellNew 2013-01-17 09:11:07 ----D---- C:\Program Files (x86)\MSBuild 2013-01-17 09:10:03 ----SD---- C:\ProgramData\Microsoft 2013-01-17 09:10:03 ----D---- C:\Program Files (x86)\Microsoft.NET 2013-01-17 09:08:40 ----D---- C:\Program Files\Common Files\Microsoft Shared 2013-01-17 09:07:52 ----A---- C:\Windows\win.ini 2012-12-14 08:14:14 ----D---- C:\ProgramData\IObit ======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)====== R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560] R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-09-30 35344] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-02-06 11576] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-18 1983264] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x64.sys [2011-04-19 76912] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416] R3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888] S3 RTL8023x64;Драйвер Realtek 10/100 NIC Family NDIS x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-11 51712] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)====== R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256] R2 ROMService;LiteManagerTeam LiteManager; C:\Program Files (x86)\LiteManagerFree - Server\ROMServer.exe [2012-06-25 3488256] R2 Samsung Network Fax Server;Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [2011-07-12 229888] R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-13 251248] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-20 115608] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-07 1255736] S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] -----------------EOF-----------------