Logfile of random's system information tool 1.08 (written by random/random)
Run by Vista at 2011-03-28 23:49:58
Microsoft® Windows Vista™ Home Basic  Service Pack 1
System drive C: has 20 GB (34%) free of 60 GB
Total RAM: 2038 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:50:02, on 28.03.2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\WebMoney Agent\wmagent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\RSIT.exe
C:\Program Files\trend micro\Vista.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yandex.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = yandex.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = yandex.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = yandex.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/8305
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yandex.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = yandex.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = yandex.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = yandex.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = yandex.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = yandex.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Searcher Class - {C44D2EA2-FCCE-4CE8-8710-5ED0D33F7677} - C:\Program Files\mediabar Toolbar\rubar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)
O3 - Toolbar: PROMT - {FF284F5C-7CF9-4682-8701-D467C1DBB99F} - C:\Program Files\PRMT6\PRMTIE\prmtie.dll
O3 - Toolbar: Яндекс.Бар - {91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
O3 - Toolbar: mediabar - {23DD83B5-BDDC-49CE-B77B-514819C6D551} - C:\Program Files\mediabar Toolbar\rubar.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [wmagent.exe] "C:\Program Files\WebMoney Agent\wmagent.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator\IP Operator.exe" -aUtOsTaRtFrOmReG
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PRMT6\PRMTIE\prmtie5.htm
O9 - Extra 'Tools' menuitem: Перевести - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PRMT6\PRMTIE\prmtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PRMT6\PRMTIE\options.htm
O9 - Extra 'Tools' menuitem: Настройка параметров перевода - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PRMT6\PRMTIE\options.htm
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - (no file)
O9 - Extra button: Справочные материалы - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{C80145DF-436D-4000-ABAE-B9E63E499835}: NameServer = 91.192.152.238,91.192.152.233
O18 - Protocol: rubar - {7A05BDCB-8F81-45C5-B9EC-3764E6FC1439} - C:\Program Files\mediabar Toolbar\rubar.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArchVision Content Manager Service - ArchVision - C:\Program Files\ArchVision\ArchVision Content Manager\rpcACMapp.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Корпорация Майкрософт - C:\Windows\system32\DFSR.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Silicon Integrated Systems - (no file)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - (no file)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - VIA Technologies Inc.,Ltd - (no file)
O23 - Service: XAudioService - Conexant Systems, Inc. - (no file)

--
End of file - 8609 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1656600474-3198034475-3637861293-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1656600474-3198034475-3637861293-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
BandooIEPlugin Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{FF284F5C-7CF9-4682-8701-D467C1DBB99F} - PROMT - C:\Program Files\PRMT6\PRMTIE\prmtie.dll [2004-07-28 434176]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - 
{23DD83B5-BDDC-49CE-B77B-514819C6D551} - mediabar - C:\Program Files\mediabar Toolbar\rubar.dll [2011-02-23 1144320]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-28 815104]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-02 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-02 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-02 133656]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]
"wmagent.exe"=C:\Program Files\WebMoney Agent\wmagent.exe [2009-10-19 210400]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000]
"IPO3"=C:\Program Files\LG Software\IP Operator\IP Operator.exe [2007-02-16 1028096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NevoDRM]
C:\Игры\NevoDRM\NevoDRM.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-01-02 200704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableTaskMgr"=0
"disablecmd"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install - 
.scr - config - 

======List of files/folders created in the last 3 months======

2011-03-28 23:47:49 ----D---- C:\Program Files\trend micro
2011-03-28 23:47:48 ----D---- C:\rsit
2011-03-28 23:07:08 ----A---- C:\Windows\system32\drivers\uzmyntqw.sys
2011-03-28 22:58:20 ----ASH---- C:\hiberfil.sys
2011-03-28 21:04:14 ----D---- C:\Олесь садік
2011-03-28 17:06:12 ----D---- C:\ProgramData\Simply Super Software
2011-03-28 15:54:31 ----D---- C:\Program Files\LG Software
2011-03-28 15:14:42 ----D---- C:\Users\Vista\AppData\Roaming\ESET
2011-03-28 15:12:53 ----D---- C:\ProgramData\ESET
2011-03-28 15:12:53 ----D---- C:\Program Files\ESET
2011-03-27 21:27:33 ----D---- C:\ProgramData\AVAST Software
2011-03-27 21:27:33 ----D---- C:\Program Files\AVAST Software
2011-03-27 19:17:10 ----D---- C:\Program Files\Microsoft ATS
2011-03-23 10:53:16 ----D---- C:\Users\Vista\AppData\Roaming\updatetool
2011-03-20 21:12:26 ----A---- C:\Windows\IsUn0419.exe
2011-03-20 11:39:40 ----A---- C:\Windows\system32\drivers\ss_whnt.sys
2011-03-20 11:39:40 ----A---- C:\Windows\system32\drivers\ss_wh.sys
2011-03-20 11:39:40 ----A---- C:\Windows\system32\drivers\ss_mdm.sys
2011-03-20 11:39:39 ----A---- C:\Windows\system32\drivers\ss_mdfl.sys
2011-03-20 11:39:38 ----A---- C:\Windows\system32\drivers\ss_cmnt.sys
2011-03-20 11:39:38 ----A---- C:\Windows\system32\drivers\ss_cm.sys
2011-03-20 11:39:38 ----A---- C:\Windows\system32\drivers\ss_bus.sys
2011-03-20 11:35:45 ----D---- C:\ProgramData\Samsung
2011-03-20 11:29:35 ----A---- C:\Windows\system32\nmwcdcls.dll
2011-03-20 11:29:31 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2011-03-20 11:29:24 ----DC---- C:\Windows\system32\DRVSTORE
2011-03-20 11:28:03 ----D---- C:\Program Files\DIFX
2011-03-20 11:27:28 ----A---- C:\Windows\system32\FsUsbExService.Exe
2011-03-20 11:27:28 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2011-03-20 11:27:28 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2011-03-20 11:26:16 ----D---- C:\Users\Vista\AppData\Roaming\Samsung
2011-03-20 11:25:30 ----D---- C:\Program Files\MarkAny
2011-03-20 11:10:59 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2011-03-20 11:10:53 ----D---- C:\Program Files\Samsung
2011-03-19 12:06:47 ----D---- C:\Program Files\Ventrilo Rus
2011-03-19 11:58:27 ----D---- C:\Users\Vista\AppData\Roaming\Ventrilo
2011-03-19 11:54:14 ----A---- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2011-03-18 21:56:04 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-03-12 20:31:18 ----D---- C:\Windows\system32\drivers\NSS
2011-03-12 20:31:18 ----D---- C:\ProgramData\Symantec
2011-03-12 20:31:18 ----D---- C:\ProgramData\Norton
2011-03-12 20:31:14 ----D---- C:\ProgramData\NortonInstaller
2011-03-12 17:48:34 ----D---- C:\Users\Vista\AppData\Roaming\EleFun Games
2011-03-09 21:10:45 ----D---- C:\Program Files\SWFMoney
2011-03-09 16:23:11 ----D---- C:\Users\Vista\AppData\Roaming\aliasworlds
2011-03-09 16:23:11 ----D---- C:\ProgramData\aliasworlds
2011-03-09 15:46:27 ----D---- C:\ProgramData\Playrix Entertainment
2011-03-08 15:55:27 ----D---- C:\Program Files\Microsoft
2011-03-08 15:55:23 ----D---- C:\Program Files\MSN Toolbar
2011-03-08 15:53:50 ----D---- C:\Program Files\Microsoft Silverlight
2011-03-08 15:52:59 ----D---- C:\Program Files\Bing Bar Installer
2011-03-05 17:03:07 ----D---- C:\Windows\system32\Adobe
2011-03-02 22:47:02 ----D---- C:\ProgramData\Farm Fishes
2011-03-02 22:12:19 ----D---- C:\ProgramData\ВеселаяФерма-ПечемПиццу
2011-03-02 08:40:06 ----D---- C:\ProgramData\AtomShockwave
2011-03-01 19:33:05 ----D---- C:\Program Files\Shockwave.com
2011-02-21 15:12:10 ----D---- C:\ProgramData\FarmFrenzy3_Russia
2011-02-14 22:21:37 ----D---- C:\Users\Vista\AppData\Roaming\IrfanView
2011-02-14 22:21:37 ----D---- C:\Program Files\IrfanView
2011-02-14 14:35:01 ----D---- C:\Users\Vista\AppData\Roaming\KranX Productions
2011-02-12 17:21:51 ----D---- C:\Users\Vista\AppData\Roaming\mediabar
2011-02-12 17:21:47 ----D---- C:\Program Files\mediabar Toolbar
2011-02-11 20:43:12 ----D---- C:\Users\Vista\AppData\Roaming\tank-o-box.wrp
2011-02-11 20:29:17 ----D---- C:\Users\Vista\AppData\Roaming\танчики
2011-02-11 11:31:35 ----D---- C:\ProgramData\FarmFrenzy3_Arctica
2011-02-10 19:13:20 ----D---- C:\ProgramData\FarmFrenzy3_Madagascar
2011-02-09 16:00:33 ----D---- C:\ProgramData\Yandex
2011-02-09 16:00:05 ----D---- C:\Users\Vista\AppData\Roaming\Yandex
2011-02-09 15:59:28 ----D---- C:\ProgramData\DreamFarm
2011-02-09 15:45:13 ----D---- C:\Users\Vista\AppData\Roaming\PlayFirst
2011-02-09 15:45:13 ----D---- C:\ProgramData\PlayFirst
2011-02-02 15:55:51 ----D---- C:\Program Files\Google
2011-01-27 16:28:53 ----D---- C:\Windows\Sun
2011-01-27 16:23:59 ----D---- C:\ProgramData\Sun
2011-01-27 16:23:10 ----A---- C:\Windows\system32\javaws.exe
2011-01-27 16:23:10 ----A---- C:\Windows\system32\javaw.exe
2011-01-27 16:23:10 ----A---- C:\Windows\system32\java.exe
2011-01-27 16:23:10 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-26 22:46:45 ----D---- C:\Program Files\WebMoney
2011-01-26 21:17:15 ----D---- C:\ProgramData\Auslogics
2011-01-25 22:28:49 ----D---- C:\Windows\uninstall
2011-01-25 22:06:15 ----HD---- C:\ProgramData\CanonIJEPPEX
2011-01-25 22:02:40 ----HD---- C:\ProgramData\CanonIJSolutionMenu
2011-01-25 22:02:38 ----HD---- C:\ProgramData\CanonIJMyPrinter
2011-01-25 21:57:27 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2011-01-25 21:56:49 ----A---- C:\Windows\system32\CNMLM9M.DLL
2011-01-25 21:56:28 ----HD---- C:\Program Files\CanonBJ
2011-01-25 21:55:52 ----D---- C:\Program Files\Canon
2011-01-25 21:04:15 ----D---- C:\Users\Vista\AppData\Roaming\Auslogics
2011-01-25 20:08:22 ----D---- C:\Program Files\MUSTEK 1248UB
2011-01-25 20:08:13 ----D---- C:\Driver
2011-01-25 19:54:04 ----D---- C:\ProgramData\Xerox
2011-01-25 17:36:19 ----HD---- C:\ProgramData\CanonBJ
2011-01-23 20:25:38 ----D---- C:\Users\Vista\AppData\Roaming\WebMoney
2011-01-23 20:19:29 ----D---- C:\Temp
2011-01-23 20:19:27 ----D---- C:\Program Files\WebMoney Advisor
2011-01-23 20:18:19 ----D---- C:\Program Files\WebMoney Agent
2011-01-23 20:18:13 ----AD---- C:\ProgramData\TEMP
2011-01-17 15:55:21 ----D---- C:\Windows\AM
2011-01-14 15:48:23 ----D---- C:\Program Files\NVIDIA Corporation
2011-01-08 22:01:36 ----D---- C:\Users\Vista\AppData\Roaming\Bandoo
2011-01-08 22:00:40 ----D---- C:\ProgramData\Bandoo
2011-01-08 21:59:53 ----D---- C:\Program Files\Bandoo
2011-01-07 11:40:43 ----D---- C:\Users\Vista\AppData\Roaming\PC Suite
2011-01-07 11:40:43 ----D---- C:\Users\Vista\AppData\Roaming\Nokia
2011-01-07 11:40:33 ----D---- C:\ProgramData\PC Suite
2011-01-07 11:36:44 ----D---- C:\Program Files\PC Connectivity Solution
2011-01-07 11:27:24 ----D---- C:\Program Files\Nokia
2011-01-07 11:26:05 ----D---- C:\ProgramData\Installations
2010-12-31 17:28:36 ----D---- C:\ProgramData\Google

======List of files/folders modified in the last 3 months======

2011-03-28 23:50:01 ----D---- C:\Windows\Temp
2011-03-28 23:47:49 ----RD---- C:\Program Files
2011-03-28 23:47:46 ----D---- C:\Windows\system32\drivers
2011-03-28 23:45:39 ----D---- C:\Windows\System32
2011-03-28 23:45:39 ----D---- C:\Windows\inf
2011-03-28 23:45:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-28 23:42:32 ----D---- C:\Windows
2011-03-28 23:00:30 ----D---- C:\Program Files\XviD
2011-03-28 23:00:29 ----D---- C:\Program Files\WinRAR
2011-03-28 22:59:27 ----D---- C:\Program Files\Shasoft eBook 4.x
2011-03-28 22:58:16 ----D---- C:\Program Files\Registry Winner
2011-03-28 22:58:16 ----D---- C:\Program Files\Opera
2011-03-28 22:58:16 ----D---- C:\Program Files\Mozilla Firefox
2011-03-28 22:41:19 ----A---- C:\Windows\ntbtlog.txt
2011-03-28 21:04:07 ----A---- C:\Windows\NeroDigital.ini
2011-03-28 20:04:56 ----SHD---- C:\System Volume Information
2011-03-28 17:37:09 ----D---- C:\Program Files\Internet Explorer
2011-03-28 17:33:25 ----D---- C:\Program Files\Windows Media Player
2011-03-28 17:14:04 ----D---- C:\Windows\system32\catroot2
2011-03-28 17:07:11 ----D---- C:\Windows\system32\wbem
2011-03-28 17:06:12 ----HD---- C:\ProgramData
2011-03-28 17:06:12 ----D---- C:\Program Files\Windows Mail
2011-03-28 15:54:29 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-28 15:14:33 ----SHD---- C:\Windows\Installer
2011-03-28 15:13:57 ----D---- C:\Windows\system32\catroot
2011-03-28 14:52:12 ----N---- C:\Windows\system32\spoolsv.exe.vir
2011-03-28 14:52:12 ----N---- C:\Windows\system32\SLsvc.exe.vir
2011-03-28 14:52:12 ----A---- C:\Windows\system32\drivers\xaudio.exe.vir
2011-03-28 14:52:10 ----A---- C:\Windows\system32\slsvc.exe
2011-03-28 14:48:31 ----D---- C:\Users\Vista\AppData\Roaming\Skype
2011-03-28 14:16:52 ----D---- C:\Users\Vista\AppData\Roaming\skypePM
2011-03-27 21:24:08 ----D---- C:\Program Files\Zillya Antivirus
2011-03-27 21:24:07 ----D---- C:\Program Files\Common Files\Zillya Antivirus
2011-03-27 21:17:56 ----D---- C:\Windows\Debug
2011-03-27 20:39:26 ----D---- C:\Windows\Minidump
2011-03-27 20:39:14 ----D---- C:\Windows\Tasks
2011-03-27 18:35:45 ----SD---- C:\ProgramData\Microsoft
2011-03-27 14:36:04 ----N---- C:\Windows\system32\vssvc.exe.vir
2011-03-27 14:36:02 ----A---- C:\Windows\system32\VSSVC.EXE
2011-03-27 13:31:52 ----SHD---- C:\Boot
2011-03-27 13:31:52 ----D---- C:\Windows\system32\config
2011-03-27 12:34:34 ----N---- C:\Windows\system32\alg.exe
2011-03-26 15:25:08 ----N---- C:\Windows\system32\AdapterTroubleshooter.exe
2011-03-26 15:25:08 ----N---- C:\Windows\system32\ACW.exe
2011-03-26 15:16:33 ----A---- C:\Windows\regedit.exe
2011-03-26 15:16:21 ----D---- C:\Windows\MSAgent
2011-03-26 15:15:34 ----A---- C:\Windows\IsUninstR.Exe
2011-03-26 15:15:34 ----A---- C:\Windows\IsUninst.exe
2011-03-26 15:14:30 ----A---- C:\Windows\HH.EXE
2011-03-26 15:14:29 ----A---- C:\Windows\HELPPANE.EXE
2011-03-26 15:14:25 ----A---- C:\Windows\fveupdate.exe
2011-03-26 15:14:22 ----D---- C:\Windows\DigitalLocker
2011-03-26 15:13:56 ----A---- C:\Windows\bfsvc.exe
2011-03-26 14:52:52 ----N---- C:\Windows\system32\Imsmudlg.exe
2011-03-26 14:52:50 ----N---- C:\Windows\system32\msiexec.exe
2011-03-26 14:42:56 ----D---- C:\Program Files\Windows Sidebar
2011-03-26 14:42:37 ----D---- C:\Program Files\Windows Photo Gallery
2011-03-26 14:42:23 ----D---- C:\Program Files\Windows Calendar
2011-03-26 14:42:22 ----D---- C:\Program Files\Winamp
2011-03-26 14:41:36 ----D---- C:\Program Files\turbo squid tentacles
2011-03-26 14:05:55 ----D---- C:\Program Files\NuGraf
2011-03-26 14:04:42 ----D---- C:\Program Files\Movie Maker
2011-03-26 13:57:27 ----D---- C:\Program Files\Autodesk Network License Manager
2011-03-26 13:54:39 ----D---- C:\Program Files\AutoCAD 2010
2011-03-26 13:48:15 ----A---- C:\Windows\NOTEPAD.EXE
2011-03-26 12:09:16 ----D---- C:\Program Files\DS3DInterior
2011-03-25 21:06:06 ----N---- C:\Windows\system32\SearchIndexer.exe .vir
2011-03-25 21:06:04 ----N---- C:\Windows\system32\vds.exe.vir
2011-03-25 21:06:04 ----N---- C:\Windows\system32\UI0Detect.exe.vir
2011-03-25 21:06:04 ----N---- C:\Windows\system32\snmptrap.exe.vir
2011-03-25 21:06:03 ----A---- C:\Windows\system32\UI0DETECT.EXE
2011-03-25 21:06:02 ----N---- C:\Windows\system32\msdtc.exe
2011-03-25 21:06:02 ----N---- C:\Windows\system32\Locator.exe
2011-03-25 21:06:00 ----A---- C:\Windows\system32\dfsr.exe
2011-03-25 21:05:58 ----A---- C:\Windows\system32\dllhost.exe
2011-03-25 19:38:29 ----D---- C:\Windows\system32\spool
2011-03-20 22:38:39 ----D---- C:\Users\Vista\AppData\Roaming\uTorrent
2011-03-20 21:14:36 ----RSD---- C:\Windows\Fonts
2011-03-20 11:34:55 ----D---- C:\Windows\winsxs
2011-03-18 21:56:04 ----D---- C:\Program Files\Common Files
2011-03-12 20:38:11 ----SHD---- C:\ZIL.QUAR
2011-03-12 20:31:27 ----D---- C:\Windows\system32\Tasks
2011-03-09 22:19:51 ----D---- C:\Windows\system32\Macromed
2011-03-08 17:08:52 ----D---- C:\Windows\Prefetch
2011-02-02 18:11:20 ----N---- C:\Windows\system32\MpSigStub.exe
2011-01-31 19:51:35 ----D---- C:\Windows\system32\WDI
2011-01-27 16:23:57 ----D---- C:\Program Files\Common Files\Java
2011-01-27 16:22:04 ----D---- C:\Program Files\Java
2011-01-25 22:47:57 ----D---- C:\ProgramData\2DBoy
2011-01-25 20:08:57 ----D---- C:\Windows\system
2011-01-25 19:46:27 ----D---- C:\Windows\twain_32
2011-01-25 19:32:38 ----D---- C:\Windows\system32\Msdtc
2011-01-25 19:32:37 ----D---- C:\ProgramData\FLEXnet
2011-01-25 19:32:36 ----D---- C:\Windows\registration
2011-01-24 11:15:45 ----D---- C:\Users\Vista\AppData\Roaming\Autodesk
2011-01-24 11:15:45 ----D---- C:\ProgramData\Autodesk
2011-01-07 12:56:45 ----D---- C:\Windows\system32\drivers\ru-RU
2011-01-07 11:44:48 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 PxHelp20;PxHelp20; C:\Windows\system32\Drivers\PxHelp20.sys [2006-11-02 36624]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-16 691696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 uzmyntqw;AVZ-RK Kernel Driver; \??\C:\Windows\system32\Drivers\uzmyntqw.sys [2011-03-28 11264]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-01-30 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-05-30 735232]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2008-02-06 197632]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-04-26 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-04-26 208384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-02 2016256]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-11-09 57856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-28 179896]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-04-26 660480]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-07-30 276992]
S3 atvziv97;atvziv97; C:\Windows\system32\drivers\atvziv97.sys []
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 usbaudio;Аудио драйвер USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]
S3 usbvideo;USB-видеоустройство (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-23 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2008-03-26 81192]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ArchVision Content Manager Service;ArchVision Content Manager Service; C:\Program Files\ArchVision\ArchVision Content Manager\rpcACMapp.exe [2011-03-25 880640]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-29 238952]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 mi-raysat_3dsMax2008_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe [2011-03-27 65536]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-25 430592]
S2 gupdate;Служба Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-17 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-26 651720]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-08-19 407336]

-----------------EOF-----------------