MyCity » Ambulanta -> Arhiva Ambulante » Ikonice u My Computer promenjene?

Ikonice u My Computer promenjene?

Napisano na dan: 2.1.2009
1

Ikonice u My Computer promenjene?
Sledeća strana Pagination

Idi na vrh

Poslao: 02 Jan 2009 13:08
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Ovo mi se i pre desavalo i skenirao sam komp bio i nije nalazio nikada viruse, sada mi je tako na svim particijama i stvarno ne znam vise koji mu je, samo znam da mi ide na zivce...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:51 PM, on 1/2/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.46\aaCenter.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\RivaTuner v2.21\RivaTuner.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\Desktop\New Folder\TR3.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~2\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RivaTunerStatisticsServer] "C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MsUpdate] C:\Setup_ver1.1779.2.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\flashget.exe
O13 - Gopher Prefix:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - D:\Program Files - Vista\Stardock\Object Desktop\WindowBlinds\vistasrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8404 bytes




Evo i SS da bi bolje shvatili sta mu je Mr. Green.

Poslao: 02 Jan 2009 13:39
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Pozdrav...


Privremeno isključi sav zaštitni softver a zatim isprati sledeće uputstvo.

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Poslao: 02 Jan 2009 15:15
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Ne radi mi u Visti... Kaze radi samo na Win 2000 i XP (ja imam Vista Ultimate x64 sa SP1).

Poslao: 02 Jan 2009 15:20
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Sorry...Nisam skontao da imas 64-bitnu Vistu.

Onda ajmo sa ovim alatom :

Skini program RSIT na Desktop:

http://images.malwareremoval.com/random/RSIT.exe


Pokreni ga dvoklikom a zatim klikni Continue.


Na kraju procesa će se otvoriti dva loga: prvi, log.txt će biti maksimizovan i njega je potrebno iskopirati u temu na forumu, te drugi, info.txt koji će biti minimizovan (koji nam za sada ne treba).


Postavi sadržaj file-a log.txt u iduću poruku (taj file će biti sačuvan kao C:\rsit\log.txt).

Poslao: 02 Jan 2009 15:26
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Evo ga..

Logfile of random's system information tool 1.05 (written by random/random)
Run by Fireslasher at 2009-01-02 15:20:11
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 8 GB (30%) free of 26 GB
Total RAM: 4094 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:20:13 PM, on 1/2/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.46\aaCenter.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Fireslasher\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Fireslasher.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~2\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RivaTunerStatisticsServer] "C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MsUpdate] C:\Setup_ver1.1779.2.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\flashget.exe
O13 - Gopher Prefix:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - D:\Program Files - Vista\Stardock\Object Desktop\WindowBlinds\vistasrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8391 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2008-12-29 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files (x86)\google\googletoolbar1.dll [2008-12-26 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2008-12-29 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
gFlash Class - C:\PROGRA~2\FlashGet\getflash.dll [2006-09-12 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files (x86)\google\googletoolbar1.dll [2008-12-26 2403392]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~2\FlashGet\fgiebar.dll [2005-06-07 86016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-06-06 1261568]
"SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2007-05-21 49152]
"Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-09-06 1426432]
"CPU Power Monitor"=C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-10-16 626176]
"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-09-11 880640]
"RivaTunerStatisticsServer"=C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe [2008-12-10 57344]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2008-12-29 136600]
"MsUpdate"=C:\Setup_ver1.1779.2.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe [2008-10-09 200136]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

C:\Users\Fireslasher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
D:\Program Files - Vista\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2008-12-26 529176]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1fe2773-d397-11dd-9f9c-001e8c90223e}]
shell\AutoRun\command - G:\autorun.exe


======List of files/folders created in the last 1 months======

2009-01-02 15:20:11 ----D---- C:\rsit
2009-01-02 15:20:11 ----D---- C:\Program Files (x86)\trend micro
2009-01-02 15:10:45 ----D---- C:\32788R22FWJFW
2009-01-02 15:08:57 ----D---- C:\ComboFix
2009-01-02 15:08:57 ----A---- C:\Windows\system32\swsc.exe
2009-01-02 15:08:57 ----A---- C:\Windows\system32\CF1134.exe
2009-01-02 15:08:55 ----A---- C:\Bug.txt
2009-01-02 15:08:53 ----A---- C:\Windows\system32\cmd.execf
2009-01-02 09:06:27 ----A---- C:\Autorun.exe
2009-01-02 08:47:39 ----D---- C:\ProgramData\KONAMI
2009-01-01 15:41:12 ----D---- C:\Users\Fireslasher\AppData\Roaming\Disney Interactive Studios
2008-12-31 17:19:39 ----D---- C:\Windows\system32\AGEIA
2008-12-31 17:19:39 ----D---- C:\Program Files (x86)\AGEIA Technologies
2008-12-31 13:14:48 ----RHD---- C:\Users\Fireslasher\AppData\Roaming\SecuROM
2008-12-31 13:14:47 ----A---- C:\Windows\system32\CmdLineExt_x64.dll
2008-12-30 20:21:32 ----A---- C:\Windows\system32\psfind.dll
2008-12-30 20:21:32 ----A---- C:\Windows\system32\mfc71.dll
2008-12-30 19:38:23 ----D---- C:\Windows\system32\xlive
2008-12-30 19:38:23 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2008-12-29 16:24:32 ----D---- C:\Users\Fireslasher\AppData\Roaming\Xfire
2008-12-29 16:24:31 ----D---- C:\ProgramData\Xfire
2008-12-29 13:13:58 ----A---- C:\Windows\system32\SIntfNT.dll
2008-12-29 13:13:58 ----A---- C:\Windows\system32\SIntf32.dll
2008-12-29 13:13:58 ----A---- C:\Windows\system32\SIntf16.dll
2008-12-29 13:03:42 ----A---- C:\Windows\DIIUnin.exe
2008-12-29 12:56:50 ----A---- C:\Windows\system32\javaws.exe
2008-12-29 12:56:50 ----A---- C:\Windows\system32\javaw.exe
2008-12-29 12:56:50 ----A---- C:\Windows\system32\java.exe
2008-12-29 12:56:50 ----A---- C:\Windows\system32\deploytk.dll
2008-12-29 12:56:45 ----D---- C:\Program Files (x86)\Java
2008-12-29 12:42:20 ----A---- C:\Windows\BlendSettings.ini
2008-12-28 17:29:45 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2008-12-28 16:35:49 ----D---- C:\ProgramData\FLEXnet
2008-12-28 16:33:08 ----D---- C:\Windows\system32\spool
2008-12-28 16:32:59 ----D---- C:\Program Files (x86)\Adobe Media Player
2008-12-28 16:32:04 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2008-12-28 13:59:56 ----D---- C:\ProgramData\Adobe Systems
2008-12-28 13:58:37 ----D---- C:\Program Files (x86)\Common Files\Adobe Systems Shared
2008-12-28 13:58:16 ----D---- C:\ProgramData\Adobe
2008-12-28 13:58:16 ----D---- C:\Program Files (x86)\Common Files\Adobe
2008-12-28 13:58:13 ----D---- C:\Program Files (x86)\Adobe
2008-12-28 10:51:58 ----D---- C:\Users\Fireslasher\AppData\Roaming\Media Player Classic
2008-12-27 20:07:51 ----A---- C:\Windows\system32\XAudio2_3.dll
2008-12-27 20:07:51 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2008-12-27 20:07:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2008-12-27 20:07:51 ----A---- C:\Windows\system32\d3dx10_40.dll
2008-12-27 20:07:51 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\xactengine3_3.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-12-27 20:07:48 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-12-27 20:07:48 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-12-27 20:07:48 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-12-27 20:07:48 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-12-27 20:07:47 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-12-27 20:07:47 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-12-27 20:07:47 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-12-27 20:07:47 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\xinput1_3.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-12-27 20:07:44 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-12-27 20:07:44 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-12-27 20:07:44 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-12-27 20:07:44 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-12-27 20:07:43 ----A---- C:\Windows\system32\d3dx10.dll
2008-12-27 20:07:42 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-12-27 19:44:19 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2008-12-27 18:19:33 ----D---- C:\Program Files (x86)\ffdshow
2008-12-27 18:19:33 ----A---- C:\Windows\system32\pthreadGC2.dll
2008-12-27 18:19:33 ----A---- C:\Windows\system32\ff_vfw.dll
2008-12-27 15:29:32 ----D---- C:\Users\Fireslasher\AppData\Roaming\Canneverbe_Limited
2008-12-27 15:29:20 ----D---- C:\Program Files (x86)\CDBurnerXP
2008-12-27 14:19:43 ----D---- C:\Users\Fireslasher\AppData\Roaming\Foxit
2008-12-27 10:40:44 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-12-27 10:40:44 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-12-27 10:40:43 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-12-27 10:40:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-27 10:40:42 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-12-27 10:40:41 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-12-27 10:40:40 ----A---- C:\Windows\system32\xinput1_2.dll
2008-12-27 10:40:40 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-12-27 10:40:39 ----A---- C:\Windows\system32\xinput1_1.dll
2008-12-27 10:40:38 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-12-27 10:40:31 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-12-27 10:40:31 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-12-27 10:40:31 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-12-27 10:40:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-12-27 10:40:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-12-27 10:40:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-12-27 10:40:29 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-12-27 10:40:29 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-12-27 10:40:28 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-12-27 10:25:50 ----SHD---- C:\Windows\ftpcache
2008-12-27 06:34:21 ----D---- C:\Windows\Debug
2008-12-27 06:31:04 ----D---- C:\Windows\SoftwareDistribution
2008-12-27 06:29:55 ----D---- C:\Windows\CSC
2008-12-27 06:27:56 ----D---- C:\Windows\Prefetch
2008-12-27 06:27:53 ----SHD---- C:\System Volume Information
2008-12-27 06:26:59 ----D---- C:\Windows\Panther
2008-12-27 00:16:54 ----D---- C:\Program Files (x86)\FlashGet
2008-12-26 23:27:06 ----A---- C:\Windows\system32\wbsys.dll
2008-12-26 23:27:06 ----A---- C:\Windows\system32\wbload.dll
2008-12-26 22:55:14 ----D---- C:\ProgramData\DAEMON Tools Pro
2008-12-26 22:55:14 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2008-12-26 22:49:23 ----D---- C:\Users\Fireslasher\AppData\Roaming\DAEMON Tools Pro
2008-12-26 22:41:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2008-12-26 22:41:30 ----D---- C:\Program Files (x86)\Microsoft
2008-12-26 22:41:03 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2008-12-26 22:40:49 ----D---- C:\Program Files (x86)\Windows Live
2008-12-26 22:40:36 ----D---- C:\Windows\PCHEALTH
2008-12-26 22:36:02 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2008-12-26 22:20:58 ----D---- C:\Users\Fireslasher\AppData\Roaming\WinRAR
2008-12-26 22:20:16 ----D---- C:\Program Files (x86)\WinRAR
2008-12-26 22:15:27 ----D---- C:\Program Files (x86)\RivaTuner v2.21
2008-12-26 22:13:31 ----D---- C:\Users\Fireslasher\AppData\Roaming\Opera
2008-12-26 22:13:26 ----D---- C:\Program Files (x86)\Opera
2008-12-26 22:11:04 ----D---- C:\Users\Fireslasher\AppData\Roaming\Google
2008-12-26 22:06:49 ----D---- C:\ProgramData\NVIDIA
2008-12-26 22:05:00 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2008-12-26 22:02:19 ----RA---- C:\Windows\system32\AsIO.dll
2008-12-26 22:02:19 ----D---- C:\Program Files (x86)\ASUS
2008-12-26 22:01:26 ----D---- C:\Program Files (x86)\Marvell
2008-12-26 22:00:08 ----D---- C:\Users\Fireslasher\AppData\Roaming\TMP
2008-12-26 21:55:53 ----D---- C:\Program Files (x86)\Creative
2008-12-26 21:55:52 ----N---- C:\Windows\system32\adi_oal.dll
2008-12-26 21:55:52 ----A---- C:\Windows\system32\wrap_oal.dll
2008-12-26 21:55:52 ----A---- C:\Windows\system32\OpenAL32.dll
2008-12-26 21:55:37 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2008-12-26 21:55:26 ----A---- C:\Windows\system32\SFFXComm.dll
2008-12-26 21:55:26 ----A---- C:\Windows\system32\SFBH.dll
2008-12-26 21:55:26 ----A---- C:\Windows\system32\AEADICom.dll
2008-12-26 21:55:12 ----D---- C:\ProgramData\SonicFocus
2008-12-26 21:54:54 ----D---- C:\Program Files (x86)\Analog Devices
2008-12-26 21:54:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2008-12-26 21:54:39 ----D---- C:\Users\Fireslasher\AppData\Roaming\InstallShield
2008-12-26 21:52:58 ----D---- C:\Windows\ASUSInstAll
2008-12-26 21:50:04 ----A---- C:\Windows\system32\msvcr71.dll
2008-12-26 21:50:04 ----A---- C:\Windows\system32\msvcp71.dll
2008-12-26 21:49:30 ----D---- C:\Windows\system32\Adobe
2008-12-26 21:49:01 ----D---- C:\Users\Fireslasher\AppData\Roaming\Macromedia
2008-12-26 21:49:01 ----D---- C:\Users\Fireslasher\AppData\Roaming\Adobe
2008-12-26 21:48:59 ----D---- C:\ProgramData\Google
2008-12-26 21:48:55 ----SHD---- C:\Windows\Installer
2008-12-26 21:48:54 ----D---- C:\Program Files (x86)\Google
2008-12-26 21:48:38 ----D---- C:\Windows\system32\Macromed
2008-12-26 21:47:07 ----D---- C:\Program Files (x86)\Intel
2008-12-26 21:47:02 ----D---- C:\Intel
2008-12-26 21:46:46 ----A---- C:\Windows\Ascd_log.ini
2008-12-26 21:46:34 ----A---- C:\Windows\Ascd_tmp.ini
2008-12-26 12:40:18 ----D---- C:\Users\Fireslasher\AppData\Roaming\Identities
2008-12-26 12:38:35 ----SD---- C:\Users\Fireslasher\AppData\Roaming\Microsoft
2008-12-26 12:38:35 ----D---- C:\Users\Fireslasher\AppData\Roaming\Media Center Programs
2008-12-11 21:37:44 ----A---- C:\Windows\system32\xfcodec.dll

======List of files/folders modified in the last 1 months======

2009-01-02 15:20:11 ----RD---- C:\Program Files (x86)
2009-01-02 15:20:09 ----D---- C:\Windows\Temp
2009-01-02 15:08:57 ----D---- C:\Windows\SysWOW64
2009-01-02 12:26:21 ----D---- C:\Windows\System32
2009-01-02 12:26:19 ----D---- C:\Windows\inf
2009-01-02 08:47:39 ----HD---- C:\ProgramData
2009-01-01 15:40:38 ----SD---- C:\ProgramData\Microsoft
2009-01-01 15:26:43 ----D---- C:\Windows
2008-12-31 13:02:07 ----RSD---- C:\Windows\Fonts
2008-12-28 17:33:08 ----D---- C:\Windows\winsxs
2008-12-28 17:29:45 ----D---- C:\Program Files (x86)\Common Files
2008-12-27 20:07:40 ----RSD---- C:\Windows\assembly
2008-12-27 20:07:27 ----D---- C:\Windows\Logs
2008-12-27 10:40:32 ----D---- C:\Windows\Microsoft.NET
2008-12-26 22:41:07 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2008-12-26 22:04:54 ----D---- C:\Windows\Help
2008-12-26 22:02:19 ----D---- C:\Windows\system32\drivers
2008-12-26 22:02:15 ----RD---- C:\Program Files
2008-12-26 21:49:31 ----SD---- C:\Windows\Downloaded Program Files
2008-12-26 21:40:31 ----SHD---- C:\$Recycle.Bin
2008-12-26 12:38:13 ----RD---- C:\Users
2008-12-26 12:36:28 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2006-10-18 13632]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.21\RivaTuner64.sys [2008-12-26 19952]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 af0w6b07;af0w6b07; C:\Windows\system32\drivers\af0w6b07.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 WindowBlinds;Stardock WindowBlinds; D:\Program Files - Vista\Stardock\Object Desktop\WindowBlinds\vistasrv.exe [2007-09-26 324608]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-12-28 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-01-21 93696]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-28 655624]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-26 138168]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

-----------------EOF-----------------

Poslao: 02 Jan 2009 18:16
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Arrow
Preuzmi program OTMoveIt3 na Desktop.

Dvoklikom pokreni OTMoveIt3.exe

U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsUpdate"=-
:files
C:\Autorun.exe
C:\autorun.inf
D:\autorun.inf
E:\autorun.inf

Klikni MoveIt!
Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.


Ukoliko se pojavi upit:

Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?

kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.

Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.

Poslao: 02 Jan 2009 21:59
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Evo ga, izvini sto si cekao, u medjuvremenu sam izasao nesto bio Confused...

========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MsUpdate deleted successfully.
========== FILES ==========
C:\Autorun.exe moved successfully.
C:\Autorun.inf moved successfully.
D:\Autorun.inf moved successfully.
E:\Autorun.inf moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 01022009_215342

Poslao: 02 Jan 2009 22:02
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Odlicno..Restaruj komp i javi kakvo je stanje. Wink

Poslao: 02 Jan 2009 22:48
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Ikonice su se vratile u normalu, hvala Smile.

Poslao: 03 Jan 2009 00:55
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Samo jos da pocistimo za sobom Smile

Obrisi

* RSIT.exe
* C:\RSIT
*C:\ComboFix

Pokreni ponovo program OTMoveIt3


Izaberi opciju CleanUp!. Kada trazi restart a ti prihvati... I to je to Wink

MyCity » Ambulanta -> Arhiva Ambulante » Ikonice u My Computer promenjene?

Ko je trenutno na forumu
 

Ukupno su 1496 korisnika na forumu :: 59 registrovanih, 12 sakrivenih i 1425 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: amstel, Atomski čoban, babaroga, Ben Roj, bladesu, bojcistv, bokisha253, Boris90, brundo65, bufanje, cavatina, comi_pfc, CrazyDiablo, crnitrn, dekan.m, deLacy, delboy, Doca, DonRumataEstorski, Dorcolac, dragoljub11987, dulleo, gomago, gorican, goxin, hatman, ikan, JimmyNapoli, Joco Skljoco, Karla, Kibice, kunktator, kybonacci, Levi, Litostroton, Marko Marković, mercedesamg, nebkv, Nemanja.M, nemkea71, oldtimer, raptorsi, rovac, ruso, sasa87, ser.hill, solic, SR-3m, Srle993, Stoilkovic, tubular, vathra, virked, vlad4, vladaa012, Vladko, wolf431, Wrangler, YugoSlav