Avast pravidelne naleza Trojskeho kone

Zpráva

VacPer · #1 Příspěvek od **VacPer** » 15 kvě 2013 20:58

Dobry den,
Avast mi v pravidelnych intervalech hlasi nalezeni trojskeho kone. Nize je uveden vypis. Prosim o jeho prezkoumani.
Dekuji

Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Аня и Вашек at 2013-05-15 21:54:17
Microsoft Windows 7 Домашняя расширенная Service Pack 1
Системный раздел C: размер 4 GB (3%) Свободно 153 GB
Total RAM: 4061 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:54:18, on 15.05.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files (x86)\ABBYY Lingvo 12\LvAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AirPort\APAgent.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files (x86)\AirPort\APUtil.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Аня и Вашек.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchmainia.info/?unqvl=15
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchmainia.info/?unqvl=15
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: яю127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Помощник по входу с помощью идентификатора Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (file missing)
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files (x86)\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Praetorian] C:\Users\Аня и Вашек\AppData\Local\Yandex\Updater\praetorian.exe
O4 - HKCU\..\Run: [RGSC] D:\Игры\gta IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'система')
O4 - HKUS\.DEFAULT\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Перевести с помощью ABBYY Lingvo... - res://C:\Program Files (x86)\ABBYY Lingvo 12\Lingvo.exe/3000
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google ВикиКомментарии... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informaci - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\simple~1\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Служба Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Сервис iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\Windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16486 bytes

#2 Příspěvek od **Rudy** » 15 kvě 2013 21:16

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?t=81939 . Je podrobnější, než HijackThis. Kde se ten trojan nachází?

VacPer · #3 Příspěvek od **VacPer** » 15 kvě 2013 21:32

Nize je vygenerovany log. Podle toho co mi ukazuje Avast je virus umisten zde:
C:\windows\installer\{dde...

Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Аня и Вашек at 2013-05-15 22:21:58
Microsoft Windows 7 Домашняя расширенная Service Pack 1
Системный раздел C: размер 4 GB (3%) Свободно 153 GB
Total RAM: 4061 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:22:00, on 15.05.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files (x86)\ABBYY Lingvo 12\LvAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AirPort\APAgent.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files (x86)\AirPort\APUtil.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Аня и Вашек.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchmainia.info/?unqvl=15
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchmainia.info/?unqvl=15
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: яю127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Помощник по входу с помощью идентификатора Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (file missing)
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files (x86)\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Praetorian] C:\Users\Аня и Вашек\AppData\Local\Yandex\Updater\praetorian.exe
O4 - HKCU\..\Run: [RGSC] D:\Игры\gta IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'система')
O4 - HKUS\.DEFAULT\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Перевести с помощью ABBYY Lingvo... - res://C:\Program Files (x86)\ABBYY Lingvo 12\Lingvo.exe/3000
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google ВикиКомментарии... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informaci - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\simple~1\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Служба Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Сервис iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\Windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16705 bytes

======Список процессов======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k HPService
WLIDSvcM.exe 2248
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\ThpSrv.exe" /logon
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" /START
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\ABBYY Lingvo 12\LvAgent.exe" /STARTUP
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\AirPort\APAgent.exe"
"D:\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C3100 series#1274036567" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe" /SPEAKER
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\AirPort\APUtil.exe" "apupdate://update/"
"C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE" /e
C:\Windows\splwow64.exe 8192
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5772.0.1127219027\1499361671" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x0a28 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.5896 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5772.2.1732918041\593460190" /prefetch:3
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="5772.5.578817437\644563480" /prefetch:3
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5772.6.1382853411\632876499" --lang=ru --ignored=" --type=renderer " /prefetch:13
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="5772.8.1479651821\1778428212" /prefetch:3
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service --lang=ru
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="5772.9.361429385\1309853713" --lang=ru /prefetch:14
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe50_ Global\UsGthrCtrlFltPipeMssGthrPipe50 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Аня и Вашек\Downloads\Google Downloads\RSITx64 (2).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Папка назначеных зданий======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3205778533-2134613324-3758725128-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3205778533-2134613324-3758725128-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://websearch.searchmainia.info/?unqvl=15"
prefs.js - "extensions.enabledItems" - "en-US@dictionaries.addons.mozilla.org:5.0.1, cs@dictionaries.addons.mozilla.org:1.0.2, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://websearch.searchmainia.info/?unqvl=15&l=1&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Плагин Детектора iTunes
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
mailru.xml
ozonru.xml
priceru.xml
wikipedia-ru.xml
yandex-slovari.xml
yandex.xml

C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\extensions\
cs@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
vb@yandex.ru
yasearch@yandex.ru
{37483b40-c254-4a72-bda4-22ee90182c1e}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml
WebSearch.xml
ybqs-yandex.xml

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу с помощью идентификатора Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6}
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-03 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-08-25 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-06 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-06 35160]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-03 7982112]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-21 497504]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-17 1813288]
"ThpSrv"=C:\Windows\system32\thpsrv /logon []
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-29 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-03 1481568]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-04 711000]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2009-08-03 1032536]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-08-25 134032]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-19 136176]
"Praetorian"=C:\Users\Аня и Вашек\AppData\Local\Yandex\Updater\praetorian.exe []
"RGSC"=D:\Игры\gta IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TUSBSleepChargeSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [2009-07-02 252288]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-17 1294136]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-01-19 2743104]
"Lingvo Launcher"=C:\Program Files (x86)\ABBYY Lingvo 12\Lvagent.exe [2007-07-06 193824]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"AirPort Base Station Agent"=C:\Program Files (x86)\AirPort\APAgent.exe [2009-11-11 771360]
"iTunesHelper"=D:\iTunes\iTunesHelper.exe [2013-02-20 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 1 месяц======

2013-05-15 21:39:05 ----D---- C:\rsit
2013-05-15 21:34:43 ----D---- C:\ProgramData\StarApp
2013-05-15 21:34:42 ----D---- C:\Program Files (x86)\SimpleSpeedy
2013-05-15 21:33:39 ----D---- C:\ProgramData\InstallMate
2013-05-06 21:03:55 ----D---- C:\Program Files (x86)\x264 Video Codec
2013-05-06 19:43:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-06 19:43:38 ----A---- C:\Windows\system32\ieui.dll
2013-05-06 19:43:38 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-06 19:43:36 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-05-06 19:43:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-05-06 19:43:36 ----A---- C:\Windows\system32\iesetup.dll
2013-05-06 19:43:36 ----A---- C:\Windows\system32\iernonce.dll
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-05-06 19:43:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-06 19:43:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-06 19:43:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-06 19:43:34 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-06 19:43:34 ----A---- C:\Windows\system32\iertutil.dll
2013-05-06 19:43:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-06 19:43:32 ----A---- C:\Windows\system32\urlmon.dll
2013-05-06 19:43:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-06 19:43:31 ----A---- C:\Windows\system32\jscript.dll
2013-05-06 19:43:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-06 19:43:30 ----A---- C:\Windows\system32\jscript9.dll
2013-05-06 19:43:29 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-06 19:43:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-06 19:43:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-06 19:43:27 ----A---- C:\Windows\system32\wininet.dll
2013-05-06 19:43:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-06 19:43:25 ----A---- C:\Windows\system32\ieframe.dll
2013-05-06 19:43:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-06 19:43:20 ----A---- C:\Windows\system32\mshtml.dll
2013-05-05 21:53:40 ----D---- C:\ProgramData\IBUpdaterService
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\wextract.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\webcheck.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\vbscript.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\url.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\pngfilt.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\occache.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msrating.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msls31.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmler.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshta.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msfeedssync.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\licmgr10.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\inseng.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\imgutil.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iexpress.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iepeers.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iedkcs32.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieapfltr.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieapfltr.dat
2013-05-03 20:57:58 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\icardie.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\elshyph.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\dxtrans.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-24 20:46:33 ----A---- C:\Windows\system32\drivers\ntfs.sys

======Список файлов и папок, измененных за последние 1 месяц======

2013-05-15 22:22:00 ----D---- C:\Program Files\trend micro
2013-05-15 22:21:35 ----D---- C:\Windows\Temp
2013-05-15 21:52:13 ----RD---- C:\Program Files (x86)
2013-05-15 21:34:43 ----HD---- C:\ProgramData
2013-05-14 21:34:17 ----D---- C:\Windows\SysWOW64
2013-05-14 21:34:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-14 21:29:10 ----D---- C:\Windows\Prefetch
2013-05-08 22:03:50 ----D---- C:\Windows\System32
2013-05-08 22:03:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-08 22:03:49 ----D---- C:\Windows\inf
2013-05-08 20:19:15 ----D---- C:\Windows\system32\config
2013-05-08 20:09:06 ----D---- C:\Windows\winsxs
2013-05-06 21:58:55 ----D---- C:\Program Files\Internet Explorer
2013-05-06 21:58:55 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-06 21:04:45 ----SHD---- C:\Windows\Installer
2013-05-06 21:04:10 ----SD---- C:\ProgramData\Microsoft
2013-05-06 19:44:19 ----D---- C:\Windows\system32\catroot
2013-05-06 19:44:17 ----D---- C:\Windows\system32\catroot2
2013-05-06 19:43:11 ----D---- C:\Windows\system32\DriverStore
2013-05-06 19:42:48 ----SHD---- C:\System Volume Information
2013-05-04 10:28:23 ----D---- C:\Windows\rescache
2013-05-03 21:04:28 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-05-03 21:04:28 ----D---- C:\Windows\system32\ru-RU
2013-05-03 21:04:23 ----D---- C:\Windows\SYSWOW64\migration
2013-05-03 21:04:23 ----D---- C:\Windows\SYSWOW64\en-US
2013-05-03 21:04:18 ----D---- C:\Windows\system32\migration
2013-05-03 21:04:18 ----D---- C:\Windows\PolicyDefinitions
2013-05-03 21:04:17 ----D---- C:\Windows\system32\en-US
2013-05-03 21:02:58 ----D---- C:\Windows\Logs
2013-05-03 20:56:10 ----D---- C:\Windows
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-25 20:32:18 ----D---- C:\Windows\system32\drivers

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-20 834544]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\Windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\Windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-01-19 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-01-19 120912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-01-19 51280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-06-08 86584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-01-19 22096]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-01-19 63056]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-17 42696]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-03 1966624]
R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-24 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-17 286768]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-01-17 310984]
S3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-13 5020672]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-31 140712]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2010-04-19 22528]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\SmSerl64.sys [2009-06-10 1227776]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Адаптер USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R2 Bonjour Service;Служба Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Thpsrv;TOSHIBA HDD Protection; C:\Windows\system32\ThpSrv.exe [2009-07-08 531520]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-21 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 iPod Service;Сервис iPod; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-25 116104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-14 256904]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-17 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-17 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-16 113120]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-30 192368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-08 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 15 kvě 2013 21:43

1. PC potřebuje vyčistit, velikost volného místa se povážlivě blíží k 0. Spusťte tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte na Search (hledat)
Proběhne skenováni a pak se objeví log, který sem vložte.

2. Soubor, který Acast označil za vir otestujte online na www.virutotoal.com . Výsledek oznamte.

VacPer · #5 Příspěvek od **VacPer** » 15 kvě 2013 22:15

Pozadovany log je nize:
Ohledne toho scanu na virustotal.com nevim co konkretne je dulezita informace. Kazdopadne na puvodne zminovanem miste (v reportu z Avast oznaceno jako "object") se nic nenachazelo, nevim jestli jsem report z Avastu spravne pochopil. V reportu je zminovana i cesta (oznacena jako "process") na C:\Windows\SysWOW64. Tohle jsem i otestoval virustotal mi ukazal 1/46.

# AdwCleaner v2.201 - Logfile created 05/15/2013 at 22:53:34
# Updated 21/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Аня и Вашек - АНЯВАШЕК
# Boot Mode : Normal
# Running from : C:\Users\Аня и Вашек\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\Conduit.xml
File Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\icqplugin.xml
File Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\WebSearch.xml
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ICQ6Toolbar
Folder Found : C:\ProgramData\APN
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Users\0DBC~1\AppData\Local\Temp\CT2801948
Folder Found : C:\Users\Аня и Вашек\AppData\Local\Conduit
Folder Found : C:\Users\Аня и Вашек\AppData\LocalLow\Conduit
Folder Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\ConduitCommon
Folder Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\CT2801948
Folder Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}
Folder Found : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\Software\PerformerSoft
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-3205778533-2134613324-3758725128-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-3205778533-2134613324-3758725128-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.searchmainia.info/?unqvl=15
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.searchmainia.info/?unqvl=15

-\\ Mozilla Firefox v13.0.1 (ru)

File : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\prefs.js

Found : user_pref("CT2801948..clientLogIsEnabled", false);
Found : user_pref("CT2801948..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2801948..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2801948.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2801948.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2801948.BrowserCompStateIsOpen_129797777221477754", true);
Found : user_pref("CT2801948.BrowserCompStateIsOpen_129799503686523541", true);
Found : user_pref("CT2801948.BrowserCompStateIsOpen_129815072111847605", true);
Found : user_pref("CT2801948.BrowserCompStateIsOpen_1359634298000", true);
Found : user_pref("CT2801948.CTID", "CT2801948");
Found : user_pref("CT2801948.CurrentServerDate", "15-5-2013");
Found : user_pref("CT2801948.DSChangedManually", false);
Found : user_pref("CT2801948.DSInstall", true);
Found : user_pref("CT2801948.DSProtectChoice", true);
Found : user_pref("CT2801948.DSProtectCount", 1);
Found : user_pref("CT2801948.DialogsAlignMode", "LTR");
Found : user_pref("CT2801948.DialogsGetterLastCheckTime", "Wed May 15 2013 21:59:41 GMT+0200");
Found : user_pref("CT2801948.DownloadReferralCookieData", "");
Found : user_pref("CT2801948.EMailNotifierPollDate", "Fri May 25 2012 21:13:16 GMT+0200");
Found : user_pref("CT2801948.EnableClickToSearchBox", false);
Found : user_pref("CT2801948.EnableSearchHistory", false);
Found : user_pref("CT2801948.EnableSearchSuggest", false);
Found : user_pref("CT2801948.FirstServerDate", "15-4-2012");
Found : user_pref("CT2801948.FirstTime", true);
Found : user_pref("CT2801948.FirstTimeFF3", true);
Found : user_pref("CT2801948.FixPageNotFoundErrors", false);
Found : user_pref("CT2801948.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2801948.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2801948.HPInstall", true);
Found : user_pref("CT2801948.HasUserGlobalKeys", true);
Found : user_pref("CT2801948.HomePageProtectorEnabled", true);
Found : user_pref("CT2801948.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=[...]
Found : user_pref("CT2801948.Initialize", true);
Found : user_pref("CT2801948.InitializeCommonPrefs", true);
Found : user_pref("CT2801948.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2801948.InstallationId", "ConduitNSISIntegration");
Found : user_pref("CT2801948.InstallationType", "ConduitXPEIntegration");
Found : user_pref("CT2801948.InstalledDate", "Sun Apr 15 2012 11:02:30 GMT+0200");
Found : user_pref("CT2801948.InvalidateCache", false);
Found : user_pref("CT2801948.IsAlertDBUpdated", true);
Found : user_pref("CT2801948.IsGrouping", false);
Found : user_pref("CT2801948.IsInitSetupIni", true);
Found : user_pref("CT2801948.IsMulticommunity", false);
Found : user_pref("CT2801948.IsOpenThankYouPage", false);
Found : user_pref("CT2801948.IsOpenUninstallPage", true);
Found : user_pref("CT2801948.IsProtectorsInit", true);
Found : user_pref("CT2801948.LanguagePackLastCheckTime", "Wed May 15 2013 21:59:41 GMT+0200");
Found : user_pref("CT2801948.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2801948.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2801948.LastLogin_3.10.0.1", "Wed May 09 2012 17:47:25 GMT+0200");
Found : user_pref("CT2801948.LastLogin_3.12.2.3", "Thu May 31 2012 17:33:16 GMT+0200");
Found : user_pref("CT2801948.LastLogin_3.13.0.6", "Tue Jul 17 2012 20:29:09 GMT+0200");
Found : user_pref("CT2801948.LastLogin_3.14.1.0", "Sat Sep 08 2012 06:47:21 GMT+0200");
Found : user_pref("CT2801948.LastLogin_3.15.1.0", "Mon Mar 25 2013 21:08:04 GMT+0100");
Found : user_pref("CT2801948.LastLogin_3.18.0.7", "Wed May 15 2013 21:59:41 GMT+0200");
Found : user_pref("CT2801948.LatestVersion", "3.18.0.7");
Found : user_pref("CT2801948.Locale", "en-us");
Found : user_pref("CT2801948.MCDetectTooltipHeight", "83");
Found : user_pref("CT2801948.MCDetectTooltipShow", false);
Found : user_pref("CT2801948.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2801948.MCDetectTooltipWidth", "295");
Found : user_pref("CT2801948.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2801948.OriginalFirstVersion", "3.10.0.1");
Found : user_pref("CT2801948.RadioIsPodcast", false);
Found : user_pref("CT2801948.RadioLastCheckTime", "Fri May 25 2012 18:07:13 GMT+0200");
Found : user_pref("CT2801948.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2801948.RadioLastUpdateServer", "129307496595170000");
Found : user_pref("CT2801948.RadioMediaID", "21435220");
Found : user_pref("CT2801948.RadioMediaType", "Media Player");
Found : user_pref("CT2801948.RadioMenuSelectedID", "EBRadioMenu_CT280194821435220");
Found : user_pref("CT2801948.RadioShrinkedFromSetup", false);
Found : user_pref("CT2801948.RadioStationName", "Virgin%20Radio%20Classic%20Rock");
Found : user_pref("CT2801948.RadioStationURL", "hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=vcbb[...]
Found : user_pref("CT2801948.SavedHomepage", "hxxp://www.google.com/");
Found : user_pref("CT2801948.SearchBackToDefaultEngine", false);
Found : user_pref("CT2801948.SearchCaption", "NCH EN Customized Web Search");
Found : user_pref("CT2801948.SearchEngineBeforeUnload", "NCH EN Customized Web Search");
Found : user_pref("CT2801948.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2801948.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT280[...]
Found : user_pref("CT2801948.SearchInNewTabEnabled", true);
Found : user_pref("CT2801948.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2801948.SearchInNewTabLastCheckTime", "Wed May 15 2013 21:59:38 GMT+0200");
Found : user_pref("CT2801948.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2801948.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2801948.SearchProtectorEnabled", false);
Found : user_pref("CT2801948.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2801948.SendProtectorDataViaLogin", true);
Found : user_pref("CT2801948.ServiceMapLastCheckTime", "Wed May 15 2013 21:59:40 GMT+0200");
Found : user_pref("CT2801948.SettingsLastCheckTime", "Wed May 15 2013 21:59:38 GMT+0200");
Found : user_pref("CT2801948.SettingsLastUpdate", "1368605561");
Found : user_pref("CT2801948.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=13");
Found : user_pref("CT2801948.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2801948.ThirdPartyComponentsLastCheck", "Wed May 09 2012 17:47:22 GMT+0200");
Found : user_pref("CT2801948.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2801948.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2801948.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2801948");
Found : user_pref("CT2801948.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2801948.UserID", "UN10720978779730794");
Found : user_pref("CT2801948.WeatherNetwork", "");
Found : user_pref("CT2801948.WeatherPollDate", "Fri May 25 2012 21:13:18 GMT+0200");
Found : user_pref("CT2801948.WeatherUnit", "C");
Found : user_pref("CT2801948.alertChannelId", "1194029");
Found : user_pref("CT2801948.approveUntrustedApps", false);
Found : user_pref("CT2801948.backendstorage.amazonnew_all", "323534383737312C323538393435312C323538323336312[...]
Found : user_pref("CT2801948.backendstorage.hxxp://pinterest_aot_im.isenabled", "59");
Found : user_pref("CT2801948.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
Found : user_pref("CT2801948.backendstorage.twitter_v1.9.0_twitter_app_open_t_f", "66616C7365");
Found : user_pref("CT2801948.components.1000034", false);
Found : user_pref("CT2801948.components.1000080", false);
Found : user_pref("CT2801948.components.1000082", false);
Found : user_pref("CT2801948.components.1000234", false);
Found : user_pref("CT2801948.components.129306881624250628", false);
Found : user_pref("CT2801948.components.129306881624563129", false);
Found : user_pref("CT2801948.components.129306881632844577", false);
Found : user_pref("CT2801948.components.129311959839444431", false);
Found : user_pref("CT2801948.components.129343840936544328", false);
Found : user_pref("CT2801948.components.129797778032571509", false);
Found : user_pref("CT2801948.components.129797781958509142", false);
Found : user_pref("CT2801948.components.129799503686523541", false);
Found : user_pref("CT2801948.components.129812392486745713", false);
Found : user_pref("CT2801948.components.129815072111847605", false);
Found : user_pref("CT2801948.components.129822615048778284", false);
Found : user_pref("CT2801948.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2801948.globalFirstTimeInfoLastCheckTime", "Wed May 23 2012 17:43:55 GMT+0200");
Found : user_pref("CT2801948.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2801948.initDone", true);
Found : user_pref("CT2801948.isAppTrackingManagerOn", true);
Found : user_pref("CT2801948.isFirstRadioInstallation", false);
Found : user_pref("CT2801948.isSearchProtectorNotifyChanges", false);
Found : user_pref("CT2801948.myStuffEnabled", true);
Found : user_pref("CT2801948.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2801948.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2801948.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2801948.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2801948.navigateToUrlOnSearch", false);
Found : user_pref("CT2801948.oldAppsList", "129306881620344305,129306881621438061,111,129306881624250628,129[...]
Found : user_pref("CT2801948.revertSettingsEnabled", true);
Found : user_pref("CT2801948.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2801948.searchProtectorEnableByLogin", true);
Found : user_pref("CT2801948.testingCtid", "");
Found : user_pref("CT2801948.toolbarAppMetaDataLastCheckTime", "Wed May 15 2013 21:59:41 GMT+0200");
Found : user_pref("CT2801948.toolbarContextMenuLastCheckTime", "Wed May 23 2012 17:47:25 GMT+0200");
Found : user_pref("CT2801948.usageEnabled", false);
Found : user_pref("CT2801948.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2801948&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "NCH EN Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2801948/CT2801948[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\=O 8 0H5:\\AppData\\Roaming\\Mozi[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2801948");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2801948");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2801948");
Found : user_pref("CommunityToolbar.globalUserId", "0d292a6b-d497-41b3-a9d8-442d578545fa");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "ICQ Search");
Found : user_pref("aol_toolbar.default.homepage.check", false);
Found : user_pref("aol_toolbar.default.search.check", false);
Found : user_pref("browser.search.defaultenginename", "WebSearch");
Found : user_pref("browser.search.defaultenginename,S", "WebSearch");
Found : user_pref("browser.search.defaultthis.engineName", "NCH EN Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");
Found : user_pref("browser.search.order.1", "WebSearch");
Found : user_pref("browser.search.order.1,S", "WebSearch");
Found : user_pref("browser.search.selectedEngine", "WebSearch");
Found : user_pref("browser.search.selectedEngine,S", "WebSearch");
Found : user_pref("browser.startup.homepage", "hxxp://websearch.searchmainia.info/?unqvl=15");
Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Found : user_pref("icqtoolbar.allowSendURL", false);
Found : user_pref("icqtoolbar.defSearchChange", true);
Found : user_pref("icqtoolbar.engineVerified", true);
Found : user_pref("icqtoolbar.firstTbRun", false);
Found : user_pref("icqtoolbar.geolastmodified", 1368647982);
Found : user_pref("icqtoolbar.history", "chloe%20sevigny||mlceni%20jehnatek||gustav%20klimt||rychlyprachy%20[...]
Found : user_pref("icqtoolbar.hpChange", true);
Found : user_pref("icqtoolbar.icqgeo", 42);
Found : user_pref("icqtoolbar.installTime", "1344021205");
Found : user_pref("icqtoolbar.installsource", "1");
Found : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Found : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Found : user_pref("icqtoolbar.newtab_state", "1");
Found : user_pref("icqtoolbar.numberOfSearches", 0);
Found : user_pref("icqtoolbar.previousFFVersion", "13.0.1");
Found : user_pref("icqtoolbar.skip_default_search", "no");
Found : user_pref("icqtoolbar.suggestions", false);
Found : user_pref("icqtoolbar.uniqueID", "130341090713034109991303488855589");
Found : user_pref("icqtoolbar.usageStatstTimestamp", 1354054938);
Found : user_pref("icqtoolbar.userEngineApproved", true);
Found : user_pref("icqtoolbar.userHpApproved", true);
Found : user_pref("icqtoolbar.version", "1.5.3");
Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Found : user_pref("icqtoolbar.voucherWasShown", 0);
Found : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Found : user_pref("icqtoolbar.xmlLanguage", "ru");
Found : user_pref("keyword.URL", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Found : user_pref("sweetim.toolbar.searchguard.enable", "");
Found : user_pref("yasearch.static.hxxp://bar-widgets.yandex.ru/packages/approved/176/manifest.xml#smartbox.[...]

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [21724 octets] - [15/05/2013 22:53:34]

########## EOF - C:\AdwCleaner[R1].txt - [21785 octets] ##########

#6 Příspěvek od **Rudy** » 16 kvě 2013 17:15

Spusťte znovu ADWCleaner a klikněte na >Delete< (smazat). Vložte nový log. Ještě by mne zajímalo, který antivir soubor označil jako virus.

VacPer · #7 Příspěvek od **VacPer** » 16 kvě 2013 18:21

Vir identifikoval eSafe.

Zde je novy log po smazani.

# AdwCleaner v2.201 - Logfile created 05/16/2013 at 19:16:18
# Updated 21/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Аня и Вашек - АНЯВАШЕК
# Boot Mode : Normal
# Running from : C:\Users\Аня и Вашек\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (ru)

File : C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [21849 octets] - [15/05/2013 22:53:34]
AdwCleaner[R2].txt - [21814 octets] - [16/05/2013 19:12:10]
AdwCleaner[R3].txt - [954 octets] - [16/05/2013 19:16:18]
AdwCleaner[S1].txt - [22312 octets] - [16/05/2013 19:12:26]

########## EOF - C:\AdwCleaner[R3].txt - [1074 octets] ##########

#8 Příspěvek od **Rudy** » 16 kvě 2013 18:30

Dejte nový log RSIT.

VacPer · #9 Příspěvek od **VacPer** » 16 kvě 2013 18:37

zde je log:

Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Аня и Вашек at 2013-05-16 19:35:51
Microsoft Windows 7 Домашняя расширенная Service Pack 1
Системный раздел C: размер 6 GB (4%) Свободно 153 GB
Total RAM: 4061 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:54, on 16.05.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ABBYY Lingvo 12\LvAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AirPort\APAgent.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Users\Аня и Вашек\Desktop\adwcleaner.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Аня и Вашек.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: яю127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Помощник по входу с помощью идентификатора Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (file missing)
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files (x86)\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Praetorian] C:\Users\Аня и Вашек\AppData\Local\Yandex\Updater\praetorian.exe
O4 - HKCU\..\Run: [RGSC] D:\Игры\gta IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'система')
O4 - HKUS\.DEFAULT\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Перевести с помощью ABBYY Lingvo... - res://C:\Program Files (x86)\ABBYY Lingvo 12\Lingvo.exe/3000
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google ВикиКомментарии... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informaci - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\simple~1\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Служба Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Сервис iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\Windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16535 bytes

======Список процессов======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\ThpSrv.exe" /logon
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Windows\WindowsMobile\wmdc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k HPService
WLIDSvcM.exe 1968
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" /START
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ABBYY Lingvo 12\LvAgent.exe" /STARTUP
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\AirPort\APAgent.exe"
"D:\iTunes\iTunesHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {039EA7B5-6023-49AD-BB20-01118D5BD102}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C3100 series#1274036567" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe" /SPEAKER
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Users\Аня и Вашек\Desktop\adwcleaner.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner[R3].txt
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2492.0.1032382638\112298400" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x0a28 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.5896 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2492.2.1962691227\1298435560" /prefetch:3
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2492.3.2101497396\1689976316" --lang=ru --ignored=" --type=renderer " /prefetch:13
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2492.4.247374032\91220156" /prefetch:3
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2492.6.517082755\1654275607" /prefetch:3
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service --lang=ru
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2492.12.1375702611\326928403" /prefetch:3
taskeng.exe {956C0D3A-7DEB-48D3-8D8C-119CC3328029}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Аня и Вашек\Downloads\Google Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Папка назначеных зданий======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3205778533-2134613324-3758725128-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3205778533-2134613324-3758725128-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
prefs.js - "extensions.enabledItems" - "en-US@dictionaries.addons.mozilla.org:5.0.1, cs@dictionaries.addons.mozilla.org:1.0.2, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Плагин Детектора iTunes
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
mailru.xml
ozonru.xml
priceru.xml
wikipedia-ru.xml
yandex-slovari.xml
yandex.xml

C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\extensions\
cs@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
vb@yandex.ru
yasearch@yandex.ru

C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\
ybqs-yandex.xml

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу с помощью идентификатора Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6}
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-03 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-08-25 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-06 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-06 35160]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-03 7982112]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-21 497504]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-17 1813288]
"ThpSrv"=C:\Windows\system32\thpsrv /logon []
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-29 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-03 1481568]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-04 711000]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2009-08-03 1032536]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-08-25 134032]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-19 136176]
"Praetorian"=C:\Users\Аня и Вашек\AppData\Local\Yandex\Updater\praetorian.exe []
"RGSC"=D:\Игры\gta IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TUSBSleepChargeSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [2009-07-02 252288]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-17 1294136]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-01-19 2743104]
"Lingvo Launcher"=C:\Program Files (x86)\ABBYY Lingvo 12\Lvagent.exe [2007-07-06 193824]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"AirPort Base Station Agent"=C:\Program Files (x86)\AirPort\APAgent.exe [2009-11-11 771360]
"iTunesHelper"=D:\iTunes\iTunesHelper.exe [2013-02-20 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 1 месяц======

2013-05-16 19:16:18 ----A---- C:\AdwCleaner[R3].txt
2013-05-16 19:12:26 ----A---- C:\AdwCleaner[S1].txt
2013-05-16 19:12:10 ----A---- C:\AdwCleaner[R2].txt
2013-05-15 22:53:34 ----A---- C:\AdwCleaner[R1].txt
2013-05-15 21:39:05 ----D---- C:\rsit
2013-05-15 21:34:43 ----D---- C:\ProgramData\StarApp
2013-05-15 21:34:42 ----D---- C:\Program Files (x86)\SimpleSpeedy
2013-05-06 21:03:55 ----D---- C:\Program Files (x86)\x264 Video Codec
2013-05-06 19:43:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-06 19:43:38 ----A---- C:\Windows\system32\ieui.dll
2013-05-06 19:43:38 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-06 19:43:36 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-05-06 19:43:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-05-06 19:43:36 ----A---- C:\Windows\system32\iesetup.dll
2013-05-06 19:43:36 ----A---- C:\Windows\system32\iernonce.dll
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-05-06 19:43:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-06 19:43:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-06 19:43:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-06 19:43:34 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-06 19:43:34 ----A---- C:\Windows\system32\iertutil.dll
2013-05-06 19:43:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-06 19:43:32 ----A---- C:\Windows\system32\urlmon.dll
2013-05-06 19:43:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-06 19:43:31 ----A---- C:\Windows\system32\jscript.dll
2013-05-06 19:43:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-06 19:43:30 ----A---- C:\Windows\system32\jscript9.dll
2013-05-06 19:43:29 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-06 19:43:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-06 19:43:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-06 19:43:27 ----A---- C:\Windows\system32\wininet.dll
2013-05-06 19:43:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-06 19:43:25 ----A---- C:\Windows\system32\ieframe.dll
2013-05-06 19:43:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-06 19:43:20 ----A---- C:\Windows\system32\mshtml.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\wextract.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\webcheck.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\vbscript.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\url.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\pngfilt.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\occache.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msrating.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msls31.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmler.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshta.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msfeedssync.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\licmgr10.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\inseng.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\imgutil.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iexpress.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iepeers.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iedkcs32.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieapfltr.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieapfltr.dat
2013-05-03 20:57:58 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\icardie.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\elshyph.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\dxtrans.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-24 20:46:33 ----A---- C:\Windows\system32\drivers\ntfs.sys

======Список файлов и папок, измененных за последние 1 месяц======

2013-05-16 19:35:54 ----D---- C:\Windows\Prefetch
2013-05-16 19:35:53 ----D---- C:\Program Files\trend micro
2013-05-16 19:32:31 ----D---- C:\Windows\Temp
2013-05-16 19:12:35 ----RD---- C:\Program Files (x86)
2013-05-16 19:12:35 ----HD---- C:\ProgramData
2013-05-16 17:57:30 ----D---- C:\Windows\System32
2013-05-16 17:57:30 ----D---- C:\Windows\inf
2013-05-16 17:57:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-14 21:34:17 ----D---- C:\Windows\SysWOW64
2013-05-14 21:34:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-08 20:19:15 ----D---- C:\Windows\system32\config
2013-05-08 20:09:06 ----D---- C:\Windows\winsxs
2013-05-06 21:58:55 ----D---- C:\Program Files\Internet Explorer
2013-05-06 21:58:55 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-06 21:04:45 ----SHD---- C:\Windows\Installer
2013-05-06 21:04:10 ----SD---- C:\ProgramData\Microsoft
2013-05-06 19:44:19 ----D---- C:\Windows\system32\catroot
2013-05-06 19:44:17 ----D---- C:\Windows\system32\catroot2
2013-05-06 19:43:11 ----D---- C:\Windows\system32\DriverStore
2013-05-06 19:42:48 ----SHD---- C:\System Volume Information
2013-05-04 10:28:23 ----D---- C:\Windows\rescache
2013-05-03 21:04:28 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-05-03 21:04:28 ----D---- C:\Windows\system32\ru-RU
2013-05-03 21:04:23 ----D---- C:\Windows\SYSWOW64\migration
2013-05-03 21:04:23 ----D---- C:\Windows\SYSWOW64\en-US
2013-05-03 21:04:18 ----D---- C:\Windows\system32\migration
2013-05-03 21:04:18 ----D---- C:\Windows\PolicyDefinitions
2013-05-03 21:04:17 ----D---- C:\Windows\system32\en-US
2013-05-03 21:02:58 ----D---- C:\Windows\Logs
2013-05-03 20:56:10 ----D---- C:\Windows
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-25 20:32:18 ----D---- C:\Windows\system32\drivers

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-20 834544]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\Windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\Windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-01-19 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-01-19 120912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-01-19 51280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-06-08 86584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-01-19 22096]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-01-19 63056]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-17 42696]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-03 1966624]
R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-24 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-17 286768]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-01-17 310984]
S3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-13 5020672]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-31 140712]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2010-04-19 22528]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\SmSerl64.sys [2009-06-10 1227776]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Адаптер USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R2 Bonjour Service;Служба Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-25 116104]
R2 Thpsrv;TOSHIBA HDD Protection; C:\Windows\system32\ThpSrv.exe [2009-07-08 531520]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-21 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 iPod Service;Сервис iPod; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-14 256904]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-17 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-17 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-16 113120]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-30 192368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-08 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#10 Příspěvek od **Rudy** » 16 kvě 2013 19:03

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Skype
C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3205778533-2134613324-3758725128-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3205778533-2134613324-3758725128-1000UA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte Avast a po něm restartujte PC. Dejte nový log RSIT.

VacPer · #11 Příspěvek od **VacPer** » 16 kvě 2013 20:16

Pozadovanou operaci jsem provedl. Zde je novy log:

Лог утилиты random's system information tool 1.09 (автор: random/random)
Run by Аня и Вашек at 2013-05-16 21:15:00
Microsoft Windows 7 Домашняя расширенная Service Pack 1
Системный раздел C: размер 23 GB (15%) Свободно 153 GB
Total RAM: 4061 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:15:04, on 16.05.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ABBYY Lingvo 12\LvAgent.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AirPort\APAgent.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Аня и Вашек.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: яю127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Помощник по входу с помощью идентификатора Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files (x86)\ABBYY Lingvo 12\Lvagent.exe" /STARTUP
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Praetorian] C:\Users\Аня и Вашек\AppData\Local\Yandex\Updater\praetorian.exe
O4 - HKCU\..\Run: [RGSC] D:\Игры\gta IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'система')
O4 - HKUS\.DEFAULT\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Перевести с помощью ABBYY Lingvo... - res://C:\Program Files (x86)\ABBYY Lingvo 12\Lingvo.exe/3000
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google ВикиКомментарии... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Zdroje informaci - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\simple~1\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Служба Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Сервис iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Unknown owner - C:\Program Files (x86)\Skype\Updater\Updater.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\Windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15542 bytes

======Список процессов======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\svchost.exe -k HPService
"taskhost.exe"
WLIDSvcM.exe 2252
taskeng.exe {DA9E266F-6311-4A38-8005-27675337CE2F}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\ThpSrv.exe" /logon
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Users\Аня и Вашек\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" /START
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ABBYY Lingvo 12\LvAgent.exe" /STARTUP
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\AirPort\APAgent.exe"
"D:\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C3100 series#1274036567" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe" /SPEAKER
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2936.0.1304564622\1561876403" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x0a28 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.5896 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2936.2.749219310\2055306253" /prefetch:3
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/6/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="2936.3.346390121\1152672763" /prefetch:3
"C:\Users\Аня и Вашек\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2936.4.2115427485\330821175" --lang=ru --ignored=" --type=renderer " /prefetch:13
"C:\Users\Аня и Вашек\Downloads\Google Downloads\RSITx64 (1).exe"

======Папка назначеных зданий======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
prefs.js - "extensions.enabledItems" - "en-US@dictionaries.addons.mozilla.org:5.0.1, cs@dictionaries.addons.mozilla.org:1.0.2, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Плагин Детектора iTunes
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
mailru.xml
ozonru.xml
priceru.xml
wikipedia-ru.xml
yandex-slovari.xml
yandex.xml

C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\extensions\
cs@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
vb@yandex.ru
yasearch@yandex.ru

C:\Users\Аня и Вашек\AppData\Roaming\Mozilla\Firefox\Profiles\t5cfsnb6.default\searchplugins\
ybqs-yandex.xml

======Снимок реестра======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу с помощью идентификатора Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-03 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-08-25 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-06 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-06 35160]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-03 7982112]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-21 497504]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-17 1813288]
"ThpSrv"=C:\Windows\system32\thpsrv /logon []
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-29 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-03 1481568]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-04 711000]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2009-08-03 1032536]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-08-25 134032]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Аня и Вашек\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-19 136176]
"Praetorian"=C:\Users\Аня и Вашек\AppData\Local\Yandex\Updater\praetorian.exe []
"RGSC"=D:\Игры\gta IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TUSBSleepChargeSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [2009-07-02 252288]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-17 1294136]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-01-19 2743104]
"Lingvo Launcher"=C:\Program Files (x86)\ABBYY Lingvo 12\Lvagent.exe [2007-07-06 193824]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"AirPort Base Station Agent"=C:\Program Files (x86)\AirPort\APAgent.exe [2009-11-11 771360]
"iTunesHelper"=D:\iTunes\iTunesHelper.exe [2013-02-20 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======Ассоциации файлов======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======Список файлов и папок, созданных за последние 1 месяц======

2013-05-16 21:05:56 ----D---- C:\_OTM
2013-05-16 19:16:18 ----A---- C:\AdwCleaner[R3].txt
2013-05-16 19:12:26 ----A---- C:\AdwCleaner[S1].txt
2013-05-16 19:12:10 ----A---- C:\AdwCleaner[R2].txt
2013-05-15 22:53:34 ----A---- C:\AdwCleaner[R1].txt
2013-05-15 21:39:05 ----D---- C:\rsit
2013-05-15 21:34:43 ----D---- C:\ProgramData\StarApp
2013-05-15 21:34:42 ----D---- C:\Program Files (x86)\SimpleSpeedy
2013-05-06 21:03:55 ----D---- C:\Program Files (x86)\x264 Video Codec
2013-05-06 19:43:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-06 19:43:38 ----A---- C:\Windows\system32\ieui.dll
2013-05-06 19:43:38 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-06 19:43:36 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-05-06 19:43:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-05-06 19:43:36 ----A---- C:\Windows\system32\iesetup.dll
2013-05-06 19:43:36 ----A---- C:\Windows\system32\iernonce.dll
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-06 19:43:35 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-05-06 19:43:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-06 19:43:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-06 19:43:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-06 19:43:34 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-06 19:43:34 ----A---- C:\Windows\system32\iertutil.dll
2013-05-06 19:43:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-06 19:43:32 ----A---- C:\Windows\system32\urlmon.dll
2013-05-06 19:43:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-06 19:43:31 ----A---- C:\Windows\system32\jscript.dll
2013-05-06 19:43:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-06 19:43:30 ----A---- C:\Windows\system32\jscript9.dll
2013-05-06 19:43:29 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-06 19:43:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-06 19:43:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-06 19:43:27 ----A---- C:\Windows\system32\wininet.dll
2013-05-06 19:43:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-06 19:43:25 ----A---- C:\Windows\system32\ieframe.dll
2013-05-06 19:43:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-06 19:43:20 ----A---- C:\Windows\system32\mshtml.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-05-03 20:57:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\wextract.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\webcheck.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\vbscript.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\url.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\pngfilt.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\occache.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msrating.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msls31.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmler.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\mshta.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msfeedssync.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\licmgr10.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\inseng.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\imgutil.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iexpress.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iepeers.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\iedkcs32.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieapfltr.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\ieapfltr.dat
2013-05-03 20:57:58 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\icardie.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\elshyph.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\dxtrans.dll
2013-05-03 20:57:58 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-24 20:46:33 ----A---- C:\Windows\system32\drivers\ntfs.sys

======Список файлов и папок, измененных за последние 1 месяц======

2013-05-16 21:15:04 ----D---- C:\Program Files\trend micro
2013-05-16 21:11:28 ----D---- C:\Windows\Temp
2013-05-16 21:11:08 ----D---- C:\Windows\Prefetch
2013-05-16 21:05:58 ----D---- C:\Windows\Tasks
2013-05-16 21:05:57 ----RD---- C:\Program Files (x86)
2013-05-16 19:12:35 ----HD---- C:\ProgramData
2013-05-16 17:57:30 ----D---- C:\Windows\System32
2013-05-16 17:57:30 ----D---- C:\Windows\inf
2013-05-16 17:57:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-14 21:34:17 ----D---- C:\Windows\SysWOW64
2013-05-14 21:34:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-08 20:19:15 ----D---- C:\Windows\system32\config
2013-05-08 20:09:06 ----D---- C:\Windows\winsxs
2013-05-06 21:58:55 ----D---- C:\Program Files\Internet Explorer
2013-05-06 21:58:55 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-06 21:04:45 ----SHD---- C:\Windows\Installer
2013-05-06 21:04:10 ----SD---- C:\ProgramData\Microsoft
2013-05-06 19:44:19 ----D---- C:\Windows\system32\catroot
2013-05-06 19:44:17 ----D---- C:\Windows\system32\catroot2
2013-05-06 19:43:11 ----D---- C:\Windows\system32\DriverStore
2013-05-06 19:42:48 ----SHD---- C:\System Volume Information
2013-05-04 10:28:23 ----D---- C:\Windows\rescache
2013-05-03 21:04:28 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-05-03 21:04:28 ----D---- C:\Windows\system32\ru-RU
2013-05-03 21:04:23 ----D---- C:\Windows\SYSWOW64\migration
2013-05-03 21:04:23 ----D---- C:\Windows\SYSWOW64\en-US
2013-05-03 21:04:18 ----D---- C:\Windows\system32\migration
2013-05-03 21:04:18 ----D---- C:\Windows\PolicyDefinitions
2013-05-03 21:04:17 ----D---- C:\Windows\system32\en-US
2013-05-03 21:02:58 ----D---- C:\Windows\Logs
2013-05-03 20:56:10 ----D---- C:\Windows
2013-05-02 02:06:08 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-25 20:32:18 ----D---- C:\Windows\system32\drivers

======Список драйверов (тип запуска: R=Запущен, S=остановлен, 0=Загрузочный, 1=Системный, 2=Автоматически, 3=Вручную, 4=Отключено)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-20 834544]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\Windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\Windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-01-19 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-01-19 120912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-01-19 51280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-06-08 86584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-01-19 22096]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-01-19 63056]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-17 42696]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-03 1966624]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-31 140712]
R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-24 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-17 286768]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-01-17 310984]
S3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-13 5020672]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2010-04-19 22528]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\SmSerl64.sys [2009-06-10 1227776]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Адаптер USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Драйвер USB-сканера; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======Список служб (тип запуска: R=Запущена, S=остановлена, 0=Загрузочная, 1=Системная, 2=Автоматически, 3=Вручную, 4=Отключено)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R2 Bonjour Service;Служба Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-25 116104]
R2 Thpsrv;TOSHIBA HDD Protection; C:\Windows\system32\ThpSrv.exe [2009-07-08 531520]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-21 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-19 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 iPod Service;Сервис iPod; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-14 256904]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-17 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-17 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-16 113120]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-30 192368]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-08 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#12 Příspěvek od **Rudy** » 16 kvě 2013 20:56

Dvouklikem na soubor C:\Program Files\trend micro\Аня и Вашек.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
O8 - Extra context menu item: Google ВикиКомментарии... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

VacPer · #13 Příspěvek od **VacPer** » 16 kvě 2013 21:57

Provedeno, dekuji. Co dale?

#14 Příspěvek od **Rudy** » 17 kvě 2013 17:26

Pokud se troják stále hlásí, dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

VacPer · #15 Příspěvek od **VacPer** » 18 kvě 2013 19:26

Trojan je pryc, snad nadobro. Diky.
Jeste mam problem s obcasnym vyskakovanim oken s reklamou, kdyz kliknu na odkaz na libovolne internetove strance. Myslel jsem, ze to ma spojitost s tim trojanem, zaclo to tak nejak soucasne. Take se mi do prohlizece infiltroval vyhledavac searchmainia a nemuzu se ho zbavit.

VIRY.CZ

Avast pravidelne naleza Trojskeho kone

Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone

Re: Avast pravidelne naleza Trojskeho kone