- This topic has 10 ответов, 3 участника, and was last updated 14 years, 6 months назад by
.
-
Сообщения
-
Уважаемый Валерий у меня к Вам огромная просьба, у меня стал зависать комп и в интернете страницы виснут,приходится перезагружать. Помогите мне пожалуйста, а то я в этом плохо разбираюсь. Зарание спасибо.
Здравствуйте!
Добро пожаловать на Spyware-ru форум.
Для начала проверим ваш компьютер.
Выполните пожалуйста действия описанные в этой теме:
Как вылечить компьютер, первые шаги.Здравствуйте. Вот содержимое loq. cLogfile of random’s system information tool 1.06 (written by random/random)
Run by Toshiba at 2010-04-09 00:17:15
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 19 GB (26%) free of 76 GB
Total RAM: 1021 MB (26% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:18:32, on 09.04.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: NormalRunning processes:
C:WindowsSystem32smss.exe
C:Windowssystem32csrss.exe
C:Windowssystem32wininit.exe
C:Windowssystem32csrss.exe
C:Windowssystem32services.exe
C:Windowssystem32lsass.exe
C:Windowssystem32lsm.exe
C:Windowssystem32winlogon.exe
C:Windowssystem32svchost.exe
C:Windowssystem32nvvsvc.exe
C:Windowssystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32SLsvc.exe
C:Windowssystem32svchost.exe
C:Windowssystem32rundll32.exe
C:Windowssystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesGoogleUpdate1.2.183.23GoogleCrashHandler.exe
C:Windowssystem32svchost.exe
C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:WindowsSystem32rundll32.exe
C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe
C:Program FilesJavajre6binjusched.exe
C:WindowsWindowsMobilewmdcBase.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Windowssystem32svchost.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:Windowsehomeehmsas.exe
C:Windowssystem32svchost.exe
C:Program FilesSpyware DoctorpctsTray.exe
c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32SearchIndexer.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Windowssystem32svchost.exe
C:Windowsehomeehsched.exe
C:WindowsSystem32alg.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:Program FilesInternet ExplorerIELowutil.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:WindowsehomeehRecvr.exe
C:UsersToshibaDownloadsRSIT.exe
C:Windowssystem32wbemwmiprvse.exe
C:Program Filestrend microToshiba.exe
C:Windowssystem32SearchProtocolHost.exe
C:Windowssystem32SearchFilterHost.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.shareware-ru.com/ru/index.php?rvs=hompag
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=21978&yasoft=barie
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.shareware-ru.com/ru/index.php?rvs=hompag
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: MHURLSearchHook Class — {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} — C:Program FilesFamily Toolbartbhelper.dll
R3 — URLSearchHook: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O1 — Hosts: ::1 localhost
O2 — BHO: MHTBPos00 — {0C37B053-FD68-456a-82E1-D788EE342E6F} — C:Program FilesFamily Toolbartbcore3.dll
O2 — BHO: BitComet ClickCapture — {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll (file missing)
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.5.4723.1820swg.dll
O2 — BHO: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: &Gismeteo.Ru — {923A63EB-3D61-44A5-9E54-545127FEAEEA} — c:gismeteobargismeteobar.dll (file missing)
O3 — Toolbar: (no name) — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — (no file)
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: Family Toolbar — {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} — C:Program FilesFamily Toolbartbcore3.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe»
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKLM..Run: [PAC7302_Monitor] C:WindowsPixArtPAC7302Monitor.exe
O4 — HKLM..Run: [Windows Mobile-based device management] %WINDIR%WindowsMobilewmdcBase.exe
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [toscdspd] TOSCDSPD.EXE
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [NevoDRM] «C:Игры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘Default user’)
O4 — Global Startup: McAfee Security Scan Plus.lnk = ?
O8 — Extra context menu item: &D&ownload &with BitComet — res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Translate — http://lingvo.yandex.ru/ie5trans.htm
O8 — Extra context menu item: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Google ВикиКомментарии… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 — Extra context menu item: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
O8 — Extra context menu item: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
O8 — Extra context menu item: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
O8 — Extra context menu item: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
O9 — Extra button: PokerStars — {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} — C:Program FilesPokerStarsPokerStarsUpdate.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 — Extra button: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:ProgramsPartyGamingPartyPokerRunApp.exe (file missing)
O9 — Extra ‘Tools’ menuitem: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:ProgramsPartyGamingPartyPokerRunApp.exe (file missing)
O9 — Extra button: eBay — {C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU (file missing)
O9 — Extra button: BitComet — {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} — res://C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 — Gopher Prefix:
O16 — DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} — http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 — DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} — http://download.divx.com/player/DivXBrowserPlugin.cab
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: ConfigFree Service (CFSvcs) — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Google Update Service (gupdate1c9b43ab3863630) (gupdate1c9b43ab3863630) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: McAfee Security Scan Component Host Service (McComponentHostService) — McAfee, Inc. — C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe—
End of file — 13080 bytes======Scheduled tasks folder======
C:WindowstasksGoogle Software Updater.job
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksNeroLiveEpgUpdate-Toshiba-ПК_Toshiba.job
C:WindowstasksNorton Security Scan for Toshiba.job
C:WindowstasksRegistry OK Schedule.job
C:WindowstasksUser_Feed_Synchronization-{503FFDCA-07EF-4C1D-B0CC-7CEF54C9E98A}.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class — C:Program FilesFamily Toolbartbcore3.dll [2009-05-08 2642432][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-11-03 1029296][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.5.4723.1820swg.dll [2010-01-30 812528][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
Ashampoo RU Toolbar — C:Program FilesAshampoo_RUtbAsha.dll [2010-03-17 2355224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-20 35840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{468CD8A9-7C25-45FA-969E-3D925C689DC4}
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-11-03 1029296]
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} — Family Toolbar — C:Program FilesFamily Toolbartbcore3.dll [2009-05-08 2642432]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-12-24 8729864]
{b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — Ashampoo RU Toolbar — C:Program FilesAshampoo_RUtbAsha.dll [2010-03-17 2355224][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«NDSTray.exe»=NDSTray.exe []
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
«WinampAgent»=C:Program FilesWinampwinampa.exe []
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2009-01-30 13605408]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2009-01-30 92704]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-20 148888]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-12-08 1173384]
«PAC7302_Monitor»=C:WindowsPixArtPAC7302Monitor.exe [2006-11-03 319488]
«Windows Mobile-based device management»=C:WindowsWindowsMobilewmdcBase.exe [2007-05-31 648072][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-04-11 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart []
«toscdspd»=TOSCDSPD.EXE []
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-08-08 490952]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2009-12-19 289584]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2010-03-09 26100520]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-10-15 39408]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984]C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
McAfee Security Scan Plus.lnk — C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoDriveAutoRun»=95[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«BindDirectlyToPropertySetStorage»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b2c65fc3-1e05-11de-88b8-0016d4fd5c15}]
shellAutoRuncommand — G:browse.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b41ea2de-f5d9-11de-9b95-00037ad7fc3e}]
shellAutoRuncommand — F:iStudio.exe======File associations======
.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2010-04-08 23:30:51 —-D—- C:rsit
2010-04-07 14:27:06 —-D—- C:UsersToshibaAppDataRoamingGHISLER
2010-04-07 14:27:06 —-D—- C:totalcmd
2010-04-06 09:29:03 —-D—- C:perflogs
2010-03-31 09:33:23 —-A—- C:Windowssystem32mshtml.dll
2010-03-31 09:33:18 —-A—- C:Windowssystem32ieframe.dll
2010-03-31 09:33:16 —-A—- C:Windowssystem32iertutil.dll
2010-03-31 09:33:15 —-A—- C:Windowssystem32urlmon.dll
2010-03-31 09:33:14 —-A—- C:Windowssystem32wininet.dll
2010-03-31 09:33:13 —-A—- C:Windowssystem32occache.dll
2010-03-31 09:33:13 —-A—- C:Windowssystem32msfeeds.dll
2010-03-31 09:33:12 —-A—- C:Windowssystem32mstime.dll
2010-03-31 09:33:12 —-A—- C:Windowssystem32iedkcs32.dll
2010-03-31 09:33:08 —-A—- C:Windowssystem32ieui.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32msfeedsbs.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32ieUnatt.exe
2010-03-31 09:33:07 —-A—- C:Windowssystem32iesysprep.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32iepeers.dll
2010-03-31 09:33:06 —-A—- C:Windowssystem32jsproxy.dll
2010-03-31 09:33:05 —-A—- C:Windowssystem32msfeedssync.exe
2010-03-31 09:33:05 —-A—- C:Windowssystem32ie4uinit.exe
2010-03-31 09:33:04 —-A—- C:Windowssystem32iesetup.dll
2010-03-31 09:33:04 —-A—- C:Windowssystem32iernonce.dll
2010-03-25 02:20:13 —-D—- C:Program FilesConduit
2010-03-25 02:20:10 —-D—- C:Program FilesAshampoo_RU
2010-03-22 22:20:39 —-D—- C:работа
2010-03-22 13:08:24 —-D—- C:UsersToshibaAppDataRoamingVirtual City
2010-03-20 23:34:18 —-D—- C:Program FilesCommon FilesSkype
2010-03-18 15:30:22 —-D—- C:UsersToshibaAppDataRoamingShinyTales
2010-03-14 18:26:26 —-D—- C:Program FilesMcAfee Security Scan
2010-03-10 15:41:20 —-A—- C:Windowssystem32nshhttp.dll
2010-03-10 15:41:06 —-A—- C:Windowssystem32httpapi.dll======List of files/folders modified in the last 1 months======
2010-04-09 00:17:22 —-D—- C:Program FilesTrend Micro
2010-04-09 00:17:12 —-D—- C:WindowsTemp
2010-04-09 00:16:46 —-D—- C:UsersToshibaAppDataRoamingSkype
2010-04-09 00:16:35 —-D—- C:WindowsTasks
2010-04-09 00:15:53 —-D—- C:UsersToshibaAppDataRoamingskypePM
2010-04-09 00:13:34 —-AD—- C:ProgramDataTEMP
2010-04-09 00:12:59 —-D—- C:Windowssystem32drivers
2010-04-08 23:52:43 —-D—- C:UsersToshibaAppDataRoaminguTorrent
2010-04-08 23:31:08 —-D—- C:WindowsPrefetch
2010-04-08 21:33:09 —-D—- C:Windowstracing
2010-04-08 21:13:42 —-SHD—- C:System Volume Information
2010-04-07 17:26:04 —-D—- C:Program FilesSpyware Doctor
2010-04-07 14:27:07 —-D—- C:Windows
2010-04-07 11:37:29 —-D—- C:Program Filesrp5.ru
2010-04-06 13:20:46 —-D—- C:WindowsSystem32
2010-04-06 13:20:46 —-A—- C:Windowssystem32PerfStringBackup.INI
2010-04-06 13:20:45 —-D—- C:Windowsinf
2010-04-06 13:17:52 —-D—- C:UsersToshibaAppDataRoamingIntelli-studio
2010-04-06 11:11:14 —-D—- C:Игры от NevoSoft
2010-04-06 09:07:19 —-SHD—- C:WindowsInstaller
2010-04-06 09:07:03 —-RD—- C:Users
2010-04-01 00:42:59 —-D—- C:Windowssystem32migration
2010-04-01 00:42:59 —-D—- C:Program FilesInternet Explorer
2010-04-01 00:03:07 —-D—- C:Windowswinsxs
2010-03-31 09:29:33 —-D—- C:Windowssystem32catroot2
2010-03-31 09:29:33 —-D—- C:Windowssystem32catroot
2010-03-29 10:01:01 —-D—- C:Program FilesCommon FilesSymantec Shared
2010-03-25 02:20:13 —-RD—- C:Program Files
2010-03-24 11:47:55 —-D—- C:WindowsWindowsMobile
2010-03-24 11:41:37 —-D—- C:Windowssystem32config
2010-03-24 11:41:20 —-D—- C:Windowssystem32Tasks
2010-03-24 11:41:20 —-D—- C:Windowssystem32spool
2010-03-24 11:41:20 —-D—- C:Windowssystem32Msdtc
2010-03-24 11:41:15 —-D—- C:ProgramDataMcAfee Security Scan
2010-03-24 11:41:10 —-D—- C:Windowssystem32wbem
2010-03-24 11:41:10 —-D—- C:Windowsregistration
2010-03-23 19:38:26 —-D—- C:UsersToshibaAppDataRoamingYandex
2010-03-20 23:34:18 —-D—- C:Program FilesCommon Files
2010-03-20 23:34:17 —-RD—- C:Program FilesSkype
2010-03-15 14:19:00 —-D—- C:ProgramDataNOS
2010-03-15 14:16:49 —-SD—- C:WindowsDownloaded Program Files
2010-03-13 13:42:54 —-D—- C:Program FilesCommon FilesAdobe AIR
2010-03-10 16:09:21 —-D—- C:Program FilesMovie Maker
2010-03-10 16:09:20 —-D—- C:Program FilesWindows Mail
2010-03-10 15:50:48 —-A—- C:Windowswin.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-11-25 48560]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2009-04-11 236544]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-01-30 7544832]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2009-04-11 89088]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 ausdja94;ausdja94; C:Windowssystem32driversausdja94.sys []
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys []
S3 MarvinBus;Pinnacle Marvin Bus; C:Windowssystem32DRIVERSMarvinBus.sys [2005-09-24 171520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 USB28xxBGA;PCTV 170e Device; C:Windowssystem32DRIVERSemBDA.sys [2008-09-12 540288]
S3 USB28xxOEM;USB 28xx OEM Filter; C:Windowssystem32DRIVERSemOEM.sys [2008-09-12 443520]
S3 winusb;WinUSB Service; C:Windowssystem32DRIVERSwinusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-01-30 203296]
R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2009-01-07 348752]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2009-01-21 1095560]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S2 gupdate1c9b43ab3863630;Google Update Service (gupdate1c9b43ab3863630); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-04-03 133104]
S2 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-10-15 194032]
S3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe [2010-01-15 227232]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-29 89136]
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Компьютер зависает только при просмотре интернет страничек ? или может зависнуть в любой момент ?
Здравствуйте! Комп. виснет когда ему захочется(как в интернете, так и при работе в любой программе). Спасибо.
Здравствуйте! Logfile of random’s system information tool 1.06 (written by random/random)
Run by Toshiba at 2010-04-19 21:31:32
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 15 GB (20%) free of 76 GB
Total RAM: 1021 MB (18% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:32:26, on 19.04.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: NormalRunning processes:
C:WindowsSystem32smss.exe
C:Windowssystem32csrss.exe
C:Windowssystem32wininit.exe
C:Windowssystem32csrss.exe
C:Windowssystem32services.exe
C:Windowssystem32lsass.exe
C:Windowssystem32lsm.exe
C:Windowssystem32winlogon.exe
C:Windowssystem32svchost.exe
C:Windowssystem32nvvsvc.exe
C:Windowssystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32SLsvc.exe
C:Windowssystem32svchost.exe
C:Windowssystem32rundll32.exe
C:Windowssystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe
C:Windowssystem32svchost.exe
C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe
C:WindowsExplorer.EXE
C:Program FilesGoogleUpdate1.2.183.23GoogleCrashHandler.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Windowssystem32svchost.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:WindowsSystem32rundll32.exe
C:Program FilesJavajre6binjusched.exe
C:WindowsWindowsMobilewmdcBase.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:Windowssystem32svchost.exe
c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
C:Program FilesSpyware DoctorpctsTray.exe
C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
C:WindowsSystem32svchost.exe
C:Windowsehomeehmsas.exe
C:Windowssystem32SearchIndexer.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Windowssystem32svchost.exe
C:Windowsehomeehsched.exe
C:WindowsSystem32alg.exe
C:WindowsSystem32mobsync.exe
C:WindowsehomeehRecvr.exe
C:Windowssystem32conime.exe
C:WindowsSystem32svchost.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesGoogleGoogle ToolbarGoogleToolbarUser_32.exe
C:Windowssystem32MacromedFlashFlashUtil10e.exe
C:UsersToshibaDownloadsRSIT.exe
C:Windowssystem32wbemwmiprvse.exe
C:Program Filestrend microToshiba.exe
C:Windowssystem32msfeedssync.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.shareware-ru.com/ru/index.php?rvs=hompag
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=21978&yasoft=barie
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.shareware-ru.com/ru/index.php?rvs=hompag
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: MHURLSearchHook Class — {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} — C:Program FilesFamily Toolbartbhelper.dll
R3 — URLSearchHook: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O1 — Hosts: ::1 localhost
O2 — BHO: MHTBPos00 — {0C37B053-FD68-456a-82E1-D788EE342E6F} — C:Program FilesFamily Toolbartbcore3.dll
O2 — BHO: BitComet ClickCapture — {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll (file missing)
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.5.4723.1820swg.dll
O2 — BHO: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: &Gismeteo.Ru — {923A63EB-3D61-44A5-9E54-545127FEAEEA} — c:gismeteobargismeteobar.dll (file missing)
O3 — Toolbar: (no name) — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — (no file)
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: Family Toolbar — {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} — C:Program FilesFamily Toolbartbcore3.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe»
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKLM..Run: [PAC7302_Monitor] C:WindowsPixArtPAC7302Monitor.exe
O4 — HKLM..Run: [Windows Mobile-based device management] %WINDIR%WindowsMobilewmdcBase.exe
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [toscdspd] TOSCDSPD.EXE
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKCU..Run: [Skype] «C:Program FilesSkype\PhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [NevoDRM] «C:Игры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘Default user’)
O4 — Global Startup: McAfee Security Scan Plus.lnk = ?
O8 — Extra context menu item: &D&ownload &with BitComet — res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Translate — http://lingvo.yandex.ru/ie5trans.htm
O8 — Extra context menu item: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Google ВикиКомментарии… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 — Extra context menu item: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
O8 — Extra context menu item: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
O8 — Extra context menu item: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
O8 — Extra context menu item: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
O9 — Extra button: PokerStars — {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} — C:Program FilesPokerStarsPokerStarsUpdate.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 — Extra button: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:ProgramsPartyGamingPartyPokerRunApp.exe (file missing)
O9 — Extra ‘Tools’ menuitem: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:ProgramsPartyGamingPartyPokerRunApp.exe (file missing)
O9 — Extra button: eBay — {C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU (file missing)
O9 — Extra button: BitComet — {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} — res://C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 — Gopher Prefix:
O16 — DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} — http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 — DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} — http://download.divx.com/player/DivXBrowserPlugin.cab
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: ConfigFree Service (CFSvcs) — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Google Update Service (gupdate1c9b43ab3863630) (gupdate1c9b43ab3863630) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: McAfee Security Scan Component Host Service (McComponentHostService) — McAfee, Inc. — C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe—
End of file — 13173 bytes======Scheduled tasks folder======
C:WindowstasksGoogle Software Updater.job
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksNeroLiveEpgUpdate-Toshiba-ПК_Toshiba.job
C:WindowstasksNorton Security Scan for Toshiba.job
C:WindowstasksRegistry OK Schedule.job
C:WindowstasksUser_Feed_Synchronization-{503FFDCA-07EF-4C1D-B0CC-7CEF54C9E98A}.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class — C:Program FilesFamily Toolbartbcore3.dll [2009-05-08 2642432][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-11-03 1029296][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.5.4723.1820swg.dll [2010-01-30 812528][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
Ashampoo RU Toolbar — C:Program FilesAshampoo_RUtbAsha.dll [2010-03-17 2355224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-20 35840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{468CD8A9-7C25-45FA-969E-3D925C689DC4}
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-11-03 1029296]
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} — Family Toolbar — C:Program FilesFamily Toolbartbcore3.dll [2009-05-08 2642432]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-12-24 8729864]
{b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — Ashampoo RU Toolbar — C:Program FilesAshampoo_RUtbAsha.dll [2010-03-17 2355224][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«NDSTray.exe»=NDSTray.exe []
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
«WinampAgent»=C:Program FilesWinampwinampa.exe []
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2009-01-30 13605408]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2009-01-30 92704]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-20 148888]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-12-08 1173384]
«PAC7302_Monitor»=C:WindowsPixArtPAC7302Monitor.exe [2006-11-03 319488]
«Windows Mobile-based device management»=C:WindowsWindowsMobilewmdcBase.exe [2007-05-31 648072][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-04-11 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart []
«toscdspd»=TOSCDSPD.EXE []
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-08-08 490952]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2009-12-19 289584]
«Skype»=C:Program FilesSkype\PhoneSkype.exe [2010-04-06 26102056]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-10-15 39408]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984]C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
McAfee Security Scan Plus.lnk — C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoDriveAutoRun»=95[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«BindDirectlyToPropertySetStorage»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b2c65fc3-1e05-11de-88b8-0016d4fd5c15}]
shellAutoRuncommand — G:browse.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b41ea2de-f5d9-11de-9b95-00037ad7fc3e}]
shellAutoRuncommand — F:iStudio.exe======File associations======
.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2010-04-14 00:02:35 —-A—- C:Windowssystem32ntoskrnl.exe
2010-04-14 00:02:33 —-A—- C:Windowssystem32ntkrnlpa.exe
2010-04-14 00:02:29 —-A—- C:Windowssystem32vbscript.dll
2010-04-14 00:02:13 —-A—- C:Windowssystem32iphlpsvc.dll
2010-04-14 00:01:23 —-A—- C:Windowssystem32wintrust.dll
2010-04-13 23:58:20 —-A—- C:Windowssystem32cabview.dll
2010-04-08 23:30:51 —-D—- C:rsit
2010-04-07 14:27:06 —-D—- C:UsersToshibaAppDataRoamingGHISLER
2010-04-07 14:27:06 —-D—- C:totalcmd
2010-04-06 09:29:03 —-D—- C:perflogs
2010-03-31 09:33:23 —-A—- C:Windowssystem32mshtml.dll
2010-03-31 09:33:18 —-A—- C:Windowssystem32ieframe.dll
2010-03-31 09:33:16 —-A—- C:Windowssystem32iertutil.dll
2010-03-31 09:33:15 —-A—- C:Windowssystem32urlmon.dll
2010-03-31 09:33:14 —-A—- C:Windowssystem32wininet.dll
2010-03-31 09:33:13 —-A—- C:Windowssystem32occache.dll
2010-03-31 09:33:13 —-A—- C:Windowssystem32msfeeds.dll
2010-03-31 09:33:12 —-A—- C:Windowssystem32mstime.dll
2010-03-31 09:33:12 —-A—- C:Windowssystem32iedkcs32.dll
2010-03-31 09:33:08 —-A—- C:Windowssystem32ieui.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32msfeedsbs.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32ieUnatt.exe
2010-03-31 09:33:07 —-A—- C:Windowssystem32iesysprep.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32iepeers.dll
2010-03-31 09:33:06 —-A—- C:Windowssystem32jsproxy.dll
2010-03-31 09:33:05 —-A—- C:Windowssystem32msfeedssync.exe
2010-03-31 09:33:05 —-A—- C:Windowssystem32ie4uinit.exe
2010-03-31 09:33:04 —-A—- C:Windowssystem32iesetup.dll
2010-03-31 09:33:04 —-A—- C:Windowssystem32iernonce.dll
2010-03-25 02:20:13 —-D—- C:Program FilesConduit
2010-03-25 02:20:10 —-D—- C:Program FilesAshampoo_RU
2010-03-22 22:20:39 —-D—- C:работа
2010-03-22 13:08:24 —-D—- C:UsersToshibaAppDataRoamingVirtual City
2010-03-20 23:34:18 —-D—- C:Program FilesCommon FilesSkype======List of files/folders modified in the last 1 months======
2010-04-19 21:32:04 —-D—- C:WindowsTemp
2010-04-19 21:31:45 —-D—- C:WindowsPrefetch
2010-04-19 21:31:36 —-D—- C:Program FilesTrend Micro
2010-04-19 21:26:42 —-D—- C:WindowsTasks
2010-04-19 21:23:57 —-AD—- C:ProgramDataTEMP
2010-04-19 21:23:55 —-D—- C:Windowssystem32drivers
2010-04-19 20:22:35 —-D—- C:UsersToshibaAppDataRoaminguTorrent
2010-04-19 19:42:29 —-SHD—- C:System Volume Information
2010-04-19 16:59:55 —-D—- C:Windowstracing
2010-04-17 14:19:37 —-SHD—- C:WindowsInstaller
2010-04-17 14:19:34 —-D—- C:Program FilesAdobe
2010-04-17 06:13:35 —-D—- C:UsersToshibaAppDataRoamingSkype
2010-04-17 02:06:22 —-D—- C:Windowssystem32Tasks
2010-04-17 02:02:48 —-D—- C:UsersToshibaAppDataRoamingskypePM
2010-04-15 20:47:13 —-D—- C:Program FilesSpyware Doctor
2010-04-15 20:44:27 —-D—- C:Windowssystem32catroot2
2010-04-14 20:26:29 —-D—- C:Windowswinsxs
2010-04-14 20:15:53 —-D—- C:Windowssystem32catroot
2010-04-14 20:06:12 —-D—- C:WindowsSystem32
2010-04-14 20:06:12 —-D—- C:Program FilesWindows Mail
2010-04-14 14:59:04 —-D—- C:Program FilesGoogle
2010-04-07 14:27:07 —-D—- C:Windows
2010-04-07 11:37:29 —-D—- C:Program Filesrp5.ru
2010-04-06 21:52:54 —-A—- C:Windowssystem32mrt.exe
2010-04-06 13:20:46 —-A—- C:Windowssystem32PerfStringBackup.INI
2010-04-06 13:20:45 —-D—- C:Windowsinf
2010-04-06 13:17:52 —-D—- C:UsersToshibaAppDataRoamingIntelli-studio
2010-04-06 11:11:14 —-D—- C:Игры от NevoSoft
2010-04-06 09:07:03 —-RD—- C:Users
2010-04-01 00:42:59 —-D—- C:Windowssystem32migration
2010-04-01 00:42:59 —-D—- C:Program FilesInternet Explorer
2010-03-29 10:01:01 —-D—- C:Program FilesCommon FilesSymantec Shared
2010-03-25 02:20:13 —-RD—- C:Program Files
2010-03-24 11:47:55 —-D—- C:WindowsWindowsMobile
2010-03-24 11:41:37 —-D—- C:Windowssystem32config
2010-03-24 11:41:20 —-D—- C:Windowssystem32spool
2010-03-24 11:41:20 —-D—- C:Windowssystem32Msdtc
2010-03-24 11:41:15 —-D—- C:ProgramDataMcAfee Security Scan
2010-03-24 11:41:10 —-D—- C:Windowssystem32wbem
2010-03-24 11:41:10 —-D—- C:Windowsregistration
2010-03-23 19:38:26 —-D—- C:UsersToshibaAppDataRoamingYandex
2010-03-20 23:34:18 —-D—- C:Program FilesCommon Files
2010-03-20 23:34:17 —-RD—- C:Program FilesSkype======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-11-25 48560]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2009-04-11 236544]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-01-30 7544832]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2009-04-11 89088]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 ayzdxz4a;ayzdxz4a; C:Windowssystem32driversayzdxz4a.sys []
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys []
S3 MarvinBus;Pinnacle Marvin Bus; C:Windowssystem32DRIVERSMarvinBus.sys [2005-09-24 171520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 USB28xxBGA;PCTV 170e Device; C:Windowssystem32DRIVERSemBDA.sys [2008-09-12 540288]
S3 USB28xxOEM;USB 28xx OEM Filter; C:Windowssystem32DRIVERSemOEM.sys [2008-09-12 443520]
S3 winusb;WinUSB Service; C:Windowssystem32DRIVERSwinusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-01-30 203296]
R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2009-01-07 348752]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2009-01-21 1095560]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S2 gupdate1c9b43ab3863630;Google Update Service (gupdate1c9b43ab3863630); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-04-03 133104]
S2 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-10-15 194032]
S3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe [2010-01-15 227232]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-29 89136]
EOF
Лог выглядит нормально.
Проверим ещё одной программой.Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.Здравствуйте Валерий, вот результат Combofix. ComboFix 10-04-21.01 — Toshiba 21.04.2010 23:23:10.2.2 — x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1251.7.1049.18.1021.314 [GMT 4:00]
Running from: c:usersToshibaDownloadsComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081210-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Защитник Windows *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: avast! antivirus 4.8.1229 [VPS 081210-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:$recycle.binS-1-5-21-1825386462-1735010782-207331129-500
c:$recycle.binS-1-5-21-2152478756-3922319563-605102323-500
c:$recycle.binS-1-5-21-2931943833-4034439092-3643751013-1002
c:programdataMicrosoftNetworkDownloaderqmgr0.dat
c:programdataMicrosoftNetworkDownloaderqmgr1.dat
c:windowssystem32%appdata%
E:install.exe
BITS: Possible infected sites
hxxp://soft.export.yandex.ru
hxxp://download.yandex.ru
hxxp://bar.export.yandex.ru
.
((((((((((((((((((((((((( Files Created from 2010-03-21 to 2010-04-21 )))))))))))))))))))))))))))))))
.2010-04-21 19:40 . 2010-04-21 19:45
d
w- c:usersToshibaAppDataLocaltemp
2010-04-21 19:40 . 2010-04-21 19:40
d
w- c:usersTEMP.Toshiba-ПК.000AppDataLocaltemp
2010-04-13 20:02 . 2010-02-23 11:10 212992 —-a-w- c:windowssystem32driversmrxsmb10.sys
2010-04-13 20:02 . 2010-02-23 11:10 79360 —-a-w- c:windowssystem32driversmrxsmb20.sys
2010-04-13 20:02 . 2010-02-23 11:10 106496 —-a-w- c:windowssystem32driversmrxsmb.sys
2010-04-13 20:02 . 2010-02-18 14:07 3548040 —-a-w- c:windowssystem32ntoskrnl.exe
2010-04-13 20:02 . 2010-02-18 14:07 3600776 —-a-w- c:windowssystem32ntkrnlpa.exe
2010-04-13 20:02 . 2010-03-05 14:01 420352 —-a-w- c:windowssystem32vbscript.dll
2010-04-13 20:02 . 2010-02-18 14:07 904576 —-a-w- c:windowssystem32driverstcpip.sys
2010-04-13 20:02 . 2010-02-18 13:30 200704 —-a-w- c:windowssystem32iphlpsvc.dll
2010-04-13 20:02 . 2010-02-18 11:28 25088 —-a-w- c:windowssystem32driverstunnel.sys
2010-04-13 20:01 . 2009-12-23 11:33 172032 —-a-w- c:windowssystem32wintrust.dll
2010-04-13 19:58 . 2010-01-13 17:34 98304 —-a-w- c:windowssystem32cabview.dll
2010-04-08 19:30 . 2010-04-08 19:33
d
w- C:rsit
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsUC.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsRAR.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsPKZIP.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsPKUNZIP.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsNOCLOSE.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsLHA.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsARJ.PIF
2010-04-07 10:27 . 2010-04-07 10:27
d
w- C:totalcmd
2010-04-07 10:27 . 2010-04-07 10:27
d
w- c:usersToshibaAppDataRoamingGHISLER
2010-04-06 05:29 . 2010-04-06 05:29
d
w- C:perflogs
2010-03-24 22:20 . 2010-03-24 22:20
d
w- c:program filesConduit
2010-03-24 22:20 . 2010-03-24 22:20
d
w- c:program filesAshampoo_RU.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-21 19:41 . 2009-06-09 07:05 12 —-a-w- c:windowsbthservsdp.dat
2010-04-21 19:28 . 2008-06-18 16:45 3932160 —sha-w- c:usersЮлияntuser.dat
2010-04-21 19:16 . 2008-12-02 16:45
d
w- c:usersToshibaAppDataRoaminguTorrent
2010-04-21 11:45 . 2009-10-20 04:25
d
w- c:program filesSpyware Doctor
2010-04-21 05:52 . 2009-05-07 17:38 99664 —-a-w- c:programdatanvModes.dat
2010-04-20 04:00 . 2009-10-15 05:20
d
w- c:usersToshibaAppDataRoamingskypePM
2010-04-20 02:00 . 2009-12-04 17:08
d
w- c:usersToshibaAppDataRoamingSkype
2010-04-19 17:31 . 2008-10-22 19:31
d
w- c:program filesTrend Micro
2010-04-14 16:06 . 2006-11-02 11:18
d
w- c:program filesWindows Mail
2010-04-14 10:59 . 2009-04-02 05:54
d
w- c:program filesGoogle
2010-04-07 07:37 . 2009-12-16 09:19
d
w- c:program filesrp5.ru
2010-04-06 09:20 . 2006-11-09 07:21 656392 —-a-w- c:windowssystem32perfh019.dat
2010-04-06 09:20 . 2006-11-09 07:21 126656 —-a-w- c:windowssystem32perfc019.dat
2010-04-06 09:17 . 2009-12-31 21:37
d
w- c:usersToshibaAppDataRoamingIntelli-studio
2010-03-29 06:01 . 2007-03-30 08:24
d
w- c:program filesCommon FilesSymantec Shared
2010-03-24 07:41 . 2010-01-02 09:32
d
w- c:programdataMcAfee Security Scan
2010-03-23 15:38 . 2007-10-28 14:28
d
w- c:usersToshibaAppDataRoamingYandex
2010-03-22 09:10 . 2010-03-22 09:08
d
w- c:usersToshibaAppDataRoamingVirtual City
2010-03-22 09:05 . 2008-06-29 14:32
d
w- c:usersЮлияAppDataRoamingYandex
2010-03-22 09:04 . 2010-03-22 09:04
d
w- c:usersЮлияAppDataRoamingOpera
2010-03-20 19:34 . 2010-03-20 19:34
d
w- c:program filesCommon FilesSkype
2010-03-20 19:34 . 2009-12-04 17:05
d
r- c:program filesSkype
2010-03-18 11:30 . 2010-03-18 11:30
d
w- c:usersToshibaAppDataRoamingShinyTales
2010-03-15 10:19 . 2010-01-02 09:31
d
w- c:programdataNOS
2010-03-15 04:34 . 2008-06-18 16:47 145056 —-a-w- c:usersЮлияAppDataLocalGDIPFONTCACHEV1.DAT
2010-03-14 14:27 . 2010-03-14 14:26
d
w- c:program filesMcAfee Security Scan
2010-03-13 09:42 . 2010-01-02 09:33
d
w- c:program filesCommon FilesAdobe AIR
2010-02-24 23:41 . 2007-09-30 10:45 145056 —-a-w- c:usersToshibaAppDataLocalGDIPFONTCACHEV1.DAT
2010-02-24 06:16 . 2009-10-02 16:22 181632
w- c:windowssystem32MpSigStub.exe
2010-02-23 06:39 . 2010-03-31 05:33 916480 —-a-w- c:windowssystem32wininet.dll
2010-02-23 06:33 . 2010-03-31 05:33 109056 —-a-w- c:windowssystem32iesysprep.dll
2010-02-23 06:33 . 2010-03-31 05:33 71680 —-a-w- c:windowssystem32iesetup.dll
2010-02-23 04:55 . 2010-03-31 05:33 133632 —-a-w- c:windowssystem32ieUnatt.exe
2010-02-21 18:12 . 2007-03-30 07:37
d—h—w- c:program filesInstallShield Installation Information
2010-02-20 23:06 . 2010-03-10 11:41 24064 —-a-w- c:windowssystem32nshhttp.dll
2010-02-20 23:05 . 2010-03-10 11:41 30720 —-a-w- c:windowssystem32httpapi.dll
2010-02-20 20:53 . 2010-03-10 11:41 411648 —-a-w- c:windowssystem32drivershttp.sys
2010-01-25 12:00 . 2010-02-24 11:43 471552 —-a-w- c:windowssystem32secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 11:43 152576 —-a-w- c:windowssystem32secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 11:43 152064 —-a-w- c:windowssystem32secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 11:43 471552 —-a-w- c:windowssystem32secproc.dll
2010-01-25 11:58 . 2010-02-24 11:43 332288 —-a-w- c:windowssystem32msdrm.dll
2010-01-25 08:21 . 2010-02-24 11:43 526336 —-a-w- c:windowssystem32RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 11:43 346624 —-a-w- c:windowssystem32RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 11:43 347136 —-a-w- c:windowssystem32RMActivate_ssp.exe
2010-01-25 08:21 . 2010-02-24 11:43 518144 —-a-w- c:windowssystem32RMActivate.exe
2010-01-23 09:26 . 2010-02-24 11:45 2048 —-a-w- c:windowssystem32tzres.dll
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}»= «c:program filesFamily Toolbartbhelper.dll» [2009-05-07 355840]
«{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}»= «c:program filesAshampoo_RUtbAsha.dll» [2010-03-17 2355224][HKEY_CLASSES_ROOTclsid{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]
[HKEY_CLASSES_ROOTURLSearchHook.MHURLSearchHook.1]
[HKEY_CLASSES_ROOTTypeLib{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]
[HKEY_CLASSES_ROOTURLSearchHook.MHURLSearchHook][HKEY_CLASSES_ROOTclsid{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
[HKEY_LOCAL_MACHINE~Browser Helper Objects{0C37B053-FD68-456a-82E1-D788EE342E6F}]
2009-05-07 21:46 2642432 —-a-w- c:program filesFamily Toolbartbcore3.dll[HKEY_LOCAL_MACHINE~Browser Helper Objects{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
2010-03-17 12:45 2355224 —-a-w- c:program filesAshampoo_RUtbAsha.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}»= «c:program filesFamily Toolbartbcore3.dll» [2009-05-07 2642432]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-12-24 8729864]
«{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}»= «c:program filesAshampoo_RUtbAsha.dll» [2010-03-17 2355224][HKEY_CLASSES_ROOTclsid{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOTMHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOTTypeLib{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOTMHToolbar.MHToolbar][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CLASSES_ROOTclsid{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}»= «c:program filesFamily Toolbartbcore3.dll» [2009-05-07 2642432]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-12-24 8729864]
«{B901A6DC-B37C-4963-A6E9-AAA0FF88D981}»= «c:program filesAshampoo_RUtbAsha.dll» [2010-03-17 2355224][HKEY_CLASSES_ROOTclsid{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOTMHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOTTypeLib{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOTMHToolbar.MHToolbar][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CLASSES_ROOTclsid{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«Sidebar»=»c:program filesWindows Sidebarsidebar.exe» [2009-04-11 1233920]
«ehTray.exe»=»c:windowsehomeehTray.exe» [2008-01-19 125952]
«DAEMON Tools Lite»=»c:program filesDAEMON Tools Litedaemon.exe» [2008-08-08 490952]
«uTorrent»=»c:program filesuTorrentuTorrent.exe» [2009-12-19 289584]
«Skype»=»c:program filesSkype\PhoneSkype.exe» [2010-04-06 26102056]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2009-10-15 39408]
«NevoDRM»=»c:игры от nevosoftNevoDRMNevoDRM.exe» [2008-12-11 41984][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=»c:program filesWindows DefenderMSASCui.exe» [2008-01-19 1008184]
«HWSetup»=»c:program filesTOSHIBAUtilitiesHWSetup.exe» [2006-11-01 413696]
«NDSTray.exe»=»NDSTray.exe» [BU]
«Toshiba Registration»=»c:program filesToshibaRegistrationToshibaRegistration.exe» [2007-02-19 571024]
«Camera Assistant Software»=»c:program filesCamera Assistant Software for Toshibatraybar.exe» [2007-03-15 413696]
«avast!»=»c:progra~1ALWILS~1Avast4ashDisp.exe» [2009-11-24 81000]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2009-01-30 13605408]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2009-01-30 92704]
«SunJavaUpdateSched»=»c:program filesJavajre6binjusched.exe» [2009-05-20 148888]
«ISTray»=»c:program filesSpyware DoctorpctsTray.exe» [2008-12-08 1173384]
«PAC7302_Monitor»=»c:windowsPixArtPAC7302Monitor.exe» [2006-11-03 319488]
«Windows Mobile-based device management»=»c:windowsWindowsMobilewmdcBase.exe» [2007-05-31 648072]c:programdataMicrosoftWindowsStart MenuProgramsStartup
McAfee Security Scan Plus.lnk — c:program filesMcAfee Security Scan2.0.181SSScheduler.exe [2010-1-15 255536][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«EnableUIADesktopToggle»= 0 (0x0)[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]
@=»»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]
@=»»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinDefend]
@=»Service»[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoring]
«DisableMonitoring»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecAntiVirus]
«DisableMonitoring»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecFirewall]
«DisableMonitoring»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerSvc]
«VistaSp2″=hex(b):08,b2,12,a1,1c,4c,ca,01R2 gupdate1c9b43ab3863630;Google Update Service (gupdate1c9b43ab3863630);c:program filesGoogleUpdateGoogleUpdate.exe [2009-04-03 133104]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:program filesMcAfee Security Scan2.0.181McCHSvc.exe [2010-01-15 227232]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
R3 TpChoice;Touch Pad Detection Filter driver;c:windowssystem32DRIVERSTpChoice.sys [x]
S0 PCTCore;PCTools KDS;c:windowssystem32driversPCTCore.sys [2009-04-03 130936]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:windowsSystem32driverssfdrv01a.sys [2006-07-05 63352]
S0 sptd;sptd;c:windowsSystem32Driverssptd.sys [2009-03-31 717296]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:windowssystem32DRIVERSaswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:windowssystem32DRIVERSaswMonFlt.sys [2009-11-24 53328]
S2 sdAuxService;PC Tools Auxiliary Service;c:program filesSpyware DoctorpctsAuxs.exe [2009-01-07 348752]— Other Services/Drivers In Memory —
*Deregistered* — mchInjDrv
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the ‘Scheduled Tasks’ folder2010-04-21 c:windowsTasksGoogle Software Updater.job
— c:program filesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-10-15 05:15]2010-04-21 c:windowsTasksGoogleUpdateTaskMachineCore.job
— c:program filesGoogleUpdateGoogleUpdate.exe [2009-04-03 09:00]2010-04-21 c:windowsTasksGoogleUpdateTaskMachineUA.job
— c:program filesGoogleUpdateGoogleUpdate.exe [2009-04-03 09:00]2010-04-19 c:windowsTasksNorton Security Scan for Toshiba.job
— c:program filesNorton Security ScanEngine2.3.0.44Nss.exe [2009-10-15 12:45]2010-04-21 c:windowsTasksUser_Feed_Synchronization-{503FFDCA-07EF-4C1D-B0CC-7CEF54C9E98A}.job
— c:windowssystem32msfeedssync.exe [2010-03-31 04:54]2010-04-21 c:windowsTasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job
— c:windowssystem32msfeedssync.exe [2010-03-31 04:54]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=21978&yasoft=barie
mStart Page = hxxp://mail.ru
uInternet Settings,ProxyOverride =
IE: &D&ownload &with BitComet — c:program filesBitCometBitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet — c:program filesBitCometBitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet — c:program filesBitCometBitComet.exe/AddAllLink.htm
IE: &Translate — http://lingvo.yandex.ru/ie5trans.htm
IE: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~3OFFICE11EXCEL.EXE/3000
IE: Google ВикиКомментарии… — c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
IE: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
IE: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
IE: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU
.
— — — — ORPHANS REMOVED — — — —WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} — (no file)
HKCU-Run-YandexOnline — c:program filesYandexOnlineonline.exe
HKCU-Run-toscdspd — TOSCDSPD.EXE
HKLM-Run-WinampAgent — c:program filesWinampwinampa.exe
HKU-Default-Run-Yupdate! — c:program filesCommon FilesYandexYupdateyupdate.exe
AddRemove-{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F} — c:programdata{66E2F539-12B6-4870-A500-7689CDE75C5E}DriverScanner_Setup.exe**************************************************************************
scanning hidden processes …scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files:**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}000AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000
«MSCurrentCountry»=dword:000000b5[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}001AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}002AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000
.
Other Running Processes
.
c:windowssystem32nvvsvc.exe
c:windowssystem32rundll32.exe
c:program filesAlwil SoftwareAvast4aswUpdSv.exe
c:program filesAlwil SoftwareAvast4ashServ.exe
c:program filesTOSHIBAConfigFreeCFSvcs.exe
c:windowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe
c:program filesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
c:program filesGoogleUpdate1.2.183.23GoogleCrashHandler.exe
c:program filesSpyware DoctorpctsSvc.exe
c:program filesToshibaBluetooth Toshiba StackTosBtSrv.exe
c:program filesCommon FilesUlead SystemsDVDULCDRSvr.exe
c:program filesAlwil SoftwareAvast4ashMaiSv.exe
c:program filesAlwil SoftwareAvast4ashWebSv.exe
c:windowssystem32conime.exe
c:windowsehomeehsched.exe
c:windowsehomeehRecvr.exe
c:usersToshibaAppDataLocalYandexKraskiykraski.scr
c:usersToshibaAppDataLocalYandexKraskikraski.exe
.
**************************************************************************
.
Completion time: 2010-04-22 00:00:55 — machine was rebooted
ComboFix-quarantined-files.txt 2010-04-21 20:00Pre-Run: 15 033 204 736 байт свободно
Post-Run: 14 996 320 256 байт свободно— — End Of File — — A98B73E9A45D8AD24321C7F5148CAFFC
Combofix немного подчистил компьютер, в остальном лог выглядит нормально.
Как сейчас работает компьютер ?Спасибо, но ничего не изменилось. Отдал комп.програмистам, нашли ошибку на жестком диске. Теперь все нормально работает. Огромное спосибо за помощь.
- Тема ‘виснет комп.’ закрыта для новых сообщений.
