[underfor]

log

[underfor]

Logfile of random’s system information tool 1.06 (written by random/random)
Run by User at 2010-02-06 15:49:06
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 31 GB (43%) free of 71 GB
Total RAM: 2488 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49:23, on 06.02.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:WindowsRtHDVCpl.exe
C:WindowsPLFSetI.exe
C:Program FilesAcerAcer Bio ProtectionPdtWzd.exe
C:Program FilesApoint2KApoint.exe
C:Program FilesAcerEmpowering TechnologyePowerePower_DMC.exe
C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSLoader.exe
C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe
C:Program FilesPure NetworksNetwork Magicnmapp.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Windowsehomeehtray.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
C:Windowssystem32taskeng.exe
C:Windowsehomeehmsas.exe
C:UsersUserAppDataLocalTempRtkBtMnt.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesApoint2KApMsgFwd.exe
C:Program FilesApoint2KHidFind.exe
C:Program FilesApoint2KApntex.exe
C:Windowssystem32wuauclt.exe
C:Program FilesWIDCOMMBluetooth SoftwareBtStackServer.exe
C:Windowssystem32conime.exe
H:driverusb–ђЃј‡‘Љ•†‘НЂЊЋ
C:Program FilesiTunesiTunesHelper.exe
C:WindowsSystem32mobsync.exe
C:Program FilesK-Lite Codec PackMedia Player Classicmplayerc.exe
C:Program FilesAcerEmpowering TechnologyNotificationCenterFramework.NotificationCenter.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesWindows LiveContactswlcomm.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32MacromedFlashFlashUtil10d.exe
C:Program FilesInternet Exploreriexplore.exe
C:UsersUserDesktopRSIT.exe
C:Program Filestrend microUser.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.freeart1cile.com
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yahoo.com/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://home.sweetim.com
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll (file missing)
R3 — URLSearchHook: (no name) — {EEE6C35D-6118-11DC-9C72-001320C79847} — (no file)
O1 — Hosts: ::1 localhost
O2 — BHO: (no name) — {02478D38-C3F9-4efb-9B51-7695ECA05670} — (no file)
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: certificateRemover — {57C571FD-3CE1-4699-9AE3-22C129EE35AD} — C:Windowssystem32idcertremoval.dll
O3 — Toolbar: Acer eDataSecurity Management — {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} — C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDStoolbar.dll
O3 — Toolbar: PROMT — {FF284F5C-7CF9-4682-8701-D467C1DBB99F} — C:Program FilesPRMT6PRMTIEprmtie.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll (file missing)
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O4 — HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 — HKLM..Run: [Skytel] Skytel.exe
O4 — HKLM..Run: [PLFSetI] C:WindowsPLFSetI.exe
O4 — HKLM..Run: [ZPdtWzdVitaKey MC3000] «C:Program FilesAcerAcer Bio ProtectionPdtWzd.exe» show
O4 — HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 — HKLM..Run: [ePower_DMC] C:Program FilesAcerEmpowering TechnologyePowerePower_DMC.exe
O4 — HKLM..Run: [eDataSecurity Loader] C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSloader.exe
O4 — HKLM..Run: [WarReg_PopUp] C:Program FilesAcerWR_PopUpWarReg_PopUp.exe
O4 — HKLM..Run: [nmctxth] «C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe»
O4 — HKLM..Run: [nmapp] «C:Program FilesPure NetworksNetwork Magicnmapp.exe» -autorun -nosplash
O4 — HKLM..Run: [OM2_Monitor] «C:Program FilesOLYMPUSOLYMPUS Master 2FirstStart.exe» /OM
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [Adobe ARM] «C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe»
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6ICQ.exe» silent
O4 — HKCU..Run: [OM2_Monitor] «C:Program FilesOLYMPUSOLYMPUS Master 2MMonitor.exe» -NoStart
O4 — HKCU..Run: [AlcoholAutomount] «C:Program FilesAlcohol SoftAlcohol 120axcmd.exe» /automount
O4 — HKCU..Run: [ISUSPM] «C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe» -scheduler
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: Bluetooth.lnk = ?
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Google Sidewiki… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 — Extra context menu item: Send image to &Bluetooth Device… — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O8 — Extra context menu item: Send page to &Bluetooth Device… — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 — Extra button: Quick-Launching Area — {10954C80-4F0F-11d3-B17C-00C0DFE39736} — C:Program FilesAcerAcer Bio ProtectionPwdBank.exe
O9 — Extra ‘Tools’ menuitem: Quick-Launching Area — {10954C80-4F0F-11d3-B17C-00C0DFE39736} — C:Program FilesAcerAcer Bio ProtectionPwdBank.exe
O9 — Extra button: (no name) — {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — C:Program FilesPRMT6PRMTIEprmtie5.htm
O9 — Extra ‘Tools’ menuitem: Перевести — {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — C:Program FilesPRMT6PRMTIEprmtie5.htm
O9 — Extra button: (no name) — {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — C:Program FilesPRMT6PRMTIEoptions.htm
O9 — Extra ‘Tools’ menuitem: Настройка параметров перевода — {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — C:Program FilesPRMT6PRMTIEoptions.htm
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: @btrez.dll,-4015 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 — Extra ‘Tools’ menuitem: @btrez.dll,-12650 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O13 — Gopher Prefix:
O16 — DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) — http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 — HKLMSystemCCSServicesTcpip..{8123135D-5CD4-4602-BA7D-0F08DA7198D5}: NameServer = 85.255.112.172,85.255.112.26
O17 — HKLMSystemCCSServicesTcpip..{CEA7D3BF-D8FF-4C67-80D2-1E52F99EC23D}: NameServer = 85.255.112.172,85.255.112.26
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.112.172,85.255.112.26
O20 — Winlogon Notify: AWinNotifyVitaKey MC3000 — C:Program FilesAcerAcer Bio ProtectionWinNotify.dll
O20 — Winlogon Notify: spba — C:Program FilesCommon FilesSPBAhomefus2.dll
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) — NewTech Infosystems, Inc. — C:Program FilesNewTech InfosystemsNTI Backup Now 5ClientAgentsvc.exe
O23 — Service: eDataSecurity Service — Egis Incorporated — C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSService.exe
O23 — Service: Empowering Technology Service (ETService) — Unknown owner — C:Program FilesAcerEmpowering TechnologyServiceETService.exe
O23 — Service: Служба Google Update (gupdate1c9e3a44d746850) (gupdate1c9e3a44d746850) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: iGroupTec Service (IGBASVC) — Unknown owner — C:Program FilesAcerAcer Bio ProtectionBASVC.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: MobilityService — Unknown owner — C:AcerMobility CenterMobilityService.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: Pure Networks Net2Go Service (nmraapache) — Pure Networks, Inc. — C:Program FilesPure NetworksNetwork MagicWebServerbinnmraapache.exe
O23 — Service: Pure Networks Platform Service (nmservice) — Pure Networks, Inc. — C:Program FilesCommon FilesPure Networks SharedPlatformnmsrvc.exe
O23 — Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) — NewTech InfoSystems, Inc. — C:Program FilesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe
O23 — Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) — Unknown owner — C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe
O23 — Service: XAudioService — Conexant Systems, Inc. — C:Windowssystem32DRIVERSxaudio.exe

—
End of file — 12748 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksNSSstub.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{57C571FD-3CE1-4699-9AE3-22C129EE35AD}]
cerificatetRemover Class — C:Windowssystem32idcertremoval.dll [2009-09-25 153056]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} — Acer eDataSecurity Management — C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDStoolbar.dll [2008-03-04 142896]
{FF284F5C-7CF9-4682-8701-D467C1DBB99F} — PROMT — C:Program FilesPRMT6PRMTIEprmtie.dll [2005-11-10 434176]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll []
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-08-26 405504]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RtHDVCpl»=C:WindowsRtHDVCpl.exe [2008-05-21 6144000]
«Skytel»=C:WindowsSkytel.exe [2007-11-21 1826816]
«PLFSetI»=C:WindowsPLFSetI.exe [2007-10-23 200704]
«ZPdtWzdVitaKey MC3000″=C:Program FilesAcerAcer Bio ProtectionPdtWzd.exe [2008-11-06 3687936]
«Apoint»=C:Program FilesApoint2KApoint.exe [2008-01-25 159744]
«ePower_DMC»=C:Program FilesAcerEmpowering TechnologyePowerePower_DMC.exe [2008-04-30 397312]
«eDataSecurity Loader»=C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSloader.exe [2008-03-04 526896]
«eRecoveryService»= []
«WarReg_PopUp»=C:Program FilesAcerWR_PopUpWarReg_PopUp.exe [2008-01-29 303104]
«nmctxth»=C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe [2008-05-16 648504]
«nmapp»=C:Program FilesPure NetworksNetwork Magicnmapp.exe [2008-05-21 451896]
«OM2_Monitor»=C:Program FilesOLYMPUSOLYMPUS Master 2FirstStart.exe [2007-09-04 54576]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2009-11-10 417792]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2009-12-22 35760]
«Adobe ARM»=C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2009-12-11 948672]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-11-12 141600]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-21 1233920]
«WindowsWelcomeCenter»=oobefldr.dll,ShowWelcomeCenter []
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-21 125952]
«ICQ»=C:Program FilesICQ6ICQ.exe silent []
«OM2_Monitor»=C:Program FilesOLYMPUSOLYMPUS Master 2MMonitor.exe [2007-09-04 95536]
«AlcoholAutomount»=C:Program FilesAlcohol SoftAlcohol 120axcmd.exe /automount []
«ISUSPM»=C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe [2006-05-16 213936]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2007-06-01 153136]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBkupTray]
C:Program FilesNewTech InfosystemsNTI Backup Now 5BkupTray.exe [2008-04-07 34040]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHotKeysCmds]
C:Windowssystem32hkcmd.exe [2008-06-17 170520]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIgfxTray]
C:Windowssystem32igfxtray.exe [2008-06-17 150040]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLightScribe Control Panel]
C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe [2007-07-18 451872]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLManager]
C:PROGRA~1LAUNCH~1LManager.exe [2008-06-10 870920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregOPSE reminder]
C:Program FilesScanSoftOmniPageSE2.0EregEngEreg.exe -r C:Program FilesScanSoftOmniPageSE2.0EregEngereg.ini []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregOpwareSE2]
C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPersistence]
C:Windowssystem32igfxpers.exe [2008-06-17 145944]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregwebHancer Agent]
C:Program FileswebHancerProgramswhAgent.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWindows Defender]
C:Program FilesWindows DefenderMSASCui.exe [2008-01-21 1008184]

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
Bluetooth.lnk — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe

C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAWinNotifyVitaKey MC3000]
C:Program FilesAcerAcer Bio ProtectionWinNotify.dll [2008-11-06 3085824]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:Windowssystem32igfxdev.dll [2008-06-13 208896]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyspba]
C:Program FilesCommon FilesSPBAhomefus2.dll [2008-03-25 567560]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«notification packages»=scecli
C:Program FilesAcerAcer Bio ProtectionPwdFilter

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«LogonHoursAction»=2
«DontDisplayLogonHoursWarnings»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0
«DisableCAD»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSfsu.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSfsu.exe:*:Enabled:eDSfsu»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx86encryption.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx86encryption.exe:*:Enabled:encryption»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx86decryption.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx86decryption.exe:*:Enabled:decryption»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSMgr.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSMgr.exe:*:Enabled:eDSMgr»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDStbmngr.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDStbmngr.exe:*:Enabled:eDStbmngr»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx64eDSfsu.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx64eDSfsu.exe:*:Enabled:eDSfsu»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx64encryption.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx64encryption.exe:*:Enabled:encryption»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx64decryption.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx64decryption.exe:*:Enabled:decryption»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx64eDSMgr.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx64eDSMgr.exe:*:Enabled:eDSMgr»
«C:Program FilesAcerEmpowering TechnologyeDataSecurityx64eDStbmngr.exe»=»C:Program FilesAcerEmpowering TechnologyeDataSecurityx64eDStbmngr.exe:*:Enabled:eDStbmngr»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{012635b4-abf1-11dd-bb97-001d723f4662}]
shellAutoRuncommand — G:LaunchU3.exe -a

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{4791ff92-6fae-11de-ae2a-001d723f4662}]
shellAutoRuncommand — F:Autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a85e77d8-6a56-11de-9dd9-806e6f6e6963}]
shellAutoRuncommand — C:Windowssystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .RECYCLERS-5-3-42-2819952290-8240758988-879315005-3665jwgkvsq.vmx,ahaezedrn

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2010-02-06 15:49:08 —-D—- C:Program Filestrend micro
2010-02-06 15:49:06 —-D—- C:rsit
2010-02-03 23:12:07 —-D—- C:Program FilesiPod
2010-02-03 22:35:14 —-D—- C:Program FilesApple Software Update
2010-02-03 22:34:05 —-D—- C:WindowsLastGood
2010-02-02 21:20:57 —-SHD—- C:Config.Msi
2010-01-31 16:35:04 —-D—- C:UsersUserAppDataRoamingOpera
2010-01-31 15:30:26 —-D—- C:ProgramDataAdobe Systems
2010-01-29 16:56:36 —-A—- C:Windowssystem32GEARAspi.dll
2010-01-25 17:04:03 —-D—- C:Program FilesCommon FilesAdobe Systems Shared

======List of files/folders modified in the last 1 months======

2010-02-06 15:49:15 —-D—- C:WindowsTemp
2010-02-06 15:49:09 —-D—- C:WindowsPrefetch
2010-02-06 15:49:08 —-RD—- C:Program Files
2010-02-05 23:35:27 —-D—- C:UsersUserAppDataRoaminguTorrent
2010-02-04 19:53:11 —-SHD—- C:WindowsInstaller
2010-02-04 14:05:45 —-SHD—- C:System Volume Information
2010-02-03 23:13:30 —-D—- C:Program FilesiTunes
2010-02-03 23:12:04 —-D—- C:Program FilesCommon FilesApple
2010-02-03 22:39:58 —-D—- C:WindowsSystem32
2010-02-03 22:39:58 —-A—- C:Windowssystem32PerfStringBackup.INI
2010-02-03 22:39:57 —-D—- C:Windowsinf
2010-02-03 22:35:19 —-D—- C:Windowssystem32Tasks
2010-02-03 22:34:55 —-D—- C:Windowssystem32catroot
2010-02-03 22:34:09 —-D—- C:Windowssystem32drivers
2010-02-03 22:34:05 —-D—- C:Windows
2010-02-03 22:32:42 —-D—- C:Windowswinsxs
2010-02-03 22:30:47 —-D—- C:WindowsLogs
2010-02-02 23:18:01 —-D—- C:UsersUserAppDataRoamingSkype
2010-02-02 21:21:51 —-D—- C:Program FilesCommon FilesAdobe
2010-02-02 21:21:50 —-D—- C:ProgramDataAdobe
2010-02-02 21:21:36 —-D—- C:Program FilesAdobe
2010-01-31 15:56:58 —-D—- C:UsersUserAppDataRoamingAdobe
2010-01-31 15:30:26 —-HD—- C:ProgramData
2010-01-29 16:56:36 —-DC—- C:Windowssystem32DRVSTORE
2010-01-29 16:19:28 —-D—- C:Program FilesGoogle
2010-01-29 16:10:41 —-D—- C:Windowssystem32catroot2
2010-01-28 22:14:59 —-HD—- C:Program FilesInstallShield Installation Information
2010-01-28 22:13:51 —-D—- C:Program FilesActivision
2010-01-28 19:26:37 —-D—- C:ProgramDataGoogle
2010-01-25 17:04:03 —-D—- C:Program FilesCommon Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:Windowssystem32driversaswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:Windowssystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:Windowssystem32driversaswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:Windowssystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:Windowssystem32DRIVERSaswMonFlt.sys [2009-11-25 53328]
R2 int15;int15; ??C:Windowssystem32driversint15.sys [2007-01-26 69632]
R2 irda;IrDA Protocol; C:Windowssystem32DRIVERSirda.sys [2008-01-21 95744]
R2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys [2006-06-20 12672]
R2 pnarp;Pure Networks Device Discovery Driver; C:Windowssystem32DRIVERSpnarp.sys [2008-05-16 24888]
R2 PSDNServ;PSDNServ; C:Windowssystem32DRIVERSPSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:Windowssystem32DRIVERSPSDVdisk.sys [2008-03-04 60464]
R2 purendis;Pure Networks Wireless Driver; C:Windowssystem32DRIVERSpurendis.sys [2008-05-16 26424]
R2 XAudio;XAudio; C:Windowssystem32DRIVERSxaudio.sys [2006-11-29 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:Windowssystem32DRIVERSApfiltr.sys [2008-02-01 166448]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet — NDIS 6.0; C:Windowssystem32DRIVERSb57nd60x.sys [2008-03-28 210432]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:Windowssystem32DRIVERSCmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:Windowssystem32DRIVERSDKbFltr.sys [2006-11-03 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:Windowssystem32DRIVERSHSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:Windowssystem32DRIVERSHSXHWAZL.sys [2006-12-22 207360]
R3 igfx;igfx; C:Windowssystem32DRIVERSigdkmd32.sys [2008-06-13 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2008-05-21 2143136]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:Windowssystem32driversIntcHdmi.sys [2008-06-05 113664]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ; C:Windowssystem32DRIVERSNETw5v32.sys [2008-04-28 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:Windowssystem32DRIVERSNTIDrvr.sys [2008-01-31 14848]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:Windowssystem32DRIVERSrfcomm.sys [2008-01-21 49664]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2008-01-21 88576]
R3 StillCam;Still Serial Digital Camera Driver; C:Windowssystem32DRIVERSserscan.sys [2008-01-21 9216]
R3 TcUsb;TC USB Kernel Driver; C:WindowsSystem32Driverstcusb.sys [2008-01-30 50576]
R3 usbvideo;USB Video Device (WDM); C:WindowsSystem32Driversusbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:Windowssystem32DRIVERSHSX_CNXT.sys [2006-12-22 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32DRIVERSwmiacpi.sys [2008-01-21 11264]
S3 ai89dncv;ai89dncv; C:Windowssystem32driversai89dncv.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:Windowssystem32DRIVERSBthEnum.sys [2008-01-21 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:Windowssystem32DRIVERSbthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:WindowsSystem32DriversBTHport.sys [2008-04-29 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:WindowsSystem32DriversBTHUSB.sys [2008-04-29 29184]
S3 btwaudio;Bluetooth Audio Device Service; C:Windowssystem32driversbtwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT Service; C:Windowssystem32driversbtwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:Windowssystem32DRIVERSbtwrchid.sys [2007-07-16 16168]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:Windowssystem32DRIVERSVSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:Windowssystem32DRIVERSnscirda.sys [2008-01-21 30720]
S3 O2MDRDR;O2MDRDR; C:Windowssystem32DRIVERSo2media.sys []
S3 O2SDRDR;O2SDRDR; C:Windowssystem32DRIVERSo2sd.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:Windowssystem32DRIVERSTpChoice.sys [2007-12-26 17968]
S3 USBAAPL;Apple Mobile USB Driver; C:WindowsSystem32Driversusbaapl.sys [2009-08-28 40448]
S3 USBCCID;USB Smart Card reader; C:Windowssystem32DRIVERSusbccid.sys [2008-01-21 30208]
S3 usbscan;USB Scanner Driver; C:Windowssystem32DRIVERSusbscan.sys [2008-01-21 35328]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-21 83328]
S3 xnacc;XBOX 360 Controller For Windows Driver Service; C:Windowssystem32DRIVERSxnacc.sys [2008-01-21 521216]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:Windowssystem32DRIVERSxusb21.sys [2007-08-28 55808]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:Program FilesNewTech InfosystemsNTI Backup Now 5ClientAgentsvc.exe [2008-03-03 16384]
R2 eDataSecurity Service;eDataSecurity Service; C:Program FilesAcerEmpowering TechnologyeDataSecurityx86eDSService.exe [2008-03-04 500784]
R2 ETService;Empowering Technology Service; C:Program FilesAcerEmpowering TechnologyServiceETService.exe [2008-03-21 24576]
R2 IGBASVC;iGroupTec Service; C:Program FilesAcerAcer Bio ProtectionBASVC.exe [2008-11-06 3484672]
R2 Irmon;@%SystemRoot%System32irmon.dll,-2000; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2007-07-25 79136]
R2 MobilityService;MobilityService; C:AcerMobility CenterMobilityService.exe [2007-12-07 110592]
R2 nmservice;Pure Networks Platform Service; C:Program FilesCommon FilesPure Networks SharedPlatformnmsrvc.exe [2008-05-16 648504]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:Program FilesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe [2008-04-07 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe [2008-04-04 131072]
R2 XAudioService;XAudioService; C:Windowssystem32DRIVERSxaudio.exe [2006-11-29 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2009-11-12 545568]
S2 gupdate1c9e3a44d746850;Служба Google Update (gupdate1c9e3a44d746850); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-05-27 133104]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2010-01-25 72704]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-06-01 271920]
S3 nmraapache;Pure Networks Net2Go Service; C:Program FilesPure NetworksNetwork MagicWebServerbinnmraapache.exe [2008-05-21 12800]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe [2006-04-14 87840]

---

EOF

---

[Автор]

Сообщения