Помогите пожалуйста убрать информер нLogfile of random’s system information tool 1.05 (written by random/random)
Run by Toshiba at 2009-01-27 15:28:38
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 10 GB (13%) free of 76 GB
Total RAM: 1021 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:28:41, on 27.01.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:WindowsRtHDVCpl.exe
C:Program FilesTOSHIBAPower SaverTPwrMain.exe
C:Program FilesTOSHIBASmoothViewSmoothView.exe
C:Program FilesTOSHIBAFlashCardsTCrdMain.exe
C:Program FilesTOSHIBAUtilitiesKeNotify.exe
C:Program FilesTOSHIBAConfigFreeNDSTray.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesTOSHIBAToshiba Online Product InformationTOPI.exe
C:Program FilesIDMDesktop SMSDesktopSMS.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesCamera Assistant Software for Toshibatraybar.exe
C:Program FilesMail.RuAgentmagent.exe
C:WindowsSystem32wpcumi.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesYandexOnlineonline.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesTOSHIBATOSCDSPDTOSCDSPD.exe
C:Program FilesBitCometBitComet.exe
C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
C:Program Filesrp5.rurp5.exe
C:Program FilesCamera Assistant Software for ToshibaCEC_MAIN.exe
C:WindowsSystem32rundll32.exe
C:Program FilesSynapticsSynTPSynToshiba.exe
C:Windowsehomeehmsas.exe
C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe
C:UsersToshibaAppDataLocalNevoSoftrun.exe
C:Program FilesWindows MailWinMail.exe
c:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
c:Program FilesToshibaBluetooth Toshiba StackTosBtHid.exe
c:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe
c:Program FilesToshibaBluetooth Toshiba StackTosAVRC.exe
C:Program FilesInternet Exploreriexplore.exe
c:Program FilesToshibaBluetooth Toshiba StacktosOBEX.exe
C:Program FilesTOSHIBABluetooth Toshiba StackTosBtProc.exe
C:UsersToshibaAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5RXLDCHRBRSIT[1].exe
C:Program FilesTrend MicroHijackThisToshiba.exe
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=21978&yasoft=barie
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.rambler.ru/ra/
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:UsersToshibaAppDataRoamingMraUpdatemrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — (no file)
R3 — URLSearchHook: butt-head.ru Toolbar — {a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — C:Program Filesbutt-head.rutbbutt.dll
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: (no name) — {1E8A6170-7264-4D0F-BEAE-D42A53123C75} — C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0NppBho.dll
O2 — BHO: rjxlibP — {212D2299-CCC6-4AD5-B848-27CDDF5D9CAA} — C:ProgramDatarjxlib.dll
O2 — BHO: BitComet ClickCapture — {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll (file missing)
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0binssv.dll
O2 — BHO: BP Data Feeder — {9D64F819-9380-8473-DAB2-702FCB3D7A3E} — %USERPROFILE%Application Databpfeed.dll (file missing)
O2 — BHO: butt-head.ru Toolbar — {a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — C:Program Filesbutt-head.rutbbutt.dll
O2 — BHO: xiglibP — {BA623FF2-53C4-4B1F-890F-932EAA74E8A5} — C:ProgramDataxiglib.dll
O3 — Toolbar: Show Norton Toolbar — {90222687-F593-4738-B738-FBEE9C7B26DF} — C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0UIBHO.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: &Gismeteo.Ru — {923A63EB-3D61-44A5-9E54-545127FEAEEA} — c:gismeteobargismeteobar.dll (file missing)
O3 — Toolbar: (no name) — {dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — (no file)
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
O3 — Toolbar: butt-head.ru Toolbar — {a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — C:Program Filesbutt-head.rutbbutt.dll
O3 — Toolbar: &Webalta toolbar — {D4C56A33-3488-495B-8033-9BF834E276D8} — C:PROGRA~1WebaltaWEBALT~1.DLL
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 — HKLM..Run: [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
O4 — HKLM..Run: [HSON] %ProgramFiles%TOSHIBATBSHSON.exe
O4 — HKLM..Run: [SmoothView] %ProgramFiles%ToshibaSmoothViewSmoothView.exe
O4 — HKLM..Run: [00TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
O4 — HKLM..Run: [KeNotify] C:Program FilesTOSHIBAUtilitiesKeNotify.exe
O4 — HKLM..Run: [HWSetup] C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
O4 — HKLM..Run: [SVPWUTIL] C:Program FilesTOSHIBAUtilitiesSVPWUTIL.exe SVPwUTIL
O4 — HKLM..Run: [NDSTray.exe] NDSTray.exe
O4 — HKLM..Run: [ccApp] «C:Program FilesCommon FilesSymantec SharedccApp.exe»
O4 — HKLM..Run: [osCheck] «C:Program FilesNorton Internet SecurityosCheck.exe»
O4 — HKLM..Run: [topi] C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe -startup
O4 — HKLM..Run: [Desktop SMS] C:Program FilesIDMDesktop SMSDesktopSMS.exe /auto
O4 — HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [Toshiba Registration] C:Program FilesToshibaRegistrationToshibaRegistration.exe
O4 — HKLM..Run: [Camera Assistant Software] «C:Program FilesCamera Assistant Software for Toshibatraybar.exe»
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [WPCUMI] C:Windowssystem32WpcUmi.exe
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [Symantec PIF AlertEng] «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe» /a /m «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll»
O4 — HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [toscdspd] TOSCDSPD.EXE
O4 — HKCU..Run: [BitComet] «C:Program FilesBitCometBitComet.exe» /tray
O4 — HKCU..Run: [NevoDRM] «C:Игры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe» (User ‘Default user’)
O4 — Startup: Информер от rp5.ru.lnk = C:Program Filesrp5.rurp5.exe
O4 — Global Startup: Bluetooth Manager.lnk = ?
O8 — Extra context menu item: &D&ownload &with BitComet — res://C:Program FilesBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://C:Program FilesBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Translate — http://lingvo.yandex.ru/ie5trans.htm
O8 — Extra context menu item: &Ubersetzen — http://lingvo.yandex.ru/ie5trans1.htm
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: T&raduire — http://lingvo.yandex.ru/ie5trans2.htm
O8 — Extra context menu item: Traduc&ir — http://lingvo.yandex.ru/ie5trans4.htm
O8 — Extra context menu item: Tradurr&e — http://lingvo.yandex.ru/ie5trans3.htm
O8 — Extra context menu item: Webalta — Добавить в Анти-Баннер — C:Program FilesWebaltaextentionsWebalta_antiban.htm
O8 — Extra context menu item: Yandex &Search — http://lingvo.yandex.ru/ie5search.htm
O8 — Extra context menu item: Добавить в Rambler-Закладки — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/zakladki.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/SEARCH.HTM
O8 — Extra context menu item: Словари@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/TRANSLATE.HTM
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0binnpjpi160.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0binnpjpi160.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 — Extra button: eBay — {C08CAF1D-C0A3-40D5-9970-06D067EAC017} — http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?RU (file missing)
O9 — Extra button: BitComet — {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} — res://C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll/206 (file missing)
O13 — Gopher Prefix:
O16 — DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) — http://www.kaspersky.com/kos/russian/partner/rus/kavwebscan_unicode.cab
O16 — DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} — http://download.divx.com/player/DivXBrowserPlugin.cab
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpip..{BD07CBF3-7A58-47B0-BE42-E4FAA4DD7CB6}: NameServer = 10.200.0.1,80.249.152.20
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Automatic LiveUpdate Scheduler — Symantec Corporation — C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Symantec Event Manager (ccEvtMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: Symantec Settings Manager (ccSetMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: ConfigFree Service (CFSvcs) — TOSHIBA CORPORATION — C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
O23 — Service: Symantec Lic NetConnect service (CLTNetCnService) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: COM Host (comHost) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Symantec IS Password Validation (ISPwdSvc) — Symantec Corporation — C:Program FilesNorton Internet SecurityisPwdSvc.exe
O23 — Service: LiveUpdate — Symantec Corporation — C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 — Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: LiveUpdate Notice Service — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
O23 — Service: Symantec Core LC — Unknown owner — C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 — Service: Symantec AppCore Service (SymAppCore) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe
O23 — Service: TOSHIBA Optical Disc Drive Service (TODDSrv) — TOSHIBA Corporation — C:Windowssystem32TODDSrv.exe
O23 — Service: TOSHIBA Power Saver (TosCoSrv) — TOSHIBA Corporation — C:Program FilesTOSHIBAPower SaverTosCoSrv.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
O23 — Service: Webalta Controller (WebaltaController) — Unknown owner — C:Program FilesWebaltaWebaltaUpdaterService.exe
—
End of file — 15151 bytes
======Scheduled tasks folder======
C:WindowstasksNorton Internet Security — Run Full System Scan — Toshiba.job
C:WindowstasksUser_Feed_Synchronization-{C6A8E361-3DBE-48E8-A294-EB2D3F43A3DB}.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0NppBho.dll [2006-10-23 96984]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{212D2299-CCC6-4AD5-B848-27CDDF5D9CAA}]
APE Data Codec — C:ProgramDatarjxlib.dll [2009-01-27 323072]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper — C:Program FilesBitComettoolsBitCometBHO_1.2.8.7.dll []
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0binssv.dll [2007-03-30 501384]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D64F819-9380-8473-DAB2-702FCB3D7A3E}]
BP Data Feeder — C:UsersToshibaApplication Databpfeed.dll []
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75}]
butt-head.ru Toolbar — C:Program Filesbutt-head.rutbbutt.dll [2008-09-15 1784856]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{BA623FF2-53C4-4B1F-890F-932EAA74E8A5}]
LPAC Media Decoder — C:ProgramDataxiglib.dll [2009-01-27 322560]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} — Show Norton Toolbar — C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.0UIBHO.dll [2006-10-23 565960]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2007-12-09 366080]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-12-03 1561864]
{923A63EB-3D61-44A5-9E54-545127FEAEEA} — &Gismeteo.Ru — c:gismeteobargismeteobar.dll []
{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2008-12-27 845296]
{a725ea1f-86d7-42cf-9bf7-0c6ab5ff7f75} — butt-head.ru Toolbar — C:Program Filesbutt-head.rutbbutt.dll [2008-09-15 1784856]
{D4C56A33-3488-495B-8033-9BF834E276D8} — &Webalta toolbar — C:PROGRA~1WebaltaWEBALT~1.DLL [2008-11-05 1693186]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-19 1008184]
«RtHDVCpl»=C:WindowsRtHDVCpl.exe [2007-01-18 4349952]
«TPwrMain»=C:Program FilesTOSHIBAPower SaverTPwrMain.EXE [2006-12-19 411768]
«HSON»=C:Program FilesTOSHIBATBSHSON.exe [2006-12-07 55416]
«SmoothView»=C:Program FilesToshibaSmoothViewSmoothView.exe [2007-02-06 509496]
«00TCrdMain»=C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [2007-01-17 534648]
«KeNotify»=C:Program FilesTOSHIBAUtilitiesKeNotify.exe [2006-11-06 34352]
«HWSetup»=C:Program FilesTOSHIBAUtilitiesHWSetup.exe [2006-11-01 413696]
«SVPWUTIL»=C:Program FilesTOSHIBAUtilitiesSVPWUTIL.exe [2006-03-22 438272]
«NDSTray.exe»=NDSTray.exe []
«ccApp»=C:Program FilesCommon FilesSymantec SharedccApp.exe [2006-10-25 107112]
«osCheck»=C:Program FilesNorton Internet SecurityosCheck.exe [2006-10-27 22696]
«topi»=C:Program FilesTOSHIBAToshiba Online Product Informationtopi.exe [2007-03-02 577536]
«Desktop SMS»=C:Program FilesIDMDesktop SMSDesktopSMS.exe [2007-01-19 1507328]
«SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-02-02 835584]
«Toshiba Registration»=C:Program FilesToshibaRegistrationToshibaRegistration.exe [2007-02-19 571024]
«Camera Assistant Software»=C:Program FilesCamera Assistant Software for Toshibatraybar.exe [2007-03-15 413696]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2007-12-09 4855288]
«WPCUMI»=C:Windowssystem32WpcUmi.exe [2006-11-02 176128]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2008-11-26 81000]
«Symantec PIF AlertEng»=C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
«NvSvc»=C:Windowssystem32nvsvc.dll [2007-01-13 90191]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2007-01-13 7766016]
«NvMediaCenter»=C:Windowssystem32NvMcTray.dll [2007-01-13 81920]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-19 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-19 125952]
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2008-10-20 479496]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe [2008-03-14 2291200]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-09-11 726824]
«toscdspd»=TOSCDSPD.EXE []
«BitComet»=C:Program FilesBitCometBitComet.exe [2008-12-03 2514744]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984]
C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Bluetooth Manager.lnk — C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
C:UsersToshibaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Информер от rp5.ru.lnk — C:Program Filesrp5.rurp5.exe
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{1eba2bc2-ef71-11dc-86df-00037ad7fc3e}]
shellAutoRuncommand — G:
shellopencommand — rundll32.exe .\cwodm.dll,InstallM
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c81782cd-dfb7-11dd-b7c6-00037ad7fc3e}]
shellAutocommand — D:tel.xls.exe
shellAutoRuncommand — C:Windowssystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:tel.xls.exe
======List of files/folders created in the last 1 months======
2009-01-27 14:03:46 —-D—- C:rsit
2009-01-27 13:17:08 —-A—- C:UsersToshibaAppDataRoamingbpfeed.dll
2009-01-27 12:54:10 —-A—- C:ProgramDataxiglib.dll
2009-01-27 12:53:18 —-A—- C:ProgramDatarjxlib.dll
2009-01-18 12:14:11 —-D—- C:UsersToshibaAppDataRoamingPetShowCraze
2009-01-18 10:17:24 —-D—- C:ProgramDataNeptunesAdve
2009-01-16 19:34:20 —-D—- C:Program FilesMicrosoft Silverlight
2009-01-08 17:09:10 —-D—- C:Downloads
2009-01-07 15:43:59 —-D—- C:ProgramDataAlawar Stargaze
2009-01-07 14:38:31 —-D—- C:Игры
2009-01-04 11:43:14 —-D—- C:ProgramDataJoyBits
2009-01-01 16:49:01 —-A—- C:WindowsWirelessFTP.INI
======List of files/folders modified in the last 1 months======
2009-01-27 15:26:51 —-D—- C:WindowsTemp
2009-01-27 15:26:36 —-D—- C:Program FilesBitComet
2009-01-27 15:22:37 —-D—- C:WindowsPrefetch
2009-01-27 15:08:48 —-SHD—- C:System Volume Information
2009-01-27 14:27:14 —-D—- C:Windowssystem32drivers
2009-01-27 14:27:04 —-D—- C:Program FilesWebalta
2009-01-27 13:46:50 —-D—- C:Program FilesMozilla Firefox
2009-01-27 12:54:10 —-HD—- C:ProgramData
2009-01-26 21:06:54 —-D—- C:Windowstracing
2009-01-22 18:12:58 —-SD—- C:WindowsDownloaded Program Files
2009-01-20 16:27:21 —-D—- C:Игры от NevoSoft
2009-01-19 21:23:59 —-D—- C:Windowssystem32Macromed
2009-01-19 21:23:59 —-D—- C:WindowsSystem32
2009-01-16 19:34:23 —-SHD—- C:WindowsInstaller
2009-01-16 19:34:20 —-RD—- C:Program Files
2009-01-16 00:52:05 —-D—- C:Windowssystem32catroot2
2009-01-14 19:24:57 —-D—- C:Windowswinsxs
2009-01-14 15:02:30 —-D—- C:Windowssystem32catroot
2009-01-14 15:02:23 —-D—- C:Program FilesWindows Mail
2009-01-14 14:57:38 —-A—- C:Windowswinamp.ini
2009-01-13 22:42:01 —-D—- C:Windowsinf
2009-01-13 22:42:01 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-01-11 15:31:06 —-SD—- C:UsersToshibaAppDataRoamingMicrosoft
2009-01-10 04:35:28 —-A—- C:Windowssystem32mrt.exe
2009-01-08 19:58:58 —-D—- C:ProgramDataAlawarWrapper
2009-01-08 16:10:13 —-SD—- C:ProgramDataMicrosoft
2009-01-01 16:49:01 —-D—- C:Windows
2008-12-31 11:32:24 —-D—- C:ProgramDataВеселаяФерма2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2008-11-26 23152]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2008-11-26 50864]
R1 eeCtrl;Symantec Eraser Control driver; ??C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys [2007-10-16 395312]
R1 IDSvix86;Symantec Intrusion Prevention Driver; ??C:PROGRA~2SymantecDEFINI~1SymcDataidsdefs20071220.001IDSvix86.sys [2007-11-06 180272]
R1 SPBBCDrv;SPBBCDrv; ??C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCDrv.sys [2006-10-06 406672]
R1 SRTSPX;SRTSPX; C:WindowsSystem32DriversSRTSPX.SYS [2007-09-18 43696]
R1 SYMTDI;SYMTDI; C:WindowsSystem32DriversSYMTDI.SYS [2006-10-24 185744]
R1 Tosrfcom;Bluetooth RFCOMM; C:WindowsSystem32Driverstosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2008-11-26 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2008-11-26 51792]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:Windowssystem32DRIVERSAGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys [2008-01-19 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [2007-10-16 112688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2007-01-18 1729632]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2006-12-09 2206720]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2007-01-13 4452288]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WindowsSystem32DriversRootMdm.sys [2008-01-19 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2008-01-19 88576]
R3 SYMDNS;SYMDNS; C:WindowsSystem32DriversSYMDNS.SYS [2006-10-24 11792]
R3 SymEvent;SymEvent; ??C:Windowssystem32DriversSYMEVENT.SYS [2007-10-27 123952]
R3 SYMFW;SYMFW; C:WindowsSystem32DriversSYMFW.SYS [2006-10-24 144784]
R3 SYMIDS;SYMIDS; C:WindowsSystem32DriversSYMIDS.SYS [2006-10-24 38928]
R3 SYMNDISV;SYMNDISV; C:WindowsSystem32DriversSYMNDISV.SYS [2006-10-24 37008]
R3 SYMREDRV;SYMREDRV; C:WindowsSystem32DriversSYMREDRV.SYS [2006-10-24 26384]
R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys [2007-02-02 182328]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:Windowssystem32DRIVERStdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:Windowssystem32driverstifm21.sys [2006-07-06 168448]
R3 tosporte;Bluetooth COM Port; C:Windowssystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:Windowssystem32DRIVERStosrfbd.sys [2007-01-12 113792]
R3 tosrfbnp;Bluetooth RFBNEP; C:WindowsSystem32Driverstosrfbnp.sys [2006-11-20 36480]
R3 tosrfec;Bluetooth ACPI; C:Windowssystem32DRIVERStosrfec.sys [2006-10-23 9216]
R3 Tosrfhid;Bluetooth RFHID; C:Windowssystem32DRIVERSTosrfhid.sys [2007-01-24 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:Windowssystem32DRIVERStosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:Windowssystem32DRIVERStosrfusb.sys [2007-01-12 40576]
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:Windowssystem32DRIVERSUVCFTR_S.SYS [2007-03-12 11264]
S3 athr;Драйвер устройства беспроводной локальной сети Atheros; C:Windowssystem32DRIVERSathr.sys [2006-11-02 467456]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-19 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; ??C:PROGRA~2SymantecDEFINI~1VIRUSD~120071106.025NAVENG.SYS [2007-10-16 81232]
S3 NAVEX15;NAVEX15; ??C:PROGRA~2SymantecDEFINI~1VIRUSD~120071106.025NAVEX15.SYS [2007-10-16 865904]
S3 NETw3v32;Драйвер адаптера беспроводной сети Intel(R) PRO/Wireless 3945ABG для 32-разрядной Windows Vista; C:Windowssystem32DRIVERSNETw3v32.sys [2006-11-02 1781760]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:Windowssystem32DRIVERSPh3xIB32.sys [2007-04-03 1131136]
S3 SRTSP;SRTSP; C:WindowsSystem32DriversSRTSP.SYS [2007-09-18 278576]
S3 SRTSPL;SRTSPL; C:WindowsSystem32DriversSRTSPL.SYS [2007-09-18 317616]
S3 TosRfSnd;Bluetooth Audio; C:Windowssystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys []
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:Windowssystem32driverskr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:Windowssystem32driverskr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2008-11-26 18752]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe [2007-09-12 554352]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2008-11-26 155160]
R2 ccEvtMgr;Symantec Event Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 ccSetMgr;Symantec Settings Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 CFSvcs;ConfigFree Service; C:Program FilesTOSHIBAConfigFreeCFSvcs.exe [2006-11-14 40960]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2006-10-25 107624]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 SymAppCore;Symantec AppCore Service; C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe [2006-09-20 46736]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:Windowssystem32TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:Program FilesTOSHIBAPower SaverTosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2006-08-23 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2008-11-26 352920]
R3 Symantec Core LC;Symantec Core LC; C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe [2007-11-03 1252232]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
S2 WebaltaController;Webalta Controller; C:Program FilesWebaltaWebaltaUpdaterService.exe [2008-11-05 97794]
S3 comHost;COM Host; C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe [2006-10-13 49296]
S3 ISPwdSvc;Symantec IS Password Validation; C:Program FilesNorton Internet SecurityisPwdSvc.exe [2006-10-27 80552]
S3 LiveUpdate;LiveUpdate; C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE [2007-09-12 2999664]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:Program FilesWindows LiveinstallerWLSetupSvc.exe [2007-10-25 266240]
EOF
а 1/3 страницы. Спосибо.
