[ Rok0 @ 19.10.2012. 21:36 ] @
Pozdrav svima,


Prije par dana pri logiranju na Facebook, primijetio sam da mi je auto-fill login forme zapamtio mail adresu kolege sa posla.

Ono što mi je čudno, je da ta osoba nikad nije bila kod mene u stanu. Kako je onda moguće da mi je auto fill izbacio njegovu email adresu za logiranje na Facebook?

Osim njegove email adrese, na listi auto popunjavanja login forme se nalaze i adrese još par ljudi koji se kod mene često znaju logirati, a nisu u nikakvoj korelaciji sa spomenutim kolegom.

Inače, bavim se poslom koji između ostalog uključuje testiranje Android uređaja sa SNS servisima, tako da na poslu koristim nekoliko specijalno kreiranih testnih accountova za Facebook.

Browser koji koristim kod kuće je Google Chrome pa mi je također palo na pamet da je sve skupa rezultat Google sinkronizacije, kao poslijedica korištenja mog mail accounta na poslu/kod kuće, pa je možda pokupio i ostale adrese na kojima se radi Facebook login iz firme. No brzo sam odustao od ove teze, budući da onda nije logično da login forma nije zapamtila i brojne testne accountove koje sam gore spomenuo a koristim ih na svakodnevnoj bazi. Jedini uljez na listi je mail od kolege

Dakle, moje pitanje je - jeli moguće da se radi o nekakvom upadu na komp?

Malo sam zagorio po ovom pitanju s godinama, pa bih zamolio lokalne gurue da me upute ako to na neki način mogu provjeriti

Hvala na pažnji
[ Aleksandar Maletic @ 19.10.2012. 22:39 ] @
Pozdrav!
Najpre da odradimo neke korake pre nego što kažemo nešto konkretno.
Preuzmi CCleaner Portable, raspakuj ga i pokreni. Pod karticom Cleaner klikni na Run Cleaner kako bi očistio kompletne history i temp fajlove.
Nakon toga preuzmi OSAM Autorun Manager 5.0, raspakuj ga i pokreni.
Nakon završene kompletne analize sačuvaj .html log, zatim ga prikači ovde uz novu poruku.
[ Rok0 @ 20.10.2012. 08:24 ] @
Aleksandar hvala ti na brzom odgovoru

Osam.html log fajl na linku:

http://depositfiles.com/files/6jgjd6w33

Poz
[ Aleksandar Maletic @ 20.10.2012. 11:55 ] @
Imaš neke bespotrebne toolbar-ove, preuzmi AdwCleaner i obriši ih.
Preuzmi DDS na Desktop, pokreni analizu.
Program će izbaciti dva log fajla sa informacijama.
Kopiraj sadržaj fajla DDS.txt u novoj poruci.
[ Rok0 @ 20.10.2012. 14:57 ] @
DDS.scr mi svaki put locka sustav

Koristio sam RSIT i HijackThis, da li je dovoljno?

log.txt

Citat:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mladen at 2012-10-20 15:49:47
Microsoft Windows XP Professional Service Pack 3
System drive E: has 12 GB (4%) free of 305 GB
Total RAM: 3583 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:49:55, on 20.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\PROGRA~1\AVG\AVG2012\avgrsx.exe
E:\Program Files\AVG\AVG2012\avgcsrvx.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Creative\Shared Files\CTAudSvc.exe
E:\WINDOWS\system32\ANIWConnService.exe
E:\Program Files\AVG\AVG2012\avgwdsvc.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
E:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\DOCUME~1\Mladen\LOCALS~1\Temp\ToolbarUpdater.exe
E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
E:\WINDOWS\Explorer.EXE
E:\Program Files\AVG\AVG2012\avgidsagent.exe
E:\Program Files\AVG\AVG2012\avgnsx.exe
E:\Program Files\AVG\AVG2012\avgemcx.exe
E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
E:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe
E:\WINDOWS\system32\CTHELPER.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\System32\svchost.exe
E:\Program Files\AVG\AVG2012\avgtray.exe
E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
E:\Program Files\Samsung\Kies\KiesTrayAgent.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
E:\Program Files\Samsung\Kies\Kies.exe
E:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
E:\Program Files\Steam\Steam.exe
E:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Program Files\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Mladen\My Documents\Downloads\RSIT.exe
E:\Program Files\trend micro\Mladen.exe
e:\program files\stardock\fences\Fences.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - E:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [ANIWZCS2Service] E:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] E:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [WZCSLDR2] E:\Program Files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] E:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "E:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [amd_dc_opt] E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [KiesTrayAgent] E:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NVIDIA nTune] "E:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [KiesPreload] E:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] E:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] E:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Steam] "E:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://E:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - E:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2EBCA5A-1846-4A36-8311-BBFB70D0999E}: NameServer = 208.67.222.222,208.67.222.220
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: E:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - E:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - E:\WINDOWS\system32\ANIWConnService.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - E:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - E:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - E:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Usluga Google ažuriranje (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usluga Google ažuriranje (gupdatem) (gupdatem) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - E:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Steam Client Service - Valve Corporation - E:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Toolbar Updater (TolbarUpdater) - Unknown owner - E:\DOCUME~1\Mladen\LOCALS~1\Temp\ToolbarUpdater.exe

--
End of file - 10644 bytes

======Scheduled tasks folder======

E:\WINDOWS\tasks\Adobe Flash Player Updater.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
E:\WINDOWS\tasks\User_Feed_Synchronization-{B7D2165B-F99E-40EE-832E-5235662A09DA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - E:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 4220304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ANIWZCS2Service"=E:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2009-08-21 98304]
"D-Link D-Link Wireless G DWL-G122_DWA-110"=E:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe [2009-09-18 1708032]
"WZCSLDR2"=E:\Program Files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe []
"CTHelper"=E:\WINDOWS\system32\CTHELPER.EXE [2010-03-18 19456]
"NvMediaCenter"=E:\WINDOWS\system32\NvMcTray.dll [2012-05-15 108352]
"NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"nwiz"=E:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
"Adobe ARM"=E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"AVG_TRAY"=E:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
"amd_dc_opt"=E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Google Desktop Search"=E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2012-08-15 30192]
"KiesTrayAgent"=E:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-08-31 3524536]
"KernelFaultCheck"=E:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=E:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"NVIDIA nTune"=E:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"KiesPreload"=E:\Program Files\Samsung\Kies\Kies.exe [2012-08-31 964024]
"KiesAirMessage"=E:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
"KiesPDLR"=E:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-08-31 21432]
"Steam"=E:\Program Files\Steam\Steam.exe [2012-09-15 1353080]

E:\Documents and Settings\Mladen\Start Menu\Programs\Startup
OneNote 2010 Screen Clipper and Launcher.lnk - E:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="E:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 4220304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\uTorrent\uTorrent.exe"="E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="E:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\AVG\AVG2012\avgmfapx.exe"="E:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe"="C:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage"
"C:\Program Files\Codemasters\DiRT 3\dirt3_game.exe"="C:\Program Files\Codemasters\DiRT 3\dirt3_game.exe:*:Enabled:DiRT 3"
"C:\Program Files\Codemasters\GRID\GRID.exe"="C:\Program Files\Codemasters\GRID\GRID.exe:*:Enabled:GRID"
"C:\Program Files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe"="C:\Program Files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge™"
"C:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe"="C:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI)"
"C:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe"="C:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV)"
"E:\WINDOWS\system32\muzapp.exe"="E:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"E:\Program Files\AVG\AVG2012\avgnsx.exe"="E:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield"
"E:\Program Files\AVG\AVG2012\avgdiagex.exe"="E:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012"
"E:\Program Files\AVG\AVG2012\avgemcx.exe"="E:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=E:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=E:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======List of files/folders created in the last 2 months======

2012-10-20 15:49:48 ----D---- E:\Program Files\trend micro
2012-10-20 15:49:47 ----D---- E:\rsit
2012-10-20 14:39:55 ----A---- E:\WINDOWS\{00000001-00000000-00000008-00001102-00000008-10211102}.BAK
2012-10-20 14:16:34 ----A---- E:\WINDOWS\system32\FNTCACHE.DAT
2012-10-20 14:09:29 ----A---- E:\AdwCleaner[R1].txt
2012-10-19 20:37:29 ----A---- E:\WINDOWS\_MSRSTRT.EXE
2012-10-15 23:48:32 ----A---- E:\WINDOWS\system32\WinMonitor.exe
2012-10-11 21:35:17 ----D---- E:\Documents and Settings\All Users\Application Data\3DMGAME
2012-09-15 20:56:31 ----A---- E:\WINDOWS\system32\d3d9caps.dat
2012-09-15 20:47:48 ----A---- E:\WINDOWS\system32\time.dat
2012-09-15 20:46:19 ----D---- E:\WINDOWS\system32\dictionaries
2012-09-15 20:46:19 ----A---- E:\WINDOWS\system32\Skybound.Gecko.dll
2012-09-15 20:46:19 ----A---- E:\WINDOWS\system32\redit.exe
2012-09-15 20:46:19 ----A---- E:\WINDOWS\system32\plugin-container.exe
2012-09-15 20:46:19 ----A---- E:\WINDOWS\system32\plds4.dll
2012-09-15 20:46:19 ----A---- E:\WINDOWS\system32\plc4.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\nssutil3.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\nssdbm3.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\nssckbi.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\nss3.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\nspr4.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\msvcr80.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\msvcp80.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\msvcm80.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\mozsqlite3.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\mozjs.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\mozglue.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\mozalloc.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\libGLESv2.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\libEGL.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\js.exe
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\IA2Marshal.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\gkmedias.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\freebl3.dll
2012-09-15 20:46:18 ----A---- E:\WINDOWS\system32\AccessibleMarshal.dll
2012-09-15 20:46:16 ----D---- E:\WINDOWS\system32\profile
2012-09-15 20:46:16 ----D---- E:\WINDOWS\system32\plugins
2012-09-15 20:46:16 ----D---- E:\WINDOWS\system32\components
2012-09-15 20:46:15 ----A---- E:\WINDOWS\system32\xul.dll
2012-09-15 20:46:15 ----A---- E:\WINDOWS\system32\xpcshell.exe
2012-09-15 20:46:15 ----A---- E:\WINDOWS\system32\xpcom.dll
2012-09-15 20:46:15 ----A---- E:\WINDOWS\system32\ssl3.dll
2012-09-15 20:46:15 ----A---- E:\WINDOWS\system32\softokn3.dll
2012-09-15 20:46:15 ----A---- E:\WINDOWS\system32\smime3.dll
2012-09-15 20:46:13 ----A---- E:\WINDOWS\system32\libs.exe
2012-09-15 20:11:05 ----D---- E:\Program Files\SteamApps
2012-09-15 20:11:04 ----D---- E:\Program Files\Steam
2012-09-08 19:51:29 ----D---- E:\Documents and Settings\Mladen\Application Data\Samsung
2012-09-08 19:43:23 ----A---- E:\WINDOWS\system32\drivers\ssudmdm.sys
2012-09-08 19:43:23 ----A---- E:\WINDOWS\system32\drivers\ssudbus.sys
2012-09-08 19:42:02 ----A---- E:\WINDOWS\system32\Redemption.dll
2012-09-08 19:41:32 ----D---- E:\Program Files\MarkAny
2012-09-08 19:41:31 ----A---- E:\WINDOWS\system32\drivers\dgderdrv.sys
2012-09-08 19:41:31 ----A---- E:\WINDOWS\system32\DIFxAPI.dll
2012-09-08 19:41:31 ----A---- E:\WINDOWS\system32\dgderapi.dll
2012-09-08 19:40:17 ----N---- E:\WINDOWS\system32\spmsg.dll
2012-09-08 19:40:10 ----HDC---- E:\WINDOWS\$NtUninstallWudf01000$
2012-09-08 19:39:36 ----D---- E:\WINDOWS\system32\drivers\umdf
2012-09-08 19:39:29 ----A---- E:\WINDOWS\system32\spupdsvc.exe
2012-09-08 19:39:25 ----N---- E:\WINDOWS\system32\audiodev.dll
2012-09-08 19:39:25 ----HDC---- E:\WINDOWS\$NtUninstallWMFDist11$
2012-09-08 19:34:14 ----D---- E:\_111750_
2012-09-05 20:38:15 ----DC---- E:\WINDOWS\system32\DRVSTORE
2012-09-05 20:38:14 ----D---- E:\Program Files\SAMSUNG
2012-09-05 20:37:15 ----D---- E:\Documents and Settings\All Users\Application Data\Samsung
2012-09-01 17:26:15 ----D---- E:\Documents and Settings\All Users\Application Data\REVOLT
2012-09-01 16:39:12 ----D---- E:\Program Files\Games
2012-08-31 22:53:40 ----A---- E:\WINDOWS\system32\Access.dat
2012-08-31 22:52:31 ----D---- E:\Documents and Settings\Mladen\Application Data\Tunngle
2012-08-31 22:52:31 ----D---- E:\Documents and Settings\All Users\Application Data\Tunngle
2012-08-31 22:52:23 ----A---- E:\WINDOWS\system32\drivers\tap0901t.sys
2012-08-31 22:42:30 ----D---- E:\Program Files\Common Files\Steam
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\muzwmts.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\muzapp.exe
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\muzaf1.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\MTTELECHIP.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\MaXMLProto.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\MaJGUILib.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\MaDRM.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\issacapi_se-2.3.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\issacapi_pe-2.3.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\system32\issacapi_bs-2.3.dll
2012-08-28 10:04:34 ----A---- E:\WINDOWS\MusiccityDownload.exe
2012-08-28 10:04:34 ----A---- E:\WINDOWS\MASetupCaller.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\muzapp.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\MTXSYNCICON.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\MSLUR71.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\MSFLib.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\MSCLib.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\MK_Lyric.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\MASetupCleaner.exe
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\MAMACExtract.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\MACXMLProto.dll
2012-08-28 10:04:32 ----A---- E:\WINDOWS\system32\cis-2.4.dll
2012-08-26 11:58:35 ----A---- E:\WINDOWS\AZPR3.INI
2012-08-26 11:58:25 ----D---- E:\Program Files\AZPR
2012-08-23 17:43:09 ----D---- E:\Games

======List of files/folders modified in the last 2 months======

2012-10-20 15:49:48 ----RD---- E:\Program Files
2012-10-20 15:49:39 ----D---- E:\WINDOWS\Prefetch
2012-10-20 14:52:26 ----D---- E:\WINDOWS\system32
2012-10-20 14:52:26 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2012-10-20 14:48:26 ----D---- E:\WINDOWS\system32\CatRoot2
2012-10-20 14:48:25 ----D---- E:\WINDOWS\Temp
2012-10-20 14:39:55 ----D---- E:\WINDOWS
2012-10-20 14:10:35 ----D---- E:\Documents and Settings\Mladen\Application Data\uTorrent
2012-10-20 11:53:38 ----D---- E:\WINDOWS\system32\LogFiles
2012-10-20 09:08:09 ----D---- E:\WINDOWS\system32\drivers\AVG
2012-10-20 09:07:18 ----D---- E:\Documents and Settings\Mladen\Application Data\DAEMON Tools Lite
2012-10-20 09:07:17 ----D---- E:\Documents and Settings\Mladen\Application Data\Winamp
2012-10-20 09:07:14 ----D---- E:\Documents and Settings\All Users\Application Data\MFAData
2012-10-20 09:06:48 ----D---- E:\WINDOWS\Minidump
2012-10-20 09:06:48 ----D---- E:\WINDOWS\Logs
2012-10-20 09:06:48 ----D---- E:\WINDOWS\Debug
2012-10-19 23:08:02 ----N---- E:\WINDOWS\SchedLgU.Txt
2012-10-19 20:36:29 ----D---- E:\Program Files\NeoSmart Technologies
2012-10-19 16:20:09 ----D---- E:\WINDOWS\SoftwareDistribution
2012-10-11 18:39:18 ----D---- E:\WINDOWS\system32\Restore
2012-10-08 21:56:21 ----A---- E:\WINDOWS\system32\FlashPlayerApp.exe
2012-10-03 11:44:50 ----D---- E:\Documents and Settings\All Users\Application Data\AVG2012
2012-09-28 01:14:38 ----HD---- E:\WINDOWS\inf
2012-09-18 20:59:39 ----SHD---- E:\WINDOWS\Installer
2012-09-13 21:38:36 ----SD---- E:\Documents and Settings\Mladen\Application Data\Microsoft
2012-09-12 20:37:23 ----D---- E:\Program Files\Winamp
2012-09-11 09:48:02 ----RSHDC---- E:\WINDOWS\system32\dllcache
2012-09-11 09:46:59 ----D---- E:\WINDOWS\system32\drivers
2012-09-08 21:06:51 ----RSD---- E:\WINDOWS\assembly
2012-09-08 21:06:51 ----D---- E:\WINDOWS\Microsoft.NET
2012-09-08 19:41:28 ----HD---- E:\Program Files\InstallShield Installation Information
2012-09-08 19:39:35 ----D---- E:\Program Files\Windows Media Player
2012-09-08 19:35:49 ----D---- E:\WINDOWS\WinSxS
2012-09-08 02:19:26 ----D---- E:\WINDOWS\security
2012-09-01 17:25:40 ----RSD---- E:\WINDOWS\Fonts
2012-08-31 22:42:30 ----D---- E:\Program Files\Common Files
2012-08-27 21:11:02 ----D---- E:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-08-26 22:51:14 ----D---- E:\WINDOWS\system32\DirectX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; E:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; E:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 mv61xxmm;mv61xxmm; E:\WINDOWS\system32\drivers\mv61xxmm.sys [2012-01-12 13616]
R0 mv64xxmm;mv64xxmm; E:\WINDOWS\system32\drivers\mv64xxmm.sys [2012-01-12 5632]
R0 mvxxmm;mvxxmm; E:\WINDOWS\system32\drivers\mvxxmm.sys [2012-01-12 13616]
R0 nvgts;nvgts; E:\WINDOWS\system32\DRIVERS\nvgts.sys [2009-06-30 164896]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; E:\WINDOWS\system32\DRIVERS\ohci1394.sys [2012-01-12 61824]
R0 PxHelp20;PxHelp20; E:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Avgldx86;AVG AVI Loader Driver; E:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; E:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; E:\WINDOWS\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-08-12 242240]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\E:\Program Files\HWiNFO32\HWiNFO32.SYS []
R1 kbdhid;Keyboard HID Driver; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; E:\WINDOWS\system32\drivers\SCDEmu.sys [2012-07-19 113104]
R2 ANIO;ANIO Service; \??\E:\WINDOWS\system32\ANIO.SYS []
R2 rspndr;Link-Layer Topology Discovery Responder; E:\WINDOWS\system32\DRIVERS\rspndr.sys [2012-01-12 62848]
R3 AmdLLD;AMD Low Level Device Driver; E:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AVGIDSDriver;AVGIDSDriver; E:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; E:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; E:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 COMMONFX.SYS;COMMONFX.SYS; E:\WINDOWS\System32\drivers\COMMONFX.SYS [2010-03-18 99416]
R3 ctac32k;Creative AC3 Software Decoder; E:\WINDOWS\system32\drivers\ctac32k.sys [2010-03-18 511064]
R3 ctaud2k;Creative Audio Driver (WDM); E:\WINDOWS\system32\drivers\ctaud2k.sys [2010-03-18 528472]
R3 CTAUDFX.SYS;CTAUDFX.SYS; E:\WINDOWS\System32\drivers\CTAUDFX.SYS [2010-03-18 555096]
R3 ctprxy2k;Creative Proxy Driver; E:\WINDOWS\system32\drivers\ctprxy2k.sys [2010-03-18 14424]
R3 CTSBLFX.SYS;CTSBLFX.SYS; E:\WINDOWS\System32\drivers\CTSBLFX.SYS [2010-03-18 566360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; E:\WINDOWS\system32\drivers\ctsfm2k.sys [2010-03-18 157272]
R3 emupia;E-mu Plug-in Architecture Driver; E:\WINDOWS\system32\drivers\emupia2k.sys [2010-03-18 92760]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; E:\WINDOWS\system32\drivers\ha10kx2k.sys [2010-03-18 798808]
R3 hap17v2k;Creative P17V HAL Driver; E:\WINDOWS\system32\drivers\hap17v2k.sys [2010-03-18 189528]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Microsoft HID Class Driver; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2012-01-12 12160]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; E:\WINDOWS\system32\drivers\nvhda32.sys [2012-04-18 123840]
R3 NVR0Dev;NVR0Dev; \??\E:\WINDOWS\nvoclock.sys []
R3 ossrv;Creative OS Services Driver; E:\WINDOWS\system32\drivers\ctoss2k.sys [2010-03-18 127576]
R3 rt2870;Linksys 802.11n USB Wireless LAN Card Driver; E:\WINDOWS\system32\DRIVERS\rt2870.sys [2011-04-25 1174976]
R3 usbccgp;Microsoft USB Generic Parent Driver; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 Arp1394;1394 ARP Client Protocol; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2012-01-12 60800]
S3 COMMONFX;COMMONFX; E:\WINDOWS\system32\drivers\COMMONFX.SYS [2010-03-18 99416]
S3 CTAUDFX;CTAUDFX; E:\WINDOWS\system32\drivers\CTAUDFX.SYS [2010-03-18 555096]
S3 ctdvda2k;Creative DVD-Audio Device Driver; E:\WINDOWS\system32\drivers\ctdvda2k.sys [2010-03-18 347144]
S3 CTERFXFX.SYS;CTERFXFX.SYS; E:\WINDOWS\System32\drivers\CTERFXFX.SYS [2010-03-18 100952]
S3 CTERFXFX;CTERFXFX; E:\WINDOWS\system32\drivers\CTERFXFX.SYS [2010-03-18 100952]
S3 CTSBLFX;CTSBLFX; E:\WINDOWS\system32\drivers\CTSBLFX.SYS [2010-03-18 566360]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); E:\WINDOWS\system32\DRIVERS\ssudbus.sys [2012-07-31 83168]
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hap16v2k;Creative P16V HAL Driver; E:\WINDOWS\system32\drivers\hap16v2k.sys [2010-03-18 162904]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2012-01-12 61824]
S3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 67328]
S3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 15872]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); E:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2012-07-31 181344]
S3 usbscan;USB Scanner Driver; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;USB Mass Storage Driver; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; E:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 exFat;exFat; E:\WINDOWS\system32\drivers\exFat.sys [2012-01-12 133632]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; E:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANIWConnService;ANIWConn Service; E:\WINDOWS\system32\ANIWConnService.exe [2009-07-07 151552]
R2 AVGIDSAgent;AVGIDSAgent; E:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]
R2 avgwd;AVG WatchDog; E:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 CTAudSvcService;Creative Audio Service; E:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-07-15 387616]
R2 nSvcIp;ForceWare IP service; E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-07-15 178720]
R2 nTuneService;nTune Service; E:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Driver Helper Service; E:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 TolbarUpdater;Toolbar Updater; E:\DOCUME~1\Mladen\LOCALS~1\Temp\ToolbarUpdater.exe [2012-08-25 508416]
R2 wlidsvc;Windows Live ID Sign-in Assistant; E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 ANIWZCSdService;ANIWZCSd Service; E:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2009-08-21 102400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Usluga Google ažuriranje (gupdate); E:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-12 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; E:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; E:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-08-12 79360]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2012-08-15 30192]
S3 gupdatem;Usluga Google ažuriranje (gupdatem); E:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-12 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; E:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Steam Client Service;Steam Client Service; E:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

-----------------EOF-----------------





Info.txt

Citat:

info.txt logfile of random's system information tool 1.09 2012-10-20 15:49:57

======Uninstall list======

@BIOS-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\setup.exe" -l0x9 -removeonly
-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9
-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
«Alan Wake`s American Nightmare» 1.03.17.1781-->"C:\R.G. Catalyst\Alan Wake`s American Nightmare\uninstall\unins000.exe"
«Alan Wake» 1.06.17.0155-->"C:\R.G. Catalyst\Alan Wake\uninstall\unins000.exe"
«DiRT Showdown» 1.0.0.0-->"C:\R.G. Catalyst\DiRT Showdown\uninstall\unins000.exe"
µTorrent-->"E:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 11 ActiveX-->E:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->E:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -maintain plugin
Adobe Reader X (10.1.4) - Croatian-->MsiExec.exe /I{AC76BA86-7AD7-1050-7B44-AA1000000001}
ALTools Update-->E:\Program Files\ESTsoft\ALUpdate\unins000.exe
ALZip 8.51-->E:\Program Files\ESTsoft\ALZip\unins000.exe
ANIO Service-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
ANIWZCS2 Service-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
AVG 2012-->"E:\Program Files\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2012-->MsiExec.exe /I{38580E5E-AF78-4536-AD1E-6A62661372C5}
AVG 2012-->MsiExec.exe /I{B69C390B-826F-473C-86EB-7AD4950818C3}
BS.Player FREE-->"E:\Program Files\Webteh\BSPlayer\uninstall.exe"
Creative Audio Console-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative Software AutoUpdate-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove
DAEMON Tools Lite-->E:\Program Files\DAEMON Tools Lite\uninst.exe
Dead.Island.Game.of.The.Year.Edition-->"E:\Program Files\Games\Dead.Island.Game.of.The.Year.Edition\unins000.exe"
DiRT 3-->MsiExec.exe /I{434D0FA0-1558-4D8E-AC3D-BD1000008200}
DiRT 3-->MsiExec.exe /X{434D0FA0-1558-4D8E-AC3D-BD1000008200}
D-Link Wireless G DWL-G122_DWA-110-->E:\Program Files\InstallShield Installation Information\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}\setup.exe -runfromtemp -l0x001a -removeonly
Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
EndItAll 2.0-->"E:\Program Files\EndItAll\unins000.exe"
Fences-->"E:\Documents and Settings\All Users\Application Data\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe" REMOVE=TRUE MODIFY=FALSE
Fences-->E:\Documents and Settings\All Users\Application Data\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe
FlatOut Ultimate Carnage-->c:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Uninstall.exe
Google Chrome-->"E:\Program Files\Google\Chrome\Application\22.0.1229.94\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Desktop-->E:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GRID-->"E:\Program Files\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x0009 -removeonly
GTA IV Episodes from Liberty City-->"c:\Program Files\Rockstar Games\GTA IV Complete Edition\EFLC\unins000.exe"
GTA IV-->"c:\Program Files\Rockstar Games\GTA IV Complete Edition\GTA IV\unins000.exe"
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {99A120B0-F930-3427-A833-FAD753B85527} /parameterfolder Client
HWiNFO32 Version 4.02-->"E:\Program Files\HWiNFO32\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 4 Client Profile-->E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0409-0000-0000000FF1CE}" "{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0117-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"
Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2010-->MsiExec.exe /X{90140000-00BA-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2010-->MsiExec.exe /X{90140000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"E:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Mirror's Edge™-->MsiExec.exe /X{AEDBD563-24BB-4EE3-8366-A654DAC2D988}
NVIDIA Drivers-->E:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"E:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0409 -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
NVIDIA Graphics Driver 301.42-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA HD Audio Driver 1.3.16.0-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA nTune-->E:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1033
NVIDIA nView 136.27-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NView
NVIDIA PhysX System Software 9.12.0213-->"E:\WINDOWS\system32\RunDll32.EXE" "E:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
OpenAL-->"E:\Program Files\OpenAL\oalinst.exe" /U
Opera 12.01-->"E:\Program Files\Opera\Opera.exe" /uninstall
PowerISO-->"E:\Program Files\PowerISO\uninstall.exe"
Rapture3D 2.4.11 Game-->"E:\Program Files\BRS\unins000.exe"
Rigs of Rods 0.38.51-->"E:\Program Files\Rigs of Rods 0.38\uninst.exe"
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02]-->"c:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\unins000.exe"
Saints Row The Third-->"C:\Saints Row The Third\unins000.exe"
Samsung Kies-->"E:\Program Files\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}
SAMSUNG USB Driver for Mobile Phones-->E:\Program Files\Samsung\USB Drivers\Uninstall.exe
Sleeping Dogs, âĺđńč˙ 1.01-->"E:\Games\Sleeping Dogs\unins000.exe"
Source SDK Base 2007-->"E:\Program Files\Steam\steam.exe" steam://uninstall/218
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TeraCopy 2.27-->"E:\Program Files\TeraCopy\unins000.exe"
Thoosje Windows Sevenbar-->"E:\Program Files\Thoosje\un_Thoosje Sevenbar Installer_32836.exe"
Tweakui Powertoy for Windows XP-->MsiExec.exe /I{C7793EE8-F666-4E6B-9827-76468679480E}
Winamp-->"E:\Program Files\Winamp\UninstWA.exe"
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Media Format 11 runtime-->"E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"E:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

======Security center information======

AV: AVG Anti-Virus Free Edition 2012

======System event log======

Computer Name: IKSPE
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Record Number: 6165
Source Name: W32Time
Time Written: 20120927083613.000000+120
Event Type: warning
User:

Computer Name: IKSPE
Event Code: 7034
Message: The ANIWZCSd Service service terminated unexpectedly. It has done this 1 time(s).

Record Number: 6025
Source Name: Service Control Manager
Time Written: 20120926003755.000000+120
Event Type: error
User:

Computer Name: IKSPE
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 5992
Source Name: Tcpip
Time Written: 20120925213947.000000+120
Event Type: warning
User:

Computer Name: IKSPE
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Record Number: 5955
Source Name: W32Time
Time Written: 20120925105808.000000+120
Event Type: warning
User:

Computer Name: IKSPE
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 5951
Source Name: Tcpip
Time Written: 20120925104737.000000+120
Event Type: warning
User:

=====Application event log=====

Computer Name: IKSPE
Event Code: 1000
Message: Faulting application acrord32.exe, version 10.1.4.38, faulting module msvcr90.dll, version 9.0.30729.4148, fault address 0x0003b9f0.

Record Number: 1288
Source Name: Application Error
Time Written: 20120906201715.000000+120
Event Type: error
User:

Computer Name: IKSPE
Event Code: 902
Message: The Software Protection service has started.
14.0.370.400

Record Number: 1230
Source Name: Office Software Protection Platform Service
Time Written: 20120903181759.000000+120
Event Type:
User:

Computer Name: IKSPE
Event Code: 902
Message: The Software Protection service has started.
14.0.370.400

Record Number: 1199
Source Name: Office Software Protection Platform Service
Time Written: 20120902112442.000000+120
Event Type:
User:

Computer Name: IKSPE
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.2900.5634, faulting module duser.dll, version 5.1.2600.5512, fault address 0x0002acfa.

Record Number: 1191
Source Name: Application Error
Time Written: 20120901221513.000000+120
Event Type: error
User:

Computer Name: IKSPE
Event Code: 1000
Message: Faulting application deadislandgame.exe, version 1.0.0.0, faulting module game_x86_rwdi.dll, version 0.0.0.0, fault address 0x00518f61.

Record Number: 1170
Source Name: Application Error
Time Written: 20120831234714.000000+120
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;E:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
[ Aleksandar Maletic @ 20.10.2012. 15:27 ] @
Što se tiče HJT log fajla, selektuj sledeće:

O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Program Files\Stardock\Fences\FencesMenu.dll

Klikni na Fix, zatim restartuj računar.

Koliko vidim, ne postoji ništa sumnjivo. Pokušaj da ukloniš Google Chrome kompletno sa svim postavkama, instaliraj ga ponovo i vidi kako funkcioniše.
Da li koristiš firewall? Ukoliko je odgovor negativan, a s obzirom da koristiš Windows XP poželjno bi bilo da instaliraš neki, recimo COMODO Free Firewall ili Online Armor Free.
Ukoliko te ne mrzi, preuzmi i instaliraj Malwarebytes Anti-Malware. Pokreni ga, ažuriraj definicije i odradi Quick Scan. Kopiraj sadržaj log fajla u novoj poruci.
[ bakara @ 20.10.2012. 17:52 ] @
Vidim da covek koristio operu...

Mozda je operu koristio i na poslu, a ukljucena opera link sinhronizovala naloge?
Pre je tako nesto nego upad.
[ Aleksandar Maletic @ 20.10.2012. 18:27 ] @
Video sam da je koristio Operu, ali...

Citat:
Rok0: Browser koji koristim kod kuće je Google Chrome pa mi je također palo na pamet da je sve skupa rezultat Google sinkronizacije, kao poslijedica korištenja mog mail accounta na poslu/kod kuće, pa je možda pokupio i ostale adrese na kojima se radi Facebook login iz firme. No brzo sam odustao od ove teze, budući da onda nije logično da login forma nije zapamtila i brojne testne accountove koje sam gore spomenuo a koristim ih na svakodnevnoj bazi. Jedini uljez na listi je mail od kolege.
[ citizenx @ 21.10.2012. 16:33 ] @
Najverovatnije nije niko provaljivao u racunar.

procitaj ovaj clanak:
http://ask-leo.com/does_this_e...r_account_has_been_hacked.html
[ kristi1 @ 21.10.2012. 20:33 ] @
Alex, ovo su ti sve legitimne stavke, to se ne dira.

Code:
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\Program Files\Stardock\Fences\FencesMenu.dll


Nema ovde ni m od malware-a
[ Aleksandar Maletic @ 22.10.2012. 17:35 ] @
Citat:
kristi1: Alex, ovo su ti sve legitimne stavke, to se ne dira.


Smatrao sam da su suvišne, prevario sam se. Hvala ti na pomoći.