Logfile of random's system information tool 1.08 (written by random/random)
Run by moonis at 2010-11-30 17:07:09
Microsoft Windows 7   
System drive C: has 40 GB (41%) free of 98 GB
Total RAM: 3327 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:07:24, on 30.11.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\DynDNS Updater\DynTray.exe
C:\Program Files\Yandex\Punto Switcher\punto.exe
C:\Program Files\Opera\opera.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ICQLite\ICQ.exe
C:\Windows\WindowsMobile\WmdHost.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\2gis\3.0\grym.exe
C:\Windows\system32\StikyNot.exe
C:\RSIT.exe
C:\Program Files\trend micro\moonis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?clid=41128
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: - -  - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: IE 4.x-6.x BHO for Download Master - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQLite\icq.exe" silent
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
O4 - Startup: Microsoft Outlook 2010.lnk = ?
O4 - Startup: Punto Switcher.lnk = C:\Program Files\Yandex\Punto Switcher\punto.exe
O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe
O8 - Extra context menu item: &  OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: &  Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item:     Download Master - C:\Program Files\Download Master\dmieall.htm
O8 - Extra context menu item:    Download Master - C:\Program Files\Download Master\dmie.htm
O8 - Extra context menu item:     DM - C:\Program Files\Download Master\remdown.htm
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &  OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &  OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - C:\Program Files\Download Master\dmaster.exe
O9 - Extra 'Tools' menuitem: &Download Master - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - C:\Program Files\Download Master\dmaster.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 2GIS UpdateService (2GISUpdateService) -   - C:\Program Files\2gis\3.0\2GISUpdateService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files\DynDNS Updater\DynUpSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service:   Autodesk Moldflow Inventor Tool Suite Integration 2011 (mitsijm2011) - Unknown owner - C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: webcam 7 Service (w7Svc) - Unknown owner - C:\Program Files\webcam 7\wService.exe

--
End of file - 8270 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master - C:\PROGRA~1\DOWNLO~1\dmiehlp.dll [2010-09-10 165184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-06-08 9267816]
"USB Antivirus"=C:\Program Files\USB Disk Security\USBGuard.exe [2010-07-23 824224]
"KMCONFIG"=C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe [2008-05-30 212992]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2009-05-26 1159168]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-01 382840]
"ICQ"=C:\Program Files\ICQLite\icq.exe [2010-11-03 153912]
"RESTART_STICKY_NOTES"=C:\Windows\system32\StikyNot.exe [2009-07-14 354304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2Gis Update Notifier]
C:\Program Files\2gis\3.0\2GISTrayNotifier.exe [2010-09-29 4411736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2009-11-10 377568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2009-11-10 962288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]
C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [2010-02-08 941320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KMCONFIG]
C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe [2008-05-30 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-11-10 4393944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2010-09-01 382840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMonitorVMUVC]
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe [2008-08-29 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^webcam 7.lnk]
C:\PROGRA~1\WEBCAM~1\wLite.exe  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^moonis^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Punto Switcher.lnk]
C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe [2010-09-05 303456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^moonis^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^      OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE /tsr []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DynDNS Updater Tray Icon.lnk - C:\Program Files\DynDNS Updater\DynTray.exe

C:\Users\moonis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
Punto Switcher.lnk - C:\Program Files\Yandex\Punto Switcher\punto.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=223

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-11-30 17:07:09 ----D---- C:\rsit
2010-11-30 11:02:21 ----A---- C:\mbam-log-2010-11-30 (11-01-34).txt
2010-11-30 05:07:00 ----SHD---- C:\RECYCLER
2010-11-29 19:44:32 ----A---- C:\AVP Tool.txt
2010-11-29 10:18:00 ----A---- C:\hirens.bootcd.11.0.re.exe
2010-11-29 10:00:24 ----A---- C:\Windows\system32\drivers\92795402.sys
2010-11-29 10:00:24 ----A---- C:\Windows\system32\drivers\92795401.sys
2010-11-29 10:00:24 ----A---- C:\Windows\system32\drivers\9279540.sys
2010-11-28 21:00:15 ----SHD---- C:\$RECYCLE.BIN
2010-11-28 20:55:14 ----D---- C:\Windows\temp
2010-11-28 20:31:34 ----A---- C:\Windows\SWXCACLS.exe
2010-11-27 22:35:55 ----A---- C:\Windows\zip.exe
2010-11-27 22:35:55 ----A---- C:\Windows\SWSC.exe
2010-11-27 22:35:55 ----A---- C:\Windows\SWREG.exe
2010-11-27 22:35:55 ----A---- C:\Windows\sed.exe
2010-11-27 22:35:55 ----A---- C:\Windows\PEV.exe
2010-11-27 22:35:55 ----A---- C:\Windows\NIRCMD.exe
2010-11-27 22:35:55 ----A---- C:\Windows\MBR.exe
2010-11-27 22:35:55 ----A---- C:\Windows\grep.exe
2010-11-27 22:35:51 ----D---- C:\Windows\ERDNT
2010-11-27 21:50:02 ----A---- C:\x4fjd75d.exe
2010-11-27 12:25:06 ----D---- C:\Users\moonis\AppData\Roaming\Real
2010-11-27 09:38:14 ----D---- C:\Users\moonis\AppData\Roaming\Malwarebytes
2010-11-27 09:38:07 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-11-27 09:38:06 ----D---- C:\ProgramData\Malwarebytes
2010-11-27 09:38:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-27 09:38:06 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-11-27 09:05:26 ----A---- C:\mbam-setup.exe
2010-11-27 08:42:01 ----A---- C:\Windows\system32\drivers\uzexnzux.sys
2010-11-26 14:56:41 ----A---- C:\Windows\system32\drivers\vdexnzux.sys
2010-11-26 08:54:55 ----D---- C:\Program Files\Trend Micro
2010-11-25 23:03:55 ----D---- C:\avz4
2010-11-25 09:36:18 ----D---- C:\Program Files\Foobar2000
2010-11-24 09:42:30 ----A---- C:\RSIT.exe
2010-11-24 09:36:58 ----A---- C:\1,2) setup_9.0.0.722_24.11.2010_06-12.exe
2010-11-24 09:30:47 ----A---- C:\0)ATF-Cleaner.exe
2010-11-16 00:22:29 ----N---- C:\Windows\system32\BrDctF2S.dll
2010-11-16 00:22:29 ----N---- C:\Windows\system32\BrDctF2L.dll
2010-11-16 00:22:29 ----N---- C:\Windows\system32\BrDctF2.dll
2010-11-16 00:22:25 ----N---- C:\Windows\system32\NSSearch.dll
2010-11-16 00:22:25 ----D---- C:\Program Files\Brother
2010-11-12 08:47:12 ----A---- C:\Windows\system32\CC3update.exe
2010-11-12 00:44:20 ----D---- C:\Users\moonis\AppData\Roaming\Zeon
2010-11-11 23:10:05 ----RD---- C:\Users\moonis\AppData\Roaming\Brother
2010-11-11 22:45:49 ----A---- C:\Windows\BRWMARK.INI
2010-11-11 22:42:31 ----A---- C:\Windows\system32\BrWia09b.dll
2010-11-11 22:42:31 ----A---- C:\Windows\system32\BrUsi09a.dll
2010-11-11 22:42:30 ----A---- C:\Windows\system32\BRTCPCON.DLL
2010-11-11 22:42:30 ----A---- C:\Windows\system32\BRRBTOOL.EXE
2010-11-11 22:42:30 ----A---- C:\Windows\system32\BRLMW03A.DLL
2010-11-11 22:42:29 ----A---- C:\Windows\system32\BRLMW03A.INI
2010-11-11 22:42:29 ----A---- C:\Windows\system32\BRLM03A.DLL
2010-11-11 22:38:34 ----D---- C:\ProgramData\InstallShield
2010-11-11 22:37:33 ----D---- C:\ProgramData\ScanSoft
2010-11-11 22:35:17 ----D---- C:\ProgramData\Brother
2010-11-09 15:06:59 ----D---- C:\Program Files\WinDjView
2010-11-08 21:32:59 ----D---- C:\Program Files\Kaspersky Lab
2010-11-05 23:36:41 ----D---- C:\Program Files\DenS-mIRC

======List of files/folders modified in the last 1 months======

2010-11-30 17:07:24 ----D---- C:\Windows\Prefetch
2010-11-30 17:07:15 ----D---- C:\Windows\system32\drivers
2010-11-30 16:32:30 ----D---- C:\Users\moonis\AppData\Roaming\AIMP
2010-11-30 16:21:50 ----D---- C:\Windows\tracing
2010-11-30 14:35:54 ----D---- C:\Windows\System32
2010-11-30 14:35:54 ----D---- C:\Windows\inf
2010-11-30 14:35:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-30 13:39:26 ----D---- C:\Windows\system32\config
2010-11-30 12:29:38 ----D---- C:\Users\moonis\AppData\Roaming\ICQ
2010-11-30 10:07:07 ----D---- C:\Users\moonis\AppData\Roaming\uTorrent
2010-11-30 00:12:31 ----D---- C:\Windows\system32\inetsrv
2010-11-30 00:10:47 ----D---- C:\ProgramData\NVIDIA
2010-11-30 00:10:21 ----D---- C:\Windows\ehome
2010-11-29 20:06:14 ----A---- C:\Windows\ntbtlog.txt
2010-11-29 20:03:10 ----D---- C:\ProgramData\Kaspersky Lab
2010-11-29 20:03:07 ----SHD---- C:\System Volume Information
2010-11-29 15:39:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-29 15:39:13 ----SHD---- C:\Windows\Installer
2010-11-29 15:38:02 ----RD---- C:\Program Files
2010-11-29 15:37:52 ----RSD---- C:\Windows\assembly
2010-11-28 22:10:59 ----D---- C:\Windows\Setup
2010-11-28 20:55:14 ----D---- C:\Windows
2010-11-28 20:53:57 ----A---- C:\Windows\system.ini
2010-11-28 20:53:53 ----D---- C:\Windows\system32\drivers\etc
2010-11-28 20:47:17 ----D---- C:\Windows\AppPatch
2010-11-28 20:47:16 ----D---- C:\Program Files\Common Files
2010-11-28 14:05:08 ----A---- C:\Windows\system32\everest_cpl.ini
2010-11-27 22:59:00 ----D---- C:\Windows\Downloaded Program Files
2010-11-27 22:59:00 ----D---- C:\Users\moonis\AppData\Roaming\CMedia
2010-11-27 22:58:58 ----D---- C:\Program Files\ICQLite
2010-11-27 22:13:22 ----D---- C:\Windows\Cursors
2010-11-27 22:09:58 ----D---- C:\ProgramData
2010-11-27 22:09:29 ----D---- C:\Windows\system32\DriverStore
2010-11-27 22:09:29 ----D---- C:\Windows\system32\catroot
2010-11-27 20:10:53 ----D---- C:\Windows\Panther
2010-11-27 14:43:29 ----D---- C:\Windows\PolicyDefinitions
2010-11-27 14:41:27 ----RASHD---- C:\Windows\kmsem
2010-11-25 19:52:45 ----D---- C:\Windows\system32\catroot2
2010-11-25 08:46:52 ----D---- C:\Windows\system32\NDF
2010-11-25 00:17:12 ----D---- C:\Windows\Minidump
2010-11-21 13:01:59 ----D---- C:\Users\moonis\AppData\Roaming\Autodesk
2010-11-21 13:01:59 ----D---- C:\ProgramData\Autodesk
2010-11-18 23:33:43 ----D---- C:\Users\moonis\AppData\Roaming\XnView
2010-11-13 14:08:40 ----D---- C:\Windows\registration
2010-11-11 23:45:46 ----D---- C:\ProgramData\Ulead Systems
2010-11-11 23:44:44 ----D---- C:\Program Files\Common Files\Ulead Systems
2010-11-11 23:22:25 ----D---- C:\Program Files\Loaris Trojan Remover
2010-11-11 23:14:27 ----D---- C:\Windows\twain_32
2010-11-11 22:37:42 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-09 12:13:45 ----D---- C:\Users\moonis\AppData\Roaming\Yandex
2010-11-09 12:13:45 ----D---- C:\ProgramData\Yandex
2010-11-09 12:12:18 ----D---- C:\ProgramData\Microsoft Help
2010-11-08 23:10:53 ----D---- C:\Program Files\webcam 7
2010-11-08 23:10:15 ----D---- C:\Program Files\Video to GIF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 92795402;92795402 Boot Guard Driver; C:\Windows\system32\DRIVERS\92795402.sys [2009-10-22 37392]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 mv61xx;mv61xx; C:\Windows\system32\DRIVERS\mv61xx.sys [2009-05-12 154664]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-01-15 156928]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-15 691696]
R0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251); C:\Windows\system32\DRIVERS\tdrpm251.sys [2010-01-15 902432]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-01-15 570016]
R1 92795401;92795401; C:\Windows\system32\DRIVERS\92795401.sys [2009-09-25 128016]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 59388]
R1 uzexnzux;AVZ-RK Kernel Driver; \??\C:\Windows\system32\Drivers\uzexnzux.sys [2010-11-30 11264]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 294912]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2006-11-22 5120]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-06-08 3112360]
R3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 L1E; - NDIS   Atheros AR8121/AR8113/AR8114 PCI-E Ethernet (NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-07-14 47104]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-08-06 27632]
R3 usb_rndisx; USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
R3 usbscan; USB-; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 vpcbus;  Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;   USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2004-08-11 41984]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 an9gfjkc;an9gfjkc; C:\Windows\system32\drivers\an9gfjkc.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 catchme;catchme; \??\C:\Users\moonis\AppData\Local\Temp\catchme.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-08-06 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-08-06 25512]
S3 KMWDFilter;KMWDFilter; \??\C:\Windows\System32\Drivers\KMWDFilter.SYS [2009-04-29 25088]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 VMUVC;Vimicro Camera Service VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [2009-01-09 251904]
S3 vpcuxd;   USB; C:\Windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 12800]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\Windows\system32\drivers\vvftUVC.sys [2008-07-01 398720]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\Windows\system32\DRIVERS\wceusbsh.sys [2008-04-14 31872]
S3 WINUSB;Sony Ericsson USB Device sa0101 Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 34944]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2009-11-10 619256]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DynDNS Updater;DynDNS Updater; C:\Program Files\DynDNS Updater\DynUpSvc.exe [2010-01-20 99704]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2009-07-14 13824]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe [2009-08-31 1821184]
R2 mitsijm2011;  Autodesk Moldflow Inventor Tool Suite Integration 2011; C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
R2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT); C:\Program Files\Microsoft SQL Server\MSSQL10.AUTODESKVAULT\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-19 215656]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-19 240232]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe []
S2 KMService;KMService; C:\Windows\system32\srvany.exe [2010-09-05 8192]
S2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 2GISUpdateService;2GIS UpdateService; C:\Program Files\2gis\3.0\2GISUpdateService.exe [2010-09-29 837464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;@%windir%\system32\inetsrv\iisres.dll,-30009; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-11 31064]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-03 1045256]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-21 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 w7Svc;webcam 7 Service; C:\Program Files\webcam 7\wService.exe [2010-05-15 5029376]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-02-12 47128]
S4 SQLAgent$AUTODESKVAULT;SQL Server Agent (AUTODESKVAULT); C:\Program Files\Microsoft SQL Server\MSSQL10.AUTODESKVAULT\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------
