﻿Лог утилиты random's system information tool 1.12(автор: random/random)
Run by Valentine11 at 2016-04-18 11:44:08
Майкрософт Windows 8 Профессиональная 
Системный раздел C: размер 30 GB (13%) Свободно 238 GB
Total RAM: 2014 MB (12% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:44:12, on 18.04.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17568)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
C:\Program Files\RSUPPORT\MobizenService\MobizenService.exe
C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe
C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
C:\Windows\system32\conhost.exe
C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\RSUPPORT\MobizenService\MobizenTray.exe
C:\Program Files\CyberGhost 5\Service.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\TEMP\stkhselfctl1.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Users\Valentine11\Downloads\AutoLogger\AutoLogger\AVZ\avz.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Valentine11\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\system32\dashost.exe
C:\Program Files\TechSmith\Jing\Jing.exe
C:\Program Files\CyberGhost 5\CyberGhost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\rundll32.exe
C:\Users\Valentine11\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
C:\Users\Valentine11\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Valentine11\AppData\Local\slack\app-2.0.3\slack.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Valentine11\AppData\Local\slack\app-2.0.3\slack.exe
C:\Users\Valentine11\AppData\Local\slack\app-2.0.3\slack.exe
C:\Users\Valentine11\AppData\Local\slack\app-2.0.3\slack.exe
C:\Users\Valentine11\AppData\Local\slack\app-2.0.3\slack.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Valentine11\AppData\Local\slack\app-2.0.3\slack.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Valentine11\Downloads\AutoLogger\AutoLogger\RSIT\RSIT.exe
C:\Users\Valentine11\Downloads\AutoLogger\AutoLogger\RSIT\Valentine11_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1445350608&z=e1d0762250cf85569268ecdg6zdzdwacdw5e0q2e8b&from=cor&uid=wdcxwd2500ks-00mjb0_wd-wcanka28377383773&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1445350608&z=e1d0762250cf85569268ecdg6zdzdwacdw5e0q2e8b&from=cor&uid=wdcxwd2500ks-00mjb0_wd-wcanka28377383773&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = tunnel.testcloud.de:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Valentine11\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [Sippoint] C:\Program Files\Sippoint\Sippoint.exe
O4 - HKCU\..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files\Google\Chrome\Application\chrome.exe  --disable-background-networking --disable-client-side-phishing-detection --disable-component-update --disable-default-apps --disable-hang-monitor --disable-popup-blocking --disable-prompt-on-repost --disable-sync --disable-web-resources --enable-logging --ignore-certificate-errors --load-extension="C:\Users\VALENT~1\AppData\Local\Temp\scoped_dir17868_15267\internal" --log-level=0 --metrics-recording-only --no-first-run --password-store=basic --remote-debugging-port=12470 --safebrowsing-disable-auto-update --safebrowsing-disable-download-protection --test-type=webdriver --use-mock-keychain --user-data-dir="C:\Users\VALENT~1\AppData\Local\Temp\scoped_dir17868_32048" --flag-switches-begin --flag-switches-end --restore-last-session data:,
O4 - Startup: Slack.lnk = C:\Users\Valentine11\AppData\Local\slack\Update.exe
O8 - Extra context menu item: &Отправить в OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Отправить в OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Связанные заметки OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Связанные заметки OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mobizen plugin -  Rsupport Corporation - C:\Program Files\RSUPPORT\MobizenService\MobizenService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9027 bytes

======Папка назначеных зданий======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\klcp_update - "C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=14
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-3824993444-2669569059-3562072996-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\Windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" 
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\Windows\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Setup\8.1 auto install ping - %windir%\system32\AutoUpdate.exe /Ping
C:\Windows\system32\tasks\Microsoft\Windows\Setup\8.1 auto install v2 - C:\Windows\system32\AutoUpdate.exe /Auto
C:\Windows\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\Windows\system32\MRT.exe /EHB /Q
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs 
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe 
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe 
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe 
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe 

=========Mozilla firefox=========

ProfilePath - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default

prefs.js - "browser.startup.homepage" -  "http://www.yandex.ru/?clid=1923017"

"deskCutv2@gmail.com"=C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\deskCutv2@gmail.com


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.73.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll


C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Доступ к Рутрекеру - extension - public.proartex@gmail.com
Session Manager - extension - {1280606b-2510-4fe0-97ef-9b5a22eafe30}
Lingualeo English Translator - extension - {DD7B8D8D-C0B5-4122-9652-4FCB1E788CD8}
Firefox Hello Beta - extension - loop@mozilla.org
Советник Яндекс.Маркета - extension - sovetnik@metabar.ru
FirePath - extension - FireXPath@pierre.tholence.com
Firebug - extension - firebug@software.joehewitt.com
Gmail™ Notifier Plus - extension - jid1-sqmEAwSoa3FZPc@jetpack
Yandex.Bar (Яндекс Бар) - extension - yasearch@yandex.ru
Визуальные закладки от Яндекс - extension - vb@yandex.ru

C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions.json
LinguaLeo English Translator - extension - {DD7B8D8D-C0B5-4122-9652-4FCB1E788CD8} - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{DD7B8D8D-C0B5-4122-9652-4FCB1E788CD8}.xpi
FirePath - extension - FireXPath@pierre.tholence.com - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\FireXPath@pierre.tholence.com.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Советник Яндекс.Маркета - extension - sovetnik@metabar.ru - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\sovetnik@metabar.ru.xpi
Session Manager - extension - {1280606b-2510-4fe0-97ef-9b5a22eafe30} - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
Firebug - extension - firebug@software.joehewitt.com - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\firebug@software.joehewitt.com.xpi
Gmail™ Notifier Plus - extension - jid1-sqmEAwSoa3FZPc@jetpack - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi
Yandex Elements - extension - yasearch@yandex.ru - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\yasearch@yandex.ru.xpi
Визуальные закладки - extension - vb@yandex.ru - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\vb@yandex.ru.xpi
Firefox Hello Beta - extension - loop@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\loop@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Доступ к Рутрекеру - extension - public.proartex@gmail.com - C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\public.proartex@gmail.com.xpi

C:\Users\Valentine11\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\pluginreg.dat
Plugin - AdobeAAMDetect - 2.0.0.0 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Google Update - 1.3.29.5 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
Plugin - Java(TM) Platform SE 8 U73 - 11.73.2.2 - C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.730.2 - 11.73.2.2 - C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npdeployJava1.dll
Plugin - Shockwave Flash - 15.0.0.223 - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll
Plugin - Shockwave Flash - 21.0.0.213 - C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll

=========Google Chrome=========

C:\Users\Valentine11\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Интернет-магазин Chrome 0.2
Extension aminlpmkfcdibgpgfajlgnamicjckkjf 2 Поиск Яндекса 1.0.3
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension bknbnapaddjdnbilpmlacdkjdkjmbjhd 2 Video AdBlock for Chrome 1.4.3
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension jdkihdhlegcdggknokfekoemkjjnjhgi 2 Стартовая — Яндекс 1.0.3
Extension kiejhcmjgigmolkmohjmggmlffceofkb 0 Honey 8.1.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.2.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Платежная система Интернет-магазина Chrome 1.0.0.0
Homepage: 
default_search_provider.search_url: 
C:\Users\Valentine11\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aminlpmkfcdibgpgfajlgnamicjckkjf]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi]
"Path"=


======Снимок реестра======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768]
"Adobe Creative Cloud"=C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-10-15 2694320]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 157104]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 192432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 201136]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Valentine11\AppData\Roaming\uTorrent\uTorrent.exe [2016-04-10 1959424]
"Sippoint"=C:\Program Files\Sippoint\Sippoint.exe []
"Jing"=C:\Program Files\TechSmith\Jing\Jing.exe [2015-09-11 2911224]
"CyberGhost"=C:\Program Files\CyberGhost 5\CyberGhost.exe [2016-01-11 426600]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-03-01 50670720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Program Files\Google\Chrome\Application\chrome.exe [2016-04-13 881304]

C:\Users\Valentine11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Slack.lnk - C:\Users\Valentine11\AppData\Local\slack\Update.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\50.0.2661.75\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 3 месяца======

2016-04-18 11:25:52 ----A---- C:\Windows\system32\drivers\utk0mji3.sys
2016-04-13 10:56:02 ----A---- C:\Windows\system32\invagent.dll
2016-04-13 10:56:02 ----A---- C:\Windows\system32\aepic.dll
2016-04-13 10:56:01 ----A---- C:\Windows\system32\devinv.dll
2016-04-13 10:56:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-13 10:56:01 ----A---- C:\Windows\system32\aeinv.dll
2016-04-13 10:56:01 ----A---- C:\Windows\system32\acmigration.dll
2016-04-13 10:56:00 ----A---- C:\Windows\system32\appraiser.dll
2016-04-13 10:55:59 ----A---- C:\Windows\system32\generaltel.dll
2016-04-12 13:24:29 ----D---- C:\Program Files\Mozilla Firefox
2016-04-10 22:45:32 ----D---- C:\Program Files\Gamesslava
2016-04-08 14:01:56 ----D---- C:\Users\Valentine11\AppData\Roaming\Rsupport
2016-04-08 14:00:21 ----D---- C:\Program Files\RSUPPORT
2016-04-04 16:38:16 ----D---- C:\Program Files\Common Files\Skype
2016-03-27 12:18:57 ----D---- C:\Users\Valentine11\AppData\Roaming\ultrastardx
2016-03-27 12:18:57 ----D---- C:\Program Files\UltraStar Deluxe
2016-03-22 20:21:02 ----D---- C:\Users\Valentine11\AppData\Roaming\GitExtensions
2016-03-22 20:19:28 ----D---- C:\Program Files\KDiff3
2016-03-22 20:18:52 ----D---- C:\Program Files\GitExtensions
2016-03-13 12:15:45 ----ASH---- C:\pagefile.sys
2016-02-18 19:20:20 ----D---- C:\ProgramData\Git
2016-02-18 19:19:42 ----D---- C:\Program Files\Git
2016-02-11 22:05:58 ----D---- C:\Program Files\Common Files\Java
2016-02-06 18:13:44 ----D---- C:\Users\Valentine11\AppData\Roaming\Slack
2016-02-05 09:01:27 ----D---- C:\Program Files\Xenu
2016-02-05 04:01:07 ----D---- C:\Program Files\Screencast-O-Matic

======Список файлов и папок, измененных за последние 3 месяца======

2016-04-18 11:44:15 ----D---- C:\Users\Valentine11\AppData\Roaming\uTorrent
2016-04-18 11:44:06 ----D---- C:\Windows\Prefetch
2016-04-18 11:37:32 ----D---- C:\Users\Valentine11\AppData\Roaming\Skype
2016-04-18 11:25:52 ----D---- C:\Windows\system32\Drivers
2016-04-18 11:02:26 ----SHD---- C:\System Volume Information
2016-04-18 10:40:13 ----D---- C:\Windows\Temp
2016-04-18 10:13:20 ----D---- C:\Windows\system32\catroot2
2016-04-18 09:56:54 ----RD---- C:\Windows\System32
2016-04-18 09:56:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-18 09:56:46 ----D---- C:\Windows\inf
2016-04-18 07:35:59 ----D---- C:\Windows\Microsoft.NET
2016-04-17 00:38:15 ----D---- C:\Windows\system32\config
2016-04-16 12:01:41 ----D---- C:\Windows\WinSxS
2016-04-16 11:11:54 ----D---- C:\Windows\system32\MRT
2016-04-16 10:59:06 ----A---- C:\Windows\system32\MRT.exe
2016-04-15 21:53:06 ----D---- C:\Windows
2016-04-15 21:51:18 ----SD---- C:\Windows\system32\CompatTel
2016-04-15 21:51:18 ----D---- C:\Windows\system32\appraiser
2016-04-15 17:25:34 ----D---- C:\Users\Valentine11\AppData\Roaming\FileZilla
2016-04-14 07:45:06 ----N---- C:\Windows\system32\MpSigStub.exe
2016-04-13 23:41:43 ----D---- C:\Windows\CbsTemp
2016-04-13 13:46:02 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-04-13 13:44:29 ----SHD---- C:\Windows\Installer
2016-04-13 13:44:27 ----D---- C:\ProgramData\Microsoft Help
2016-04-12 22:52:52 ----RD---- C:\Program Files
2016-04-11 16:44:10 ----D---- C:\Users\Valentine11\AppData\Roaming\HoldemManager
2016-04-10 22:54:09 ----D---- C:\Users\Valentine11\AppData\Roaming\Elephant Games
2016-04-09 11:35:38 ----D---- C:\Program Files\LotosPoker
2016-04-09 11:34:40 ----D---- C:\Users\Valentine11\AppData\Roaming\LotosPoker
2016-04-06 18:37:56 ----D---- C:\Program Files\FileZilla FTP Client
2016-04-04 16:38:16 ----RD---- C:\Program Files\Skype
2016-04-04 16:38:16 ----D---- C:\Program Files\Common Files
2016-04-04 16:38:06 ----D---- C:\ProgramData\Skype
2016-04-03 23:23:18 ----D---- C:\FlashInstaller
2016-03-16 08:13:55 ----D---- C:\Windows\system32\catroot
2016-03-13 12:06:28 ----D---- C:\Windows\system32\sru
2016-03-12 03:08:05 ----D---- C:\Windows\system32\DriverStore
2016-03-10 00:53:35 ----D---- C:\Program Files\nodejs
2016-03-09 14:36:06 ----D---- C:\Windows\AUInstallAgent
2016-03-09 14:35:57 ----HD---- C:\Program Files\WindowsApps
2016-03-03 23:03:02 ----D---- C:\Windows\Minidump
2016-02-18 19:20:20 ----HD---- C:\ProgramData
2016-02-17 02:01:52 ----D---- C:\Program Files\PacificPoker
2016-02-17 02:00:48 ----D---- C:\Users\Valentine11\AppData\Roaming\PacificPoker
2016-02-11 23:26:21 ----D---- C:\ProgramData\Oracle
2016-02-11 22:07:09 ----D---- C:\Program Files\Java
2016-02-11 22:04:56 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-02-10 15:58:41 ----A---- C:\Windows\win.ini
2016-02-10 15:55:52 ----D---- C:\Windows\apppatch
2016-02-03 12:24:46 ----D---- C:\Windows\Tasks
2016-01-25 16:00:35 ----D---- C:\Users\Valentine11\AppData\Roaming\npm-cache

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 amdkmafd;@oem4.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 15528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 52224]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-04-18 13515264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-04-18 512000]
R3 L1C;@netl1c63x86.inf,%L1C.Service.DispName%;Драйвер мини-порта NDIS для Qualcomm Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x86.sys [2012-06-02 85504]
R3 MEI;@oem11.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECI.sys [2010-10-19 41088]
R3 tap0901;@oem6.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 35288]
R3 utk0mji3;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utk0mji3.sys [2016-04-18 7168]
S3 androidusb;@oem3.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 26112]
S3 athr;@netathr.inf,%ATHR.Service.DispName%;Расширяемый драйвер устройств беспроводной сети Qualcomm Atheros; C:\Windows\system32\DRIVERS\athr.sys [2012-06-02 2273280]
S3 AtiHDAudioService;@oem6.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW83.sys [2013-12-20 197120]
S3 dg_ssudbus;@oem7.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2015-06-01 3788752]
S3 RTL8168;@netrt630x86.inf,%rtl8168.Service.DispName%;Драйвер Realtek 8168 NT; C:\Windows\system32\DRIVERS\Rt630x86.sys [2012-07-26 495104]
S3 ssudmdm;@oem9.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-видеоустройство (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-09 175872]
S3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 13824]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2012-07-26 46592]
S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 WUDFWpdMtp;WUDFWpdMtp; C:\Windows\System32\drivers\WUDFRd.sys [2012-07-26 155136]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-04-18 208896]
R2 CGVPNCliService;CyberGhost 5 Client Service; C:\Program Files\CyberGhost 5\Service.exe [2016-01-11 65128]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2015-07-09 21744]
R2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4; C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe [2014-02-18 66048]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2014-02-21 114368]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-04 144200]
S2 Mobizen plugin;Mobizen plugin; C:\Program Files\RSUPPORT\MobizenService\MobizenService.exe [2015-12-29 3353872]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-01-29 327296]
S2 StkhClientService;Stkh Application Client Service and Utility; %SystemRoot%\System32\svchost.exe -k stkhsvc;"ServiceDll"=%SystemRoot%\System32\stkhcl32.dll
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09 269504]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 gupdatem;Служба Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-04 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-12 146888]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Te.Service;Te.Service; C:\Program Files\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [2015-07-09 101888]

-----------------EOF-----------------
