Ikonice u My Computer promenjene?

1

Ikonice u My Computer promenjene?

offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Ovo mi se i pre desavalo i skenirao sam komp bio i nije nalazio nikada viruse, sada mi je tako na svim particijama i stvarno ne znam vise koji mu je, samo znam da mi ide na zivce...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:51 PM, on 1/2/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.46\aaCenter.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\RivaTuner v2.21\RivaTuner.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\Desktop\New Folder\TR3.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~2\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RivaTunerStatisticsServer] "C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MsUpdate] C:\Setup_ver1.1779.2.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\flashget.exe
O13 - Gopher Prefix:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - D:\Program Files - Vista\Stardock\Object Desktop\WindowBlinds\vistasrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8404 bytes




Evo i SS da bi bolje shvatili sta mu je Mr. Green.

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Pozdrav...


Privremeno isključi sav zaštitni softver a zatim isprati sledeće uputstvo.

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Ne radi mi u Visti... Kaze radi samo na Win 2000 i XP (ja imam Vista Ultimate x64 sa SP1).

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Sorry...Nisam skontao da imas 64-bitnu Vistu.

Onda ajmo sa ovim alatom :

Skini program RSIT na Desktop:

http://images.malwareremoval.com/random/RSIT.exe


Pokreni ga dvoklikom a zatim klikni Continue.


Na kraju procesa će se otvoriti dva loga: prvi, log.txt će biti maksimizovan i njega je potrebno iskopirati u temu na forumu, te drugi, info.txt koji će biti minimizovan (koji nam za sada ne treba).


Postavi sadržaj file-a log.txt u iduću poruku (taj file će biti sačuvan kao C:\rsit\log.txt).

offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Evo ga..

Logfile of random's system information tool 1.05 (written by random/random)
Run by Fireslasher at 2009-01-02 15:20:11
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 8 GB (30%) free of 26 GB
Total RAM: 4094 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:20:13 PM, on 1/2/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AASP\1.00.46\aaCenter.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTProShellHlp.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Users\Fireslasher\AppData\Local\Temp\dl.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Fireslasher\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Fireslasher.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~2\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RivaTunerStatisticsServer] "C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MsUpdate] C:\Setup_ver1.1779.2.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\flashget.exe
O13 - Gopher Prefix:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - D:\Program Files - Vista\Stardock\Object Desktop\WindowBlinds\vistasrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8391 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2008-12-29 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files (x86)\google\googletoolbar1.dll [2008-12-26 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2008-12-29 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
gFlash Class - C:\PROGRA~2\FlashGet\getflash.dll [2006-09-12 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files (x86)\google\googletoolbar1.dll [2008-12-26 2403392]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~2\FlashGet\fgiebar.dll [2005-06-07 86016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-06-06 1261568]
"SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2007-05-21 49152]
"Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-09-06 1426432]
"CPU Power Monitor"=C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-10-16 626176]
"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-09-11 880640]
"RivaTunerStatisticsServer"=C:\Program Files (x86)\RivaTuner v2.21\Tools\RivaTunerStatisticsServer\RivaTunerStatisticsServer.exe [2008-12-10 57344]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2008-12-29 136600]
"MsUpdate"=C:\Setup_ver1.1779.2.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe [2008-10-09 200136]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

C:\Users\Fireslasher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
D:\Program Files - Vista\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2008-12-26 529176]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1fe2773-d397-11dd-9f9c-001e8c90223e}]
shell\AutoRun\command - G:\autorun.exe


======List of files/folders created in the last 1 months======

2009-01-02 15:20:11 ----D---- C:\rsit
2009-01-02 15:20:11 ----D---- C:\Program Files (x86)\trend micro
2009-01-02 15:10:45 ----D---- C:\32788R22FWJFW
2009-01-02 15:08:57 ----D---- C:\ComboFix
2009-01-02 15:08:57 ----A---- C:\Windows\system32\swsc.exe
2009-01-02 15:08:57 ----A---- C:\Windows\system32\CF1134.exe
2009-01-02 15:08:55 ----A---- C:\Bug.txt
2009-01-02 15:08:53 ----A---- C:\Windows\system32\cmd.execf
2009-01-02 09:06:27 ----A---- C:\Autorun.exe
2009-01-02 08:47:39 ----D---- C:\ProgramData\KONAMI
2009-01-01 15:41:12 ----D---- C:\Users\Fireslasher\AppData\Roaming\Disney Interactive Studios
2008-12-31 17:19:39 ----D---- C:\Windows\system32\AGEIA
2008-12-31 17:19:39 ----D---- C:\Program Files (x86)\AGEIA Technologies
2008-12-31 13:14:48 ----RHD---- C:\Users\Fireslasher\AppData\Roaming\SecuROM
2008-12-31 13:14:47 ----A---- C:\Windows\system32\CmdLineExt_x64.dll
2008-12-30 20:21:32 ----A---- C:\Windows\system32\psfind.dll
2008-12-30 20:21:32 ----A---- C:\Windows\system32\mfc71.dll
2008-12-30 19:38:23 ----D---- C:\Windows\system32\xlive
2008-12-30 19:38:23 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2008-12-29 16:24:32 ----D---- C:\Users\Fireslasher\AppData\Roaming\Xfire
2008-12-29 16:24:31 ----D---- C:\ProgramData\Xfire
2008-12-29 13:13:58 ----A---- C:\Windows\system32\SIntfNT.dll
2008-12-29 13:13:58 ----A---- C:\Windows\system32\SIntf32.dll
2008-12-29 13:13:58 ----A---- C:\Windows\system32\SIntf16.dll
2008-12-29 13:03:42 ----A---- C:\Windows\DIIUnin.exe
2008-12-29 12:56:50 ----A---- C:\Windows\system32\javaws.exe
2008-12-29 12:56:50 ----A---- C:\Windows\system32\javaw.exe
2008-12-29 12:56:50 ----A---- C:\Windows\system32\java.exe
2008-12-29 12:56:50 ----A---- C:\Windows\system32\deploytk.dll
2008-12-29 12:56:45 ----D---- C:\Program Files (x86)\Java
2008-12-29 12:42:20 ----A---- C:\Windows\BlendSettings.ini
2008-12-28 17:29:45 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2008-12-28 16:35:49 ----D---- C:\ProgramData\FLEXnet
2008-12-28 16:33:08 ----D---- C:\Windows\system32\spool
2008-12-28 16:32:59 ----D---- C:\Program Files (x86)\Adobe Media Player
2008-12-28 16:32:04 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2008-12-28 13:59:56 ----D---- C:\ProgramData\Adobe Systems
2008-12-28 13:58:37 ----D---- C:\Program Files (x86)\Common Files\Adobe Systems Shared
2008-12-28 13:58:16 ----D---- C:\ProgramData\Adobe
2008-12-28 13:58:16 ----D---- C:\Program Files (x86)\Common Files\Adobe
2008-12-28 13:58:13 ----D---- C:\Program Files (x86)\Adobe
2008-12-28 10:51:58 ----D---- C:\Users\Fireslasher\AppData\Roaming\Media Player Classic
2008-12-27 20:07:51 ----A---- C:\Windows\system32\XAudio2_3.dll
2008-12-27 20:07:51 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2008-12-27 20:07:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2008-12-27 20:07:51 ----A---- C:\Windows\system32\d3dx10_40.dll
2008-12-27 20:07:51 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\xactengine3_3.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-12-27 20:07:50 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-12-27 20:07:49 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-12-27 20:07:48 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-12-27 20:07:48 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-12-27 20:07:48 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-12-27 20:07:48 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-12-27 20:07:47 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-12-27 20:07:47 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-12-27 20:07:47 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-12-27 20:07:47 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-12-27 20:07:46 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\xinput1_3.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-12-27 20:07:45 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-12-27 20:07:44 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-12-27 20:07:44 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-12-27 20:07:44 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-12-27 20:07:44 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-12-27 20:07:43 ----A---- C:\Windows\system32\d3dx10.dll
2008-12-27 20:07:42 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-12-27 19:44:19 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2008-12-27 18:19:33 ----D---- C:\Program Files (x86)\ffdshow
2008-12-27 18:19:33 ----A---- C:\Windows\system32\pthreadGC2.dll
2008-12-27 18:19:33 ----A---- C:\Windows\system32\ff_vfw.dll
2008-12-27 15:29:32 ----D---- C:\Users\Fireslasher\AppData\Roaming\Canneverbe_Limited
2008-12-27 15:29:20 ----D---- C:\Program Files (x86)\CDBurnerXP
2008-12-27 14:19:43 ----D---- C:\Users\Fireslasher\AppData\Roaming\Foxit
2008-12-27 10:40:44 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-12-27 10:40:44 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-12-27 10:40:43 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-12-27 10:40:43 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-27 10:40:42 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-12-27 10:40:41 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-12-27 10:40:40 ----A---- C:\Windows\system32\xinput1_2.dll
2008-12-27 10:40:40 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-12-27 10:40:39 ----A---- C:\Windows\system32\xinput1_1.dll
2008-12-27 10:40:38 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-12-27 10:40:31 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-12-27 10:40:31 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-12-27 10:40:31 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-12-27 10:40:30 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-12-27 10:40:29 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-12-27 10:40:29 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-12-27 10:40:29 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-12-27 10:40:29 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-12-27 10:40:28 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-12-27 10:25:50 ----SHD---- C:\Windows\ftpcache
2008-12-27 06:34:21 ----D---- C:\Windows\Debug
2008-12-27 06:31:04 ----D---- C:\Windows\SoftwareDistribution
2008-12-27 06:29:55 ----D---- C:\Windows\CSC
2008-12-27 06:27:56 ----D---- C:\Windows\Prefetch
2008-12-27 06:27:53 ----SHD---- C:\System Volume Information
2008-12-27 06:26:59 ----D---- C:\Windows\Panther
2008-12-27 00:16:54 ----D---- C:\Program Files (x86)\FlashGet
2008-12-26 23:27:06 ----A---- C:\Windows\system32\wbsys.dll
2008-12-26 23:27:06 ----A---- C:\Windows\system32\wbload.dll
2008-12-26 22:55:14 ----D---- C:\ProgramData\DAEMON Tools Pro
2008-12-26 22:55:14 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2008-12-26 22:49:23 ----D---- C:\Users\Fireslasher\AppData\Roaming\DAEMON Tools Pro
2008-12-26 22:41:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2008-12-26 22:41:30 ----D---- C:\Program Files (x86)\Microsoft
2008-12-26 22:41:03 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2008-12-26 22:40:49 ----D---- C:\Program Files (x86)\Windows Live
2008-12-26 22:40:36 ----D---- C:\Windows\PCHEALTH
2008-12-26 22:36:02 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2008-12-26 22:20:58 ----D---- C:\Users\Fireslasher\AppData\Roaming\WinRAR
2008-12-26 22:20:16 ----D---- C:\Program Files (x86)\WinRAR
2008-12-26 22:15:27 ----D---- C:\Program Files (x86)\RivaTuner v2.21
2008-12-26 22:13:31 ----D---- C:\Users\Fireslasher\AppData\Roaming\Opera
2008-12-26 22:13:26 ----D---- C:\Program Files (x86)\Opera
2008-12-26 22:11:04 ----D---- C:\Users\Fireslasher\AppData\Roaming\Google
2008-12-26 22:06:49 ----D---- C:\ProgramData\NVIDIA
2008-12-26 22:05:00 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2008-12-26 22:02:19 ----RA---- C:\Windows\system32\AsIO.dll
2008-12-26 22:02:19 ----D---- C:\Program Files (x86)\ASUS
2008-12-26 22:01:26 ----D---- C:\Program Files (x86)\Marvell
2008-12-26 22:00:08 ----D---- C:\Users\Fireslasher\AppData\Roaming\TMP
2008-12-26 21:55:53 ----D---- C:\Program Files (x86)\Creative
2008-12-26 21:55:52 ----N---- C:\Windows\system32\adi_oal.dll
2008-12-26 21:55:52 ----A---- C:\Windows\system32\wrap_oal.dll
2008-12-26 21:55:52 ----A---- C:\Windows\system32\OpenAL32.dll
2008-12-26 21:55:37 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2008-12-26 21:55:26 ----A---- C:\Windows\system32\SFFXComm.dll
2008-12-26 21:55:26 ----A---- C:\Windows\system32\SFBH.dll
2008-12-26 21:55:26 ----A---- C:\Windows\system32\AEADICom.dll
2008-12-26 21:55:12 ----D---- C:\ProgramData\SonicFocus
2008-12-26 21:54:54 ----D---- C:\Program Files (x86)\Analog Devices
2008-12-26 21:54:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2008-12-26 21:54:39 ----D---- C:\Users\Fireslasher\AppData\Roaming\InstallShield
2008-12-26 21:52:58 ----D---- C:\Windows\ASUSInstAll
2008-12-26 21:50:04 ----A---- C:\Windows\system32\msvcr71.dll
2008-12-26 21:50:04 ----A---- C:\Windows\system32\msvcp71.dll
2008-12-26 21:49:30 ----D---- C:\Windows\system32\Adobe
2008-12-26 21:49:01 ----D---- C:\Users\Fireslasher\AppData\Roaming\Macromedia
2008-12-26 21:49:01 ----D---- C:\Users\Fireslasher\AppData\Roaming\Adobe
2008-12-26 21:48:59 ----D---- C:\ProgramData\Google
2008-12-26 21:48:55 ----SHD---- C:\Windows\Installer
2008-12-26 21:48:54 ----D---- C:\Program Files (x86)\Google
2008-12-26 21:48:38 ----D---- C:\Windows\system32\Macromed
2008-12-26 21:47:07 ----D---- C:\Program Files (x86)\Intel
2008-12-26 21:47:02 ----D---- C:\Intel
2008-12-26 21:46:46 ----A---- C:\Windows\Ascd_log.ini
2008-12-26 21:46:34 ----A---- C:\Windows\Ascd_tmp.ini
2008-12-26 12:40:18 ----D---- C:\Users\Fireslasher\AppData\Roaming\Identities
2008-12-26 12:38:35 ----SD---- C:\Users\Fireslasher\AppData\Roaming\Microsoft
2008-12-26 12:38:35 ----D---- C:\Users\Fireslasher\AppData\Roaming\Media Center Programs
2008-12-11 21:37:44 ----A---- C:\Windows\system32\xfcodec.dll

======List of files/folders modified in the last 1 months======

2009-01-02 15:20:11 ----RD---- C:\Program Files (x86)
2009-01-02 15:20:09 ----D---- C:\Windows\Temp
2009-01-02 15:08:57 ----D---- C:\Windows\SysWOW64
2009-01-02 12:26:21 ----D---- C:\Windows\System32
2009-01-02 12:26:19 ----D---- C:\Windows\inf
2009-01-02 08:47:39 ----HD---- C:\ProgramData
2009-01-01 15:40:38 ----SD---- C:\ProgramData\Microsoft
2009-01-01 15:26:43 ----D---- C:\Windows
2008-12-31 13:02:07 ----RSD---- C:\Windows\Fonts
2008-12-28 17:33:08 ----D---- C:\Windows\winsxs
2008-12-28 17:29:45 ----D---- C:\Program Files (x86)\Common Files
2008-12-27 20:07:40 ----RSD---- C:\Windows\assembly
2008-12-27 20:07:27 ----D---- C:\Windows\Logs
2008-12-27 10:40:32 ----D---- C:\Windows\Microsoft.NET
2008-12-26 22:41:07 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2008-12-26 22:04:54 ----D---- C:\Windows\Help
2008-12-26 22:02:19 ----D---- C:\Windows\system32\drivers
2008-12-26 22:02:15 ----RD---- C:\Program Files
2008-12-26 21:49:31 ----SD---- C:\Windows\Downloaded Program Files
2008-12-26 21:40:31 ----SHD---- C:\$Recycle.Bin
2008-12-26 12:38:13 ----RD---- C:\Users
2008-12-26 12:36:28 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2006-10-18 13632]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.21\RivaTuner64.sys [2008-12-26 19952]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 af0w6b07;af0w6b07; C:\Windows\system32\drivers\af0w6b07.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 WindowBlinds;Stardock WindowBlinds; D:\Program Files - Vista\Stardock\Object Desktop\WindowBlinds\vistasrv.exe [2007-09-26 324608]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-12-28 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-01-21 93696]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-28 655624]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-26 138168]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

-----------------EOF-----------------

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Arrow
Preuzmi program OTMoveIt3 na Desktop.

Dvoklikom pokreni OTMoveIt3.exe

U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsUpdate"=-
:files
C:\Autorun.exe
C:\autorun.inf
D:\autorun.inf
E:\autorun.inf

Klikni MoveIt!

Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.


Ukoliko se pojavi upit:

Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?


kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.

Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.

offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Evo ga, izvini sto si cekao, u medjuvremenu sam izasao nesto bio Confused...

========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MsUpdate deleted successfully.
========== FILES ==========
C:\Autorun.exe moved successfully.
C:\Autorun.inf moved successfully.
D:\Autorun.inf moved successfully.
E:\Autorun.inf moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 01022009_215342

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Odlicno..Restaruj komp i javi kakvo je stanje. Wink

offline
  • Source  Male
  • Legendarni građanin
  • Pridružio: 10 Jan 2005
  • Poruke: 3319
  • Gde živiš: Stara Pazova

Ikonice su se vratile u normalu, hvala Smile.

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Samo jos da pocistimo za sobom Smile

Obrisi

* RSIT.exe
* C:\RSIT
*C:\ComboFix

Pokreni ponovo program OTMoveIt3


Izaberi opciju CleanUp!. Kada trazi restart a ti prihvati... I to je to Wink

Ko je trenutno na forumu
 

Ukupno su 1056 korisnika na forumu :: 36 registrovanih, 2 sakrivenih i 1018 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Arahne, Asparagus, Bubili, Cassius Clay, cenejac111, dankisha, draganl, Duh sa sekirom, Georgius, gorval, goxin, HrcAk47, hyla, ivan1973, Ivica1102, kokan0905, krangovotelo, Leonov, ljuba, Lucije Kvint, Mcdado, milan.vukovic, milimoj, Milos82, miodrag, mkukoleca, opt1, sevenino, skvara, Stoilkovic, Sumadija34, Toper, Trpe Grozni, Vlada78, vladaa012