Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Admin at 2013-07-08 18:33:05
Microsoft Windows XP Professional Service Pack 3
Системный раздел C: размер 3 GB (6%) Свободно 55 GB
Total RAM: 2009 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:33:38, on 08.07.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\Documents and Settings\All Users\Application Data\VKSaver\VKSaver.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Ticno\ShExtMng\shextmngservice.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Ticno\ShExtMng\ShExtMng.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Atheros WLAN Client\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Documents and Settings\All Users\Application Data\VKSaver\VKSaver.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Opera\Opera.exe
D:\RSIT.exe
C:\Program Files\trend micro\Admin.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Xpom\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Xpom\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Xpom\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Xpom\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Xpom\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Xpom\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Xpom\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=ru_UA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://webalta.ru/poisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://webalta.ru/poisk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&barid={73483F5D-FE54-11E0-8DC4-001377E65A83}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://webalta.ru/poisk
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Спутник@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: TBSB03374 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\WebMoney Advisor\tbcore3.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll (file missing)
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll (file missing)
O3 - Toolbar: WebMoney Advisor - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney Advisor\tbcore3.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Спутник@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros WLAN Client\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VKSaver] C:\Documents and Settings\All Users\Application Data\VKSaver\VKSaver.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverScanner] "C:\PROGRA~1\Uniblue\DRIVER~1\launcher.exe" delay 20000 
O4 - HKCU\..\Run: [MailRuUpdater] C:\Documents and Settings\Admin\Local Settings\Application Data\Mail.Ru\MailRuUpdater.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google ВикиКомментарии... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: WebMoney Advisor - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney Advisor\tbcore3.dll
O9 - Extra 'Tools' menuitem: WebMoney Advisor - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney Advisor\tbcore3.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O20 - AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla\pzkmcka.dll
O22 - SharedTaskScheduler: Предзагрузчик Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Демон кэша категорий компонентов - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Планировщик (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Корпорация Майкрософт - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) - Корпорация Майкрософт - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TicnoSearch - Unknown owner - C:\Program Files\Ticno\Multibar\SearchService.exe
O23 - Service: TicnoShExtMng - Ticno - C:\Program Files\Ticno\ShExtMng\shextmngservice.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 13387 bytes

======Папка назначеных зданий======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\uayqtdd.job
C:\WINDOWS\tasks\VKSaverUpdate.job
C:\WINDOWS\tasks\Резервная копия реестра.job

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}]
vShare Toolbar - C:\Program Files\vShare\vshare_toolbar.dll [2011-04-30 482360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll [2013-06-23 1831456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
MediaBar - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Avira SearchFree Toolbar plus Web Protection - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-04-30 1521800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
WebMoney Advisor - BHO Helper - C:\Program Files\WebMoney Advisor\tbcore3.dll [2010-02-24 2559608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files\Yontoo\YontooIEClient.dll [2013-01-11 197920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll []
{043C5167-00BB-4324-AF7E-62013FAEDACF} - vShare Toolbar - C:\Program Files\vShare\vshare_toolbar.dll [2011-04-30 482360]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - MediaBar - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll []
{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - WebMoney Advisor - C:\Program Files\WebMoney Advisor\tbcore3.dll [2010-02-24 2559608]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]
{09900DE8-1DCA-443F-9243-26FF581438AF} - Спутник@Mail.Ru - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll [2013-06-23 1831456]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Avira SearchFree Toolbar plus Web Protection - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-04-30 1521800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-08-18 794714]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]
"ACU"=C:\Program Files\Atheros WLAN Client\ACU.exe [2008-07-07 450649]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-01-21 20026472]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-09-21 129536]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-09-21 163328]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-09-21 138752]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []
"VKSaver"=C:\Documents and Settings\All Users\Application Data\VKSaver\VKSaver.exe [2013-07-07 131072]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2013-04-30 1648264]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-07-01 345144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]
"DriverScanner"=C:\PROGRA~1\Uniblue\DRIVER~1\launcher.exe [2011-10-20 338296]
"MailRuUpdater"=C:\Documents and Settings\Admin\Local Settings\Application Data\Mail.Ru\MailRuUpdater.exe [2013-06-23 1608736]
"Google Update"=C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-20 136176]
"Steam"=C:\Program Files\Steam\Steam.exe [2013-06-07 1641896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alamandi tray notifier]
C:\Program Files\Alawar.ru\Alamandi\TaskBarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint2K\Apoint.exe [2010-06-09 251248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Core Temp]
C:\Documents and Settings\Admin\Мои документы\Downloads\Core Temp.exe [2012-01-25 758224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2012-11-13 450560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2012-11-30 1263512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
C:\WINDOWS\Domino.exe [2006-08-18 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvUpdater]
C:\Documents and Settings\Admin\Application Data\DRPSu\DrvUpdater.exe [2011-11-13 192856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files\Electronic Arts\EADM\EADMUI\EADMUI.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameCenterMailRu]
C:\Documents and Settings\Admin\Local Settings\Application Data\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe [2011-07-11 3140840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-20 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe [2013-06-23 2312224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2010-09-21 163328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2010-09-21 129536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IminentMessenger]
C:\Program Files\Iminent\Iminent.Messengers.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailRuUpdater]
C:\Documents and Settings\Admin\Local Settings\Application Data\Mail.Ru\MailRuUpdater.exe [2013-06-23 1608736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
C:\Documents and Settings\Admin\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\multibar.exe]
C:\Program Files\Ticno\Multibar\multibar.exe [2011-06-29 514048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Praetorian]
C:\Documents and Settings\Admin\Local Settings\Application Data\Yandex\Updater\praetorian.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skymonk2]
C:\Documents and Settings\Admin\Local Settings\Application Data\Skymonk2\skymonk2.exe -tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC]
C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe [2011-01-21 67960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ticno iO]
C:\Program Files\Ticno\Ticno Io\iO.exe [2013-04-06 1166336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Torrent2Exe]
C:\WINDOWS\TEMP\Torrent2Exe\T2E.exe --autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe  /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VKSaver]
C:\Documents and Settings\All Users\Application Data\VKSaver\VKSaver.exe [2013-07-07 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-12-18 39424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wmagent.exe]
C:\Program Files\WebMoney Agent\wmagent.exe [2009-10-19 210400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
C:\WINDOWS\ZSSnp211.exe [2007-04-06 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^SkyMonk.lnk]
C:\PROGRA~1\SkyMonk\SkyMonk.exe -tray []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla\pzkmcka.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-09-21 214016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallTheme"=%WinDir%\Resources\Themes\OpusOS.Theme
"InstallVisualStyle"=%WinDir%\Resources\Themes\OpusOS\OpusOS.msstyles

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\FlashGet Network\FlashGet universal\FlashGet.exe"="D:\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"D:\Warcraft III\Warcraft III.exe"="D:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Football Manager 2010\fm.exe"="D:\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010 10.0.0f80381"
"D:\PES 2010 - Ukrainian Premier League\pes2010.exe"="D:\PES 2010 - Ukrainian Premier League\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\5667018.exe"="C:\5667018.exe:*:Enabled:ldrsoft"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\FlashGet Network\FlashGet universal\LiveUpdate.exe"="D:\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Disabled:FGLiveUpdate"
"D:\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="D:\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Disabled:FGLiveUpdateEx"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe"="D:\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"D:\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe"="D:\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe:*:Enabled:Assassin's Creed Brotherhood Update"
"D:\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe"="D:\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe:*:Enabled:Assassin's Creed Brotherhood Uplay"
"D:\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe"="D:\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe:*:Enabled:Assassin's Creed Brotherhood"
"C:\Documents and Settings\Admin\Local Settings\Application Data\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe"="C:\Documents and Settings\Admin\Local Settings\Application Data\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe:*:Enabled:Игровой центр@Mail.Ru"
"C:\WINDOWS\Temp\Torrent2Exe\T2E.exe"="C:\WINDOWS\Temp\Torrent2Exe\T2E.exe:*:Enabled:Torrent2Exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Admin\Application Data\BitTorrent\BitTorrent.exe"="C:\Documents and Settings\Admin\Application Data\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Mail.Ru\Sputnik\SputnikFlashPlayer.exe"="C:\Program Files\Mail.Ru\Sputnik\SputnikFlashPlayer.exe:*:Enabled:C:\Program Files\Mail.Ru\Sputnik\SputnikFlashPlayer.exe"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"VIDC.IV50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.yv12"=DivX.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"vidc.DIVX"=DivX.dll

======Ассоциации файлов======

.cmd - open - 

======Список файлов и папок, созданных за последние 3 месяца======

2013-07-08 18:33:05 ----D---- C:\rsit
2013-07-08 18:33:05 ----D---- C:\Program Files\trend micro
2013-07-07 21:46:37 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla
2013-07-07 18:58:12 ----D---- C:\Program Files\dumps
2013-07-07 18:57:46 ----D---- C:\Program Files\Common Files\Steam
2013-07-07 18:57:44 ----D---- C:\Program Files\Steam
2013-06-30 19:46:04 ----D---- C:\Documents and Settings\Admin\Application Data\CallingID
2013-06-30 19:45:53 ----D---- C:\Documents and Settings\Admin\Application Data\AskToolbar
2013-06-26 23:24:54 ----D---- C:\Documents and Settings\All Users\Application Data\firebird
2013-06-26 23:24:42 ----A---- C:\WINDOWS\system32\OdbcFb.dll
2013-06-26 23:24:38 ----D---- C:\ЦИТ
2013-06-26 23:12:23 ----D---- C:\Program Files\Stat
2013-06-25 18:15:07 ----D---- C:\WINDOWS\system32\NtmsData
2013-06-25 17:42:19 ----D---- C:\Documents and Settings\Admin\Application Data\Avira
2013-06-25 17:36:24 ----D---- C:\Program Files\Ask.com
2013-06-25 17:35:48 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2013-06-25 17:35:48 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2013-06-25 17:35:48 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2013-06-25 17:35:48 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2013-06-25 17:35:47 ----D---- C:\Program Files\Avira
2013-06-25 17:35:47 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2013-06-23 14:03:26 ----D---- C:\Documents and Settings\Admin\Application Data\BitTorrent
2013-06-19 00:19:19 ----A---- C:\Текстовый документ.txt
2013-06-12 19:39:52 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-06-12 03:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2839229$
2013-05-23 19:37:49 ----A---- C:\WINDOWS\arm_eco.ini
2013-05-23 19:34:28 ----D---- C:\ECO
2013-05-23 19:32:07 ----D---- C:\IDAPI
2013-05-16 03:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-05-16 03:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2829361$
2013-05-13 18:53:09 ----A---- C:\WINDOWS\kaio.INI
2013-04-11 19:39:59 ----D---- C:\Documents and Settings\Admin\Application Data\Sky Bros
2013-04-11 19:38:41 ----D---- C:\Documents and Settings\Admin\Application Data\Nevosoft.Games
2013-04-10 19:51:34 ----D---- C:\Documents and Settings\All Users\Application Data\OrganicCoffee
2013-04-10 19:34:26 ----D---- C:\Documents and Settings\Admin\Application Data\NevoDRM
2013-04-10 17:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2808735$
2013-04-10 17:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-04-10 17:33:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-04-10 17:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2813170$

======Список файлов и папок, измененных за последние 3 месяца======

2013-07-08 18:33:38 ----D---- C:\WINDOWS\Temp
2013-07-08 18:33:22 ----D---- C:\WINDOWS\Prefetch
2013-07-08 18:33:05 ----RD---- C:\Program Files
2013-07-08 18:31:41 ----D---- C:\WINDOWS\system32\drivers
2013-07-08 18:23:00 ----SHD---- C:\System Volume Information
2013-07-08 18:23:00 ----D---- C:\WINDOWS\system32\Restore
2013-07-08 10:11:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-07-08 06:58:42 ----D---- C:\WINDOWS\system32\CatRoot2
2013-07-08 06:56:31 ----D---- C:\Documents and Settings\All Users\Application Data\boost_interprocess
2013-07-08 06:56:02 ----SH---- C:\WINDOWS\desktop.ini
2013-07-08 06:56:02 ----SH---- C:\Program Files\Desktop.ini
2013-07-08 06:47:54 ----D---- C:\Documents and Settings\Admin\Application Data\samson
2013-07-08 06:47:09 ----RD---- C:\Documents and Settings
2013-07-08 06:38:21 ----D---- C:\WINDOWS\ERDNT
2013-07-07 23:40:16 ----D---- C:\WINDOWS\Registration
2013-07-07 23:35:01 ----SD---- C:\WINDOWS\Tasks
2013-07-07 23:27:30 ----RD---- C:\WINDOWS
2013-07-07 23:27:30 ----D---- C:\WINDOWS\WBEM
2013-07-07 22:40:39 ----D---- C:\Documents and Settings\Admin\Application Data\Yandex
2013-07-07 22:09:49 ----D---- C:\WINDOWS\system32\drivers\etc
2013-07-07 19:29:49 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2013-07-07 19:26:31 ----D---- C:\Documents and Settings\Admin\Application Data\WebMoney
2013-07-07 18:57:49 ----SHD---- C:\WINDOWS\Installer
2013-07-07 18:57:49 ----SHD---- C:\Config.Msi
2013-07-07 18:57:46 ----D---- C:\Program Files\Common Files
2013-07-07 16:45:21 ----D---- C:\Documents and Settings\Admin\Application Data\Sports Interactive
2013-07-07 16:44:49 ----D---- C:\WINDOWS\system32\DirectX
2013-07-07 16:44:30 ----HD---- C:\WINDOWS\inf
2013-07-07 12:12:23 ----D---- C:\Documents and Settings\All Users\Application Data\VKSaver
2013-06-26 23:28:29 ----A---- C:\WINDOWS\ODBCINST.INI
2013-06-26 23:28:28 ----D---- C:\WINDOWS\system32
2013-06-25 18:15:07 ----D---- C:\WINDOWS\repair
2013-06-23 14:00:35 ----D---- C:\Documents and Settings\Admin\Application Data\Media Get LLC
2013-06-19 21:24:11 ----D---- C:\WINDOWS\Help
2013-06-16 16:38:48 ----SH---- C:\boot.ini
2013-06-16 16:38:48 ----N---- C:\WINDOWS\win.ini
2013-06-16 16:38:48 ----N---- C:\WINDOWS\system.ini
2013-06-12 19:39:55 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-06-12 03:03:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-06-12 03:00:51 ----A---- C:\WINDOWS\system32\MRT.exe
2013-06-12 03:00:46 ----A---- C:\WINDOWS\imsins.BAK
2013-06-12 03:00:42 ----D---- C:\Program Files\Internet Explorer
2013-06-12 03:00:32 ----D---- C:\WINDOWS\ie8updates
2013-05-29 19:50:18 ----D---- C:\Documents and Settings\Admin\Application Data\Adobe
2013-05-23 19:37:46 ----D---- C:\WINDOWS\system
2013-05-18 01:07:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-05-17 18:16:12 ----D---- C:\WINDOWS\system32\ias
2013-05-16 19:17:08 ----D---- C:\WINDOWS\Network Diagnostic
2013-05-16 03:16:47 ----RSD---- C:\WINDOWS\assembly
2013-05-16 03:14:04 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-16 03:10:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-16 03:10:06 ----D---- C:\WINDOWS\WinSxS
2013-05-16 03:03:11 ----HD---- C:\WINDOWS\$hf_mig$
2013-05-08 03:23:56 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2013-05-08 01:27:20 ----N---- C:\WINDOWS\system32\occache.dll
2013-05-08 01:27:20 ----N---- C:\WINDOWS\system32\mstime.dll
2013-05-08 01:27:20 ----N---- C:\WINDOWS\system32\jsproxy.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\wininet.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\urlmon.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\url.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\mshtmled.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\msfeeds.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\licmgr10.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\iertutil.dll
2013-05-08 01:27:20 ----A---- C:\WINDOWS\system32\iepeers.dll
2013-05-08 01:27:19 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2013-05-08 01:27:19 ----A---- C:\WINDOWS\system32\ieframe.dll
2013-05-03 08:39:10 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2013-05-03 08:39:10 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2013-04-13 00:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2013-04-12 15:59:26 ----D---- C:\Program Files\Mail.Ru

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-03-09 65504]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x); C:\WINDOWS\System32\drivers\sfsync03.sys [2005-12-06 35328]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-11-18 428088]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-02-27 135136]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-03-06 37352]
R1 intelppm;Драйвер Intel процессора; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-03-09 77184]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R2 atksgt;atksgt; C:\WINDOWS\system32\drivers\atksgt.sys [2010-10-26 279712]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-02-27 84744]
R2 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-04-15 133632]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\drivers\lirsgt.sys [2011-01-03 25888]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-совместимый транспортный протокол; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-15 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-15 63232]
R2 NwlnkSpx;Протокол NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-15 55936]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-04-15 62848]
R3 FStarForce;FStarForce; C:\WINDOWS\system32\DRIVERS\FStarForce.sys [2008-10-24 9216]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-09-21 2014240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-01-25 6321768]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2009-04-08 116224]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2010-08-24 20304]
R3 mouhid;Драйвер мыши HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-19 12160]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-15 163584]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vmmouse;VMware Pointing Device; C:\WINDOWS\system32\DRIVERS\vmmouse.sys [2008-10-16 11440]
R3 wowfilter;WOW XT Filter Driver; C:\WINDOWS\system32\drivers\wowfilter.sys [2009-03-24 25560]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-07-03 57344]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2010-09-15 298784]
S3 ALSysIO;ALSysIO; \??\C:\WINDOWS\TEMP\ALSysIO.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2010-06-21 255096]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-05-18 463168]
S3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2010-11-05 1938272]
S3 asmlewpl;asmlewpl; C:\WINDOWS\system32\drivers\asmlewpl.sys []
S3 CCDECODE;Closed Caption декодер; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2010-08-24 28624]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-08-18 197088]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbet;USB 2.0 WebCAM; C:\WINDOWS\system32\DRIVERS\ETdrv.sys [2009-11-05 167936]
S3 usbscan;Драйвер USB-сканера; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB-видеоустройство (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 vvftav211;vvftav211; C:\WINDOWS\system32\drivers\vvftav211.sys [2007-12-10 480128]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext кодек; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC30x;USB PC Camera Service ZSMC30x; C:\WINDOWS\System32\Drivers\ZS211.sys [2007-12-13 1472000]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-15 12032]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2008-07-07 467029]
R2 AntiVirSchedulerService;Avira Планировщик; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-07-01 84024]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-07-01 108088]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-07-01 589368]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NWCWorkstation;Клиент для сетей NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
R2 SRS_PostInstaller;SRS PostInstaller Service; C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller2.exe [2009-03-24 74992]
R2 TicnoShExtMng;TicnoShExtMng; C:\Program Files\Ticno\ShExtMng\shextmngservice.exe [2013-02-26 198656]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe [2013-06-23 2312224]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-05-08 75136]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S2 TicnoSearch;TicnoSearch; C:\Program Files\Ticno\Multibar\SearchService.exe [2011-08-17 276992]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-11-19 489256]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 914944]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------