SPYWARE-RU.COM

Созданные ответы форума

Просмотр 15 сообщений - с 1 по 15 (из 15 всего)

Автор

Сообщения
11 мая, 2010 в 11:34 дп в ответ на: виснет комп. #29295
alex
Participant
- Темы:5
- Сообщений:20
Спасибо, но ничего не изменилось. Отдал комп.програмистам, нашли ошибку на жестком диске. Теперь все нормально работает. Огромное спосибо за помощь.
21 апреля, 2010 в 8:11 пп в ответ на: виснет комп. #29293
alex
Participant
- Темы:5
- Сообщений:20
Здравствуйте Валерий, вот результат Combofix. ComboFix 10-04-21.01 — Toshiba 21.04.2010 23:23:10.2.2 — x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1251.7.1049.18.1021.314 [GMT 4:00]
Running from: c:usersToshibaDownloadsComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081210-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Защитник Windows *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: avast! antivirus 4.8.1229 [VPS 081210-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:$recycle.binS-1-5-21-1825386462-1735010782-207331129-500
c:$recycle.binS-1-5-21-2152478756-3922319563-605102323-500
c:$recycle.binS-1-5-21-2931943833-4034439092-3643751013-1002
c:programdataMicrosoftNetworkDownloaderqmgr0.dat
c:programdataMicrosoftNetworkDownloaderqmgr1.dat
c:windowssystem32%appdata%
E:install.exe

BITS: Possible infected sites

hxxp://soft.export.yandex.ru
hxxp://download.yandex.ru
hxxp://bar.export.yandex.ru
.
((((((((((((((((((((((((( Files Created from 2010-03-21 to 2010-04-21 )))))))))))))))))))))))))))))))
.

2010-04-21 19:40 . 2010-04-21 19:45

d

w- c:usersToshibaAppDataLocaltemp
2010-04-21 19:40 . 2010-04-21 19:40

d

w- c:usersTEMP.Toshiba-ПК.000AppDataLocaltemp
2010-04-13 20:02 . 2010-02-23 11:10 212992 —-a-w- c:windowssystem32driversmrxsmb10.sys
2010-04-13 20:02 . 2010-02-23 11:10 79360 —-a-w- c:windowssystem32driversmrxsmb20.sys
2010-04-13 20:02 . 2010-02-23 11:10 106496 —-a-w- c:windowssystem32driversmrxsmb.sys
2010-04-13 20:02 . 2010-02-18 14:07 3548040 —-a-w- c:windowssystem32ntoskrnl.exe
2010-04-13 20:02 . 2010-02-18 14:07 3600776 —-a-w- c:windowssystem32ntkrnlpa.exe
2010-04-13 20:02 . 2010-03-05 14:01 420352 —-a-w- c:windowssystem32vbscript.dll
2010-04-13 20:02 . 2010-02-18 14:07 904576 —-a-w- c:windowssystem32driverstcpip.sys
2010-04-13 20:02 . 2010-02-18 13:30 200704 —-a-w- c:windowssystem32iphlpsvc.dll
2010-04-13 20:02 . 2010-02-18 11:28 25088 —-a-w- c:windowssystem32driverstunnel.sys
2010-04-13 20:01 . 2009-12-23 11:33 172032 —-a-w- c:windowssystem32wintrust.dll
2010-04-13 19:58 . 2010-01-13 17:34 98304 —-a-w- c:windowssystem32cabview.dll
2010-04-08 19:30 . 2010-04-08 19:33

d

w- C:rsit
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsUC.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsRAR.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsPKZIP.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsPKUNZIP.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsNOCLOSE.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsLHA.PIF
2010-04-07 10:27 . 2009-09-24 03:50 545 —-a-w- c:windowsARJ.PIF
2010-04-07 10:27 . 2010-04-07 10:27

d

w- C:totalcmd
2010-04-07 10:27 . 2010-04-07 10:27

d

w- c:usersToshibaAppDataRoamingGHISLER
2010-04-06 05:29 . 2010-04-06 05:29

d

w- C:perflogs
2010-03-24 22:20 . 2010-03-24 22:20

d

w- c:program filesConduit
2010-03-24 22:20 . 2010-03-24 22:20

d

w- c:program filesAshampoo_RU

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-21 19:41 . 2009-06-09 07:05 12 —-a-w- c:windowsbthservsdp.dat
2010-04-21 19:28 . 2008-06-18 16:45 3932160 —sha-w- c:usersЮлияntuser.dat
2010-04-21 19:16 . 2008-12-02 16:45

d

w- c:usersToshibaAppDataRoaminguTorrent
2010-04-21 11:45 . 2009-10-20 04:25

d

w- c:program filesSpyware Doctor
2010-04-21 05:52 . 2009-05-07 17:38 99664 —-a-w- c:programdatanvModes.dat
2010-04-20 04:00 . 2009-10-15 05:20

d

w- c:usersToshibaAppDataRoamingskypePM
2010-04-20 02:00 . 2009-12-04 17:08

d

w- c:usersToshibaAppDataRoamingSkype
2010-04-19 17:31 . 2008-10-22 19:31

d

w- c:program filesTrend Micro
2010-04-14 16:06 . 2006-11-02 11:18

d

w- c:program filesWindows Mail
2010-04-14 10:59 . 2009-04-02 05:54

d

w- c:program filesGoogle
2010-04-07 07:37 . 2009-12-16 09:19

d

w- c:program filesrp5.ru
2010-04-06 09:20 . 2006-11-09 07:21 656392 —-a-w- c:windowssystem32perfh019.dat
2010-04-06 09:20 . 2006-11-09 07:21 126656 —-a-w- c:windowssystem32perfc019.dat
2010-04-06 09:17 . 2009-12-31 21:37

d

w- c:usersToshibaAppDataRoamingIntelli-studio
2010-03-29 06:01 . 2007-03-30 08:24

d

w- c:program filesCommon FilesSymantec Shared
2010-03-24 07:41 . 2010-01-02 09:32

d

w- c:programdataMcAfee Security Scan
2010-03-23 15:38 . 2007-10-28 14:28

d

w- c:usersToshibaAppDataRoamingYandex
2010-03-22 09:10 . 2010-03-22 09:08

d

w- c:usersToshibaAppDataRoamingVirtual City
2010-03-22 09:05 . 2008-06-29 14:32

d

w- c:usersЮлияAppDataRoamingYandex
2010-03-22 09:04 . 2010-03-22 09:04

d

w- c:usersЮлияAppDataRoamingOpera
2010-03-20 19:34 . 2010-03-20 19:34

d

w- c:program filesCommon FilesSkype
2010-03-20 19:34 . 2009-12-04 17:05

d

r- c:program filesSkype
2010-03-18 11:30 . 2010-03-18 11:30

d

w- c:usersToshibaAppDataRoamingShinyTales
2010-03-15 10:19 . 2010-01-02 09:31

d

w- c:programdataNOS
2010-03-15 04:34 . 2008-06-18 16:47 145056 —-a-w- c:usersЮлияAppDataLocalGDIPFONTCACHEV1.DAT
2010-03-14 14:27 . 2010-03-14 14:26

d

w- c:program filesMcAfee Security Scan
2010-03-13 09:42 . 2010-01-02 09:33

d

w- c:program filesCommon FilesAdobe AIR
2010-02-24 23:41 . 2007-09-30 10:45 145056 —-a-w- c:usersToshibaAppDataLocalGDIPFONTCACHEV1.DAT
2010-02-24 06:16 . 2009-10-02 16:22 181632

w- c:windowssystem32MpSigStub.exe
2010-02-23 06:39 . 2010-03-31 05:33 916480 —-a-w- c:windowssystem32wininet.dll
2010-02-23 06:33 . 2010-03-31 05:33 109056 —-a-w- c:windowssystem32iesysprep.dll
2010-02-23 06:33 . 2010-03-31 05:33 71680 —-a-w- c:windowssystem32iesetup.dll
2010-02-23 04:55 . 2010-03-31 05:33 133632 —-a-w- c:windowssystem32ieUnatt.exe
2010-02-21 18:12 . 2007-03-30 07:37

d—h—w- c:program filesInstallShield Installation Information
2010-02-20 23:06 . 2010-03-10 11:41 24064 —-a-w- c:windowssystem32nshhttp.dll
2010-02-20 23:05 . 2010-03-10 11:41 30720 —-a-w- c:windowssystem32httpapi.dll
2010-02-20 20:53 . 2010-03-10 11:41 411648 —-a-w- c:windowssystem32drivershttp.sys
2010-01-25 12:00 . 2010-02-24 11:43 471552 —-a-w- c:windowssystem32secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 11:43 152576 —-a-w- c:windowssystem32secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 11:43 152064 —-a-w- c:windowssystem32secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 11:43 471552 —-a-w- c:windowssystem32secproc.dll
2010-01-25 11:58 . 2010-02-24 11:43 332288 —-a-w- c:windowssystem32msdrm.dll
2010-01-25 08:21 . 2010-02-24 11:43 526336 —-a-w- c:windowssystem32RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 11:43 346624 —-a-w- c:windowssystem32RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 11:43 347136 —-a-w- c:windowssystem32RMActivate_ssp.exe
2010-01-25 08:21 . 2010-02-24 11:43 518144 —-a-w- c:windowssystem32RMActivate.exe
2010-01-23 09:26 . 2010-02-24 11:45 2048 —-a-w- c:windowssystem32tzres.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}»= «c:program filesFamily Toolbartbhelper.dll» [2009-05-07 355840]
«{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}»= «c:program filesAshampoo_RUtbAsha.dll» [2010-03-17 2355224]

[HKEY_CLASSES_ROOTclsid{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]
[HKEY_CLASSES_ROOTURLSearchHook.MHURLSearchHook.1]
[HKEY_CLASSES_ROOTTypeLib{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]
[HKEY_CLASSES_ROOTURLSearchHook.MHURLSearchHook]

[HKEY_CLASSES_ROOTclsid{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]

[HKEY_LOCAL_MACHINE~Browser Helper Objects{0C37B053-FD68-456a-82E1-D788EE342E6F}]
2009-05-07 21:46 2642432 —-a-w- c:program filesFamily Toolbartbcore3.dll

[HKEY_LOCAL_MACHINE~Browser Helper Objects{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
2010-03-17 12:45 2355224 —-a-w- c:program filesAshampoo_RUtbAsha.dll

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}»= «c:program filesFamily Toolbartbcore3.dll» [2009-05-07 2642432]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-12-24 8729864]
«{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}»= «c:program filesAshampoo_RUtbAsha.dll» [2010-03-17 2355224]

[HKEY_CLASSES_ROOTclsid{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOTMHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOTTypeLib{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOTMHToolbar.MHToolbar]

[HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar]

[HKEY_CLASSES_ROOTclsid{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}»= «c:program filesFamily Toolbartbcore3.dll» [2009-05-07 2642432]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-12-24 8729864]
«{B901A6DC-B37C-4963-A6E9-AAA0FF88D981}»= «c:program filesAshampoo_RUtbAsha.dll» [2010-03-17 2355224]

[HKEY_CLASSES_ROOTclsid{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOTMHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOTTypeLib{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOTMHToolbar.MHToolbar]

[HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar]

[HKEY_CLASSES_ROOTclsid{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«Sidebar»=»c:program filesWindows Sidebarsidebar.exe» [2009-04-11 1233920]
«ehTray.exe»=»c:windowsehomeehTray.exe» [2008-01-19 125952]
«DAEMON Tools Lite»=»c:program filesDAEMON Tools Litedaemon.exe» [2008-08-08 490952]
«uTorrent»=»c:program filesuTorrentuTorrent.exe» [2009-12-19 289584]
«Skype»=»c:program filesSkype\PhoneSkype.exe» [2010-04-06 26102056]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2009-10-15 39408]
«NevoDRM»=»c:игры от nevosoftNevoDRMNevoDRM.exe» [2008-12-11 41984]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=»c:program filesWindows DefenderMSASCui.exe» [2008-01-19 1008184]
«HWSetup»=»c:program filesTOSHIBAUtilitiesHWSetup.exe» [2006-11-01 413696]
«NDSTray.exe»=»NDSTray.exe» [BU]
«Toshiba Registration»=»c:program filesToshibaRegistrationToshibaRegistration.exe» [2007-02-19 571024]
«Camera Assistant Software»=»c:program filesCamera Assistant Software for Toshibatraybar.exe» [2007-03-15 413696]
«avast!»=»c:progra~1ALWILS~1Avast4ashDisp.exe» [2009-11-24 81000]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2009-01-30 13605408]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2009-01-30 92704]
«SunJavaUpdateSched»=»c:program filesJavajre6binjusched.exe» [2009-05-20 148888]
«ISTray»=»c:program filesSpyware DoctorpctsTray.exe» [2008-12-08 1173384]
«PAC7302_Monitor»=»c:windowsPixArtPAC7302Monitor.exe» [2006-11-03 319488]
«Windows Mobile-based device management»=»c:windowsWindowsMobilewmdcBase.exe» [2007-05-31 648072]

c:programdataMicrosoftWindowsStart MenuProgramsStartup
McAfee Security Scan Plus.lnk — c:program filesMcAfee Security Scan2.0.181SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«EnableUIADesktopToggle»= 0 (0x0)

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]
@=»»

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]
@=»»

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinDefend]
@=»Service»

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoring]
«DisableMonitoring»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecAntiVirus]
«DisableMonitoring»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecFirewall]
«DisableMonitoring»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerSvc]
«VistaSp2″=hex(b):08,b2,12,a1,1c,4c,ca,01

R2 gupdate1c9b43ab3863630;Google Update Service (gupdate1c9b43ab3863630);c:program filesGoogleUpdateGoogleUpdate.exe [2009-04-03 133104]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:program filesMcAfee Security Scan2.0.181McCHSvc.exe [2010-01-15 227232]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
R3 TpChoice;Touch Pad Detection Filter driver;c:windowssystem32DRIVERSTpChoice.sys [x]
S0 PCTCore;PCTools KDS;c:windowssystem32driversPCTCore.sys [2009-04-03 130936]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:windowsSystem32driverssfdrv01a.sys [2006-07-05 63352]
S0 sptd;sptd;c:windowsSystem32Driverssptd.sys [2009-03-31 717296]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:windowssystem32DRIVERSaswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:windowssystem32DRIVERSaswMonFlt.sys [2009-11-24 53328]
S2 sdAuxService;PC Tools Auxiliary Service;c:program filesSpyware DoctorpctsAuxs.exe [2009-01-07 348752]

— Other Services/Drivers In Memory —

*Deregistered* — mchInjDrv

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the ‘Scheduled Tasks’ folder

2010-04-21 c:windowsTasksGoogle Software Updater.job
— c:program filesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-10-15 05:15]

2010-04-21 c:windowsTasksGoogleUpdateTaskMachineCore.job
— c:program filesGoogleUpdateGoogleUpdate.exe [2009-04-03 09:00]

2010-04-21 c:windowsTasksGoogleUpdateTaskMachineUA.job
— c:program filesGoogleUpdateGoogleUpdate.exe [2009-04-03 09:00]

2010-04-19 c:windowsTasksNorton Security Scan for Toshiba.job
— c:program filesNorton Security ScanEngine2.3.0.44Nss.exe [2009-10-15 12:45]

2010-04-21 c:windowsTasksUser_Feed_Synchronization-{503FFDCA-07EF-4C1D-B0CC-7CEF54C9E98A}.job
— c:windowssystem32msfeedssync.exe [2010-03-31 04:54]

2010-04-21 c:windowsTasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job
— c:windowssystem32msfeedssync.exe [2010-03-31 04:54]
.
.

Supplementary Scan

.
uStart Page = hxxp://www.yandex.ru/?clid=21978&yasoft=barie
mStart Page = hxxp://mail.ru
uInternet Settings,ProxyOverride =
IE: &D&ownload &with BitComet — c:program filesBitCometBitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet — c:program filesBitCometBitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet — c:program filesBitCometBitComet.exe/AddAllLink.htm
IE: &Translate — http://lingvo.yandex.ru/ie5trans.htm
IE: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~3OFFICE11EXCEL.EXE/3000
IE: Google ВикиКомментарии… — c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
IE: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
IE: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
IE: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU
.
— — — — ORPHANS REMOVED — — — —

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} — (no file)
HKCU-Run-YandexOnline — c:program filesYandexOnlineonline.exe
HKCU-Run-toscdspd — TOSCDSPD.EXE
HKLM-Run-WinampAgent — c:program filesWinampwinampa.exe
HKU-Default-Run-Yupdate! — c:program filesCommon FilesYandexYupdateyupdate.exe
AddRemove-{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F} — c:programdata{66E2F539-12B6-4870-A500-7689CDE75C5E}DriverScanner_Setup.exe

**************************************************************************
scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files:

**************************************************************************
.

LOCKED REGISTRY KEYS

[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}000AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000
«MSCurrentCountry»=dword:000000b5

[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}001AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000

[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}002AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000
.

Other Running Processes

.
c:windowssystem32nvvsvc.exe
c:windowssystem32rundll32.exe
c:program filesAlwil SoftwareAvast4aswUpdSv.exe
c:program filesAlwil SoftwareAvast4ashServ.exe
c:program filesTOSHIBAConfigFreeCFSvcs.exe
c:windowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe
c:program filesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
c:program filesGoogleUpdate1.2.183.23GoogleCrashHandler.exe
c:program filesSpyware DoctorpctsSvc.exe
c:program filesToshibaBluetooth Toshiba StackTosBtSrv.exe
c:program filesCommon FilesUlead SystemsDVDULCDRSvr.exe
c:program filesAlwil SoftwareAvast4ashMaiSv.exe
c:program filesAlwil SoftwareAvast4ashWebSv.exe
c:windowssystem32conime.exe
c:windowsehomeehsched.exe
c:windowsehomeehRecvr.exe
c:usersToshibaAppDataLocalYandexKraskiykraski.scr
c:usersToshibaAppDataLocalYandexKraskikraski.exe
.
**************************************************************************
.
Completion time: 2010-04-22 00:00:55 — machine was rebooted
ComboFix-quarantined-files.txt 2010-04-21 20:00

Pre-Run: 15 033 204 736 байт свободно
Post-Run: 14 996 320 256 байт свободно

— — End Of File — — A98B73E9A45D8AD24321C7F5148CAFFC
19 апреля, 2010 в 5:34 пп в ответ на: виснет комп. #29291
alex
Participant
- Темы:5
- Сообщений:20
Здравствуйте! Logfile of random’s system information tool 1.06 (written by random/random)
Run by Toshiba at 2010-04-19 21:31:32
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 15 GB (20%) free of 76 GB
Total RAM: 1021 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:32:26, on 19.04.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:WindowsSystem32smss.exe
C:Windowssystem32csrss.exe
C:Windowssystem32wininit.exe
C:Windowssystem32csrss.exe
C:Windowssystem32services.exe
C:Windowssystem32lsass.exe
C:Windowssystem32lsm.exe
C:Windowssystem32winlogon.exe
C:Windowssystem32svchost.exe
C:Windowssystem32nvvsvc.exe
C:Windowssystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32SLsvc.exe
C:Windowssystem32svchost.exe
C:Windowssystem32rundll32.exe
C:Windowssystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe
C:Windowssystem32svchost.exe
C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe
C:WindowsExplorer.EXE
C:Program FilesGoogleUpdate1.2.183.23GoogleCrashHandler.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Windowssystem32svchost.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:WindowsSystem32rundll32.exe
C:Program FilesJavajre6binjusched.exe
C:WindowsWindowsMobilewmdcBase.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:Windowssystem32svchost.exe
c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
C:Program FilesSpyware DoctorpctsTray.exe
C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
C:WindowsSystem32svchost.exe
C:Windowsehomeehmsas.exe
C:Windowssystem32SearchIndexer.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Windowssystem32svchost.exe
C:Windowsehomeehsched.exe
C:WindowsSystem32alg.exe
C:WindowsSystem32mobsync.exe
C:WindowsehomeehRecvr.exe
C:Windowssystem32conime.exe
C:WindowsSystem32svchost.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesGoogleGoogle ToolbarGoogleToolbarUser_32.exe
C:Windowssystem32MacromedFlashFlashUtil10e.exe
C:UsersToshibaDownloadsRSIT.exe
C:Windowssystem32wbemwmiprvse.exe
C:Program Filestrend microToshiba.exe
C:Windowssystem32msfeedssync.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.shareware-ru.com/ru/index.php?rvs=hompag
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=21978&yasoft=barie
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.shareware-ru.com/ru/index.php?rvs=hompag
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: MHURLSearchHook Class — {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} — C:Program FilesFamily Toolbartbhelper.dll
R3 — URLSearchHook: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O1 — Hosts: ::1 localhost
O2 — BHO: MHTBPos00 — {0C37B053-FD68-456a-82E1-D788EE342E6F} — C:Program FilesFamily Toolbartbcore3.dll
O2 — BHO: BitComet ClickCapture — {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll (file missing)
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.5.4723.1820swg.dll
O2 — BHO: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: &Gismeteo.Ru — {923A63EB-3D61-44A5-9E54-545127FEAEEA} — c:gismeteobargismeteobar.dll (file missing)
O3 — Toolbar: (no name) — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — (no file)
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: Family Toolbar — {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} — C:Program FilesFamily Toolbartbcore3.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe»
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKLM..Run: [PAC7302_Monitor] C:WindowsPixArtPAC7302Monitor.exe
O4 — HKLM..Run: [Windows Mobile-based device management] %WINDIR%WindowsMobilewmdcBase.exe
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [toscdspd] TOSCDSPD.EXE
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKCU..Run: [Skype] «C:Program FilesSkype\PhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [NevoDRM] «C:Игры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘Default user’)
O4 — Global Startup: McAfee Security Scan Plus.lnk = ?
O8 — Extra context menu item: &D&ownload &with BitComet — res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Translate — http://lingvo.yandex.ru/ie5trans.htm
O8 — Extra context menu item: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Google ВикиКомментарии… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 — Extra context menu item: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
O8 — Extra context menu item: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
O8 — Extra context menu item: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
O8 — Extra context menu item: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
O9 — Extra button: PokerStars — {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} — C:Program FilesPokerStarsPokerStarsUpdate.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 — Extra button: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:ProgramsPartyGamingPartyPokerRunApp.exe (file missing)
O9 — Extra ‘Tools’ menuitem: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:ProgramsPartyGamingPartyPokerRunApp.exe (file missing)
O9 — Extra button: eBay — {C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU (file missing)
O9 — Extra button: BitComet — {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} — res://C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 — Gopher Prefix:
O16 — DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} — http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 — DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} — http://download.divx.com/player/DivXBrowserPlugin.cab
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: ConfigFree Service (CFSvcs) — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Google Update Service (gupdate1c9b43ab3863630) (gupdate1c9b43ab3863630) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: McAfee Security Scan Component Host Service (McComponentHostService) — McAfee, Inc. — C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe

—
End of file — 13173 bytes

======Scheduled tasks folder======

C:WindowstasksGoogle Software Updater.job
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksNeroLiveEpgUpdate-Toshiba-ПК_Toshiba.job
C:WindowstasksNorton Security Scan for Toshiba.job
C:WindowstasksRegistry OK Schedule.job
C:WindowstasksUser_Feed_Synchronization-{503FFDCA-07EF-4C1D-B0CC-7CEF54C9E98A}.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class — C:Program FilesFamily Toolbartbcore3.dll [2009-05-08 2642432]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-11-03 1029296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.5.4723.1820swg.dll [2010-01-30 812528]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
Ashampoo RU Toolbar — C:Program FilesAshampoo_RUtbAsha.dll [2010-03-17 2355224]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-20 35840]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{468CD8A9-7C25-45FA-969E-3D925C689DC4}
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-11-03 1029296]
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} — Family Toolbar — C:Program FilesFamily Toolbartbcore3.dll [2009-05-08 2642432]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-12-24 8729864]
{b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — Ashampoo RU Toolbar — C:Program FilesAshampoo_RUtbAsha.dll [2010-03-17 2355224]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«NDSTray.exe»=NDSTray.exe []
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
«WinampAgent»=C:Program FilesWinampwinampa.exe []
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2009-01-30 13605408]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2009-01-30 92704]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-20 148888]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-12-08 1173384]
«PAC7302_Monitor»=C:WindowsPixArtPAC7302Monitor.exe [2006-11-03 319488]
«Windows Mobile-based device management»=C:WindowsWindowsMobilewmdcBase.exe [2007-05-31 648072]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-04-11 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart []
«toscdspd»=TOSCDSPD.EXE []
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-08-08 490952]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2009-12-19 289584]
«Skype»=C:Program FilesSkype\PhoneSkype.exe [2010-04-06 26102056]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-10-15 39408]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
McAfee Security Scan Plus.lnk — C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoDriveAutoRun»=95

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«BindDirectlyToPropertySetStorage»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b2c65fc3-1e05-11de-88b8-0016d4fd5c15}]
shellAutoRuncommand — G:browse.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b41ea2de-f5d9-11de-9b95-00037ad7fc3e}]
shellAutoRuncommand — F:iStudio.exe

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2010-04-14 00:02:35 —-A—- C:Windowssystem32ntoskrnl.exe
2010-04-14 00:02:33 —-A—- C:Windowssystem32ntkrnlpa.exe
2010-04-14 00:02:29 —-A—- C:Windowssystem32vbscript.dll
2010-04-14 00:02:13 —-A—- C:Windowssystem32iphlpsvc.dll
2010-04-14 00:01:23 —-A—- C:Windowssystem32wintrust.dll
2010-04-13 23:58:20 —-A—- C:Windowssystem32cabview.dll
2010-04-08 23:30:51 —-D—- C:rsit
2010-04-07 14:27:06 —-D—- C:UsersToshibaAppDataRoamingGHISLER
2010-04-07 14:27:06 —-D—- C:totalcmd
2010-04-06 09:29:03 —-D—- C:perflogs
2010-03-31 09:33:23 —-A—- C:Windowssystem32mshtml.dll
2010-03-31 09:33:18 —-A—- C:Windowssystem32ieframe.dll
2010-03-31 09:33:16 —-A—- C:Windowssystem32iertutil.dll
2010-03-31 09:33:15 —-A—- C:Windowssystem32urlmon.dll
2010-03-31 09:33:14 —-A—- C:Windowssystem32wininet.dll
2010-03-31 09:33:13 —-A—- C:Windowssystem32occache.dll
2010-03-31 09:33:13 —-A—- C:Windowssystem32msfeeds.dll
2010-03-31 09:33:12 —-A—- C:Windowssystem32mstime.dll
2010-03-31 09:33:12 —-A—- C:Windowssystem32iedkcs32.dll
2010-03-31 09:33:08 —-A—- C:Windowssystem32ieui.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32msfeedsbs.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32ieUnatt.exe
2010-03-31 09:33:07 —-A—- C:Windowssystem32iesysprep.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32iepeers.dll
2010-03-31 09:33:06 —-A—- C:Windowssystem32jsproxy.dll
2010-03-31 09:33:05 —-A—- C:Windowssystem32msfeedssync.exe
2010-03-31 09:33:05 —-A—- C:Windowssystem32ie4uinit.exe
2010-03-31 09:33:04 —-A—- C:Windowssystem32iesetup.dll
2010-03-31 09:33:04 —-A—- C:Windowssystem32iernonce.dll
2010-03-25 02:20:13 —-D—- C:Program FilesConduit
2010-03-25 02:20:10 —-D—- C:Program FilesAshampoo_RU
2010-03-22 22:20:39 —-D—- C:работа
2010-03-22 13:08:24 —-D—- C:UsersToshibaAppDataRoamingVirtual City
2010-03-20 23:34:18 —-D—- C:Program FilesCommon FilesSkype

======List of files/folders modified in the last 1 months======

2010-04-19 21:32:04 —-D—- C:WindowsTemp
2010-04-19 21:31:45 —-D—- C:WindowsPrefetch
2010-04-19 21:31:36 —-D—- C:Program FilesTrend Micro
2010-04-19 21:26:42 —-D—- C:WindowsTasks
2010-04-19 21:23:57 —-AD—- C:ProgramDataTEMP
2010-04-19 21:23:55 —-D—- C:Windowssystem32drivers
2010-04-19 20:22:35 —-D—- C:UsersToshibaAppDataRoaminguTorrent
2010-04-19 19:42:29 —-SHD—- C:System Volume Information
2010-04-19 16:59:55 —-D—- C:Windowstracing
2010-04-17 14:19:37 —-SHD—- C:WindowsInstaller
2010-04-17 14:19:34 —-D—- C:Program FilesAdobe
2010-04-17 06:13:35 —-D—- C:UsersToshibaAppDataRoamingSkype
2010-04-17 02:06:22 —-D—- C:Windowssystem32Tasks
2010-04-17 02:02:48 —-D—- C:UsersToshibaAppDataRoamingskypePM
2010-04-15 20:47:13 —-D—- C:Program FilesSpyware Doctor
2010-04-15 20:44:27 —-D—- C:Windowssystem32catroot2
2010-04-14 20:26:29 —-D—- C:Windowswinsxs
2010-04-14 20:15:53 —-D—- C:Windowssystem32catroot
2010-04-14 20:06:12 —-D—- C:WindowsSystem32
2010-04-14 20:06:12 —-D—- C:Program FilesWindows Mail
2010-04-14 14:59:04 —-D—- C:Program FilesGoogle
2010-04-07 14:27:07 —-D—- C:Windows
2010-04-07 11:37:29 —-D—- C:Program Filesrp5.ru
2010-04-06 21:52:54 —-A—- C:Windowssystem32mrt.exe
2010-04-06 13:20:46 —-A—- C:Windowssystem32PerfStringBackup.INI
2010-04-06 13:20:45 —-D—- C:Windowsinf
2010-04-06 13:17:52 —-D—- C:UsersToshibaAppDataRoamingIntelli-studio
2010-04-06 11:11:14 —-D—- C:Игры от NevoSoft
2010-04-06 09:07:03 —-RD—- C:Users
2010-04-01 00:42:59 —-D—- C:Windowssystem32migration
2010-04-01 00:42:59 —-D—- C:Program FilesInternet Explorer
2010-03-29 10:01:01 —-D—- C:Program FilesCommon FilesSymantec Shared
2010-03-25 02:20:13 —-RD—- C:Program Files
2010-03-24 11:47:55 —-D—- C:WindowsWindowsMobile
2010-03-24 11:41:37 —-D—- C:Windowssystem32config
2010-03-24 11:41:20 —-D—- C:Windowssystem32spool
2010-03-24 11:41:20 —-D—- C:Windowssystem32Msdtc
2010-03-24 11:41:15 —-D—- C:ProgramDataMcAfee Security Scan
2010-03-24 11:41:10 —-D—- C:Windowssystem32wbem
2010-03-24 11:41:10 —-D—- C:Windowsregistration
2010-03-23 19:38:26 —-D—- C:UsersToshibaAppDataRoamingYandex
2010-03-20 23:34:18 —-D—- C:Program FilesCommon Files
2010-03-20 23:34:17 —-RD—- C:Program FilesSkype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-11-25 48560]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2009-04-11 236544]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-01-30 7544832]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2009-04-11 89088]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 ayzdxz4a;ayzdxz4a; C:Windowssystem32driversayzdxz4a.sys []
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys []
S3 MarvinBus;Pinnacle Marvin Bus; C:Windowssystem32DRIVERSMarvinBus.sys [2005-09-24 171520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 USB28xxBGA;PCTV 170e Device; C:Windowssystem32DRIVERSemBDA.sys [2008-09-12 540288]
S3 USB28xxOEM;USB 28xx OEM Filter; C:Windowssystem32DRIVERSemOEM.sys [2008-09-12 443520]
S3 winusb;WinUSB Service; C:Windowssystem32DRIVERSwinusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-01-30 203296]
R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2009-01-07 348752]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2009-01-21 1095560]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S2 gupdate1c9b43ab3863630;Google Update Service (gupdate1c9b43ab3863630); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-04-03 133104]
S2 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-10-15 194032]
S3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe [2010-01-15 227232]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-29 89136]

EOF
9 апреля, 2010 в 11:10 пп в ответ на: виснет комп. #29288
alex
Participant
- Темы:5
- Сообщений:20
Здравствуйте! Комп. виснет когда ему захочется(как в интернете, так и при работе в любой программе). Спасибо.
8 апреля, 2010 в 8:27 пп в ответ на: виснет комп. #29290
alex
Participant
- Темы:5
- Сообщений:20
Здравствуйте. Вот содержимое loq. cLogfile of random’s system information tool 1.06 (written by random/random)
Run by Toshiba at 2010-04-09 00:17:15
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 19 GB (26%) free of 76 GB
Total RAM: 1021 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:18:32, on 09.04.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:WindowsSystem32smss.exe
C:Windowssystem32csrss.exe
C:Windowssystem32wininit.exe
C:Windowssystem32csrss.exe
C:Windowssystem32services.exe
C:Windowssystem32lsass.exe
C:Windowssystem32lsm.exe
C:Windowssystem32winlogon.exe
C:Windowssystem32svchost.exe
C:Windowssystem32nvvsvc.exe
C:Windowssystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32SLsvc.exe
C:Windowssystem32svchost.exe
C:Windowssystem32rundll32.exe
C:Windowssystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesGoogleUpdate1.2.183.23GoogleCrashHandler.exe
C:Windowssystem32svchost.exe
C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:WindowsSystem32rundll32.exe
C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe
C:Program FilesJavajre6binjusched.exe
C:WindowsWindowsMobilewmdcBase.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Windowssystem32svchost.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:Windowsehomeehmsas.exe
C:Windowssystem32svchost.exe
C:Program FilesSpyware DoctorpctsTray.exe
c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32SearchIndexer.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Windowssystem32svchost.exe
C:Windowsehomeehsched.exe
C:WindowsSystem32alg.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:Program FilesInternet ExplorerIELowutil.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:WindowsehomeehRecvr.exe
C:UsersToshibaDownloadsRSIT.exe
C:Windowssystem32wbemwmiprvse.exe
C:Program Filestrend microToshiba.exe
C:Windowssystem32SearchProtocolHost.exe
C:Windowssystem32SearchFilterHost.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.shareware-ru.com/ru/index.php?rvs=hompag
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=21978&yasoft=barie
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.shareware-ru.com/ru/index.php?rvs=hompag
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: MHURLSearchHook Class — {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} — C:Program FilesFamily Toolbartbhelper.dll
R3 — URLSearchHook: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O1 — Hosts: ::1 localhost
O2 — BHO: MHTBPos00 — {0C37B053-FD68-456a-82E1-D788EE342E6F} — C:Program FilesFamily Toolbartbcore3.dll
O2 — BHO: BitComet ClickCapture — {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll (file missing)
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.5.4723.1820swg.dll
O2 — BHO: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: &Gismeteo.Ru — {923A63EB-3D61-44A5-9E54-545127FEAEEA} — c:gismeteobargismeteobar.dll (file missing)
O3 — Toolbar: (no name) — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — (no file)
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: Family Toolbar — {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} — C:Program FilesFamily Toolbartbcore3.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Ashampoo RU Toolbar — {b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — C:Program FilesAshampoo_RUtbAsha.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe»
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [ISTray] «C:Program FilesSpyware DoctorpctsTray.exe»
O4 — HKLM..Run: [PAC7302_Monitor] C:WindowsPixArtPAC7302Monitor.exe
O4 — HKLM..Run: [Windows Mobile-based device management] %WINDIR%WindowsMobilewmdcBase.exe
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [toscdspd] TOSCDSPD.EXE
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKCU..Run: [Skype] «C:Program FilesSkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [NevoDRM] «C:Игры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘Default user’)
O4 — Global Startup: McAfee Security Scan Plus.lnk = ?
O8 — Extra context menu item: &D&ownload &with BitComet — res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Translate — http://lingvo.yandex.ru/ie5trans.htm
O8 — Extra context menu item: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Google ВикиКомментарии… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 — Extra context menu item: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
O8 — Extra context menu item: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
O8 — Extra context menu item: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
O8 — Extra context menu item: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
O9 — Extra button: PokerStars — {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} — C:Program FilesPokerStarsPokerStarsUpdate.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 — Extra button: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:ProgramsPartyGamingPartyPokerRunApp.exe (file missing)
O9 — Extra ‘Tools’ menuitem: PartyPoker.com — {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} — C:ProgramsPartyGamingPartyPokerRunApp.exe (file missing)
O9 — Extra button: eBay — {C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU (file missing)
O9 — Extra button: BitComet — {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} — res://C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 — Gopher Prefix:
O16 — DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} — http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 — DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} — http://download.divx.com/player/DivXBrowserPlugin.cab
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: ConfigFree Service (CFSvcs) — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Google Update Service (gupdate1c9b43ab3863630) (gupdate1c9b43ab3863630) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: McAfee Security Scan Component Host Service (McComponentHostService) — McAfee, Inc. — C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — C:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — C:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe

—
End of file — 13080 bytes

======Scheduled tasks folder======

C:WindowstasksGoogle Software Updater.job
C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksNeroLiveEpgUpdate-Toshiba-ПК_Toshiba.job
C:WindowstasksNorton Security Scan for Toshiba.job
C:WindowstasksRegistry OK Schedule.job
C:WindowstasksUser_Feed_Synchronization-{503FFDCA-07EF-4C1D-B0CC-7CEF54C9E98A}.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class — C:Program FilesFamily Toolbartbcore3.dll [2009-05-08 2642432]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-11-03 1029296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.5.4723.1820swg.dll [2010-01-30 812528]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{b901a6dc-b37c-4963-a6e9-aaa0ff88d981}]
Ashampoo RU Toolbar — C:Program FilesAshampoo_RUtbAsha.dll [2010-03-17 2355224]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-20 35840]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{468CD8A9-7C25-45FA-969E-3D925C689DC4}
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-11-03 1029296]
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} — Family Toolbar — C:Program FilesFamily Toolbartbcore3.dll [2009-05-08 2642432]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-01-30 279664]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-12-24 8729864]
{b901a6dc-b37c-4963-a6e9-aaa0ff88d981} — Ashampoo RU Toolbar — C:Program FilesAshampoo_RUtbAsha.dll [2010-03-17 2355224]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«NDSTray.exe»=NDSTray.exe []
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
«WinampAgent»=C:Program FilesWinampwinampa.exe []
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2009-01-30 13605408]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2009-01-30 92704]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-20 148888]
«ISTray»=C:Program FilesSpyware DoctorpctsTray.exe [2008-12-08 1173384]
«PAC7302_Monitor»=C:WindowsPixArtPAC7302Monitor.exe [2006-11-03 319488]
«Windows Mobile-based device management»=C:WindowsWindowsMobilewmdcBase.exe [2007-05-31 648072]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-04-11 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart []
«toscdspd»=TOSCDSPD.EXE []
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-08-08 490952]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2009-12-19 289584]
«Skype»=C:Program FilesSkypePhoneSkype.exe [2010-03-09 26100520]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-10-15 39408]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
McAfee Security Scan Plus.lnk — C:Program FilesMcAfee Security Scan2.0.181SSScheduler.exe

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoDriveAutoRun»=95

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«BindDirectlyToPropertySetStorage»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b2c65fc3-1e05-11de-88b8-0016d4fd5c15}]
shellAutoRuncommand — G:browse.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b41ea2de-f5d9-11de-9b95-00037ad7fc3e}]
shellAutoRuncommand — F:iStudio.exe

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2010-04-08 23:30:51 —-D—- C:rsit
2010-04-07 14:27:06 —-D—- C:UsersToshibaAppDataRoamingGHISLER
2010-04-07 14:27:06 —-D—- C:totalcmd
2010-04-06 09:29:03 —-D—- C:perflogs
2010-03-31 09:33:23 —-A—- C:Windowssystem32mshtml.dll
2010-03-31 09:33:18 —-A—- C:Windowssystem32ieframe.dll
2010-03-31 09:33:16 —-A—- C:Windowssystem32iertutil.dll
2010-03-31 09:33:15 —-A—- C:Windowssystem32urlmon.dll
2010-03-31 09:33:14 —-A—- C:Windowssystem32wininet.dll
2010-03-31 09:33:13 —-A—- C:Windowssystem32occache.dll
2010-03-31 09:33:13 —-A—- C:Windowssystem32msfeeds.dll
2010-03-31 09:33:12 —-A—- C:Windowssystem32mstime.dll
2010-03-31 09:33:12 —-A—- C:Windowssystem32iedkcs32.dll
2010-03-31 09:33:08 —-A—- C:Windowssystem32ieui.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32msfeedsbs.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32ieUnatt.exe
2010-03-31 09:33:07 —-A—- C:Windowssystem32iesysprep.dll
2010-03-31 09:33:07 —-A—- C:Windowssystem32iepeers.dll
2010-03-31 09:33:06 —-A—- C:Windowssystem32jsproxy.dll
2010-03-31 09:33:05 —-A—- C:Windowssystem32msfeedssync.exe
2010-03-31 09:33:05 —-A—- C:Windowssystem32ie4uinit.exe
2010-03-31 09:33:04 —-A—- C:Windowssystem32iesetup.dll
2010-03-31 09:33:04 —-A—- C:Windowssystem32iernonce.dll
2010-03-25 02:20:13 —-D—- C:Program FilesConduit
2010-03-25 02:20:10 —-D—- C:Program FilesAshampoo_RU
2010-03-22 22:20:39 —-D—- C:работа
2010-03-22 13:08:24 —-D—- C:UsersToshibaAppDataRoamingVirtual City
2010-03-20 23:34:18 —-D—- C:Program FilesCommon FilesSkype
2010-03-18 15:30:22 —-D—- C:UsersToshibaAppDataRoamingShinyTales
2010-03-14 18:26:26 —-D—- C:Program FilesMcAfee Security Scan
2010-03-10 15:41:20 —-A—- C:Windowssystem32nshhttp.dll
2010-03-10 15:41:06 —-A—- C:Windowssystem32httpapi.dll

======List of files/folders modified in the last 1 months======

2010-04-09 00:17:22 —-D—- C:Program FilesTrend Micro
2010-04-09 00:17:12 —-D—- C:WindowsTemp
2010-04-09 00:16:46 —-D—- C:UsersToshibaAppDataRoamingSkype
2010-04-09 00:16:35 —-D—- C:WindowsTasks
2010-04-09 00:15:53 —-D—- C:UsersToshibaAppDataRoamingskypePM
2010-04-09 00:13:34 —-AD—- C:ProgramDataTEMP
2010-04-09 00:12:59 —-D—- C:Windowssystem32drivers
2010-04-08 23:52:43 —-D—- C:UsersToshibaAppDataRoaminguTorrent
2010-04-08 23:31:08 —-D—- C:WindowsPrefetch
2010-04-08 21:33:09 —-D—- C:Windowstracing
2010-04-08 21:13:42 —-SHD—- C:System Volume Information
2010-04-07 17:26:04 —-D—- C:Program FilesSpyware Doctor
2010-04-07 14:27:07 —-D—- C:Windows
2010-04-07 11:37:29 —-D—- C:Program Filesrp5.ru
2010-04-06 13:20:46 —-D—- C:WindowsSystem32
2010-04-06 13:20:46 —-A—- C:Windowssystem32PerfStringBackup.INI
2010-04-06 13:20:45 —-D—- C:Windowsinf
2010-04-06 13:17:52 —-D—- C:UsersToshibaAppDataRoamingIntelli-studio
2010-04-06 11:11:14 —-D—- C:Игры от NevoSoft
2010-04-06 09:07:19 —-SHD—- C:WindowsInstaller
2010-04-06 09:07:03 —-RD—- C:Users
2010-04-01 00:42:59 —-D—- C:Windowssystem32migration
2010-04-01 00:42:59 —-D—- C:Program FilesInternet Explorer
2010-04-01 00:03:07 —-D—- C:Windowswinsxs
2010-03-31 09:29:33 —-D—- C:Windowssystem32catroot2
2010-03-31 09:29:33 —-D—- C:Windowssystem32catroot
2010-03-29 10:01:01 —-D—- C:Program FilesCommon FilesSymantec Shared
2010-03-25 02:20:13 —-RD—- C:Program Files
2010-03-24 11:47:55 —-D—- C:WindowsWindowsMobile
2010-03-24 11:41:37 —-D—- C:Windowssystem32config
2010-03-24 11:41:20 —-D—- C:Windowssystem32Tasks
2010-03-24 11:41:20 —-D—- C:Windowssystem32spool
2010-03-24 11:41:20 —-D—- C:Windowssystem32Msdtc
2010-03-24 11:41:15 —-D—- C:ProgramDataMcAfee Security Scan
2010-03-24 11:41:10 —-D—- C:Windowssystem32wbem
2010-03-24 11:41:10 —-D—- C:Windowsregistration
2010-03-23 19:38:26 —-D—- C:UsersToshibaAppDataRoamingYandex
2010-03-20 23:34:18 —-D—- C:Program FilesCommon Files
2010-03-20 23:34:17 —-RD—- C:Program FilesSkype
2010-03-15 14:19:00 —-D—- C:ProgramDataNOS
2010-03-15 14:16:49 —-SD—- C:WindowsDownloaded Program Files
2010-03-13 13:42:54 —-D—- C:Program FilesCommon FilesAdobe AIR
2010-03-10 16:09:21 —-D—- C:Program FilesMovie Maker
2010-03-10 16:09:20 —-D—- C:Program FilesWindows Mail
2010-03-10 15:50:48 —-A—- C:Windowswin.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-11-25 48560]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2009-04-11 236544]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-01-30 7544832]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2009-04-11 89088]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 ausdja94;ausdja94; C:Windowssystem32driversausdja94.sys []
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys []
S3 MarvinBus;Pinnacle Marvin Bus; C:Windowssystem32DRIVERSMarvinBus.sys [2005-09-24 171520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 USB28xxBGA;PCTV 170e Device; C:Windowssystem32DRIVERSemBDA.sys [2008-09-12 540288]
S3 USB28xxOEM;USB 28xx OEM Filter; C:Windowssystem32DRIVERSemOEM.sys [2008-09-12 443520]
S3 winusb;WinUSB Service; C:Windowssystem32DRIVERSwinusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-01-30 203296]
R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 sdAuxService;PC Tools Auxiliary Service; C:Program FilesSpyware DoctorpctsAuxs.exe [2009-01-07 348752]
R2 sdCoreService;PC Tools Security Service; C:Program FilesSpyware DoctorpctsSvc.exe [2009-01-21 1095560]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S2 gupdate1c9b43ab3863630;Google Update Service (gupdate1c9b43ab3863630); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-04-03 133104]
S2 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-10-15 194032]
S3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:Program FilesMcAfee Security Scan2.0.181McCHSvc.exe [2010-01-15 227232]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-29 89136]

EOF
18 мая, 2009 в 5:28 пп в ответ на: как почистить комп #23770
alex
Participant
- Темы:5
- Сообщений:20
Спасибо, вродебы комп стал работать быстрее.
15 мая, 2009 в 9:25 пп в ответ на: как почистить комп #23768
alex
Participant
- Темы:5
- Сообщений:20
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Toshiba at 2009-05-16 01:20:13
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 1021 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:20:24, on 16.05.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesTOSHIBAToshiba Online Product InformationTOPI.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program FilesJavajre6binjusched.exe
C:WindowsSystem32rundll32.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Windowsehomeehmsas.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:UsersPublicDocumentsRSIT.exe
C:Program Filestrend microToshiba.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: (no name) — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — (no file)
O1 — Hosts: ::1 localhost
O2 — BHO: BitComet ClickCapture — {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll (file missing)
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: &Gismeteo.Ru — {923A63EB-3D61-44A5-9E54-545127FEAEEA} — c:gismeteobargismeteobar.dll (file missing)
O3 — Toolbar: (no name) — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — (no file)
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [topi] C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe -startup
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe»
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [toscdspd] TOSCDSPD.EXE
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [NevoDRM] «C:ИгрыNevoDRMNevoDRM.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘Default user’)
O8 — Extra context menu item: &D&ownload &with BitComet — res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Translate — http://lingvo.yandex.ru/ie5trans.htm
O8 — Extra context menu item: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
O8 — Extra context menu item: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
O8 — Extra context menu item: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
O8 — Extra context menu item: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 — Extra button: eBay — {C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU (file missing)
O9 — Extra button: BitComet — {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} — res://C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 — Gopher Prefix:
O16 — DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} — http://download.divx.com/player/DivXBrowserPlugin.cab
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: ConfigFree Service (CFSvcs) — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Google Update Service (gupdate1c9b43ab3863630) (gupdate1c9b43ab3863630) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: Nero BackItUp Scheduler 4.0 — Unknown owner — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe (file missing)
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: TOSHIBA Optical Disc Drive Service (TODDSrv) — TOSHIBA Corporation — C:Windowssystem32TODDSrv.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe

—
End of file — 8148 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskMachine.job
C:WindowstasksNeroLiveEpgUpdate-Toshiba-ПК_Toshiba.job
C:WindowstasksRegistry OK Schedule.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre6binssv.dll [2009-01-31 320920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-01-31 34816]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{468CD8A9-7C25-45FA-969E-3D925C689DC4}
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-04-20 3701024]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«NDSTray.exe»=NDSTray.exe []
«topi»=C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe [2007-03-02 577536]
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-02-06 81000]
«WinampAgent»=C:Program FilesWinampwinampa.exe []
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-01-31 136600]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2009-01-30 13605408]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2009-01-30 92704]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-19 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart []
«toscdspd»=TOSCDSPD.EXE []
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-08-08 490952]
«NevoDRM»=C:ИгрыNevoDRMNevoDRM.exe []

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=credssp.dll

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAppInfo]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalKeyIso]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalNTDS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalProfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsacsvr]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSWPRV]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTabletInputService]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTBS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTrustedInstaller]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvolmgr.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvolmgrx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinDefend]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAppInfo]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBFE]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkbowser]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdfsc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDot3Svc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkEaphost]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkIKEEXT]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkKeyIso]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMPSDrv]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMPSSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb10]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb20]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNativeWifiP]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknetprofm]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNlaSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNsi]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknsiproxy.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNTDS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPolicyAgent]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkProfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdbss]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpencdd.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksacsvr]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSCardSvr]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSWPRV]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTabletInputService]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTBS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTrustedInstaller]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkVDS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvolmgr.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvolmgrx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinDefend]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWlansvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoDriveAutoRun»=95

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1eba2bc2-ef71-11dc-86df-00037ad7fc3e}]
shellAutoRuncommand — F:
shellopencommand — rundll32.exe .\cwodm.dll,InstallM

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2009-05-16 00:52:11 —-D—- C:rsit
2009-05-16 00:02:35 —-SHD—- C:Config.Msi
2009-05-08 09:05:11 —-D—- C:UsersToshibaAppDataRoamingGoogle
2009-05-08 08:49:26 —-D—- C:ProgramDataGoogle
2009-05-07 21:30:12 —-D—- C:Windowssystem32AGEIA
2009-05-07 21:30:12 —-D—- C:Program FilesAGEIA Technologies
2009-05-07 21:29:47 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-05-07 21:29:34 —-A—- C:Windowssystem32nvcpluir.dll
2009-05-07 21:29:34 —-A—- C:Windowssystem32nvcplui.exe
2009-05-07 21:17:09 —-A—- C:Windowssystem32NVUNINST.EXE
2009-05-07 21:15:40 —-D—- C:NVIDIA
2009-05-05 22:24:38 —-D—- C:UsersToshibaAppDataRoamingNeroDigital(TM)
2009-05-04 11:30:19 —-D—- C:UsersToshibaAppDataRoamingNero
2009-05-04 10:50:11 —-A—- C:WindowsIrremote.ini
2009-05-04 10:18:25 —-D—- C:Program FilesNero
2009-05-04 10:17:45 —-D—- C:ProgramDataNero
2009-05-04 10:17:44 —-D—- C:Program FilesCommon FilesNero
2009-04-19 08:28:38 —-D—- C:UsersToshibaAppDataRoamingScreenSeven

======List of files/folders modified in the last 1 months======

2009-05-16 01:20:20 —-D—- C:WindowsTemp
2009-05-16 01:20:18 —-D—- C:Program FilesTrend Micro
2009-05-16 01:02:04 —-RD—- C:Program Files
2009-05-16 00:23:38 —-D—- C:Toshiba
2009-05-16 00:16:00 —-D—- C:Program FilesTOSHIBA
2009-05-16 00:16:00 —-D—- C:Program FilesGoogle
2009-05-16 00:09:48 —-SHD—- C:WindowsInstaller
2009-05-16 00:09:22 —-RSD—- C:Windowsassembly
2009-05-16 00:08:48 —-SHD—- C:System Volume Information
2009-05-16 00:06:05 —-HD—- C:Program FilesInstallShield Installation Information
2009-05-16 00:05:48 —-D—- C:WindowsSystem32
2009-05-16 00:04:25 —-D—- C:Windowssystem32catroot
2009-05-16 00:04:25 —-D—- C:Windowsinf
2009-05-16 00:04:22 —-D—- C:Windowssystem32drivers
2009-05-16 00:04:17 —-D—- C:Windows
2009-05-16 00:01:28 —-D—- C:UsersToshibaAppDataRoamingYandex
2009-05-14 23:45:20 —-D—- C:Windowssystem32WDI
2009-05-14 22:24:31 —-D—- C:Windowstracing
2009-05-14 08:05:50 —-D—- C:Windowswinsxs
2009-05-13 23:43:45 —-D—- C:Program FilesWindows Mail
2009-05-13 21:18:00 —-D—- C:WindowsPrefetch
2009-05-13 19:56:53 —-D—- C:Windowssystem32catroot2
2009-05-13 00:39:57 —-D—- C:UsersToshibaAppDataRoaminguTorrent
2009-05-12 00:01:17 —-D—- C:Program FilesInternet Explorer
2009-05-11 22:07:41 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-05-08 10:49:06 —-D—- C:Windowssystem32Macromed
2009-05-08 08:49:26 —-HD—- C:ProgramData
2009-05-08 08:48:56 —-SD—- C:WindowsDownloaded Program Files
2009-05-07 21:39:17 —-D—- C:ProgramDataNVIDIA
2009-05-07 21:29:47 —-D—- C:Program FilesCommon Files
2009-05-07 21:29:22 —-D—- C:WindowsHelp
2009-05-07 20:42:39 —-D—- C:WindowsLhsp
2009-05-07 20:41:57 —-D—- C:WindowsTasks
2009-05-07 18:39:17 —-SD—- C:UsersToshibaAppDataRoamingMicrosoft
2009-05-07 18:34:53 —-D—- C:ProgramDataPinnacle
2009-05-07 18:34:49 —-A—- C:Windowswin.ini
2009-05-07 11:16:29 —-A—- C:Windowssystem32mrt.exe
2009-05-05 11:11:27 —-D—- C:Windowssystem32migwiz
2009-05-04 14:28:29 —-D—- C:Windowssystem32Tasks
2009-04-19 07:32:07 —-D—- C:ProgramDataIntenium
2009-04-17 00:10:49 —-D—- C:Windowssystem32wbem
2009-04-17 00:10:46 —-D—- C:Windowssystem32manifeststore
2009-04-17 00:10:45 —-D—- C:WindowsAppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-02-06 23152]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-02-06 51376]
R1 DfsC;@%systemroot%system32driversdfsc.sys,-101; C:WindowsSystem32Driversdfsc.sys [2008-01-19 75264]
R1 nsiproxy;NSI proxy service; C:Windowssystem32driversnsiproxy.sys [2008-01-19 16384]
R1 RDPENCDD;RDP Encoder Mirror Driver; C:Windowssystem32driversrdpencdd.sys [2008-01-19 6144]
R1 Smb;@%SystemRoot%system32tcpipcfg.dll,-50005; C:Windowssystem32DRIVERSsmb.sys [2008-01-19 66560]
R1 tdx;@%SystemRoot%system32tcpipcfg.dll,-50004; C:Windowssystem32DRIVERStdx.sys [2008-01-19 71680]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R1 Wanarpv6;Remote Access IPv6 ARP Driver; C:Windowssystem32DRIVERSwanarp.sys [2008-01-19 62464]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-02-06 51792]
R2 lltdio;Драйвер в/в тополога канального уровня; C:Windowssystem32DRIVERSlltdio.sys [2008-01-19 47104]
R2 luafv;UAC File Virtualization; C:Windowssystem32driversluafv.sys [2008-01-19 84480]
R2 PEAUTH;PEAUTH; C:Windowssystem32driverspeauth.sys [2006-11-02 878080]
R2 rspndr;Ответчик обнаружения топологии канального уровня; C:Windowssystem32DRIVERSrspndr.sys [2008-01-19 60416]
R2 tcpipreg;TCP/IP Registry Compatibility; C:WindowsSystem32driverstcpipreg.sys [2008-01-19 30208]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 bowser;Bowser; C:Windowssystem32DRIVERSbowser.sys [2008-01-19 69632]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 DXGKrnl;LDDM Graphics Subsystem; C:WindowsSystem32driversdxgkrnl.sys [2008-08-02 625152]
R3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
R3 HDAudBus;Драйвер для шины UAA для High Definition Audio (Microsoft); C:Windowssystem32DRIVERSHDAudBus.sys [2008-01-19 53760]
R3 HidUsb;Драйвер класса HID Microsoft; C:Windowssystem32DRIVERShidusb.sys [2008-01-19 12288]
R3 intelppm;Драйвер Intel процессора; C:Windowssystem32DRIVERSintelppm.sys [2008-01-19 41472]
R3 iScsiPrt;Драйвер iScsiPort; C:Windowssystem32DRIVERSmsiscsi.sys [2008-01-19 181304]
R3 monitor;Microsoft Monitor Class Function Driver Service; C:Windowssystem32DRIVERSmonitor.sys [2008-01-19 41984]
R3 mouhid;Драйвер мыши HID; C:Windowssystem32DRIVERSmouhid.sys [2008-01-19 15872]
R3 mpsdrv;@%SystemRoot%system32FirewallAPI.dll,-23092; C:WindowsSystem32driversmpsdrv.sys [2008-01-19 64000]
R3 mrxsmb10;SMB 1.x MiniRedirector; C:Windowssystem32DRIVERSmrxsmb10.sys [2008-08-27 212480]
R3 mrxsmb20;SMB 2.0 MiniRedirector; C:Windowssystem32DRIVERSmrxsmb20.sys [2008-01-19 78848]
R3 NativeWifiP;Фильтр NativeWiFi; C:Windowssystem32DRIVERSnwifi.sys [2008-05-20 148480]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-01-30 7544832]
R3 ohci1394;Texas Instruments OHCI-совместимый IEEE 1394 хост-контроллер; C:Windowssystem32DRIVERSohci1394.sys [2008-01-19 61952]
R3 RasSstp;@%systemroot%system32sstpsvc.dll,-202; C:Windowssystem32DRIVERSrassstp.sys [2008-01-19 69120]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2008-01-19 88576]
R3 srv2;srv2; C:WindowsSystem32DRIVERSsrv2.sys [2008-01-19 144384]
R3 srvnet;srvnet; C:WindowsSystem32DRIVERSsrvnet.sys [2008-01-19 98304]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:Windowssystem32DRIVERStdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 tunmp;Драйвер адаптера минипорта Tun (Майкрософт); C:Windowssystem32DRIVERStunmp.sys [2008-01-19 15360]
R3 tunnel;Драйвер адаптера минипорта для туннеля Microsoft IPv6; C:Windowssystem32DRIVERStunnel.sys [2008-01-19 23040]
R3 umbus;UMBus драйвер перечислителя; C:Windowssystem32DRIVERSumbus.sys [2008-01-19 34816]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:Windowssystem32DRIVERSusbccgp.sys [2008-01-19 73216]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:Windowssystem32DRIVERSusbehci.sys [2008-01-19 39424]
R3 usbhub;USB2 концентратор; C:Windowssystem32DRIVERSusbhub.sys [2008-01-19 194560]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:Windowssystem32DRIVERSusbuhci.sys [2008-01-19 23552]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 agp440;Intel AGP Bus Filter; C:Windowssystem32driversagp440.sys [2006-11-02 53864]
S3 amdagp;AMD AGP Bus Filter Driver; C:Windowssystem32driversamdagp.sys [2006-11-02 54888]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 ay0o8e0z;ay0o8e0z; C:Windowssystem32driversay0o8e0z.sys []
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:Windowssystem32driversbrfiltlo.sys [2006-11-02 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:Windowssystem32driversbrfiltup.sys [2006-11-02 5248]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:Windowssystem32driversbrusbser.sys [2006-11-02 11904]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:Windowssystem32DRIVERSE1G60I32.sys [2006-11-02 117760]
S3 exfat;exFAT File System Driver; C:Windowssystem32driversexfat.sys [2008-01-19 136192]
S3 Filetrace;FileTrace; C:Windowssystem32driversfiletrace.sys [2008-01-19 27648]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:Windowssystem32driversgagp30kx.sys [2006-11-02 58984]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys []
S3 MarvinBus;Pinnacle Marvin Bus; C:Windowssystem32DRIVERSMarvinBus.sys [2005-09-24 171520]
S3 MsRPC;MsRPC; C:Windowssystem32driversMsRPC.sys [2008-01-19 163384]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:Windowssystem32driversnv_agp.sys [2006-11-02 106600]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 QWAVEdrv;@%SystemRoot%system32driversqwavedrv.sys,-1; C:Windowssystem32driversqwavedrv.sys [2008-01-19 31232]
S3 sffdisk;Драйвер класса SFF Storage; C:Windowssystem32DRIVERSsffdisk.sys [2008-01-19 13312]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:Windowssystem32driverssffp_mmc.sys [2006-11-02 12800]
S3 sffp_sd;Драйвер протокола SFF Storage для SDBus; C:Windowssystem32DRIVERSsffp_sd.sys [2008-01-19 11776]
S3 sisagp;SIS AGP Bus Filter; C:Windowssystem32driverssisagp.sys [2006-11-02 53352]
S3 Tcpip6;Драйвер протокола IPv6 (Microsoft); C:Windowssystem32DRIVERStcpip.sys [2008-04-26 891448]
S3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 tssecsrv;Terminal Services Security Filter Driver; C:WindowsSystem32DRIVERStssecsrv.sys [2008-01-19 23552]
S3 uagp35;Microsoft AGPv3.5 Filter; C:Windowssystem32driversuagp35.sys [2006-11-02 56936]
S3 uliagpkx;Uli AGP Bus Filter; C:Windowssystem32driversuliagpkx.sys [2006-11-02 58472]
S3 USB28xxBGA;PCTV 170e Device; C:Windowssystem32DRIVERSemBDA.sys [2008-09-12 540288]
S3 USB28xxOEM;USB 28xx OEM Filter; C:Windowssystem32DRIVERSemOEM.sys [2008-09-12 443520]
S3 usbprint;Класс принтеров Microsoft USB; C:Windowssystem32DRIVERSusbprint.sys [2008-01-19 18944]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:Windowssystem32DRIVERSUSBSTOR.SYS [2008-01-19 55296]
S3 vga;vga; C:Windowssystem32DRIVERSvgapnp.sys [2008-01-19 26112]
S3 viaagp;VIA AGP Bus Filter; C:Windowssystem32driversviaagp.sys [2006-11-02 54376]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 adp94xx;adp94xx; C:Windowssystem32driversadp94xx.sys [2006-11-02 420968]
S4 adpahci;adpahci; C:Windowssystem32driversadpahci.sys [2006-11-02 297576]
S4 adpu320;adpu320; C:Windowssystem32driversadpu320.sys [2006-11-02 147048]
S4 amdide;amdide; C:Windowssystem32driversamdide.sys [2006-11-02 15464]
S4 AmdK7;AMD K7 Processor Driver; C:Windowssystem32driversamdk7.sys [2006-11-02 38912]
S4 AmdK8;AMD K8 Processor Driver; C:Windowssystem32driversamdk8.sys [2006-11-02 40960]
S4 arc;arc; C:Windowssystem32driversarc.sys [2006-11-02 67688]
S4 arcsas;arcsas; C:Windowssystem32driversarcsas.sys [2006-11-02 67688]
S4 blbdrive;blbdrive; C:Windowssystem32driversblbdrive.sys []
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:Windowssystem32driversbrserid.sys [2006-11-02 71808]
S4 BrSerWdm;Brother WDM Serial driver; C:Windowssystem32driversbrserwdm.sys [2006-11-02 62336]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem; C:Windowssystem32driversbrusbmdm.sys [2006-11-02 12160]
S4 BTHMODEM;Bluetooth Serial Communications Driver; C:Windowssystem32driversbthmodem.sys [2006-11-02 39936]
S4 circlass;Consumer IR Devices; C:Windowssystem32driverscirclass.sys [2006-11-02 35328]
S4 Crusoe;Transmeta Crusoe Processor Driver; C:Windowssystem32driverscrusoe.sys [2006-11-02 38912]
S4 elxstor;elxstor; C:Windowssystem32driverselxstor.sys [2006-11-02 316520]
S4 HidBth;Microsoft Bluetooth HID Miniport; C:Windowssystem32drivershidbth.sys [2006-11-02 29184]
S4 HidIr;Microsoft Infrared HID Driver; C:Windowssystem32drivershidir.sys [2006-11-02 21504]
S4 HpCISSs;HpCISSs; C:Windowssystem32drivershpcisss.sys [2006-11-02 37480]
S4 iaStorV;Intel RAID Controller Vista; C:Windowssystem32driversiastorv.sys [2006-11-02 232040]
S4 iirsp;iirsp; C:Windowssystem32driversiirsp.sys [2006-11-02 41576]
S4 IPMIDRV;IPMIDRV; C:Windowssystem32driversipmidrv.sys [2006-11-02 65536]
S4 isapnp;PnP ISA/EISA Bus Driver; C:Windowssystem32driversisapnp.sys [2006-11-02 47208]
S4 iteatapi;ITEATAPI_Service_Install; C:Windowssystem32driversiteatapi.sys [2006-11-02 35944]
S4 iteraid;ITERAID_Service_Install; C:Windowssystem32driversiteraid.sys [2006-11-02 35944]
S4 kbdhid;Keyboard HID Driver; C:Windowssystem32driverskbdhid.sys [2006-11-02 15872]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 LSI_FC;LSI_FC; C:Windowssystem32driverslsi_fc.sys [2006-11-02 65640]
S4 LSI_SAS;LSI_SAS; C:Windowssystem32driverslsi_sas.sys [2006-11-02 65640]
S4 LSI_SCSI;LSI_SCSI; C:Windowssystem32driverslsi_scsi.sys [2006-11-02 65640]
S4 megasas;megasas; C:Windowssystem32driversmegasas.sys [2006-11-02 28776]
S4 mpio;Microsoft Multi-Path Bus Driver; C:Windowssystem32driversmpio.sys [2006-11-02 78952]
S4 msahci;msahci; C:Windowssystem32driversmsahci.sys [2006-11-02 23144]
S4 msdsm;Microsoft Multi-Path Device Specific Module; C:Windowssystem32driversmsdsm.sys [2006-11-02 80488]
S4 nfrd960;nfrd960; C:Windowssystem32driversnfrd960.sys [2006-11-02 45160]
S4 ntrigdigi;N-trig HID Tablet Driver; C:Windowssystem32driversntrigdigi.sys [2006-11-02 20608]
S4 nvraid;nvraid; C:Windowssystem32driversnvraid.sys [2006-11-02 88680]
S4 nvstor;nvstor; C:Windowssystem32driversnvstor.sys [2006-11-02 40040]
S4 ql2300;QLogic Fibre Channel Miniport Driver; C:Windowssystem32driversql2300.sys [2006-11-02 900712]
S4 ql40xx;QLogic iSCSI Miniport Driver; C:Windowssystem32driversql40xx.sys [2006-11-02 106088]
S4 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:Windowssystem32driverssbp2port.sys [2006-11-02 76392]
S4 sermouse;Serial Mouse Driver; C:Windowssystem32driverssermouse.sys [2008-01-19 19968]
S4 SiSRaid2;SiSRaid2; C:Windowssystem32driverssisraid2.sys [2006-11-02 38504]
S4 SiSRaid4;SiSRaid4; C:Windowssystem32driverssisraid4.sys [2006-11-02 71784]
S4 uliahci;uliahci; C:Windowssystem32driversuliahci.sys [2006-11-02 235112]
S4 UlSata;UlSata; C:Windowssystem32driversulsata.sys [2006-11-02 98408]
S4 ulsata2;ulsata2; C:Windowssystem32driversulsata2.sys [2006-11-02 115816]
S4 usbcir;eHome Infrared Receiver (USBCIR); C:Windowssystem32driversusbcir.sys [2006-11-02 68608]
S4 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:Windowssystem32driversusbohci.sys [2006-11-02 19456]
S4 ViaC7;VIA C7 Processor Driver; C:Windowssystem32driversviac7.sys [2006-11-02 39424]
S4 vsmraid;vsmraid; C:Windowssystem32driversvsmraid.sys [2006-11-02 112232]
S4 WacomPen;Wacom Serial Pen HID Driver; C:Windowssystem32driverswacompen.sys [2006-11-02 20608]
S4 Wd;Microsoft Watchdog Timer Driver; C:Windowssystem32driverswd.sys [2006-11-02 19560]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]
S4 ws2ifsl;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:Windowssystem32driversws2ifsl.sys [2008-01-19 15872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;@%SystemRoot%system32aelupsvc.dll,-1; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-02-06 18752]
R2 AudioEndpointBuilder;@%SystemRoot%system32audiosrv.dll,-204; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-02-06 138680]
R2 BFE;@%SystemRoot%system32bfe.dll,-1001; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 DPS;@%systemroot%system32dps.dll,-500; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 EMDMgmt;@%SystemRoot%system32emdmgmt.dll,-1000; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 FDResPub;@%systemroot%system32fdrespub.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 FontCache3.0.0.0;@%SystemRoot%system32PresentationHost.exe,-3309; C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2008-06-20 46104]
R2 gpsvc;@gpapi.dll,-112; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 IKEEXT;@%SystemRoot%system32ikeext.dll,-501; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 iphlpsvc;@%SystemRoot%system32iphlpsvc.dll,-200; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 KtmRm;@comres.dll,-2946; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 MMCSS;@%systemroot%system32mmcss.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 MpsSvc;@%SystemRoot%system32FirewallAPI.dll,-23090; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 netprofm;@%SystemRoot%system32netprof.dll,-246; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 NlaSvc;@%SystemRoot%System32nlasvc.dll,-1; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 nsi;@%SystemRoot%system32nsisvc.dll,-200; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-01-30 203296]
R2 PcaSvc;@%SystemRoot%system32pcasvc.dll,-1; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 ProfSvc;@%systemroot%system32profsvc.dll,-300; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 slsvc;@%SystemRoot%system32SLsvc.exe,-101; C:Windowssystem32SLsvc.exe [2008-01-19 2623488]
R2 SysMain;@%SystemRoot%system32sysmain.dll,-1000; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 TabletInputService;@%SystemRoot%system32TabSvc.dll,-100; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:Windowssystem32TODDSrv.exe [2006-05-25 114688]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R2 UxSms;@%SystemRoot%system32dwm.exe,-2000; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 WerSvc;@%SystemRoot%System32wersvc.dll,-100; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 WinDefend;@%ProgramFiles%Windows DefenderMsMpRes.dll,-103; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 Wlansvc;@%SystemRoot%System32wlansvc.dll,-257; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 WPDBusEnum;@%SystemRoot%system32wpdbusenum.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 WSearch;@%systemroot%system32SearchIndexer.exe,-103; C:Windowssystem32SearchIndexer.exe [2008-05-27 439808]
R2 wudfsvc;@%SystemRoot%system32wudfsvc.dll,-1000; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 Appinfo;@%systemroot%system32appinfo.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-02-06 352920]
R3 ehRecvr;@%SystemRoot%ehomeehrecvr.exe,-101; C:WindowsehomeehRecvr.exe [2008-01-19 292352]
R3 ehSched;@%SystemRoot%ehomeehsched.exe,-101; C:Windowsehomeehsched.exe [2006-11-02 131072]
R3 fdPHost;@%systemroot%system32fdPHost.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 KeyIso;@keyiso.dll,-100; C:Windowssystem32lsass.exe [2008-01-19 9728]
R3 SstpSvc;@%SystemRoot%system32sstpsvc.dll,-200; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 WdiSystemHost;@%systemroot%system32wdi.dll,-500; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S2 ehstart;@%SystemRoot%ehomeehstart.dll,-101; C:Windowssystem32svchost.exe [2008-01-19 21504]
S2 gupdate1c9b43ab3863630;Google Update Service (gupdate1c9b43ab3863630); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-04-03 133104]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe []
S2 TBS;@%SystemRoot%system32tbssvc.dll,-100; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 CertPropSvc;@%SystemRoot%System32certprop.dll,-11; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-27 69632]
S3 DFSR;@dfsrres.dll,-101; C:Windowssystem32DFSR.exe [2008-01-19 2091520]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 idsvc;@%systemroot%Microsoft.NETFrameworkv3.0Windows Communication FoundationServiceModelInstallRC.dll,-8193; C:WindowsMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-06-20 881664]
S3 IPBusEnum;@%systemroot%system32IPBusEnum.dll,-102; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 lltdsvc;@%SystemRoot%system32lltdres.dll,-1; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 MSiSCSI;@%SystemRoot%system32iscsidsc.dll,-5000; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-29 89136]
S3 p2pimsvc;@%SystemRoot%system32p2psvc.dll,-8004; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 p2psvc;@%SystemRoot%system32p2psvc.dll,-8006; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 pla;@%systemroot%system32pla.dll,-500; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 PNRPAutoReg;@%SystemRoot%system32p2psvc.dll,-8002; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 PNRPsvc;@%SystemRoot%system32p2psvc.dll,-8000; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 QWAVE;@%SystemRoot%system32qwave.dll,-1; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 SCPolicySvc;@%SystemRoot%System32certprop.dll,-13; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 SDRSVC;@%SystemRoot%system32sdrsvc.dll,-107; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 SessionEnv;@%SystemRoot%System32SessEnv.dll,-1026; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 SLUINotify;@%SystemRoot%system32SLUINotify.dll,-103; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 SNMPTRAP;@%SystemRoot%system32snmptrap.exe,-3; C:WindowsSystem32snmptrap.exe [2006-11-02 12800]
S3 THREADORDER;@%systemroot%system32mmcss.dll,-102; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 TrustedInstaller;@%SystemRoot%servicingTrustedInstaller.exe,-100; C:WindowsservicingTrustedInstaller.exe [2008-01-19 39424]
S3 UI0Detect;@%SystemRoot%system32ui0detect.exe,-101; C:Windowssystem32UI0Detect.exe [2008-01-19 35840]
S3 vds;@%SystemRoot%system32vds.exe,-100; C:WindowsSystem32vds.exe [2008-01-19 382976]
S3 wcncsvc;@%SystemRoot%system32wcncsvc.dll,-3; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 WcsPlugInService;@%SystemRoot%system32WcsPlugInService.dll,-200; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 WdiServiceHost;@%systemroot%system32wdi.dll,-502; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 Wecsvc;@%SystemRoot%system32wecsvc.dll,-200; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 wercplsupport;@%SystemRoot%System32wercplsupport.dll,-101; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 WinHttpAutoProxySvc;@%SystemRoot%system32winhttp.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 WinRM;@%Systemroot%system32wsmsvc.dll,-101; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 WMPNetworkSvc;@%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101; C:Program FilesWindows Media Playerwmpnetwk.exe [2008-01-19 896512]
S3 WPCSvc;@%SystemRoot%system32wpcsvc.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S4 Mcx2Svc;@%SystemRoot%ehomeehres.dll,-15501; C:Windowssystem32svchost.exe [2008-01-19 21504]
S4 NetTcpPortSharing;@%systemroot%Microsoft.NETFrameworkv3.0Windows Communication FoundationServiceModelInstallRC.dll,-8201; C:WindowsMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-06-20 132096]

EOF
13 мая, 2009 в 5:16 пп в ответ на: как почистить комп #23767
alex
Participant
- Темы:5
- Сообщений:20
А как правельно удалить каталог и как сделать дефрагментацию диска. Спасибо
12 мая, 2009 в 5:44 дп в ответ на: как почистить комп #23765
alex
Participant
- Темы:5
- Сообщений:20
C:Program FilesMozilla Firefoxextensions{9CF826EF-2211-4747-ACD8-711F744C2424}chromecontentinformer.js Trojan.JS.Agent.acr 1
12 мая, 2009 в 5:41 дп в ответ на: как почистить комп #23764
alex
Participant
- Темы:5
- Сообщений:20
C:Program FilesTrend MicroHijackThisbackupsbackup-20081117-102835-557.dll not-a-virus:AdWare.Win32.Webalt.g 1C:Program FilesTrend MicroHijackThisbackupsbackup-20081117-102835-557.dll not-a-virus:AdWare.Win32.Webalt.g 1C:Program FilesTrend MicroHijackThisbackupsbackup-20081117-102835-557.dll not-a-virus:AdWare.Win32.Webalt.g 1C:Program FilesTrend MicroHijackThisbackupsbackup-20081117-102835-557.dll not-a-virus:AdWare.Win32.Webalt.g 1C:Program FilesTrend MicroHijackThisbackupsbackup-20081117-102835-557.dll not-a-virus:AdWare.Win32.Webalt.g 1
7 мая, 2009 в 3:10 пп в ответ на: как почистить комп #23762
alex
Participant
- Темы:5
- Сообщений:20
Здравствуйте Valeri,у меня «RSIT» показывает только один log. Logfile of random’s system information tool 1.06 (written by random/random)
Run by Toshiba at 2009-05-07 18:55:43
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 14 GB (18%) free of 76 GB
Total RAM: 1021 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56:34, on 07.05.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Windowssystem32conime.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesTOSHIBAPower SaverTPwrMain.exe
C:Program FilesTOSHIBASmoothViewSmoothView.exe
C:Program FilesTOSHIBAFlashCardsTCrdMain.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesTOSHIBAToshiba Online Product InformationTOPI.exe
C:Program FilesIDMDesktop SMSDesktopSMS.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesYandexOnlineonline.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:WindowsSystem32rundll32.exe
C:Program FilesSynapticsSynTPSynToshiba.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:Windowsehomeehmsas.exe
C:UsersToshibaAppDataLocalNevoSoftrun.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:Program FilesWindows MailWinMail.exe
C:Program FilesYandexOnlineYaChatyachat.exe
C:Program FilesNeroNero 9Nero StartSmartNeroStartSmart.exe
C:Program FilesNeroNero 9Nero VisionNeroVision.exe
C:Windowssystem32taskeng.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:WindowsSystem32divxsm.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32NOTEPAD.EXE
C:UsersPublicDocumentsRSIT.exe
C:Program Filestrend microToshiba.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: (no name) — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — (no file)
O1 — Hosts: ::1 localhost
O2 — BHO: BitComet ClickCapture — {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll (file missing)
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: &Gismeteo.Ru — {923A63EB-3D61-44A5-9E54-545127FEAEEA} — c:gismeteobargismeteobar.dll (file missing)
O3 — Toolbar: (no name) — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — (no file)
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
O4 — HKLM..Run: [HSON] %ProgramFiles%TOSHIBATBSHSON.exe
O4 — HKLM..Run: [SmoothView] %ProgramFiles%ToshibaSmoothViewSmoothView.exe
O4 — HKLM..Run: [00TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
O4 — HKLM..Run: [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
O4 — HKLM..Run: [SVPWUTIL] C:Program FilesTOSHIBAUtilitiesSVPWUTIL.exe SVPwUTIL
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [topi] C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe -startup
O4 — HKLM..Run: [Desktop SMS] C:Program FilesIDMDesktop SMSDesktopSMS.exe /auto
O4 — HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe»
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [toscdspd] TOSCDSPD.EXE
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe HideIcon
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [NevoDRM] «C:ИгрыNevoDRMNevoDRM.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘Default user’)
O8 — Extra context menu item: &D&ownload &with BitComet — res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Translate — http://lingvo.yandex.ru/ie5trans.htm
O8 — Extra context menu item: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
O8 — Extra context menu item: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
O8 — Extra context menu item: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
O8 — Extra context menu item: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 — Extra button: eBay — {C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU (file missing)
O9 — Extra button: BitComet — {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} — res://C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 — Gopher Prefix:
O16 — DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} — http://download.divx.com/player/DivXBrowserPlugin.cab
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} — http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: ConfigFree Service (CFSvcs) — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Google Update Service (gupdate1c9b43ab3863630) (gupdate1c9b43ab3863630) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: Nero BackItUp Scheduler 4.0 — Nero AG — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
O23 — Service: TOSHIBA Optical Disc Drive Service (TODDSrv) — TOSHIBA Corporation — C:Windowssystem32TODDSrv.exe
O23 — Service: TOSHIBA Power Saver (TosCoSrv) — TOSHIBA Corporation — C:Program FilesTOSHIBAPower SaverTosCoSrv.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe

—
End of file — 10085 bytes

======Scheduled tasks folder======

C:WindowstasksGoogle Software Updater.job
C:WindowstasksGoogleUpdateTaskMachine.job
C:WindowstasksNeroLiveEpgUpdate-Toshiba-ПК_Toshiba.job
C:WindowstasksRegistry OK Schedule.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre6binssv.dll [2009-01-31 320920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll [2009-04-02 668656]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-01-31 34816]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{468CD8A9-7C25-45FA-969E-3D925C689DC4}
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-03-19 3697440]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«TPwrMain»=C:Program FilesTOSHIBAPower SaverTPwrMain.EXE [2006-12-19 411768]
«HSON»=C:Program FilesTOSHIBATBSHSON.exe [2006-12-07 55416]
«SmoothView»=C:Program FilesToshibaSmoothViewSmoothView.exe [2007-02-06 509496]
«00TCrdMain»=C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [2007-01-17 534648]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«SVPWUTIL»=C:Program FilesTOSHIBAUtilitiesSVPWUTIL.exe [2006-03-22 438272]
«NDSTray.exe»=NDSTray.exe []
«topi»=C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe [2007-03-02 577536]
«Desktop SMS»=C:Program FilesIDMDesktop SMSDesktopSMS.exe [2007-01-19 1507328]
«SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-02-02 835584]
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-02-06 81000]
«NvSvc»=C:Windowssystem32nvsvc.dll [2007-01-13 90191]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2007-01-13 7766016]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2007-01-13 81920]
«WinampAgent»=C:Program FilesWinampwinampa.exe []
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-01-31 136600]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-19 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe [2009-04-15 2558728]
«toscdspd»=TOSCDSPD.EXE []
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-08-08 490952]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-04-02 39408]
«NevoDRM»=C:ИгрыNevoDRMNevoDRM.exe [2008-12-11 41984]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=credssp.dll

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAppInfo]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalKeyIso]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalNTDS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalProfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsacsvr]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSWPRV]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTabletInputService]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTBS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTrustedInstaller]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvolmgr.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvolmgrx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinDefend]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAppInfo]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBFE]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkbowser]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdfsc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDot3Svc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkEaphost]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkIKEEXT]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkKeyIso]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMPSDrv]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMPSSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb10]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb20]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNativeWifiP]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknetprofm]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNlaSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNsi]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknsiproxy.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNTDS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPolicyAgent]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkProfSvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdbss]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpencdd.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksacsvr]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSCardSvr]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSWPRV]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTabletInputService]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTBS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTrustedInstaller]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkVDS]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvolmgr.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvolmgrx.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinDefend]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWlansvc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoDriveAutoRun»=95

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1eba2bc2-ef71-11dc-86df-00037ad7fc3e}]
shellAutoRuncommand — F:
shellopencommand — rundll32.exe .\cwodm.dll,InstallM

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2009-05-05 23:33:37 —-D—- C:rsit
2009-05-05 22:24:38 —-D—- C:UsersToshibaAppDataRoamingNeroDigital(TM)
2009-05-04 11:30:19 —-D—- C:UsersToshibaAppDataRoamingNero
2009-05-04 10:50:11 —-A—- C:WindowsIrremote.ini
2009-05-04 10:18:25 —-D—- C:Program FilesNero
2009-05-04 10:17:45 —-D—- C:ProgramDataNero
2009-05-04 10:17:44 —-D—- C:Program FilesCommon FilesNero
2009-04-19 08:28:38 —-D—- C:UsersToshibaAppDataRoamingScreenSeven
2009-04-16 20:39:04 —-A—- C:Windowssystem32winhttp.dll
2009-04-16 20:39:01 —-A—- C:Windowssystem32xolehlp.dll
2009-04-16 20:39:01 —-A—- C:Windowssystem32msdtcprx.dll
2009-04-16 20:38:44 —-A—- C:Windowssystem32rpcss.dll
2009-04-16 20:38:43 —-A—- C:Windowssystem32ntkrnlpa.exe
2009-04-16 20:38:42 —-A—- C:Windowssystem32ntoskrnl.exe
2009-04-16 20:38:39 —-A—- C:Windowssystem32printfilterpipelinesvc.exe
2009-04-16 20:38:38 —-A—- C:Windowssystem32sdohlp.dll
2009-04-16 20:38:38 —-A—- C:Windowssystem32printfilterpipelineprxy.dll
2009-04-16 20:38:38 —-A—- C:Windowssystem32iasrecst.dll
2009-04-16 20:38:38 —-A—- C:Windowssystem32iashost.exe
2009-04-16 20:38:38 —-A—- C:Windowssystem32iasdatastore.dll
2009-04-16 20:38:38 —-A—- C:Windowssystem32iasads.dll
2009-04-16 20:38:22 —-A—- C:Windowssystem32lsasrv.dll
2009-04-16 20:38:21 —-A—- C:Windowssystem32kernel32.dll
2009-04-16 20:38:20 —-A—- C:Windowssystem32secur32.dll
2009-04-16 20:38:19 —-A—- C:Windowssystem32apilogen.dll
2009-04-16 20:38:19 —-A—- C:Windowssystem32amxread.dll

======List of files/folders modified in the last 1 months======

2009-05-07 18:56:04 —-D—- C:Program FilesTrend Micro
2009-05-07 18:55:35 —-D—- C:WindowsTemp
2009-05-07 18:39:17 —-SHD—- C:WindowsInstaller
2009-05-07 18:39:17 —-SD—- C:UsersToshibaAppDataRoamingMicrosoft
2009-05-07 18:39:13 —-D—- C:Windowssystem32catroot
2009-05-07 18:39:12 —-D—- C:Windowsinf
2009-05-07 18:37:59 —-SHD—- C:System Volume Information
2009-05-07 18:37:33 —-D—- C:Windows
2009-05-07 18:37:13 —-D—- C:Игры
2009-05-07 18:34:53 —-D—- C:WindowsSystem32
2009-05-07 18:34:53 —-D—- C:ProgramDataPinnacle
2009-05-07 18:34:49 —-A—- C:Windowswin.ini
2009-05-07 18:28:52 —-D—- C:Games
2009-05-07 17:09:20 —-D—- C:Windowstracing
2009-05-07 16:11:35 —-D—- C:WindowsTasks
2009-05-06 21:38:45 —-D—- C:WindowsPrefetch
2009-05-06 20:39:14 —-D—- C:ProgramDataGoogle Updater
2009-05-06 07:24:38 —-D—- C:UsersToshibaAppDataRoaminguTorrent
2009-05-05 23:11:12 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-05-05 11:11:27 —-D—- C:Windowssystem32migwiz
2009-05-04 14:28:29 —-D—- C:Windowssystem32Tasks
2009-05-04 10:18:25 —-RD—- C:Program Files
2009-05-04 10:17:45 —-HD—- C:ProgramData
2009-05-04 10:17:44 —-D—- C:Program FilesCommon Files
2009-05-01 10:15:46 —-D—- C:Windowssystem32catroot2
2009-04-19 07:32:07 —-D—- C:ProgramDataIntenium
2009-04-17 00:24:18 —-D—- C:Windowswinsxs
2009-04-17 00:10:49 —-D—- C:Windowssystem32wbem
2009-04-17 00:10:49 —-D—- C:Program FilesWindows Mail
2009-04-17 00:10:46 —-D—- C:Windowssystem32manifeststore
2009-04-17 00:10:45 —-D—- C:WindowsAppPatch
2009-04-15 21:01:53 —-D—- C:UsersToshibaAppDataRoamingYaChatData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-02-06 23152]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-02-06 51376]
R1 DfsC;@%systemroot%system32driversdfsc.sys,-101; C:WindowsSystem32Driversdfsc.sys [2008-01-19 75264]
R1 nsiproxy;NSI proxy service; C:Windowssystem32driversnsiproxy.sys [2008-01-19 16384]
R1 RDPENCDD;RDP Encoder Mirror Driver; C:Windowssystem32driversrdpencdd.sys [2008-01-19 6144]
R1 Smb;@%SystemRoot%system32tcpipcfg.dll,-50005; C:Windowssystem32DRIVERSsmb.sys [2008-01-19 66560]
R1 tdx;@%SystemRoot%system32tcpipcfg.dll,-50004; C:Windowssystem32DRIVERStdx.sys [2008-01-19 71680]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R1 Wanarpv6;Remote Access IPv6 ARP Driver; C:Windowssystem32DRIVERSwanarp.sys [2008-01-19 62464]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-02-06 51792]
R2 lltdio;Драйвер в/в тополога канального уровня; C:Windowssystem32DRIVERSlltdio.sys [2008-01-19 47104]
R2 luafv;UAC File Virtualization; C:Windowssystem32driversluafv.sys [2008-01-19 84480]
R2 PEAUTH;PEAUTH; C:Windowssystem32driverspeauth.sys [2006-11-02 878080]
R2 rspndr;Ответчик обнаружения топологии канального уровня; C:Windowssystem32DRIVERSrspndr.sys [2008-01-19 60416]
R2 tcpipreg;TCP/IP Registry Compatibility; C:WindowsSystem32driverstcpipreg.sys [2008-01-19 30208]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 bowser;Bowser; C:Windowssystem32DRIVERSbowser.sys [2008-01-19 69632]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 DXGKrnl;LDDM Graphics Subsystem; C:WindowsSystem32driversdxgkrnl.sys [2008-08-02 625152]
R3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
R3 HDAudBus;Драйвер для шины UAA для High Definition Audio (Microsoft); C:Windowssystem32DRIVERSHDAudBus.sys [2008-01-19 53760]
R3 HidUsb;Драйвер класса HID Microsoft; C:Windowssystem32DRIVERShidusb.sys [2008-01-19 12288]
R3 intelppm;Драйвер Intel процессора; C:Windowssystem32DRIVERSintelppm.sys [2008-01-19 41472]
R3 iScsiPrt;Драйвер iScsiPort; C:Windowssystem32DRIVERSmsiscsi.sys [2008-01-19 181304]
R3 monitor;Microsoft Monitor Class Function Driver Service; C:Windowssystem32DRIVERSmonitor.sys [2008-01-19 41984]
R3 mouhid;Драйвер мыши HID; C:Windowssystem32DRIVERSmouhid.sys [2008-01-19 15872]
R3 mpsdrv;@%SystemRoot%system32FirewallAPI.dll,-23092; C:WindowsSystem32driversmpsdrv.sys [2008-01-19 64000]
R3 mrxsmb10;SMB 1.x MiniRedirector; C:Windowssystem32DRIVERSmrxsmb10.sys [2008-08-27 212480]
R3 mrxsmb20;SMB 2.0 MiniRedirector; C:Windowssystem32DRIVERSmrxsmb20.sys [2008-01-19 78848]
R3 NativeWifiP;Фильтр NativeWiFi; C:Windowssystem32DRIVERSnwifi.sys [2008-05-20 148480]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2007-01-13 4452288]
R3 ohci1394;Texas Instruments OHCI-совместимый IEEE 1394 хост-контроллер; C:Windowssystem32DRIVERSohci1394.sys [2008-01-19 61952]
R3 RasSstp;@%systemroot%system32sstpsvc.dll,-202; C:Windowssystem32DRIVERSrassstp.sys [2008-01-19 69120]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2008-01-19 88576]
R3 srv2;srv2; C:WindowsSystem32DRIVERSsrv2.sys [2008-01-19 144384]
R3 srvnet;srvnet; C:WindowsSystem32DRIVERSsrvnet.sys [2008-01-19 98304]
R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys [2007-02-02 182328]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:Windowssystem32DRIVERStdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 tunmp;Драйвер адаптера минипорта Tun (Майкрософт); C:Windowssystem32DRIVERStunmp.sys [2008-01-19 15360]
R3 tunnel;Драйвер адаптера минипорта для туннеля Microsoft IPv6; C:Windowssystem32DRIVERStunnel.sys [2008-01-19 23040]
R3 umbus;UMBus драйвер перечислителя; C:Windowssystem32DRIVERSumbus.sys [2008-01-19 34816]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:Windowssystem32DRIVERSusbccgp.sys [2008-01-19 73216]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:Windowssystem32DRIVERSusbehci.sys [2008-01-19 39424]
R3 usbhub;USB2 концентратор; C:Windowssystem32DRIVERSusbhub.sys [2008-01-19 194560]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:Windowssystem32DRIVERSusbuhci.sys [2008-01-19 23552]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 ab2j75dq;ab2j75dq; C:Windowssystem32driversab2j75dq.sys []
S3 agp440;Intel AGP Bus Filter; C:Windowssystem32driversagp440.sys [2006-11-02 53864]
S3 amdagp;AMD AGP Bus Filter Driver; C:Windowssystem32driversamdagp.sys [2006-11-02 54888]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:Windowssystem32driversbrfiltlo.sys [2006-11-02 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:Windowssystem32driversbrfiltup.sys [2006-11-02 5248]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:Windowssystem32driversbrusbser.sys [2006-11-02 11904]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:Windowssystem32DRIVERSE1G60I32.sys [2006-11-02 117760]
S3 exfat;exFAT File System Driver; C:Windowssystem32driversexfat.sys [2008-01-19 136192]
S3 Filetrace;FileTrace; C:Windowssystem32driversfiletrace.sys [2008-01-19 27648]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:Windowssystem32driversgagp30kx.sys [2006-11-02 58984]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys []
S3 MarvinBus;Pinnacle Marvin Bus; C:Windowssystem32DRIVERSMarvinBus.sys [2005-09-24 171520]
S3 MsRPC;MsRPC; C:Windowssystem32driversMsRPC.sys [2008-01-19 163384]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:Windowssystem32driversnv_agp.sys [2006-11-02 106600]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 QWAVEdrv;@%SystemRoot%system32driversqwavedrv.sys,-1; C:Windowssystem32driversqwavedrv.sys [2008-01-19 31232]
S3 sffdisk;Драйвер класса SFF Storage; C:Windowssystem32DRIVERSsffdisk.sys [2008-01-19 13312]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:Windowssystem32driverssffp_mmc.sys [2006-11-02 12800]
S3 sffp_sd;Драйвер протокола SFF Storage для SDBus; C:Windowssystem32DRIVERSsffp_sd.sys [2008-01-19 11776]
S3 sisagp;SIS AGP Bus Filter; C:Windowssystem32driverssisagp.sys [2006-11-02 53352]
S3 Tcpip6;Драйвер протокола IPv6 (Microsoft); C:Windowssystem32DRIVERStcpip.sys [2008-04-26 891448]
S3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 tssecsrv;Terminal Services Security Filter Driver; C:WindowsSystem32DRIVERStssecsrv.sys [2008-01-19 23552]
S3 uagp35;Microsoft AGPv3.5 Filter; C:Windowssystem32driversuagp35.sys [2006-11-02 56936]
S3 uliagpkx;Uli AGP Bus Filter; C:Windowssystem32driversuliagpkx.sys [2006-11-02 58472]
S3 USB28xxBGA;PCTV 170e Device; C:Windowssystem32DRIVERSemBDA.sys [2008-09-12 540288]
S3 USB28xxOEM;USB 28xx OEM Filter; C:Windowssystem32DRIVERSemOEM.sys [2008-09-12 443520]
S3 usbprint;Класс принтеров Microsoft USB; C:Windowssystem32DRIVERSusbprint.sys [2008-01-19 18944]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:Windowssystem32DRIVERSUSBSTOR.SYS [2008-01-19 55296]
S3 vga;vga; C:Windowssystem32DRIVERSvgapnp.sys [2006-11-02 26112]
S3 viaagp;VIA AGP Bus Filter; C:Windowssystem32driversviaagp.sys [2006-11-02 54376]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 adp94xx;adp94xx; C:Windowssystem32driversadp94xx.sys [2006-11-02 420968]
S4 adpahci;adpahci; C:Windowssystem32driversadpahci.sys [2006-11-02 297576]
S4 adpu320;adpu320; C:Windowssystem32driversadpu320.sys [2006-11-02 147048]
S4 amdide;amdide; C:Windowssystem32driversamdide.sys [2006-11-02 15464]
S4 AmdK7;AMD K7 Processor Driver; C:Windowssystem32driversamdk7.sys [2006-11-02 38912]
S4 AmdK8;AMD K8 Processor Driver; C:Windowssystem32driversamdk8.sys [2006-11-02 40960]
S4 arc;arc; C:Windowssystem32driversarc.sys [2006-11-02 67688]
S4 arcsas;arcsas; C:Windowssystem32driversarcsas.sys [2006-11-02 67688]
S4 blbdrive;blbdrive; C:Windowssystem32driversblbdrive.sys []
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:Windowssystem32driversbrserid.sys [2006-11-02 71808]
S4 BrSerWdm;Brother WDM Serial driver; C:Windowssystem32driversbrserwdm.sys [2006-11-02 62336]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem; C:Windowssystem32driversbrusbmdm.sys [2006-11-02 12160]
S4 BTHMODEM;Bluetooth Serial Communications Driver; C:Windowssystem32driversbthmodem.sys [2006-11-02 39936]
S4 circlass;Consumer IR Devices; C:Windowssystem32driverscirclass.sys [2006-11-02 35328]
S4 Crusoe;Transmeta Crusoe Processor Driver; C:Windowssystem32driverscrusoe.sys [2006-11-02 38912]
S4 elxstor;elxstor; C:Windowssystem32driverselxstor.sys [2006-11-02 316520]
S4 HidBth;Microsoft Bluetooth HID Miniport; C:Windowssystem32drivershidbth.sys [2006-11-02 29184]
S4 HidIr;Microsoft Infrared HID Driver; C:Windowssystem32drivershidir.sys [2006-11-02 21504]
S4 HpCISSs;HpCISSs; C:Windowssystem32drivershpcisss.sys [2006-11-02 37480]
S4 iaStorV;Intel RAID Controller Vista; C:Windowssystem32driversiastorv.sys [2006-11-02 232040]
S4 iirsp;iirsp; C:Windowssystem32driversiirsp.sys [2006-11-02 41576]
S4 IPMIDRV;IPMIDRV; C:Windowssystem32driversipmidrv.sys [2006-11-02 65536]
S4 isapnp;PnP ISA/EISA Bus Driver; C:Windowssystem32driversisapnp.sys [2006-11-02 47208]
S4 iteatapi;ITEATAPI_Service_Install; C:Windowssystem32driversiteatapi.sys [2006-11-02 35944]
S4 iteraid;ITERAID_Service_Install; C:Windowssystem32driversiteraid.sys [2006-11-02 35944]
S4 kbdhid;Keyboard HID Driver; C:Windowssystem32driverskbdhid.sys [2006-11-02 15872]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 LSI_FC;LSI_FC; C:Windowssystem32driverslsi_fc.sys [2006-11-02 65640]
S4 LSI_SAS;LSI_SAS; C:Windowssystem32driverslsi_sas.sys [2006-11-02 65640]
S4 LSI_SCSI;LSI_SCSI; C:Windowssystem32driverslsi_scsi.sys [2006-11-02 65640]
S4 megasas;megasas; C:Windowssystem32driversmegasas.sys [2006-11-02 28776]
S4 mpio;Microsoft Multi-Path Bus Driver; C:Windowssystem32driversmpio.sys [2006-11-02 78952]
S4 msahci;msahci; C:Windowssystem32driversmsahci.sys [2006-11-02 23144]
S4 msdsm;Microsoft Multi-Path Device Specific Module; C:Windowssystem32driversmsdsm.sys [2006-11-02 80488]
S4 nfrd960;nfrd960; C:Windowssystem32driversnfrd960.sys [2006-11-02 45160]
S4 ntrigdigi;N-trig HID Tablet Driver; C:Windowssystem32driversntrigdigi.sys [2006-11-02 20608]
S4 nvraid;nvraid; C:Windowssystem32driversnvraid.sys [2006-11-02 88680]
S4 nvstor;nvstor; C:Windowssystem32driversnvstor.sys [2006-11-02 40040]
S4 ql2300;QLogic Fibre Channel Miniport Driver; C:Windowssystem32driversql2300.sys [2006-11-02 900712]
S4 ql40xx;QLogic iSCSI Miniport Driver; C:Windowssystem32driversql40xx.sys [2006-11-02 106088]
S4 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:Windowssystem32driverssbp2port.sys [2006-11-02 76392]
S4 sermouse;Serial Mouse Driver; C:Windowssystem32driverssermouse.sys [2008-01-19 19968]
S4 SiSRaid2;SiSRaid2; C:Windowssystem32driverssisraid2.sys [2006-11-02 38504]
S4 SiSRaid4;SiSRaid4; C:Windowssystem32driverssisraid4.sys [2006-11-02 71784]
S4 uliahci;uliahci; C:Windowssystem32driversuliahci.sys [2006-11-02 235112]
S4 UlSata;UlSata; C:Windowssystem32driversulsata.sys [2006-11-02 98408]
S4 ulsata2;ulsata2; C:Windowssystem32driversulsata2.sys [2006-11-02 115816]
S4 usbcir;eHome Infrared Receiver (USBCIR); C:Windowssystem32driversusbcir.sys [2006-11-02 68608]
S4 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:Windowssystem32driversusbohci.sys [2006-11-02 19456]
S4 ViaC7;VIA C7 Processor Driver; C:Windowssystem32driversviac7.sys [2006-11-02 39424]
S4 vsmraid;vsmraid; C:Windowssystem32driversvsmraid.sys [2006-11-02 112232]
S4 WacomPen;Wacom Serial Pen HID Driver; C:Windowssystem32driverswacompen.sys [2006-11-02 20608]
S4 Wd;Microsoft Watchdog Timer Driver; C:Windowssystem32driverswd.sys [2006-11-02 19560]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]
S4 ws2ifsl;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:Windowssystem32driversws2ifsl.sys [2008-01-19 15872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;@%SystemRoot%system32aelupsvc.dll,-1; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-02-06 18752]
R2 AudioEndpointBuilder;@%SystemRoot%system32audiosrv.dll,-204; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-02-06 138680]
R2 BFE;@%SystemRoot%system32bfe.dll,-1001; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 DPS;@%systemroot%system32dps.dll,-500; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 EMDMgmt;@%SystemRoot%system32emdmgmt.dll,-1000; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 FDResPub;@%systemroot%system32fdrespub.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 FontCache3.0.0.0;@%SystemRoot%system32PresentationHost.exe,-3309; C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2008-06-20 46104]
R2 gpsvc;@gpapi.dll,-112; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 IKEEXT;@%SystemRoot%system32ikeext.dll,-501; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 iphlpsvc;@%SystemRoot%system32iphlpsvc.dll,-200; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 KtmRm;@comres.dll,-2946; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 MMCSS;@%systemroot%system32mmcss.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 MpsSvc;@%SystemRoot%system32FirewallAPI.dll,-23090; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe [2008-12-05 935208]
R2 netprofm;@%SystemRoot%system32netprof.dll,-246; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 NlaSvc;@%SystemRoot%System32nlasvc.dll,-1; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 nsi;@%SystemRoot%system32nsisvc.dll,-200; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 PcaSvc;@%SystemRoot%system32pcasvc.dll,-1; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 ProfSvc;@%systemroot%system32profsvc.dll,-300; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 slsvc;@%SystemRoot%system32SLsvc.exe,-101; C:Windowssystem32SLsvc.exe [2008-01-19 2623488]
R2 SysMain;@%SystemRoot%system32sysmain.dll,-1000; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 TabletInputService;@%SystemRoot%system32TabSvc.dll,-100; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:Windowssystem32TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:Program FilesTOSHIBAPower SaverTosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R2 UxSms;@%SystemRoot%system32dwm.exe,-2000; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 WerSvc;@%SystemRoot%System32wersvc.dll,-100; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 WinDefend;@%ProgramFiles%Windows DefenderMsMpRes.dll,-103; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R2 Wlansvc;@%SystemRoot%System32wlansvc.dll,-257; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 WPDBusEnum;@%SystemRoot%system32wpdbusenum.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R2 WSearch;@%systemroot%system32SearchIndexer.exe,-103; C:Windowssystem32SearchIndexer.exe [2008-05-27 439808]
R2 wudfsvc;@%SystemRoot%system32wudfsvc.dll,-1000; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 Appinfo;@%systemroot%system32appinfo.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-02-06 352920]
R3 ehRecvr;@%SystemRoot%ehomeehrecvr.exe,-101; C:WindowsehomeehRecvr.exe [2008-01-19 292352]
R3 ehSched;@%SystemRoot%ehomeehsched.exe,-101; C:Windowsehomeehsched.exe [2006-11-02 131072]
R3 fdPHost;@%systemroot%system32fdPHost.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 KeyIso;@keyiso.dll,-100; C:Windowssystem32lsass.exe [2008-01-19 9728]
R3 SstpSvc;@%SystemRoot%system32sstpsvc.dll,-200; C:Windowssystem32svchost.exe [2008-01-19 21504]
R3 WdiSystemHost;@%systemroot%system32wdi.dll,-500; C:WindowsSystem32svchost.exe [2008-01-19 21504]
R3 WinHttpAutoProxySvc;@%SystemRoot%system32winhttp.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S2 ehstart;@%SystemRoot%ehomeehstart.dll,-101; C:Windowssystem32svchost.exe [2008-01-19 21504]
S2 gupdate1c9b43ab3863630;Google Update Service (gupdate1c9b43ab3863630); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-04-03 133104]
S2 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-02 183280]
S2 TBS;@%SystemRoot%system32tbssvc.dll,-100; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 CertPropSvc;@%SystemRoot%System32certprop.dll,-11; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-27 69632]
S3 DFSR;@dfsrres.dll,-101; C:Windowssystem32DFSR.exe [2008-01-19 2091520]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 idsvc;@%systemroot%Microsoft.NETFrameworkv3.0Windows Communication FoundationServiceModelInstallRC.dll,-8193; C:WindowsMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-06-20 881664]
S3 IPBusEnum;@%systemroot%system32IPBusEnum.dll,-102; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 lltdsvc;@%SystemRoot%system32lltdres.dll,-1; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 MSiSCSI;@%SystemRoot%system32iscsidsc.dll,-5000; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-29 89136]
S3 p2pimsvc;@%SystemRoot%system32p2psvc.dll,-8004; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 p2psvc;@%SystemRoot%system32p2psvc.dll,-8006; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 pla;@%systemroot%system32pla.dll,-500; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 PNRPAutoReg;@%SystemRoot%system32p2psvc.dll,-8002; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 PNRPsvc;@%SystemRoot%system32p2psvc.dll,-8000; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 QWAVE;@%SystemRoot%system32qwave.dll,-1; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 SCPolicySvc;@%SystemRoot%System32certprop.dll,-13; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 SDRSVC;@%SystemRoot%system32sdrsvc.dll,-107; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 SessionEnv;@%SystemRoot%System32SessEnv.dll,-1026; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 SLUINotify;@%SystemRoot%system32SLUINotify.dll,-103; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 SNMPTRAP;@%SystemRoot%system32snmptrap.exe,-3; C:WindowsSystem32snmptrap.exe [2006-11-02 12800]
S3 THREADORDER;@%systemroot%system32mmcss.dll,-102; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 TrustedInstaller;@%SystemRoot%servicingTrustedInstaller.exe,-100; C:WindowsservicingTrustedInstaller.exe [2008-01-19 39424]
S3 UI0Detect;@%SystemRoot%system32ui0detect.exe,-101; C:Windowssystem32UI0Detect.exe [2008-01-19 35840]
S3 vds;@%SystemRoot%system32vds.exe,-100; C:WindowsSystem32vds.exe [2008-01-19 382976]
S3 wcncsvc;@%SystemRoot%system32wcncsvc.dll,-3; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 WcsPlugInService;@%SystemRoot%system32WcsPlugInService.dll,-200; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 WdiServiceHost;@%systemroot%system32wdi.dll,-502; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 Wecsvc;@%SystemRoot%system32wecsvc.dll,-200; C:Windowssystem32svchost.exe [2008-01-19 21504]
S3 wercplsupport;@%SystemRoot%System32wercplsupport.dll,-101; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 WinRM;@%Systemroot%system32wsmsvc.dll,-101; C:WindowsSystem32svchost.exe [2008-01-19 21504]
S3 WMPNetworkSvc;@%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101; C:Program FilesWindows Media Playerwmpnetwk.exe [2008-01-19 896512]
S3 WPCSvc;@%SystemRoot%system32wpcsvc.dll,-100; C:Windowssystem32svchost.exe [2008-01-19 21504]
S4 Mcx2Svc;@%SystemRoot%ehomeehres.dll,-15501; C:Windowssystem32svchost.exe [2008-01-19 21504]
S4 NetTcpPortSharing;@%systemroot%Microsoft.NETFrameworkv3.0Windows Communication FoundationServiceModelInstallRC.dll,-8201; C:WindowsMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-06-20 132096]

EOF
30 января, 2009 в 8:16 пп в ответ на: информер #21554
alex
Participant
- Темы:5
- Сообщений:20
Большое спосибо за помощь. Удачи.
28 января, 2009 в 9:36 пп в ответ на: информер #21552
alex
Participant
- Темы:5
- Сообщений:20
посмотрите пожалуйста лог. спасибо. Logfile of random’s system information tool 1.05 (written by random/random)
Run by Toshiba at 2009-01-29 00:31:20
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 26 GB (34%) free of 76 GB
Total RAM: 1021 MB (22% free)

======Scheduled tasks folder======

C:WindowstasksNorton Internet Security — Run Full System Scan — Toshiba.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0NppBho.dll [2006-10-23 96984]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0binssv.dll [2007-03-30 501384]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75}]
butt-head.ru Toolbar — C:Program Filesbutt-head.rutbbutt.dll [2008-09-15 1784856]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} — Show Norton Toolbar — C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0UIBHO.dll [2006-10-23 565960]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2007-12-09 366080]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-12-03 1561864]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2008-12-27 845296]
{a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — butt-head.ru Toolbar — C:Program Filesbutt-head.rutbbutt.dll [2008-09-15 1784856]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«TPwrMain»=C:Program FilesTOSHIBAPower SaverTPwrMain.EXE [2006-12-19 411768]
«HSON»=C:Program FilesTOSHIBATBSHSON.exe [2006-12-07 55416]
«SmoothView»=C:Program FilesToshibaSmoothViewSmoothView.exe [2007-02-06 509496]
«00TCrdMain»=C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [2007-01-17 534648]
«KeNotify»=C:Program FilesTOSHIBAUtilitiesKeNotify.exe [2006-11-06 34352]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«SVPWUTIL»=C:Program FilesTOSHIBAUtilitiesSVPWUTIL.exe [2006-03-22 438272]
«NDSTray.exe»=NDSTray.exe []
«ccApp»=C:Program FilesCommon FilesSymantec SharedccApp.exe [2006-10-25 107112]
«osCheck»=C:Program FilesNorton Internet SecurityosCheck.exe [2006-10-27 22696]
«topi»=C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe [2007-03-02 577536]
«Desktop SMS»=C:Program FilesIDMDesktop SMSDesktopSMS.exe [2007-01-19 1507328]
«SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-02-02 835584]
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2007-12-09 4855288]
«WPCUMI»=C:Windowssystem32WpcUmi.exe [2006-11-02 176128]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2008-11-26 81000]
«Symantec PIF AlertEng»=C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
«NvSvc»=C:Windowssystem32nvsvc.dll [2007-01-13 90191]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2007-01-13 7766016]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2007-01-13 81920]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-19 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2008-10-20 479496]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe [2008-03-14 2291200]
«toscdspd»=TOSCDSPD.EXE []
«BitComet»=C:Program FilesBitCometBitComet.exe [2008-12-03 2514744]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Bluetooth Manager.lnk — C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe

C:UsersToshibaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Информер от rp5.ru.lnk — C:Program Filesrp5.rurp5.exe

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======List of files/folders created in the last 1 months======

2009-01-28 18:34:20 —-D—- C:Program Filesrp5.ru
2009-01-28 17:33:49 —-A—- C:Windowssystem32regsvr32.exe.log
2009-01-28 17:03:17 —-D—- C:rsit
2009-01-27 16:27:19 —-D—- C:UsersToshibaAppDataRoamingMalwarebytes
2009-01-27 16:27:13 —-D—- C:ProgramDataMalwarebytes
2009-01-27 16:27:13 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-01-27 16:08:20 —-RASHD—- C:autorun.inf
2009-01-18 12:14:11 —-D—- C:UsersToshibaAppDataRoamingPetShowCraze
2009-01-18 10:17:24 —-D—- C:ProgramDataNeptunesAdve
2009-01-16 19:34:20 —-D—- C:Program FilesMicrosoft Silverlight
2009-01-08 17:09:10 —-D—- C:Downloads
2009-01-07 15:43:59 —-D—- C:ProgramDataAlawar Stargaze
2009-01-07 14:38:31 —-D—- C:Игры
2009-01-04 11:43:14 —-D—- C:ProgramDataJoyBits
2009-01-01 16:49:01 —-A—- C:WindowsWirelessFTP.INI

======List of files/folders modified in the last 1 months======

2009-01-29 00:31:56 —-D—- C:Program FilesTrend Micro
2009-01-29 00:31:28 —-D—- C:WindowsTemp
2009-01-29 00:27:41 —-D—- C:Program FilesBitComet
2009-01-29 00:22:23 —-D—- C:Windowssystem32drivers
2009-01-28 18:41:20 —-D—- C:ProgramDataAlawarWrapper
2009-01-28 18:41:19 —-HD—- C:ProgramData
2009-01-28 18:34:20 —-RD—- C:Program Files
2009-01-28 18:34:18 —-D—- C:WindowsSystem32
2009-01-28 18:27:24 —-D—- C:WindowsPrefetch
2009-01-28 18:20:24 —-D—- C:Program FilesИгры GameHits
2009-01-28 18:20:16 —-D—- C:Program FilesИгры от NevoSoft
2009-01-28 18:16:26 —-D—- C:Игры от NevoSoft
2009-01-28 18:02:31 —-D—- C:Program FilesNicy Software
2009-01-28 18:02:07 —-D—- C:Windows
2009-01-28 18:01:20 —-D—- C:Program FilesLoLo Games
2009-01-28 17:56:55 —-D—- C:Program FilesCommon Files
2009-01-28 17:56:20 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-28 17:56:20 —-D—- C:Windowssystem
2009-01-28 17:56:20 —-A—- C:Windowscompedia.ini
2009-01-28 17:54:26 —-SHD—- C:WindowsInstaller
2009-01-28 17:53:58 —-SHD—- C:System Volume Information
2009-01-28 17:53:40 —-D—- C:Windowssystem32Tasks
2009-01-28 17:51:26 —-D—- C:Program FilesНовый Диск
2009-01-28 17:46:55 —-D—- C:Windowssystem32catroot
2009-01-28 17:46:55 —-D—- C:Program FilesRealtek
2009-01-28 17:46:54 —-D—- C:Windowsinf
2009-01-28 17:46:52 —-D—- C:Windowssystem32RTCOM
2009-01-28 17:46:48 —-D—- C:Windowssystem32catroot2
2009-01-28 17:46:40 —-A—- C:WindowsDIFxAPI.dll
2009-01-28 17:45:43 —-D—- C:UsersToshibaAppDataRoamingYandex
2009-01-28 17:41:42 —-D—- C:Program FilesMozilla Firefox
2009-01-28 17:32:12 —-D—- C:Program FilesGTA Vice City
2009-01-28 17:29:20 —-D—- C:Program Files1C
2009-01-28 15:14:04 —-D—- C:Program FilesWebalta
2009-01-27 22:36:52 —-D—- C:Windowstracing
2009-01-27 19:12:22 —-D—- C:Program Filesbutt-head.ru
2009-01-22 18:12:58 —-SD—- C:WindowsDownloaded Program Files
2009-01-19 21:23:59 —-D—- C:Windowssystem32Macromed
2009-01-14 19:24:57 —-D—- C:Windowswinsxs
2009-01-14 15:02:23 —-D—- C:Program FilesWindows Mail
2009-01-14 14:57:38 —-A—- C:Windowswinamp.ini
2009-01-13 22:42:01 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-01-11 15:31:06 —-SD—- C:UsersToshibaAppDataRoamingMicrosoft
2009-01-10 04:35:28 —-A—- C:Windowssystem32mrt.exe
2009-01-08 16:10:13 —-SD—- C:ProgramDataMicrosoft
2008-12-31 11:32:24 —-D—- C:ProgramDataВеселаяФерма2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2008-11-26 23152]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2008-11-26 50864]
R1 eeCtrl;Symantec Eraser Control driver; ??C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys [2007-10-16 395312]
R1 IDSvix86;Symantec Intrusion Prevention Driver; ??C:PROGRA~2SymantecDEFINI~1SymcDataidsdefs20071220.001IDSvix86.sys [2007-11-06 180272]
R1 SPBBCDrv;SPBBCDrv; ??C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCDrv.sys [2006-10-06 406672]
R1 SRTSPX;SRTSPX; C:WindowsSystem32DriversSRTSPX.SYS [2007-09-18 43696]
R1 SYMTDI;SYMTDI; C:WindowsSystem32DriversSYMTDI.SYS [2006-10-24 185744]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2008-11-26 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2008-11-26 51792]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [2007-10-16 112688]
R3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2007-01-13 4452288]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2008-01-19 88576]
R3 SYMDNS;SYMDNS; C:WindowsSystem32DriversSYMDNS.SYS [2006-10-24 11792]
R3 SymEvent;SymEvent; ??C:Windowssystem32DriversSYMEVENT.SYS [2007-10-27 123952]
R3 SYMFW;SYMFW; C:WindowsSystem32DriversSYMFW.SYS [2006-10-24 144784]
R3 SYMIDS;SYMIDS; C:WindowsSystem32DriversSYMIDS.SYS [2006-10-24 38928]
R3 SYMNDISV;SYMNDISV; C:WindowsSystem32DriversSYMNDISV.SYS [2006-10-24 37008]
R3 SYMREDRV;SYMREDRV; C:WindowsSystem32DriversSYMREDRV.SYS [2006-10-24 26384]
R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys [2007-02-02 182328]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:Windowssystem32DRIVERStdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
R3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys []
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; ??C:PROGRA~2SymantecDEFINI~1VIRUSD~120071106.025NAVENG.SYS [2007-10-16 81232]
S3 NAVEX15;NAVEX15; ??C:PROGRA~2SymantecDEFINI~1VIRUSD~120071106.025NAVEX15.SYS [2007-10-16 865904]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 SRTSP;SRTSP; C:WindowsSystem32DriversSRTSP.SYS [2007-09-18 278576]
S3 SRTSPL;SRTSPL; C:WindowsSystem32DriversSRTSPL.SYS [2007-09-18 317616]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2008-11-26 18752]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe [2007-09-12 554352]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2008-11-26 155160]
R2 ccEvtMgr;Symantec Event Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 ccSetMgr;Symantec Settings Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 SymAppCore;Symantec AppCore Service; C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe [2006-09-20 46736]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:Windowssystem32TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:Program FilesTOSHIBAPower SaverTosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2008-11-26 352920]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
S3 comHost;COM Host; C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe [2006-10-13 49296]
S3 ISPwdSvc;Symantec IS Password Validation; C:Program FilesNorton Internet SecurityisPwdSvc.exe [2006-10-27 80552]
S3 LiveUpdate;LiveUpdate; C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE [2007-09-12 2999664]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 Symantec Core LC;Symantec Core LC; C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe [2007-11-03 1252232]
S3 WLSetupSvc;Windows Live Setup Service; C:Program FilesWindows LiveinstallerWLSetupSvc.exe [2007-10-25 266240]

EOF
27 января, 2009 в 5:47 пп в ответ на: информер #21550
alex
Participant
- Темы:5
- Сообщений:20
Спасибо, информер пропал, только после работы программы и перезагрузки лог комп. не показал. Еще раз спасибо.
27 января, 2009 в 12:34 пп в ответ на: информер #21549
alex
Participant
- Темы:5
- Сообщений:20
Помогите пожалуйста убрать информер нLogfile of random’s system information tool 1.05 (written by random/random)
Run by Toshiba at 2009-01-27 15:28:38
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 10 GB (13%) free of 76 GB
Total RAM: 1021 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:28:41, on 27.01.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:WindowsRtHDVCpl.exe
C:Program FilesTOSHIBAPower SaverTPwrMain.exe
C:Program FilesTOSHIBASmoothViewSmoothView.exe
C:Program FilesTOSHIBAFlashCardsTCrdMain.exe
C:Program FilesTOSHIBAUtilitiesKeNotify.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesTOSHIBAToshiba Online Product InformationTOPI.exe
C:Program FilesIDMDesktop SMSDesktopSMS.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesMail.RuAgentmagent.exe
C:WindowsSystem32wpcumi.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesYandexOnlineonline.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Program FilesBitCometBitComet.exe
C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
C:Program Filesrp5.rurp5.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:WindowsSystem32rundll32.exe
C:Program FilesSynapticsSynTPSynToshiba.exe
C:Windowsehomeehmsas.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:UsersToshibaAppDataLocalNevoSoftrun.exe
C:Program FilesWindows MailWinMail.exe
c:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
c:Program FilesToshibaBluetooth Toshiba StackTosBtHid.exe
c:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe
c:Program FilesToshibaBluetooth Toshiba StackTosAVRC.exe
C:Program FilesInternet Exploreriexplore.exe
c:Program FilesToshibaBluetooth Toshiba StacktosOBEX.exe
C:Program FilesTOSHIBABluetooth Toshiba StackTosBtProc.exe
C:UsersToshibaAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5RXLDCHRBRSIT[1].exe
C:Program FilesTrend MicroHijackThisToshiba.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=21978&yasoft=barie
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.rambler.ru/ra/
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:UsersToshibaAppDataRoamingMraUpdatemrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — (no file)
R3 — URLSearchHook: butt-head.ru Toolbar — {a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — C:Program Filesbutt-head.rutbbutt.dll
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: (no name) — {1E8A6170-7264-4D0F-BEAE-D42A53123C75} — C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0NppBho.dll
O2 — BHO: rjxlibP — {212D2299-CCC6-4AD5-B848-27CDDF5D9CAA} — C:ProgramDatarjxlib.dll
O2 — BHO: BitComet ClickCapture — {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll (file missing)
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0binssv.dll
O2 — BHO: BP Data Feeder — {9D64F819-9380-8473-DAB2-702FCB3D7A3E} — %USERPROFILE%Application Databpfeed.dll (file missing)
O2 — BHO: butt-head.ru Toolbar — {a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — C:Program Filesbutt-head.rutbbutt.dll
O2 — BHO: xiglibP — {BA623FF2-53C4-4B1F-890F-932EAA74E8A5} — C:ProgramDataxiglib.dll
O3 — Toolbar: Show Norton Toolbar — {90222687-F593-4738-B738-FBEE9C7B26DF} — C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0UIBHO.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: &Gismeteo.Ru — {923A63EB-3D61-44A5-9E54-545127FEAEEA} — c:gismeteobargismeteobar.dll (file missing)
O3 — Toolbar: (no name) — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — (no file)
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
O3 — Toolbar: butt-head.ru Toolbar — {a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — C:Program Filesbutt-head.rutbbutt.dll
O3 — Toolbar: &Webalta toolbar — {D4C56A33-3488-495B-8033-9BF834E276D8} — C:PROGRA~1WebaltaWEBALT~1.DLL
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 — HKLM..Run: [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
O4 — HKLM..Run: [HSON] %ProgramFiles%TOSHIBATBSHSON.exe
O4 — HKLM..Run: [SmoothView] %ProgramFiles%ToshibaSmoothViewSmoothView.exe
O4 — HKLM..Run: [00TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
O4 — HKLM..Run: [KeNotify] C:Program FilesTOSHIBAUtilitiesKeNotify.exe
O4 — HKLM..Run: [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
O4 — HKLM..Run: [SVPWUTIL] C:Program FilesTOSHIBAUtilitiesSVPWUTIL.exe SVPwUTIL
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [ccApp] «C:Program FilesCommon FilesSymantec SharedccApp.exe»
O4 — HKLM..Run: [osCheck] «C:Program FilesNorton Internet SecurityosCheck.exe»
O4 — HKLM..Run: [topi] C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe -startup
O4 — HKLM..Run: [Desktop SMS] C:Program FilesIDMDesktop SMSDesktopSMS.exe /auto
O4 — HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe»
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [WPCUMI] C:Windowssystem32WpcUmi.exe
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [Symantec PIF AlertEng] «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe» /a /m «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll»
O4 — HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [toscdspd] TOSCDSPD.EXE
O4 — HKCU..Run: [BitComet] «C:Program FilesBitCometBitComet.exe» /tray
O4 — HKCU..Run: [NevoDRM] «C:Игры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘Default user’)
O4 — Startup: Информер от rp5.ru.lnk = C:Program Filesrp5.rurp5.exe
O4 — Global Startup: Bluetooth Manager.lnk = ?
O8 — Extra context menu item: &D&ownload &with BitComet — res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Translate — http://lingvo.yandex.ru/ie5trans.htm
O8 — Extra context menu item: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
O8 — Extra context menu item: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
O8 — Extra context menu item: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
O8 — Extra context menu item: Webalta — Добавить в Анти-Баннер — C:Program FilesWebaltaextentionsWebalta_antiban.htm
O8 — Extra context menu item: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
O8 — Extra context menu item: Добавить в Rambler-Закладки — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/zakladki.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/SEARCH.HTM
O8 — Extra context menu item: Словари@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/TRANSLATE.HTM
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0binnpjpi160.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0binnpjpi160.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 — Extra button: eBay — {C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU (file missing)
O9 — Extra button: BitComet — {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} — res://C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 — Gopher Prefix:
O16 — DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) — http://www.kaspersky.com/kos/russian/partner/rus/kavwebscan_unicode.cab
O16 — DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} — http://download.divx.com/player/DivXBrowserPlugin.cab
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpip..{BD07CBF3-7A58-47B0-BE42-E4FAA4DD7CB6}: NameServer = 10.200.0.1,80.249.152.20
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Automatic LiveUpdate Scheduler — Symantec Corporation — C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Symantec Event Manager (ccEvtMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: Symantec Settings Manager (ccSetMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: ConfigFree Service (CFSvcs) — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: Symantec Lic NetConnect service (CLTNetCnService) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: COM Host (comHost) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Symantec IS Password Validation (ISPwdSvc) — Symantec Corporation — C:Program FilesNorton Internet SecurityisPwdSvc.exe
O23 — Service: LiveUpdate — Symantec Corporation — C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 — Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: LiveUpdate Notice Service — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
O23 — Service: Symantec Core LC — Unknown owner — C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 — Service: Symantec AppCore Service (SymAppCore) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe
O23 — Service: TOSHIBA Optical Disc Drive Service (TODDSrv) — TOSHIBA Corporation — C:Windowssystem32TODDSrv.exe
O23 — Service: TOSHIBA Power Saver (TosCoSrv) — TOSHIBA Corporation — C:Program FilesTOSHIBAPower SaverTosCoSrv.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
O23 — Service: Webalta Controller (WebaltaController) — Unknown owner — C:Program FilesWebaltaWebaltaUpdaterService.exe

—
End of file — 15151 bytes

======Scheduled tasks folder======

C:WindowstasksNorton Internet Security — Run Full System Scan — Toshiba.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0NppBho.dll [2006-10-23 96984]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{212D2299-CCC6-4AD5-B848-27CDDF5D9CAA}]
APE Data Codec — C:ProgramDatarjxlib.dll [2009-01-27 323072]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0binssv.dll [2007-03-30 501384]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D64F819-9380-8473-DAB2-702FCB3D7A3E}]
BP Data Feeder — C:UsersToshibaApplication Databpfeed.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75}]
butt-head.ru Toolbar — C:Program Filesbutt-head.rutbbutt.dll [2008-09-15 1784856]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{BA623FF2-53C4-4B1F-890F-932EAA74E8A5}]
LPAC Media Decoder — C:ProgramDataxiglib.dll [2009-01-27 322560]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} — Show Norton Toolbar — C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0UIBHO.dll [2006-10-23 565960]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2007-12-09 366080]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-12-03 1561864]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2008-12-27 845296]
{a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — butt-head.ru Toolbar — C:Program Filesbutt-head.rutbbutt.dll [2008-09-15 1784856]
{D4C56A33-3488-495B-8033-9BF834E276D8} — &Webalta toolbar — C:PROGRA~1WebaltaWEBALT~1.DLL [2008-11-05 1693186]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«RtHDVCpl»=C:WindowsRtHDVCpl.exe [2007-01-18 4349952]
«TPwrMain»=C:Program FilesTOSHIBAPower SaverTPwrMain.EXE [2006-12-19 411768]
«HSON»=C:Program FilesTOSHIBATBSHSON.exe [2006-12-07 55416]
«SmoothView»=C:Program FilesToshibaSmoothViewSmoothView.exe [2007-02-06 509496]
«00TCrdMain»=C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [2007-01-17 534648]
«KeNotify»=C:Program FilesTOSHIBAUtilitiesKeNotify.exe [2006-11-06 34352]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«SVPWUTIL»=C:Program FilesTOSHIBAUtilitiesSVPWUTIL.exe [2006-03-22 438272]
«NDSTray.exe»=NDSTray.exe []
«ccApp»=C:Program FilesCommon FilesSymantec SharedccApp.exe [2006-10-25 107112]
«osCheck»=C:Program FilesNorton Internet SecurityosCheck.exe [2006-10-27 22696]
«topi»=C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe [2007-03-02 577536]
«Desktop SMS»=C:Program FilesIDMDesktop SMSDesktopSMS.exe [2007-01-19 1507328]
«SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-02-02 835584]
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2007-12-09 4855288]
«WPCUMI»=C:Windowssystem32WpcUmi.exe [2006-11-02 176128]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2008-11-26 81000]
«Symantec PIF AlertEng»=C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
«NvSvc»=C:Windowssystem32nvsvc.dll [2007-01-13 90191]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2007-01-13 7766016]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2007-01-13 81920]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-19 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2008-10-20 479496]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe [2008-03-14 2291200]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-09-11 726824]
«toscdspd»=TOSCDSPD.EXE []
«BitComet»=C:Program FilesBitCometBitComet.exe [2008-12-03 2514744]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Bluetooth Manager.lnk — C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe

C:UsersToshibaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Информер от rp5.ru.lnk — C:Program Filesrp5.rurp5.exe

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1eba2bc2-ef71-11dc-86df-00037ad7fc3e}]
shellAutoRuncommand — G:
shellopencommand — rundll32.exe .\cwodm.dll,InstallM

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c81782cd-dfb7-11dd-b7c6-00037ad7fc3e}]
shellAutocommand — D:tel.xls.exe
shellAutoRuncommand — C:Windowssystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:tel.xls.exe

======List of files/folders created in the last 1 months======

2009-01-27 14:03:46 —-D—- C:rsit
2009-01-27 13:17:08 —-A—- C:UsersToshibaAppDataRoamingbpfeed.dll
2009-01-27 12:54:10 —-A—- C:ProgramDataxiglib.dll
2009-01-27 12:53:18 —-A—- C:ProgramDatarjxlib.dll
2009-01-18 12:14:11 —-D—- C:UsersToshibaAppDataRoamingPetShowCraze
2009-01-18 10:17:24 —-D—- C:ProgramDataNeptunesAdve
2009-01-16 19:34:20 —-D—- C:Program FilesMicrosoft Silverlight
2009-01-08 17:09:10 —-D—- C:Downloads
2009-01-07 15:43:59 —-D—- C:ProgramDataAlawar Stargaze
2009-01-07 14:38:31 —-D—- C:Игры
2009-01-04 11:43:14 —-D—- C:ProgramDataJoyBits
2009-01-01 16:49:01 —-A—- C:WindowsWirelessFTP.INI

======List of files/folders modified in the last 1 months======

2009-01-27 15:26:51 —-D—- C:WindowsTemp
2009-01-27 15:26:36 —-D—- C:Program FilesBitComet
2009-01-27 15:22:37 —-D—- C:WindowsPrefetch
2009-01-27 15:08:48 —-SHD—- C:System Volume Information
2009-01-27 14:27:14 —-D—- C:Windowssystem32drivers
2009-01-27 14:27:04 —-D—- C:Program FilesWebalta
2009-01-27 13:46:50 —-D—- C:Program FilesMozilla Firefox
2009-01-27 12:54:10 —-HD—- C:ProgramData
2009-01-26 21:06:54 —-D—- C:Windowstracing
2009-01-22 18:12:58 —-SD—- C:WindowsDownloaded Program Files
2009-01-20 16:27:21 —-D—- C:Игры от NevoSoft
2009-01-19 21:23:59 —-D—- C:Windowssystem32Macromed
2009-01-19 21:23:59 —-D—- C:WindowsSystem32
2009-01-16 19:34:23 —-SHD—- C:WindowsInstaller
2009-01-16 19:34:20 —-RD—- C:Program Files
2009-01-16 00:52:05 —-D—- C:Windowssystem32catroot2
2009-01-14 19:24:57 —-D—- C:Windowswinsxs
2009-01-14 15:02:30 —-D—- C:Windowssystem32catroot
2009-01-14 15:02:23 —-D—- C:Program FilesWindows Mail
2009-01-14 14:57:38 —-A—- C:Windowswinamp.ini
2009-01-13 22:42:01 —-D—- C:Windowsinf
2009-01-13 22:42:01 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-01-11 15:31:06 —-SD—- C:UsersToshibaAppDataRoamingMicrosoft
2009-01-10 04:35:28 —-A—- C:Windowssystem32mrt.exe
2009-01-08 19:58:58 —-D—- C:ProgramDataAlawarWrapper
2009-01-08 16:10:13 —-SD—- C:ProgramDataMicrosoft
2009-01-01 16:49:01 —-D—- C:Windows
2008-12-31 11:32:24 —-D—- C:ProgramDataВеселаяФерма2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2008-11-26 23152]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2008-11-26 50864]
R1 eeCtrl;Symantec Eraser Control driver; ??C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys [2007-10-16 395312]
R1 IDSvix86;Symantec Intrusion Prevention Driver; ??C:PROGRA~2SymantecDEFINI~1SymcDataidsdefs20071220.001IDSvix86.sys [2007-11-06 180272]
R1 SPBBCDrv;SPBBCDrv; ??C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCDrv.sys [2006-10-06 406672]
R1 SRTSPX;SRTSPX; C:WindowsSystem32DriversSRTSPX.SYS [2007-09-18 43696]
R1 SYMTDI;SYMTDI; C:WindowsSystem32DriversSYMTDI.SYS [2006-10-24 185744]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2008-11-26 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2008-11-26 51792]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [2007-10-16 112688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2007-01-18 1729632]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2007-01-13 4452288]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2008-01-19 88576]
R3 SYMDNS;SYMDNS; C:WindowsSystem32DriversSYMDNS.SYS [2006-10-24 11792]
R3 SymEvent;SymEvent; ??C:Windowssystem32DriversSYMEVENT.SYS [2007-10-27 123952]
R3 SYMFW;SYMFW; C:WindowsSystem32DriversSYMFW.SYS [2006-10-24 144784]
R3 SYMIDS;SYMIDS; C:WindowsSystem32DriversSYMIDS.SYS [2006-10-24 38928]
R3 SYMNDISV;SYMNDISV; C:WindowsSystem32DriversSYMNDISV.SYS [2006-10-24 37008]
R3 SYMREDRV;SYMREDRV; C:WindowsSystem32DriversSYMREDRV.SYS [2006-10-24 26384]
R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys [2007-02-02 182328]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:Windowssystem32DRIVERStdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
R3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; ??C:PROGRA~2SymantecDEFINI~1VIRUSD~120071106.025NAVENG.SYS [2007-10-16 81232]
S3 NAVEX15;NAVEX15; ??C:PROGRA~2SymantecDEFINI~1VIRUSD~120071106.025NAVEX15.SYS [2007-10-16 865904]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 SRTSP;SRTSP; C:WindowsSystem32DriversSRTSP.SYS [2007-09-18 278576]
S3 SRTSPL;SRTSPL; C:WindowsSystem32DriversSRTSPL.SYS [2007-09-18 317616]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2008-11-26 18752]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe [2007-09-12 554352]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2008-11-26 155160]
R2 ccEvtMgr;Symantec Event Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 ccSetMgr;Symantec Settings Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 SymAppCore;Symantec AppCore Service; C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe [2006-09-20 46736]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:Windowssystem32TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:Program FilesTOSHIBAPower SaverTosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2008-11-26 352920]
R3 Symantec Core LC;Symantec Core LC; C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe [2007-11-03 1252232]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
S2 WebaltaController;Webalta Controller; C:Program FilesWebaltaWebaltaUpdaterService.exe [2008-11-05 97794]
S3 comHost;COM Host; C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe [2006-10-13 49296]
S3 ISPwdSvc;Symantec IS Password Validation; C:Program FilesNorton Internet SecurityisPwdSvc.exe [2006-10-27 80552]
S3 LiveUpdate;LiveUpdate; C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE [2007-09-12 2999664]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:Program FilesWindows LiveinstallerWLSetupSvc.exe [2007-10-25 266240]

EOF

а 1/3 страницы. Спосибо.
Автор

Сообщения