MyCity » Ambulanta -> Arhiva Ambulante » Problem sa kompom - usporen, i cini mi se da ima virusa

Problem sa kompom - usporen, i cini mi se da ima virusa

Napisano na dan: 10.5.2009
1

Problem sa kompom - usporen, i cini mi se da ima virusa
Sledeća strana Pagination

Idi na vrh

Poslao: 10 Maj 2009 13:34
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Napisano: 10 Maj 2009 13:33

Jutros me je poceo nesto zezati komp, usporen je strasno i dosta mu treba da otvori My Computer i druge foldere, KIS2009 mi je nasao neke viruse i ocistio, a neke nije mogao. I po folderima mi se desava nesto cudno cini mi se, tako da stvarno ne znam sta mu je...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:29:57 PM, on 5/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.46\aaCenter.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files (x86)\RivaTuner v2.24\RivaTuner.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files (x86)\RivaTuner v2.24\Tools\RTSS\RTSS.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Users\Fireslasher\Desktop\New Folder\TR3.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [RTSS] "C:\Program Files (x86)\RivaTuner v2.24\Tools\RTSS\RTSSWrapper.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Microsoft WinUpdate] C:\Windows\system32\msupdtecheck.exe
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9774 bytes

Dopuna: 10 Maj 2009 13:34

Da napomenem komp je sveze formatiran/instaliran, pre 3-4 dana.

Poslao: 10 Maj 2009 14:46
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Šta tačno KIS ne može da ukloni?



Skini program RSIT na Desktop:

http://images.malwareremoval.com/random/RSIT.exe


Pokreni ga dvoklikom a zatim klikni Continue.


Na kraju procesa će se otvoriti dva loga: prvi, log.txt će biti maksimizovan i njega je potrebno iskopirati u temu na forumu, te drugi, info.txt koji će biti minimizovan (koji nam za sada ne treba).


Postavi sadržaj file-a log.txt u iduću poruku (taj file će biti sačuvan kao C:\rsit\log.txt).

Poslao: 10 Maj 2009 16:49
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Evo ga... I jel ima neki nacin da postavim log od KIS-a?

Logfile of random's system information tool 1.06 (written by random/random)
Run by Fireslasher at 2009-05-10 16:45:50
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 42 GB (51%) free of 82 GB
Total RAM: 4094 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:45:54 PM, on 5/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.46\aaCenter.exe
C:\Program Files (x86)\RivaTuner v2.24\RivaTuner.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files (x86)\RivaTuner v2.24\Tools\RTSS\RTSS.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
D:\Games\X-Men Origins - Wolverine(TM)\Binaries\Wolverine.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Fireslasher\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Fireslasher.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [RTSS] "C:\Program Files (x86)\RivaTuner v2.24\Tools\RTSS\RTSSWrapper.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Microsoft WinUpdate] C:\Windows\system32\msupdtecheck.exe
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10053 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\User_Feed_Synchronization-{A381FE27-0923-49FA-B622-F70B947F4E7C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files (x86)\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2009-05-01 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-09-06 1426432]
"CPU Power Monitor"=C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-10-16 626176]
"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-09-11 880640]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-28 1282048]
"SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2007-08-02 53248]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-05-01 201992]
"RTSS"=C:\Program Files (x86)\RivaTuner v2.24\Tools\RTSS\RTSSWrapper.exe [2009-02-25 24576]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Microsoft WinUpdate"=C:\Windows\system32\msupdtecheck.exe []
"Microsoft Pinyin IME Migration"=C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE [2006-10-26 32560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe [2009-04-09 228808]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9394872b-394b-11de-b018-001e8c90223e}]
shell\Setup\command - setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e22ae5a5-3a53-11de-afcf-001e8c90223e}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn


======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-05-10 16:45:50 ----D---- C:\rsit
2009-05-10 16:45:50 ----D---- C:\Program Files (x86)\trend micro
2009-05-10 16:45:50 ----D---- \rsit
2009-05-08 10:00:59 ----D---- C:\ProgramData\ABBYY
2009-05-08 10:00:59 ----D---- C:\Program Files (x86)\ABBYY FineReader 9.0
2009-05-07 19:54:43 ----D---- C:\Program Files (x86)\DynGate
2009-05-06 10:18:29 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-05-06 10:18:29 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-05-06 10:18:29 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-05-06 10:18:28 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-05-06 10:18:28 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-05-06 10:18:26 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-05-06 09:51:05 ----SHD---- C:\Windows\ftpcache
2009-05-03 19:21:17 ----D---- C:\Windows\Minidump
2009-05-03 18:19:53 ----D---- C:\ProgramData\Tages
2009-05-03 18:00:59 ----D---- C:\ProgramData\Media Center Programs
2009-05-03 11:07:13 ----D---- C:\Program Files (x86)\Common Files\EZB Systems
2009-05-03 11:07:11 ----D---- C:\Program Files (x86)\UltraISO
2009-05-03 02:09:46 ----D---- C:\Program Files (x86)\FlashGet
2009-05-03 02:09:25 ----A---- C:\Windows\system32\msupdtecheck.exe
2009-05-02 23:45:26 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2009-05-02 18:02:55 ----D---- C:\Program Files (x86)\Foxit Software
2009-05-02 12:38:39 ----D---- C:\Program Files (x86)\Microsoft Works
2009-05-02 12:37:48 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2009-05-02 12:37:48 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2009-05-02 12:37:07 ----D---- C:\Program Files (x86)\Microsoft.NET
2009-05-02 12:35:10 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2009-05-02 12:34:27 ----D---- C:\Program Files (x86)\Microsoft Office
2009-05-02 12:34:26 ----D---- C:\ProgramData\Microsoft Help
2009-05-02 12:33:26 ----RHD---- C:\MSOCache
2009-05-02 12:33:26 ----RHD---- \MSOCache
2009-05-02 11:15:48 ----D---- C:\CrashReport
2009-05-02 11:15:48 ----D---- \CrashReport
2009-05-02 04:13:28 ----D---- C:\Windows\Panther
2009-05-02 04:13:14 ----RASH---- C:\BOOTSECT.BAK
2009-05-02 04:13:14 ----RASH---- \BOOTSECT.BAK
2009-05-02 04:13:13 ----SHD---- C:\Boot
2009-05-02 04:13:13 ----SHD---- \Boot
2009-05-02 03:20:49 ----D---- C:\Windows\Debug
2009-05-02 03:17:03 ----D---- C:\Windows\SoftwareDistribution
2009-05-02 03:15:48 ----D---- C:\Windows\CSC
2009-05-02 03:14:17 ----D---- C:\Windows\Prefetch
2009-05-02 03:14:15 ----SHD---- C:\System Volume Information
2009-05-02 03:14:15 ----SHD---- \System Volume Information
2009-05-02 02:30:50 ----D---- C:\Program Files (x86)\MSXML 4.0
2009-05-02 02:28:24 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-05-02 02:28:22 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-05-02 02:28:15 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-05-02 02:14:27 ----A---- C:\Windows\system32\msshooks.dll
2009-05-02 02:14:27 ----A---- C:\Windows\system32\msscb.dll
2009-05-02 02:14:27 ----A---- C:\Windows\system32\mimefilt.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\thawbrkr.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-05-02 02:14:26 ----A---- C:\Windows\system32\propsys.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\propdefs.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\offfilt.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\msstrc.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\mssprxy.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\mssitlb.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\msshsq.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\korwbrkr.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\chsbrkr.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\xmlfilter.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\tquery.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-05-02 02:14:25 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-05-02 02:14:25 ----A---- C:\Windows\system32\rtffilt.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\nlhtml.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\mssvp.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\mssrch.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\mssphtb.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\mssph.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\msscntrs.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\chtbrkr.dll
2009-05-02 01:59:30 ----A---- C:\Windows\system32\icardres.dll
2009-05-02 01:59:29 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-05-02 01:59:29 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-05-02 01:59:29 ----A---- C:\Windows\system32\infocardapi.dll
2009-05-02 01:59:29 ----A---- C:\Windows\system32\icardagt.exe
2009-05-02 01:59:25 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-02 01:59:24 ----A---- C:\Windows\system32\PresentationHost.exe
2009-05-02 01:55:30 ----A---- C:\Windows\system32\netfxperf.dll
2009-05-02 01:55:25 ----A---- C:\Windows\system32\dfshim.dll
2009-05-02 01:55:21 ----A---- C:\Windows\system32\mscoree.dll
2009-05-02 01:55:18 ----A---- C:\Windows\system32\mscorier.dll
2009-05-02 01:55:16 ----A---- C:\Windows\system32\mscories.dll
2009-05-02 01:53:06 ----A---- C:\Windows\system32\tzres.dll
2009-05-02 01:47:38 ----A---- C:\Windows\system32\iesetup.dll
2009-05-02 01:47:38 ----A---- C:\Windows\system32\iernonce.dll
2009-05-02 01:47:38 ----A---- C:\Windows\system32\ie4uinit.exe
2009-05-02 01:46:34 ----A---- C:\Windows\system32\ieui.dll
2009-05-02 01:46:34 ----A---- C:\Windows\system32\icardie.dll
2009-05-02 01:46:34 ----A---- C:\Windows\system32\advpack.dll
2009-05-02 01:46:34 ----A---- C:\Windows\system32\admparse.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\wextract.exe
2009-05-02 01:46:33 ----A---- C:\Windows\system32\msls31.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-02 01:46:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\corpol.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\imgutil.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-02 01:46:31 ----A---- C:\Windows\system32\webcheck.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\occache.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\mstime.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\msrating.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\inseng.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\iepeers.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\ieakui.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\wininet.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\vbscript.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\url.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\jscript.dll
2009-05-02 01:46:28 ----A---- C:\Windows\system32\urlmon.dll
2009-05-02 01:46:28 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\mshta.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\iexpress.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-02 01:46:28 ----A---- C:\Windows\system32\iertutil.dll
2009-05-02 01:46:27 ----A---- C:\Windows\system32\mshtml.dll
2009-05-02 01:46:27 ----A---- C:\Windows\system32\ieframe.dll
2009-05-02 01:44:32 ----A---- C:\Windows\system32\psisdecd.dll
2009-05-02 01:44:32 ----A---- C:\Windows\system32\EncDec.dll
2009-05-02 01:42:35 ----A---- C:\Windows\system32\sdohlp.dll
2009-05-02 01:42:35 ----A---- C:\Windows\system32\iasrecst.dll
2009-05-02 01:42:35 ----A---- C:\Windows\system32\iashost.exe
2009-05-02 01:42:35 ----A---- C:\Windows\system32\iasdatastore.dll
2009-05-02 01:42:35 ----A---- C:\Windows\system32\iasads.dll
2009-05-02 01:41:16 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-05-02 01:41:16 ----A---- C:\Windows\system32\gameux.dll
2009-05-02 01:41:16 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-05-02 01:40:30 ----A---- C:\Windows\system32\srclient.dll
2009-05-02 01:40:30 ----A---- C:\Windows\system32\kbd106n.dll
2009-05-02 01:39:37 ----A---- C:\Windows\system32\kernel32.dll
2009-05-02 01:39:36 ----A---- C:\Windows\system32\secur32.dll
2009-05-02 01:39:36 ----A---- C:\Windows\system32\apilogen.dll
2009-05-02 01:39:36 ----A---- C:\Windows\system32\amxread.dll
2009-05-02 01:39:13 ----A---- C:\Windows\system32\mf.dll
2009-05-02 01:39:12 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-05-02 01:39:12 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-05-02 01:39:12 ----A---- C:\Windows\system32\logagent.exe
2009-05-02 01:37:07 ----A---- C:\Windows\system32\gdi32.dll
2009-05-02 01:37:06 ----A---- C:\Windows\system32\schannel.dll
2009-05-02 01:37:06 ----A---- C:\Windows\system32\es.dll
2009-05-02 01:37:05 ----A---- C:\Windows\system32\inetcomm.dll
2009-05-02 01:37:00 ----A---- C:\Windows\system32\msxml6.dll
2009-05-02 01:36:59 ----A---- C:\Windows\system32\msxml3.dll
2009-05-02 01:36:57 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-05-02 01:36:56 ----A---- C:\Windows\system32\win32spl.dll
2009-05-02 01:36:55 ----A---- C:\Windows\explorer.exe
2009-05-02 01:36:54 ----A---- C:\Windows\system32\winipsec.dll
2009-05-02 01:36:54 ----A---- C:\Windows\system32\polstore.dll
2009-05-02 01:36:54 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-05-02 01:36:54 ----A---- C:\Windows\system32\explorer.exe
2009-05-02 01:36:52 ----A---- C:\Windows\system32\wshqos.dll
2009-05-02 01:36:52 ----A---- C:\Windows\system32\traffic.dll
2009-05-02 01:36:52 ----A---- C:\Windows\system32\rpcrt4.dll
2009-05-02 01:36:52 ----A---- C:\Windows\system32\pacerprf.dll
2009-05-02 01:36:00 ----A---- C:\Windows\system32\winhttp.dll
2009-05-02 01:35:59 ----A---- C:\Windows\system32\wshext.dll
2009-05-02 01:35:59 ----A---- C:\Windows\system32\wscript.exe
2009-05-02 01:35:59 ----A---- C:\Windows\system32\scrrun.dll
2009-05-02 01:35:59 ----A---- C:\Windows\system32\scrobj.dll
2009-05-02 01:35:59 ----A---- C:\Windows\system32\cscript.exe
2009-05-02 01:35:58 ----A---- C:\Windows\system32\dataclen.dll
2009-05-02 01:34:39 ----A---- C:\Windows\system32\shell32.dll
2009-05-02 01:34:37 ----A---- C:\Windows\system32\quartz.dll
2009-05-02 01:34:36 ----A---- C:\Windows\system32\xolehlp.dll
2009-05-02 01:34:36 ----A---- C:\Windows\system32\msdtcprx.dll
2009-05-02 01:34:35 ----A---- C:\Windows\system32\connect.dll
2009-05-02 01:34:33 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-05-02 01:34:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-05-02 01:34:33 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-05-02 01:34:26 ----A---- C:\Windows\system32\wmpeffects.dll
2009-05-02 01:34:25 ----A---- C:\Windows\system32\wshrm.dll
2009-05-02 01:31:33 ----A---- C:\Windows\system32\netapi32.dll
2009-05-02 01:31:33 ----A---- C:\Windows\system32\Faultrep.dll
2009-05-02 01:13:51 ----A---- C:\Windows\system32\wups.dll
2009-05-02 01:13:51 ----A---- C:\Windows\system32\wudriver.dll
2009-05-02 01:13:51 ----A---- C:\Windows\system32\wuapi.dll
2009-05-02 01:13:47 ----A---- C:\Windows\system32\wuwebv.dll
2009-05-02 01:13:47 ----A---- C:\Windows\system32\wuapp.exe
2009-05-02 00:04:48 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-05-02 00:04:47 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-05-02 00:04:46 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-05-02 00:04:45 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-05-02 00:04:45 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-05-02 00:04:44 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-05-02 00:04:44 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-05-02 00:03:45 ----D---- C:\Windows\system32\directx
2009-05-01 22:03:51 ----A---- C:\Windows\system32\ff_vfw.dll
2009-05-01 22:03:50 ----A---- C:\Windows\system32\pthreadGC2.dll
2009-05-01 22:03:49 ----D---- C:\Program Files (x86)\ffdshow
2009-05-01 21:51:38 ----A---- C:\Windows\NeroDigital.ini
2009-05-01 21:34:11 ----D---- C:\recover
2009-05-01 21:34:11 ----D---- \recover
2009-05-01 21:33:10 ----D---- C:\Program Files (x86)\Runtime Software
2009-05-01 21:24:36 ----D---- C:\Program Files (x86)\Pcsx2
2009-05-01 21:08:54 ----D---- C:\Program Files (x86)\RivaTuner v2.24
2009-05-01 20:34:59 ----D---- C:\ProgramData\DAEMON Tools Pro
2009-05-01 20:34:59 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2009-05-01 20:20:59 ----D---- C:\ProgramData\DFX
2009-05-01 20:02:46 ----D---- C:\ProgramData\Kaspersky Lab
2009-05-01 20:02:46 ----D---- C:\Program Files (x86)\Kaspersky Lab
2009-05-01 20:01:04 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2009-05-01 19:53:35 ----D---- C:\Program Files (x86)\Your Uninstaller 2008
2009-05-01 19:53:12 ----D---- C:\Windows\Profiles
2009-05-01 19:51:20 ----AD---- C:\ProgramData\TEMP
2009-05-01 19:42:13 ----D---- C:\ProgramData\Nero
2009-05-01 19:42:13 ----D---- C:\Program Files (x86)\Nero
2009-05-01 19:42:13 ----D---- C:\Program Files (x86)\Common Files\Ahead
2009-05-01 19:40:14 ----A---- C:\Windows\system32\uxtuneup.dll
2009-05-01 19:40:14 ----A---- C:\Windows\system32\authuitu.dll
2009-05-01 19:40:03 ----D---- C:\Program Files (x86)\TuneUp Utilities 2009
2009-05-01 19:40:02 ----D---- C:\ProgramData\TuneUp Software
2009-05-01 19:39:40 ----SHD---- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
2009-05-01 19:33:10 ----D---- C:\ProgramData\Adobe Systems
2009-05-01 19:32:07 ----D---- C:\Program Files (x86)\Common Files\Adobe Systems Shared
2009-05-01 19:31:46 ----D---- C:\ProgramData\Adobe
2009-05-01 19:31:46 ----D---- C:\Program Files (x86)\Common Files\Adobe
2009-05-01 19:31:35 ----D---- C:\Program Files (x86)\Adobe
2009-05-01 19:24:35 ----D---- C:\ProgramData\Acronis
2009-05-01 19:08:13 ----D---- C:\Program Files (x86)\Common Files\Acronis
2009-05-01 19:08:13 ----D---- C:\Program Files (x86)\Acronis
2009-05-01 19:07:57 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2009-05-01 19:07:38 ----D---- C:\Program Files (x86)\Microsoft
2009-05-01 19:07:10 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2009-05-01 19:07:03 ----D---- C:\Program Files (x86)\WinRAR
2009-05-01 19:06:54 ----D---- C:\Program Files (x86)\Windows Live
2009-05-01 19:06:40 ----D---- C:\Windows\PCHEALTH
2009-05-01 19:01:10 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2009-05-01 18:59:11 ----D---- C:\ProgramData\NVIDIA
2009-05-01 18:57:49 ----D---- C:\Program Files (x86)\Creative
2009-05-01 18:57:49 ----A---- C:\Windows\system32\wrap_oal.dll
2009-05-01 18:57:48 ----N---- C:\Windows\system32\adi_oal.dll
2009-05-01 18:57:48 ----A---- C:\Windows\system32\OpenAL32.dll
2009-05-01 18:57:37 ----A---- C:\Windows\system32\SFFXComm.dll
2009-05-01 18:57:37 ----A---- C:\Windows\system32\SFBH.dll
2009-05-01 18:57:37 ----A---- C:\Windows\system32\AEADICom.dll
2009-05-01 18:57:30 ----D---- C:\ProgramData\SonicFocus
2009-05-01 18:57:18 ----D---- C:\Program Files (x86)\Analog Devices
2009-05-01 18:56:54 ----A---- C:\Windows\AS_Debug.txt
2009-05-01 18:54:48 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-05-01 18:54:48 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-05-01 18:54:45 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-05-01 18:54:45 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-05-01 18:54:45 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-05-01 18:54:45 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-05-01 18:54:44 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-05-01 18:54:44 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-05-01 18:54:44 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-05-01 18:54:44 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\xinput1_3.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-05-01 18:54:38 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-05-01 18:54:38 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-05-01 18:54:38 ----A---- C:\Windows\system32\d3dx10.dll
2009-05-01 18:54:37 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-05-01 18:54:37 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-05-01 18:54:37 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-05-01 18:54:36 ----A---- C:\Windows\system32\xinput1_2.dll
2009-05-01 18:54:36 ----A---- C:\Windows\system32\xinput1_1.dll
2009-05-01 18:54:36 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-05-01 18:54:36 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-05-01 18:54:35 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-05-01 18:54:32 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-05-01 18:54:31 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-05-01 18:54:31 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-05-01 18:54:31 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-05-01 18:54:31 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-05-01 18:54:30 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-05-01 18:54:30 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-05-01 18:54:30 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-05-01 18:54:30 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-05-01 18:53:32 ----D---- C:\Windows\system32\AGEIA
2009-05-01 18:53:32 ----D---- C:\Program Files (x86)\AGEIA Technologies
2009-05-01 18:53:29 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2009-05-01 18:45:43 ----RA---- C:\Windows\system32\AsIO.dll
2009-05-01 18:45:43 ----D---- C:\Program Files (x86)\ASUS
2009-05-01 18:45:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-05-01 18:43:45 ----D---- C:\Program Files (x86)\Marvell
2009-05-01 18:43:43 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2009-05-01 18:42:14 ----D---- C:\Windows\ASUSInstAll
2009-05-01 18:40:35 ----D---- C:\Program Files (x86)\Opera
2009-05-01 18:40:24 ----SHD---- C:\Windows\Installer
2009-05-01 18:36:26 ----D---- C:\Program Files (x86)\Intel
2009-05-01 18:35:59 ----A---- C:\Windows\Ascd_log.ini
2009-05-01 18:35:43 ----A---- C:\Windows\Ascd_tmp.ini
2009-05-01 18:34:28 ----D---- C:\Intel
2009-05-01 18:34:28 ----D---- \Intel
2009-05-01 18:31:07 ----D---- C:\Windows\system32\Macromed

======List of files/folders modified in the last 1 months======

2009-05-10 16:45:51 ----D---- C:\Windows\Temp
2009-05-10 16:45:50 ----RD---- C:\Program Files (x86)
2009-05-10 16:45:50 ----RD---- \Program Files (x86)
2009-05-10 16:26:47 ----D---- C:\Windows\System32
2009-05-10 16:26:46 ----D---- C:\Windows\inf
2009-05-10 16:20:21 ----D---- C:\Windows
2009-05-10 16:20:21 ----D---- \Windows
2009-05-08 10:00:59 ----HD---- C:\ProgramData
2009-05-08 10:00:59 ----HD---- \ProgramData
2009-05-08 09:36:05 ----D---- C:\Windows\SysWOW64
2009-05-08 09:36:04 ----SD---- C:\ProgramData\Microsoft
2009-05-08 09:36:04 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-05-06 10:18:09 ----RSD---- C:\Windows\assembly
2009-05-06 10:16:23 ----D---- C:\Windows\winsxs
2009-05-03 16:01:25 ----SHD---- C:\$Recycle.Bin
2009-05-03 16:01:25 ----SHD---- \$Recycle.Bin
2009-05-03 11:07:13 ----D---- C:\Program Files (x86)\Common Files
2009-05-02 12:38:16 ----D---- C:\Program Files (x86)\MSBuild
2009-05-02 12:37:45 ----D---- C:\Windows\ShellNew
2009-05-02 12:37:20 ----RSD---- C:\Windows\Fonts
2009-05-02 12:35:29 ----RD---- C:\Program Files
2009-05-02 12:35:29 ----RD---- \Program Files
2009-05-02 12:34:47 ----D---- C:\Program Files (x86)\Common Files\System
2009-05-02 12:34:47 ----A---- C:\Windows\win.ini
2009-05-02 11:22:22 ----D---- C:\Windows\Tasks
2009-05-02 10:53:38 ----D---- C:\Windows\rescache
2009-05-02 03:13:26 ----D---- C:\Windows\Logs
2009-05-02 02:49:37 ----D---- C:\Windows\Microsoft.NET
2009-05-02 02:30:41 ----D---- C:\Windows\system32\XPSViewer
2009-05-02 02:18:13 ----D---- C:\Windows\system32\ru-RU
2009-05-02 02:18:13 ----D---- C:\Windows\system32\en-US
2009-05-02 02:18:13 ----D---- C:\Windows\PolicyDefinitions
2009-05-02 02:18:13 ----D---- C:\Windows\ehome
2009-05-02 02:18:12 ----D---- C:\Windows\system32\manifeststore
2009-05-02 02:18:12 ----D---- C:\Windows\AppPatch
2009-05-02 02:18:11 ----D---- C:\Windows\system32\wbem
2009-05-02 02:18:04 ----D---- C:\Program Files (x86)\Windows Mail
2009-05-02 02:18:03 ----D---- C:\Windows\Web
2009-05-02 02:18:02 ----D---- C:\Program Files (x86)\Internet Explorer
2009-05-02 02:18:01 ----D---- C:\Windows\system32\migration
2009-05-02 02:12:51 ----RSD---- C:\Windows\Media
2009-05-01 18:53:23 ----D---- C:\Windows\Help
2009-05-01 18:45:43 ----D---- C:\Windows\system32\drivers
2009-05-01 18:31:08 ----SD---- C:\Windows\Downloaded Program Files
2009-05-01 09:23:41 ----RD---- C:\Users
2009-05-01 09:23:41 ----RD---- \Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2006-10-18 13632]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys []
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys [2009-05-01 19952]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 aa2o0yd0;aa2o0yd0; C:\Windows\system32\drivers\aa2o0yd0.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 AVP;Kaspersky Internet Security; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-05-01 201992]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-02-22 2217416]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-05-01 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

-----------------EOF-----------------

Poslao: 10 Maj 2009 20:20
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Upload-uj file: C:\Windows\system32\msupdtecheck.exe

Upload link: http://www.mycity.rs/ambulanta-upload.php

Poslao: 10 Maj 2009 20:36
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Kaze mi da je fajl prevelik za upload, a kada stavim preko njega pise 0 bajta... Takodje, ne mogu da ga nadjem u System32 ovako, nego samo preko upload forme...

Poslao: 10 Maj 2009 20:54
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Preuzmi program OTMoveIt3 na Desktop.

Dvoklikom pokreni OTMoveIt3.exe

U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:

:files
C:\Windows\system32\msupdtecheck.exe
C:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx

:services
aa2o0yd0

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft WinUpdate"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e22ae5a5-3a53-11de-afcf-001e8c90223e}]


Klikni MoveIt!
Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.


Ukoliko se pojavi upit:

Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?

kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.

Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.

Poslao: 10 Maj 2009 20:59
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Evo ga.

========== FILES ==========
C:\Windows\system32\msupdtecheck.exe moved successfully.
File/Folder C:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx not found.
========== SERVICES/DRIVERS ==========
Service\Driver aa2o0yd0 not found.
Service\Driver aa2o0yd0 not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft WinUpdate deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e22ae5a5-3a53-11de-afcf-001e8c90223e}\\ deleted successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05102009_205619

Poslao: 10 Maj 2009 21:14
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Postavi svež RSIT log.


Zipuj/raruj folder C:\_OTMoveIt\MovedFiles i upload-uj preko ranije datog linka.

Poslao: 10 Maj 2009 21:42
Idi na vrh
offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Uploadovano.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Fireslasher at 2009-05-10 21:40:04
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 41 GB (51%) free of 82 GB
Total RAM: 4094 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:40:06 PM, on 5/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.46\aaCenter.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files (x86)\RivaTuner v2.24\RivaTuner.exe
C:\Program Files (x86)\RivaTuner v2.24\Tools\RTSS\RTSS.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Fireslasher\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Fireslasher.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [RTSS] "C:\Program Files (x86)\RivaTuner v2.24\Tools\RTSS\RTSSWrapper.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9853 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\User_Feed_Synchronization-{A381FE27-0923-49FA-B622-F70B947F4E7C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files (x86)\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2009-05-01 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-09-06 1426432]
"CPU Power Monitor"=C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-10-16 626176]
"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-09-11 880640]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-28 1282048]
"SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2007-08-02 53248]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-05-01 201992]
"RTSS"=C:\Program Files (x86)\RivaTuner v2.24\Tools\RTSS\RTSSWrapper.exe [2009-02-25 24576]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Microsoft Pinyin IME Migration"=C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE [2006-10-26 32560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe [2009-04-09 228808]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9394872b-394b-11de-b018-001e8c90223e}]
shell\Setup\command - setup.exe


======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-05-10 20:56:19 ----D---- C:\_OTMoveIt
2009-05-10 20:56:19 ----D---- \_OTMoveIt
2009-05-10 16:45:50 ----D---- C:\rsit
2009-05-10 16:45:50 ----D---- C:\Program Files (x86)\trend micro
2009-05-10 16:45:50 ----D---- \rsit
2009-05-08 10:00:59 ----D---- C:\ProgramData\ABBYY
2009-05-08 10:00:59 ----D---- C:\Program Files (x86)\ABBYY FineReader 9.0
2009-05-07 19:54:43 ----D---- C:\Program Files (x86)\DynGate
2009-05-06 10:18:29 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-05-06 10:18:29 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-05-06 10:18:29 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-05-06 10:18:28 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-05-06 10:18:28 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-05-06 10:18:26 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-05-06 09:51:05 ----SHD---- C:\Windows\ftpcache
2009-05-03 19:21:17 ----D---- C:\Windows\Minidump
2009-05-03 18:19:53 ----D---- C:\ProgramData\Tages
2009-05-03 18:00:59 ----D---- C:\ProgramData\Media Center Programs
2009-05-03 11:07:13 ----D---- C:\Program Files (x86)\Common Files\EZB Systems
2009-05-03 11:07:11 ----D---- C:\Program Files (x86)\UltraISO
2009-05-03 02:09:46 ----D---- C:\Program Files (x86)\FlashGet
2009-05-02 23:45:26 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2009-05-02 18:02:55 ----D---- C:\Program Files (x86)\Foxit Software
2009-05-02 12:38:39 ----D---- C:\Program Files (x86)\Microsoft Works
2009-05-02 12:37:48 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2009-05-02 12:37:48 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2009-05-02 12:37:07 ----D---- C:\Program Files (x86)\Microsoft.NET
2009-05-02 12:35:10 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2009-05-02 12:34:27 ----D---- C:\Program Files (x86)\Microsoft Office
2009-05-02 12:34:26 ----D---- C:\ProgramData\Microsoft Help
2009-05-02 12:33:26 ----RHD---- C:\MSOCache
2009-05-02 12:33:26 ----RHD---- \MSOCache
2009-05-02 11:15:48 ----D---- C:\CrashReport
2009-05-02 11:15:48 ----D---- \CrashReport
2009-05-02 04:13:28 ----D---- C:\Windows\Panther
2009-05-02 04:13:14 ----RASH---- C:\BOOTSECT.BAK
2009-05-02 04:13:14 ----RASH---- \BOOTSECT.BAK
2009-05-02 04:13:13 ----SHD---- C:\Boot
2009-05-02 04:13:13 ----SHD---- \Boot
2009-05-02 03:20:49 ----D---- C:\Windows\Debug
2009-05-02 03:17:03 ----D---- C:\Windows\SoftwareDistribution
2009-05-02 03:15:48 ----D---- C:\Windows\CSC
2009-05-02 03:14:17 ----D---- C:\Windows\Prefetch
2009-05-02 03:14:15 ----SHD---- C:\System Volume Information
2009-05-02 03:14:15 ----SHD---- \System Volume Information
2009-05-02 02:30:50 ----D---- C:\Program Files (x86)\MSXML 4.0
2009-05-02 02:28:24 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-05-02 02:28:22 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-05-02 02:28:15 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-05-02 02:14:27 ----A---- C:\Windows\system32\msshooks.dll
2009-05-02 02:14:27 ----A---- C:\Windows\system32\msscb.dll
2009-05-02 02:14:27 ----A---- C:\Windows\system32\mimefilt.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\thawbrkr.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-05-02 02:14:26 ----A---- C:\Windows\system32\propsys.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\propdefs.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\offfilt.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\msstrc.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\mssprxy.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\mssitlb.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\msshsq.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\korwbrkr.dll
2009-05-02 02:14:26 ----A---- C:\Windows\system32\chsbrkr.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\xmlfilter.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\tquery.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-05-02 02:14:25 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-05-02 02:14:25 ----A---- C:\Windows\system32\rtffilt.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\nlhtml.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\mssvp.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\mssrch.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\mssphtb.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\mssph.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\msscntrs.dll
2009-05-02 02:14:25 ----A---- C:\Windows\system32\chtbrkr.dll
2009-05-02 01:59:30 ----A---- C:\Windows\system32\icardres.dll
2009-05-02 01:59:29 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-05-02 01:59:29 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-05-02 01:59:29 ----A---- C:\Windows\system32\infocardapi.dll
2009-05-02 01:59:29 ----A---- C:\Windows\system32\icardagt.exe
2009-05-02 01:59:25 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-02 01:59:24 ----A---- C:\Windows\system32\PresentationHost.exe
2009-05-02 01:55:30 ----A---- C:\Windows\system32\netfxperf.dll
2009-05-02 01:55:25 ----A---- C:\Windows\system32\dfshim.dll
2009-05-02 01:55:21 ----A---- C:\Windows\system32\mscoree.dll
2009-05-02 01:55:18 ----A---- C:\Windows\system32\mscorier.dll
2009-05-02 01:55:16 ----A---- C:\Windows\system32\mscories.dll
2009-05-02 01:53:06 ----A---- C:\Windows\system32\tzres.dll
2009-05-02 01:47:38 ----A---- C:\Windows\system32\iesetup.dll
2009-05-02 01:47:38 ----A---- C:\Windows\system32\iernonce.dll
2009-05-02 01:47:38 ----A---- C:\Windows\system32\ie4uinit.exe
2009-05-02 01:46:34 ----A---- C:\Windows\system32\ieui.dll
2009-05-02 01:46:34 ----A---- C:\Windows\system32\icardie.dll
2009-05-02 01:46:34 ----A---- C:\Windows\system32\advpack.dll
2009-05-02 01:46:34 ----A---- C:\Windows\system32\admparse.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\wextract.exe
2009-05-02 01:46:33 ----A---- C:\Windows\system32\msls31.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-02 01:46:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-02 01:46:33 ----A---- C:\Windows\system32\corpol.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\imgutil.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-02 01:46:32 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-02 01:46:31 ----A---- C:\Windows\system32\webcheck.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\occache.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\mstime.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\msrating.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\inseng.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\iepeers.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\ieakui.dll
2009-05-02 01:46:31 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\wininet.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\vbscript.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\url.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-02 01:46:30 ----A---- C:\Windows\system32\jscript.dll
2009-05-02 01:46:28 ----A---- C:\Windows\system32\urlmon.dll
2009-05-02 01:46:28 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\mshta.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\iexpress.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-02 01:46:28 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-02 01:46:28 ----A---- C:\Windows\system32\iertutil.dll
2009-05-02 01:46:27 ----A---- C:\Windows\system32\mshtml.dll
2009-05-02 01:46:27 ----A---- C:\Windows\system32\ieframe.dll
2009-05-02 01:44:32 ----A---- C:\Windows\system32\psisdecd.dll
2009-05-02 01:44:32 ----A---- C:\Windows\system32\EncDec.dll
2009-05-02 01:42:35 ----A---- C:\Windows\system32\sdohlp.dll
2009-05-02 01:42:35 ----A---- C:\Windows\system32\iasrecst.dll
2009-05-02 01:42:35 ----A---- C:\Windows\system32\iashost.exe
2009-05-02 01:42:35 ----A---- C:\Windows\system32\iasdatastore.dll
2009-05-02 01:42:35 ----A---- C:\Windows\system32\iasads.dll
2009-05-02 01:41:16 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-05-02 01:41:16 ----A---- C:\Windows\system32\gameux.dll
2009-05-02 01:41:16 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-05-02 01:40:30 ----A---- C:\Windows\system32\srclient.dll
2009-05-02 01:40:30 ----A---- C:\Windows\system32\kbd106n.dll
2009-05-02 01:39:37 ----A---- C:\Windows\system32\kernel32.dll
2009-05-02 01:39:36 ----A---- C:\Windows\system32\secur32.dll
2009-05-02 01:39:36 ----A---- C:\Windows\system32\apilogen.dll
2009-05-02 01:39:36 ----A---- C:\Windows\system32\amxread.dll
2009-05-02 01:39:13 ----A---- C:\Windows\system32\mf.dll
2009-05-02 01:39:12 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-05-02 01:39:12 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-05-02 01:39:12 ----A---- C:\Windows\system32\logagent.exe
2009-05-02 01:37:07 ----A---- C:\Windows\system32\gdi32.dll
2009-05-02 01:37:06 ----A---- C:\Windows\system32\schannel.dll
2009-05-02 01:37:06 ----A---- C:\Windows\system32\es.dll
2009-05-02 01:37:05 ----A---- C:\Windows\system32\inetcomm.dll
2009-05-02 01:37:00 ----A---- C:\Windows\system32\msxml6.dll
2009-05-02 01:36:59 ----A---- C:\Windows\system32\msxml3.dll
2009-05-02 01:36:57 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-05-02 01:36:56 ----A---- C:\Windows\system32\win32spl.dll
2009-05-02 01:36:55 ----A---- C:\Windows\explorer.exe
2009-05-02 01:36:54 ----A---- C:\Windows\system32\winipsec.dll
2009-05-02 01:36:54 ----A---- C:\Windows\system32\polstore.dll
2009-05-02 01:36:54 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-05-02 01:36:54 ----A---- C:\Windows\system32\explorer.exe
2009-05-02 01:36:52 ----A---- C:\Windows\system32\wshqos.dll
2009-05-02 01:36:52 ----A---- C:\Windows\system32\traffic.dll
2009-05-02 01:36:52 ----A---- C:\Windows\system32\rpcrt4.dll
2009-05-02 01:36:52 ----A---- C:\Windows\system32\pacerprf.dll
2009-05-02 01:36:00 ----A---- C:\Windows\system32\winhttp.dll
2009-05-02 01:35:59 ----A---- C:\Windows\system32\wshext.dll
2009-05-02 01:35:59 ----A---- C:\Windows\system32\wscript.exe
2009-05-02 01:35:59 ----A---- C:\Windows\system32\scrrun.dll
2009-05-02 01:35:59 ----A---- C:\Windows\system32\scrobj.dll
2009-05-02 01:35:59 ----A---- C:\Windows\system32\cscript.exe
2009-05-02 01:35:58 ----A---- C:\Windows\system32\dataclen.dll
2009-05-02 01:34:39 ----A---- C:\Windows\system32\shell32.dll
2009-05-02 01:34:37 ----A---- C:\Windows\system32\quartz.dll
2009-05-02 01:34:36 ----A---- C:\Windows\system32\xolehlp.dll
2009-05-02 01:34:36 ----A---- C:\Windows\system32\msdtcprx.dll
2009-05-02 01:34:35 ----A---- C:\Windows\system32\connect.dll
2009-05-02 01:34:33 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-05-02 01:34:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-05-02 01:34:33 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-05-02 01:34:26 ----A---- C:\Windows\system32\wmpeffects.dll
2009-05-02 01:34:25 ----A---- C:\Windows\system32\wshrm.dll
2009-05-02 01:31:33 ----A---- C:\Windows\system32\netapi32.dll
2009-05-02 01:31:33 ----A---- C:\Windows\system32\Faultrep.dll
2009-05-02 01:13:51 ----A---- C:\Windows\system32\wups.dll
2009-05-02 01:13:51 ----A---- C:\Windows\system32\wudriver.dll
2009-05-02 01:13:51 ----A---- C:\Windows\system32\wuapi.dll
2009-05-02 01:13:47 ----A---- C:\Windows\system32\wuwebv.dll
2009-05-02 01:13:47 ----A---- C:\Windows\system32\wuapp.exe
2009-05-02 00:04:48 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-05-02 00:04:47 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-05-02 00:04:46 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-05-02 00:04:45 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-05-02 00:04:45 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-05-02 00:04:44 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-05-02 00:04:44 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-05-02 00:03:45 ----D---- C:\Windows\system32\directx
2009-05-01 22:03:51 ----A---- C:\Windows\system32\ff_vfw.dll
2009-05-01 22:03:50 ----A---- C:\Windows\system32\pthreadGC2.dll
2009-05-01 22:03:49 ----D---- C:\Program Files (x86)\ffdshow
2009-05-01 21:51:38 ----A---- C:\Windows\NeroDigital.ini
2009-05-01 21:34:11 ----D---- C:\recover
2009-05-01 21:34:11 ----D---- \recover
2009-05-01 21:33:10 ----D---- C:\Program Files (x86)\Runtime Software
2009-05-01 21:24:36 ----D---- C:\Program Files (x86)\Pcsx2
2009-05-01 21:08:54 ----D---- C:\Program Files (x86)\RivaTuner v2.24
2009-05-01 20:34:59 ----D---- C:\ProgramData\DAEMON Tools Pro
2009-05-01 20:34:59 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2009-05-01 20:20:59 ----D---- C:\ProgramData\DFX
2009-05-01 20:02:46 ----D---- C:\ProgramData\Kaspersky Lab
2009-05-01 20:02:46 ----D---- C:\Program Files (x86)\Kaspersky Lab
2009-05-01 20:01:04 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2009-05-01 19:53:35 ----D---- C:\Program Files (x86)\Your Uninstaller 2008
2009-05-01 19:53:12 ----D---- C:\Windows\Profiles
2009-05-01 19:51:20 ----AD---- C:\ProgramData\TEMP
2009-05-01 19:42:13 ----D---- C:\ProgramData\Nero
2009-05-01 19:42:13 ----D---- C:\Program Files (x86)\Nero
2009-05-01 19:42:13 ----D---- C:\Program Files (x86)\Common Files\Ahead
2009-05-01 19:40:14 ----A---- C:\Windows\system32\uxtuneup.dll
2009-05-01 19:40:14 ----A---- C:\Windows\system32\authuitu.dll
2009-05-01 19:40:03 ----D---- C:\Program Files (x86)\TuneUp Utilities 2009
2009-05-01 19:40:02 ----D---- C:\ProgramData\TuneUp Software
2009-05-01 19:39:40 ----SHD---- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
2009-05-01 19:33:10 ----D---- C:\ProgramData\Adobe Systems
2009-05-01 19:32:07 ----D---- C:\Program Files (x86)\Common Files\Adobe Systems Shared
2009-05-01 19:31:46 ----D---- C:\ProgramData\Adobe
2009-05-01 19:31:46 ----D---- C:\Program Files (x86)\Common Files\Adobe
2009-05-01 19:31:35 ----D---- C:\Program Files (x86)\Adobe
2009-05-01 19:24:35 ----D---- C:\ProgramData\Acronis
2009-05-01 19:08:13 ----D---- C:\Program Files (x86)\Common Files\Acronis
2009-05-01 19:08:13 ----D---- C:\Program Files (x86)\Acronis
2009-05-01 19:07:57 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2009-05-01 19:07:38 ----D---- C:\Program Files (x86)\Microsoft
2009-05-01 19:07:10 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2009-05-01 19:07:03 ----D---- C:\Program Files (x86)\WinRAR
2009-05-01 19:06:54 ----D---- C:\Program Files (x86)\Windows Live
2009-05-01 19:06:40 ----D---- C:\Windows\PCHEALTH
2009-05-01 19:01:10 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2009-05-01 18:59:11 ----D---- C:\ProgramData\NVIDIA
2009-05-01 18:57:49 ----D---- C:\Program Files (x86)\Creative
2009-05-01 18:57:49 ----A---- C:\Windows\system32\wrap_oal.dll
2009-05-01 18:57:48 ----N---- C:\Windows\system32\adi_oal.dll
2009-05-01 18:57:48 ----A---- C:\Windows\system32\OpenAL32.dll
2009-05-01 18:57:37 ----A---- C:\Windows\system32\SFFXComm.dll
2009-05-01 18:57:37 ----A---- C:\Windows\system32\SFBH.dll
2009-05-01 18:57:37 ----A---- C:\Windows\system32\AEADICom.dll
2009-05-01 18:57:30 ----D---- C:\ProgramData\SonicFocus
2009-05-01 18:57:18 ----D---- C:\Program Files (x86)\Analog Devices
2009-05-01 18:56:54 ----A---- C:\Windows\AS_Debug.txt
2009-05-01 18:54:48 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-05-01 18:54:48 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-05-01 18:54:47 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-05-01 18:54:45 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-05-01 18:54:45 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-05-01 18:54:45 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-05-01 18:54:45 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-05-01 18:54:44 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-05-01 18:54:44 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-05-01 18:54:44 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-05-01 18:54:44 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-05-01 18:54:43 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-05-01 18:54:42 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\xinput1_3.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-05-01 18:54:41 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-05-01 18:54:39 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-05-01 18:54:38 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-05-01 18:54:38 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-05-01 18:54:38 ----A---- C:\Windows\system32\d3dx10.dll
2009-05-01 18:54:37 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-05-01 18:54:37 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-05-01 18:54:37 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-05-01 18:54:36 ----A---- C:\Windows\system32\xinput1_2.dll
2009-05-01 18:54:36 ----A---- C:\Windows\system32\xinput1_1.dll
2009-05-01 18:54:36 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-05-01 18:54:36 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-05-01 18:54:35 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-05-01 18:54:32 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-05-01 18:54:31 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-05-01 18:54:31 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-05-01 18:54:31 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-05-01 18:54:31 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-05-01 18:54:30 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-05-01 18:54:30 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-05-01 18:54:30 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-05-01 18:54:30 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-05-01 18:53:32 ----D---- C:\Windows\system32\AGEIA
2009-05-01 18:53:32 ----D---- C:\Program Files (x86)\AGEIA Technologies
2009-05-01 18:53:29 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2009-05-01 18:45:43 ----RA---- C:\Windows\system32\AsIO.dll
2009-05-01 18:45:43 ----D---- C:\Program Files (x86)\ASUS
2009-05-01 18:45:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-05-01 18:43:45 ----D---- C:\Program Files (x86)\Marvell
2009-05-01 18:43:43 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2009-05-01 18:42:14 ----D---- C:\Windows\ASUSInstAll
2009-05-01 18:40:35 ----D---- C:\Program Files (x86)\Opera
2009-05-01 18:40:24 ----SHD---- C:\Windows\Installer
2009-05-01 18:36:26 ----D---- C:\Program Files (x86)\Intel
2009-05-01 18:35:59 ----A---- C:\Windows\Ascd_log.ini
2009-05-01 18:35:43 ----A---- C:\Windows\Ascd_tmp.ini
2009-05-01 18:34:28 ----D---- C:\Intel
2009-05-01 18:34:28 ----D---- \Intel
2009-05-01 18:31:07 ----D---- C:\Windows\system32\Macromed

======List of files/folders modified in the last 1 months======

2009-05-10 21:39:53 ----D---- C:\Windows\Temp
2009-05-10 20:57:43 ----D---- C:\Windows\System32
2009-05-10 20:57:43 ----D---- C:\Windows\inf
2009-05-10 20:56:19 ----D---- C:\Windows\SysWOW64
2009-05-10 20:51:25 ----D---- C:\Windows
2009-05-10 20:51:25 ----D---- \Windows
2009-05-10 16:45:50 ----RD---- C:\Program Files (x86)
2009-05-10 16:45:50 ----RD---- \Program Files (x86)
2009-05-08 10:00:59 ----HD---- C:\ProgramData
2009-05-08 10:00:59 ----HD---- \ProgramData
2009-05-08 09:36:04 ----SD---- C:\ProgramData\Microsoft
2009-05-08 09:36:04 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-05-06 10:18:09 ----RSD---- C:\Windows\assembly
2009-05-06 10:16:23 ----D---- C:\Windows\winsxs
2009-05-03 16:01:25 ----SHD---- C:\$Recycle.Bin
2009-05-03 16:01:25 ----SHD---- \$Recycle.Bin
2009-05-03 11:07:13 ----D---- C:\Program Files (x86)\Common Files
2009-05-02 12:38:16 ----D---- C:\Program Files (x86)\MSBuild
2009-05-02 12:37:45 ----D---- C:\Windows\ShellNew
2009-05-02 12:37:20 ----RSD---- C:\Windows\Fonts
2009-05-02 12:35:29 ----RD---- C:\Program Files
2009-05-02 12:35:29 ----RD---- \Program Files
2009-05-02 12:34:47 ----D---- C:\Program Files (x86)\Common Files\System
2009-05-02 12:34:47 ----A---- C:\Windows\win.ini
2009-05-02 11:22:22 ----D---- C:\Windows\Tasks
2009-05-02 10:53:38 ----D---- C:\Windows\rescache
2009-05-02 03:13:26 ----D---- C:\Windows\Logs
2009-05-02 02:49:37 ----D---- C:\Windows\Microsoft.NET
2009-05-02 02:30:41 ----D---- C:\Windows\system32\XPSViewer
2009-05-02 02:18:13 ----D---- C:\Windows\system32\ru-RU
2009-05-02 02:18:13 ----D---- C:\Windows\system32\en-US
2009-05-02 02:18:13 ----D---- C:\Windows\PolicyDefinitions
2009-05-02 02:18:13 ----D---- C:\Windows\ehome
2009-05-02 02:18:12 ----D---- C:\Windows\system32\manifeststore
2009-05-02 02:18:12 ----D---- C:\Windows\AppPatch
2009-05-02 02:18:11 ----D---- C:\Windows\system32\wbem
2009-05-02 02:18:04 ----D---- C:\Program Files (x86)\Windows Mail
2009-05-02 02:18:03 ----D---- C:\Windows\Web
2009-05-02 02:18:02 ----D---- C:\Program Files (x86)\Internet Explorer
2009-05-02 02:18:01 ----D---- C:\Windows\system32\migration
2009-05-02 02:12:51 ----RSD---- C:\Windows\Media
2009-05-01 18:53:23 ----D---- C:\Windows\Help
2009-05-01 18:45:43 ----D---- C:\Windows\system32\drivers
2009-05-01 18:31:08 ----SD---- C:\Windows\Downloaded Program Files
2009-05-01 09:23:41 ----RD---- C:\Users
2009-05-01 09:23:41 ----RD---- \Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2006-10-18 13632]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys []
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys [2009-05-01 19952]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 avih9bqv;avih9bqv; C:\Windows\system32\drivers\avih9bqv.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 AVP;Kaspersky Internet Security; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-05-01 201992]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-02-22 2217416]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-05-01 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

-----------------EOF-----------------

Poslao: 10 Maj 2009 22:46
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ovo što si uploadovao je, više-manje, prazna arhiva. Verovatno je KAV zasmetao.
No, ...



Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka:
http://www.malwarebytes.org/mbam-download.php

Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije:
Update Malwarebytes' Anti-Malware;
Launch Malwarebytes Anti-Malware;
a zatim klikni Finish.

Nakon završenog ažuriranja program će se pokrenuti.

Izaberi opciju Perform Quick Scan i klikni Scan.

Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected.

Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu.
Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti.

Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).


Takođe, nakon svega, potrebno je postaviti i svež RSIT logfile.

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa kompom - usporen, i cini mi se da ima virusa

Ko je trenutno na forumu
 

Ukupno su 1078 korisnika na forumu :: 51 registrovanih, 10 sakrivenih i 1017 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Atomski čoban, babaroga, Bobrock1, bojank, BraneS, cavatina, Denaya, Dimitrije Paunovic, Dimitrise93, doklevise, DonRumataEstorski, Dorcolac, dragoljub11987, FOX, Frunze, Gargantua, goxin, Grah0, ivica976, Koridor, kunktator, Leonov, MaksicZoran, Metanoja, milenko crazy north, mkukoleca, MrNo, naki011, Nemanja.M, nuke92, operniki, Panter, panzerwaffe, Parker, pein, procesor, raptorsi, RJ, sasa76, slonic_tonic, Smiljke, solic, Srle993, stegonosa, Sumadija34, Tvrtko I, VP6919, YugoSlav, zodiac94, 125