MyCity » Ambulanta -> Arhiva Ambulante » problem sa stbapp.exe ili stbsvc.exe

problem sa stbapp.exe ili stbsvc.exe

Napisano na dan: 22.7.2009

problem sa stbapp.exe ili stbsvc.exe

Sledeća strana

Pagination

Odgovori

beli_80 Poslao: 22 Jul 2009 16:36 Idi na vrh
offline beli_80 Novi MyCity građanin Pridružio: 22 Jul 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:22:06, on 31-Jul-09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Belovic\Desktop\beli\tr3.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = searchbox.digsby.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = searchbox.digsby.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = home.juicyaccess.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = searchbox.digsby.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = searchbox.digsby.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = searchbox.digsby.com/search?q=%s R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll O2 - BHO: bignetdaddy - {447c8bce-81f4-e503-7287-0907c0ba07a3} - C:\WINDOWS\system32\nsr3B.dll O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll O2 - BHO: (no name) - {4726124b-1fbc-19e3-9222-c3868852be30} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb106\Dealio.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: mysidesearch search enhancer - {F2708CA0-38D4-DBD4-E9D2-B5250E6D5C06} - C:\WINDOWS\system32\xaropagkcwtseyfqc.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb106\Dealio.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll O3 - Toolbar: JuicyAccess Toolbar - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stb0.dll O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [SmileyApp] C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbapp.exe O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - Global Startup: Nokia Nseries PC Suite.lnk = C:\Program Files\Nokia\NNPCS\RunLauncher.exe O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb106\res\DealioSearch.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb106\Dealio.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O21 - SSODL: SetupVolume - {d2b470e4-2ad2-4851-8f9d-d964d557655d} - (no file) O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 9318 bytes Imam problem sa mozilom. Svaki put kad upalim računar i prilikom otvaranja stranice izbaci poruku "stbapp. exe - unable to locate component".

Profil

dr_Bora Poslao: 22 Jul 2009 17:06 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: zatvori pokrenute programe; deaktiviraj zaštitni softver (uputstvo); dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

beli_80 Poslao: 22 Jul 2009 21:39 Idi na vrh
offline beli_80 Novi MyCity građanin Pridružio: 22 Jul 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-07-22.01 - Belovic 31-Jul-09 21:27.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.3326.2746 [GMT 2:00] Running from: c:\documents and settings\Belovic\Desktop\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Belovic\Local Settings\Temporary Internet Files\stb06759.tmp c:\program files\Internet Saving Optimizer c:\program files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll c:\program files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe c:\program files\Media Access Startup c:\program files\Media Access Startup\1.5.0.850\Data\config.md c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.dll c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf c:\program files\Media Access Startup\1.5.0.850\HPCommon.dll c:\program files\Media Access Startup\1.5.0.850\HPIEAddOn.dll c:\program files\Media Access Startup\1.5.0.850\hppx.exe c:\program files\Media Access Startup\1.5.0.850\MAHelper.exe c:\program files\Media Access Startup\1.5.0.850\unins000.dat c:\program files\Media Access Startup\1.5.0.850\unins000.exe c:\program files\Mozilla Firefox\Components\5616a68d-b506-30d3-43cf-82f64c8f9b4e.dll c:\program files\Mozilla Firefox\Components\b52866de-d860-99f5-e786-f7a6e185d12b.dll c:\program files\Mozilla Firefox\components\xaropagkcwtseyfqc.dll c:\windows\system32\5ab3db47-a264-99d5-3909-a581e85aa767.exe c:\windows\system32\b9fb7725-9f1f-d683-6e11-f03c3a8f5224.exe c:\windows\system32\xaropagkcwtseyfqc.dll-uninst.exe . ((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-31 ))))))))))))))))))))))))))))))) . 2009-07-30 20:27 . 2009-07-30 20:27 -------- dc----w- c:\documents and settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1} 2009-07-30 19:53 . 2009-07-30 19:53 -------- d-----w- c:\documents and settings\Belovic\Application Data\Uniblue 2009-07-28 10:34 . 2009-07-28 10:34 -------- d-----w- c:\documents and settings\Belovic\Local Settings\Application Data\Fallout3 2009-07-28 10:22 . 2009-07-28 10:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Fallout3 2009-07-28 10:22 . 2008-09-16 22:20 121064 ------r- c:\documents and settings\All Users\Application Data\Fallout3\setup.exe 2009-07-28 10:18 . 2009-07-28 10:18 -------- d-----w- c:\windows\system32\xlive 2009-07-26 09:15 . 2009-07-26 09:15 -------- d-----w- c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer 2009-07-26 09:15 . 2009-07-26 09:15 -------- d-----w- c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup 2009-07-26 09:15 . 2009-07-26 09:15 592947 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\HJSetup.exe 2009-07-26 09:15 . 2009-07-26 09:15 595765 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\AdwareSetup.exe 2009-07-26 09:15 . 2009-07-26 09:15 -------- d-----w- c:\program files\System Search Dispatcher 2009-07-26 09:15 . 2009-07-13 10:26 3004288 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.exe 2009-07-26 09:15 . 2009-07-26 09:15 -------- d-----w- c:\program files\DoubleD 2009-07-18 11:29 . 2009-07-18 11:29 -------- d-----w- c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD 2009-07-17 14:48 . 2009-07-17 14:48 522240 ----a-w- c:\windows\system32\xaropagkcwtseyfqc.dll 2009-07-03 21:54 . 2009-07-03 21:54 1292288 ----a-w- c:\windows\system32\nsr3B.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-31 19:14 . 2008-11-13 17:04 169936 ----a-w- c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\FlashGot.exe 2009-07-30 20:10 . 2008-03-05 12:02 -------- d-----w- c:\documents and settings\Belovic\Application Data\uTorrent 2009-07-30 19:43 . 2007-02-25 01:11 -------- d-----w- c:\program files\ICQToolbar 2009-07-30 10:52 . 2007-02-04 17:20 -------- d-----w- c:\program files\MSN Messenger 2009-07-28 11:47 . 2008-03-18 23:15 -------- d-----w- c:\program files\SpywareBlaster 2009-07-28 10:22 . 2007-01-17 15:15 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-28 10:21 . 2008-10-18 10:01 122976 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-07-26 09:15 . 2009-07-26 09:14 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A} 2009-07-13 11:09 . 2009-01-24 12:30 10240 ----a-w- c:\documents and settings\Belovic\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe 2009-07-13 10:26 . 2009-07-26 09:14 262424 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\D5797E3B\3E688669\stbYahoo9.dll 2009-07-13 10:26 . 2009-07-26 09:14 254232 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\6216A4BD\3E688669\stbYahoo8.dll 2009-07-13 10:26 . 2009-07-26 09:14 872728 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\B75FA91E\3E688669\stbsvc.exe 2009-07-13 10:26 . 2009-07-26 09:14 205080 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\stbsh.dll 2009-07-13 10:26 . 2009-07-26 09:14 479512 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\stbpx.exe 2009-07-13 10:26 . 2009-07-26 09:14 229656 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\628759C1\3E688669\stbOLEX.dll 2009-07-13 10:26 . 2009-07-26 09:14 205080 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\A26F7F7\3E688669\stbOL.dll 2009-07-13 10:26 . 2009-07-26 09:14 323864 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\B3AC8875\3E688669\stbMsn.dll 2009-07-13 10:26 . 2009-07-26 09:14 229656 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\C3C6C2CD\3E688669\stbIE.dll 2009-07-13 09:21 . 2009-07-26 09:14 423528 -c--a-w- c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\SSD.exe 2009-06-26 17:27 . 2008-11-18 16:40 -------- d-----w- c:\program files\Java 2009-06-26 17:27 . 2009-06-26 17:27 152576 ----a-w- c:\documents and settings\Belovic\Application Data\Sun\Java\jre1.6.0_14\lzma.dll 2009-06-17 19:32 . 2009-04-28 16:06 -------- d-----w- c:\program files\MyPlayCity 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\documents and settings\Belovic\Application Data\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\documents and settings\Belovic\Application Data\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-06-05 19:56 . 2008-04-10 11:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-05-21 09:33 . 2008-11-18 16:40 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-05-18 11:59 . 2007-01-17 15:20 47984 ----a-w- c:\documents and settings\Belovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-07 13:18 . 2009-05-07 13:18 152576 ----a-w- c:\documents and settings\Belovic\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-07-15 20:30 . 2009-07-30 19:46 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll 2008-05-05 09:30 . 2008-05-05 09:30 56 --sh--r- c:\windows\system32\EB64FDE2B9.sys 2009-02-06 19:09 . 2008-05-05 09:48 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-01-20 19:50 . 2007-01-20 15:25 68128 --sha-w- c:\windows\system32\drivers\fidbox.dat 2007-01-20 19:50 . 2007-01-20 15:25 2848 --sha-w- c:\windows\system32\drivers\fidbox2.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{447c8bce-81f4-e503-7287-0907c0ba07a3}] 2009-07-03 21:54 1292288 ----a-w- c:\windows\system32\nsr3B.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] 2009-06-17 19:32 2094616 ----a-w- c:\program files\MyPlayCity\tbMyP0.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F2708CA0-38D4-DBD4-E9D2-B5250E6D5C06}] 2009-07-17 14:48 522240 ----a-w- c:\windows\system32\xaropagkcwtseyfqc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808] "SmileyApp"="c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbapp.exe" [2009-07-13 606488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016] "au"="c:\program files\Dealio\DealioAU.exe" [2007-06-27 238936] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-03-18 949376] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-08-11 1519616] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Nokia Nseries PC Suite.lnk - c:\program files\Nokia\NNPCS\RunLauncher.exe [2008-5-8 943568] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "7352:TCP"= 7352:TCP:BitComet 7352 TCP "7352:UDP"= 7352:UDP:BitComet 7352 UDP R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [19-Mar-08 00:32 15424] . - - - - ORPHANS REMOVED - - - - BHO-{4726124b-1fbc-19e3-9222-c3868852be30} - (no file) HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe HKLM-Run-SigmatelSysTrayApp - sttray.exe HKLM-Run-Device Detector - DevDetect.exe SSODL-SetupVolume-{d2b470e4-2ad2-4851-8f9d-d964d557655d} - (no file) . ------- Supplementary Scan ------- . uStart Page = hxxp://home.juicyaccess.com uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://searchbox.digsby.com/search?q=%s IE: Compare Prices with &Dealio - c:\program files\Dealio\kb106\res\DealioSearch.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www6.yoog.com/search.php?q= FF - prefs.js: browser.search.selectedEngine - Yoog Search FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://www6.yoog.com/search.php?q= FF - component: c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\components\SmileyCore.dll ---- FIREFOX POLICIES ---- FF - user.js: google.toolbar.linkdoctor.enabled - false FF - user.js: browser.search.defaultenginename - Yoog Search FF - user.js: browser.search.defaulturl - hxxp://www6.yoog.com/search.php?q= FF - user.js: browser.search.selectedEngine - Yoog Search FF - user.js: keyword.URL - hxxp://www6.yoog.com/search.php?q= FF - user.js: keyword.enabled - true c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-07-31 21:31 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-436374069-842925246-725345543-1003\Software\Genie"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Documents and Settings\\Belovic\\My Documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="" "ScreenshotsDir"="c:\\Documents and Settings\\Belovic\\My Documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Documents and Settings\\Belovic\\My Documents\\Sports Interactive\\Football Manager 2009\\" "LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-930\\db\\930\\lang_db.dat" "LastSaveGame"="c:\\Documents and Settings\\Belovic\\My Documents\\Sports Interactive\\Football Manager 2009\\games\\italy.fm" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000032 "GraphStep"=dword:00000000 "SkinName"="Champions League" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000067 "UniqueID"="E4-2A70-E4DF" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "Currency"=dword:0000001c "HistoryDir"="c:\\Documents and Settings\\Belovic\\Desktop\\fm_genie_scout_2009_xe_2009\\FM Genie Scout 2009 XE\\History Points" [HKEY_USERS\S-1-5-21-436374069-842925246-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY] "??"=hex:70,d0,53,0c,a6,e7,c7,94,f7,e4,3a,9a,e1,00,0f,65,cd,05,9c,7c,46,fd,e2, bf,da,46,63,c9,e3,5e,b3,85,e4,62,67,96,a5,de,ce,e5,7f,00,24,9f,39,cb,77,26,\ "??"=hex:46,3a,ab,de,5e,84,4d,b4,eb,f4,fc,eb,b9,6f,15,3d . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(768-) c:\windows\system32\imon.dll . Completion time: 2009-07-31 21:32 ComboFix-quarantined-files.txt 2009-07-31 19:32 Pre-Run: 6,078,070,784 bytes free Post-Run: 6,509,744,128 bytes free 296

Profil

dr_Bora Poslao: 22 Jul 2009 22:03 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: c:\windows\system32\xaropagkcwtseyfqc.dll c:\windows\system32\nsr3B.dll c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\user.js Folder:: c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A} c:\program files\System Search Dispatcher c:\program files\DoubleD c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD DDS:: uStart Page = hxxp://home.juicyaccess.com uSearchURL,(Default) = hxxp://searchbox.digsby.com/search?q=%s IE: Compare Prices with &Dealio - c:\program files\Dealio\kb106\res\DealioSearch.html Firefox:: FF - prefs.js: browser.search.defaulturl - hxxp://www6.yoog.com/search.php?q= FF - prefs.js: browser.search.selectedEngine - Yoog Search FF - prefs.js: keyword.URL - hxxp://www6.yoog.com/search.php?q= FF - component: c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\components\SmileyCore.dll Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{447c8bce-81f4-e503-7287-0907c0ba07a3}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F2708CA0-38D4-DBD4-E9D2-B5250E6D5C06}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmileyApp"=- Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

beli_80 Poslao: 22 Jul 2009 22:27 Idi na vrh
offline beli_80 Novi MyCity građanin Pridružio: 22 Jul 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-07-22.01 - Belovic 31-Jul-09 22:17.2.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.3326.2757 [GMT 2:00] Running from: c:\documents and settings\Belovic\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Belovic\Desktop\CFScript.txt AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: "c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\user.js" "c:\windows\system32\nsr3B.dll" "c:\windows\system32\xaropagkcwtseyfqc.dll" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A} c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\{1D975A5E-1126-4F46-A423-41781934A63E} c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\instance.dat c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\mia.lib c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\{11AE5274-ACE4-48DC-8781-BA074146E52A} c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\15D3A7BB\3E688669\stbappHelper.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\24618E3F\611F5CA\Microsoft.VC80.MFC.manifest c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\29A73ACD\3E688669\stb0.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\2A3DCDAF\611F5CA\SkinCrafterDll.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\36F1A852\3E688669\MyDll.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\3FA86A06\3E688669\HookAPINT.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\4DAC9037\611F5CA\gdiplus.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\4F73E13A\3E688669\stbapp.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\50EF6DF6\3E688669\Riched20Smiley.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\51B9750F\611F5CA\msvcr80.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\6216A4BD\3E688669\stbYahoo8.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\62404B3E\3E688669\FFToolbar.xml c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\628759C1\3E688669\stbOLEX.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\69E6D3E5\3E688669\stbapp.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\879169BE\611F5CA\mfc80.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\9B242A8C\611F5CA\Microsoft.VC80.CRT.manifest c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\A26F7F7\3E688669\stbOL.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\A53562F1\3E688669\AIMActiveXDLL.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\B3AC8875\3E688669\stbMsn.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\B75FA91E\3E688669\stbsvc.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\BED3DEFB\3E688669\stbasst.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\C3C6C2CD\3E688669\stbIE.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\C41B8701\3E688669\stbAol.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\C90EEF64\3E688669\AxGifAnimator.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\CC8FDF08\3E688669\OEActiveXDLL.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\D5797E3B\3E688669\stbYahoo9.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\F0A80E14\5702F56C\home.juicyaccess.com.url c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\AdwareSetup.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\cfcpxlog.mx c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\FFToolbar.xpi c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\HJSetup.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\libiconv2.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\libintl3.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\MsiZap.Exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\msvcp60.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\ProductInfo.mx c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\setup.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\sqlite3.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\SSD.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\stbpx.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\stbreaim.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\stbrewlm.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\stbrunwlm.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\stbsh.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\stbterm.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\tbcore.mx c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\bag\tre4.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mFileBagIDE.dll\mFileBagEXE.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mIDEFunc.dll\mEXEFunc.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mIDEWriteReg.dll\mEXEWriteReg.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\OFFLINE\mMSI.dll\mMSIExec.dll c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.dat c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.exe c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.msi c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.par c:\documents and settings\All Users\Application Data\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.res c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\user.js c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\01c9eb2893468d1fba80553d2b75bd30.gif c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\867b44b1158783875052f103c3a2f11a.gif c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\default1.dat c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\loading.dat c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\loading.gif c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_DailyVideo.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Game.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Logo.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Option.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Search.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Smiley_Config.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Smiley_TellAFriend.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Wallpaper.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Web.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_01.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_02.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_03.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_04.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_05.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_06.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_07.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_08.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_09.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_WebDropdown_10.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\pixel.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\ProductInfo.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\profile.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\SearchEngineList.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\tbcore.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\ToolbarLayout.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\UpdateCentre.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\UpdateCentreBk.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\URLDynamic.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\URLStatic.mx c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\About.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Component_ComboBox.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_DailyVideo.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Game.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Logo.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Option.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Search.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Smiley.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Wallpaper.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Web.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_01.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_01.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_02.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_02.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_03.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_03.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_04.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_04.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_05.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_05.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_06.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_06.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_07.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_07.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_08.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_08.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_09.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_09.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_10.mg c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_WebDropdown_10.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDefault.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDisplay.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDisplay.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDisplay18.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDisplay20.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnGlitters.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnGlitters.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnGlitters18.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnGlitters20.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnOption.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnSmiley.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnSmiley.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnSmiley18.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnSmiley20.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnTellFd.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnTellFd.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnTellFd18.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnTellFd20.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnWink.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnWink.png c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnWink18.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnWink20.bmp c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\myskin1.skf c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\myskin2.skf c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\myskin3.skf c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\myskin4.skf c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\TellafriendSkin.skf c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\TellafriendSkin_s.skf c:\documents and settings\Belovic\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\ToastSkin.skf c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\config.md c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\ipdata.md c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-111559.296.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-111726.859.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-111748.812.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-111826.703.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-111852.234.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-112000.593.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-112133.656.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-112142.984.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-112513.640.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-112536.578.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-113530.984.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-130404.343.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-132843.828.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-133525.140.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-145804.375.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-151126.343.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-164919.468.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-171709.468.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-171920.484.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-173917.781.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-174534.531.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-175236.031.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-190254.093.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-190900.703.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-191504.109.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-205215.906.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-211825.140.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-213146.953.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090726-220020.156.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-094516.812.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-095816.265.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-100002.046.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-102524.250.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-112746.218.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-132638.515.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-133051.406.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-152223.109.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-154207.343.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-155559.109.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-160355.406.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-173014.968.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-174149.515.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-203109.703.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-203139.031.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-223708.359.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-110510.703.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-115129.703.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-132453.890.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-133915.062.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-134657.703.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-134743.921.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-143019.375.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-143146.031.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-153013.640.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-171220.156.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-172350.484.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-180228.781.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-181444.718.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-195422.812.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-200921.781.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-203134.359.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-001938.093.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-193820.437.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-204503.718.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-210434.578.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-223547.750.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-125224.078.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-125526.203.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-195652.875.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-202230.468.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-205945.453.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-214143.859.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-214303.593.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-214353.015.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-214717.531.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-215652.593.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-215941.750.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-220104.250.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-220138.328.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-220642.000.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-222006.906.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-222205.062.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-222228.656.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-223017.046.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-231129.234.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-232027.484.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-233429.203.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-234724.734.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090730-235849.000.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090731-160849.593.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090731-164834.109.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090731-195513.906.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090731-211437.250.log c:\documents and settings\Belovic\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\rstatus.md c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\config.md c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-111525.000.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-111559.156.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-111726.843.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-111748.796.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-111826.687.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-111852.218.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-112000.578.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-112133.640.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-112142.968.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-112513.625.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-112536.562.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-113530.968.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-130404.328.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-132843.812.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-133525.125.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-145804.359.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-151126.328.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-164919.453.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-171709.453.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-171920.468.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-173917.765.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-174534.515.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-175236.015.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-190254.078.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-190900.687.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-191504.093.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-205215.890.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-211825.125.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-213146.937.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090726-220020.140.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-094516.625.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-095816.250.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-100002.031.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-102524.234.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-112746.203.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-132638.500.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-133051.390.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-152223.078.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-154207.328.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-155559.093.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-160355.390.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-173014.953.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-174149.500.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-203109.687.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-203139.000.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090727-223708.250.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-110510.625.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-115128.968.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-132453.781.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-133915.046.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-134657.687.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-134743.906.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-143019.171.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-143146.015.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-153013.625.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-171220.140.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-172350.359.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-180228.750.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-181444.703.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-195422.781.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-200921.765.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090728-203134.328.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090729-001938.031.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090729-193820.390.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090729-204503.687.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090729-210434.562.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090729-223547.734.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-125223.734.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-125526.187.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-195652.734.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-202230.390.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-205945.437.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-214143.734.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-214303.562.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-214352.984.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-214717.500.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-215652.562.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-215941.734.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-220104.234.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-220138.312.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-220641.968.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-222006.890.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-222204.796.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-222228.625.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-223016.875.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-231129.078.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-232027.421.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-233429.187.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-234724.703.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090730-235848.984.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090731-160849.281.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090731-164834.093.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090731-195513.859.log c:\documents and settings\Belovic\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20090731-211437.234.log c:\program files\Dealio\kb106\res\DealioSearch.html c:\program files\DoubleD c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\AIMActiveXDLL.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\AxGifAnimator.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\01c9eb2893468d1fba80553d2b75bd30.gif c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\867b44b1158783875052f103c3a2f11a.gif c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\default1.dat c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\loading.dat c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Cache\loading.gif c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_DailyVideo.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Game.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Logo.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Option.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Search.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Smiley_Config.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Smiley_TellAFriend.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Wallpaper.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\Module_Web.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\pixel.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\ProductInfo.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\profile.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\SearchEngineList.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\tbcore.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\ToolbarLayout.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\UpdateCentre.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\UpdateCentreBk.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\URLDynamic.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Data\URLStatic.mx c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\chrome.manifest c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\chrome\JuicyAccessToolbar.jar c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\chrome\locale\en-US\global.dtd c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\components\DDAutoComplete.js c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\components\ISmileyCore.xpt c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\components\SmileyCore.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\components\TBFFHelper.js c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\components\TBFFHelper.xpt c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\install.rdf c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\FFToolbar\searchplugins\juicyaccesssearchplugins.xml c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\gdiplus.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\HookAPINT.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\About.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Component_ComboBox.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_DailyVideo.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Game.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Logo.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Option.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Search.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Smiley.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Wallpaper.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\Module_Web.mg c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDefault.png c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDisplay.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDisplay.png c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDisplay18.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnDisplay20.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnGlitters.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnGlitters.png c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnGlitters18.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnGlitters20.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnOption.png c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnSmiley.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnSmiley.png c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnSmiley18.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnSmiley20.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnTellFd.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnTellFd.png c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnTellFd18.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnTellFd20.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnWink.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnWink.png c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnWink18.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Icons\TBBtnWink20.bmp c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\mfc80.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Microsoft.VC80.CRT.manifest c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Microsoft.VC80.MFC.manifest c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\msvcr80.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\MyDll.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\OEActiveXDLL.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Riched20Smiley.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\SkinCrafterDll.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\myskin1.skf c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\myskin2.skf c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\myskin3.skf c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\myskin4.skf c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\TellafriendSkin.skf c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\TellafriendSkin_s.skf c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\Skins\ToastSkin.skf c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stb0.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbAol.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbapp.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbapp.exe c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbappHelper.exe c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbasst.exe c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbIE.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbMsn.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbOL.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbOLEX.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbsvc.exe c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbYahoo8.dll c:\program files\DoubleD\JuicyAccess Toolbar\4.1.3.20290\stbYahoo9.dll c:\program files\System Search Dispatcher c:\program files\System Search Dispatcher\1.3.0.840\Data\eacore.mx c:\program files\System Search Dispatcher\1.3.0.840\Data\URLDynamic.mx c:\program files\System Search Dispatcher\1.3.0.840\Data\URLStatic.mx c:\program files\System Search Dispatcher\1.3.0.840\ssd.dll c:\program files\System Search Dispatcher\1.3.0.840\unins000.dat c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe c:\windows\system32\nsr3B.dll c:\windows\system32\xaropagkcwtseyfqc.dll . ((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-31 ))))))))))))))))))))))))))))))) . 2009-07-30 20:27 . 2009-07-30 20:27 -------- dc----w- c:\documents and settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1} 2009-07-30 19:53 . 2009-07-30 19:53 -------- d-----w- c:\documents and settings\Belovic\Application Data\Uniblue 2009-07-28 10:34 . 2009-07-28 10:34 -------- d-----w- c:\documents and settings\Belovic\Local Settings\Application Data\Fallout3 2009-07-28 10:22 . 2009-07-28 10:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Fallout3 2009-07-28 10:22 . 2008-09-16 22:20 121064 ------r- c:\documents and settings\All Users\Application Data\Fallout3\setup.exe 2009-07-28 10:18 . 2009-07-28 10:18 -------- d-----w- c:\windows\system32\xlive . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-31 20:14 . 2008-11-13 17:04 169936 ----a-w- c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\FlashGot.exe 2009-07-30 20:10 . 2008-03-05 12:02 -------- d-----w- c:\documents and settings\Belovic\Application Data\uTorrent 2009-07-30 19:43 . 2007-02-25 01:11 -------- d-----w- c:\program files\ICQToolbar 2009-07-30 10:52 . 2007-02-04 17:20 -------- d-----w- c:\program files\MSN Messenger 2009-07-28 11:47 . 2008-03-18 23:15 -------- d-----w- c:\program files\SpywareBlaster 2009-07-28 10:22 . 2007-01-17 15:15 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-28 10:21 . 2008-10-18 10:01 122976 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-07-13 11:09 . 2009-01-24 12:30 10240 ----a-w- c:\documents and settings\Belovic\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe 2009-06-26 17:27 . 2008-11-18 16:40 -------- d-----w- c:\program files\Java 2009-06-26 17:27 . 2009-06-26 17:27 152576 ----a-w- c:\documents and settings\Belovic\Application Data\Sun\Java\jre1.6.0_14\lzma.dll 2009-06-17 19:32 . 2009-04-28 16:06 -------- d-----w- c:\program files\MyPlayCity 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\documents and settings\Belovic\Application Data\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\documents and settings\Belovic\Application Data\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-06-05 19:56 . 2008-04-10 11:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-05-21 09:33 . 2008-11-18 16:40 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-05-18 11:59 . 2007-01-17 15:20 47984 ----a-w- c:\documents and settings\Belovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-07 13:18 . 2009-05-07 13:18 152576 ----a-w- c:\documents and settings\Belovic\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-07-15 20:30 . 2009-07-30 19:46 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll 2008-05-05 09:30 . 2008-05-05 09:30 56 --sh--r- c:\windows\system32\EB64FDE2B9.sys 2009-02-06 19:09 . 2008-05-05 09:48 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-01-20 19:50 . 2007-01-20 15:25 68128 --sha-w- c:\windows\system32\drivers\fidbox.dat 2007-01-20 19:50 . 2007-01-20 15:25 2848 --sha-w- c:\windows\system32\drivers\fidbox2.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] 2009-06-17 19:32 2094616 ----a-w- c:\program files\MyPlayCity\tbMyP0.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016] "au"="c:\program files\Dealio\DealioAU.exe" [2007-06-27 238936] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-03-18 949376] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-08-11 1519616] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Nokia Nseries PC Suite.lnk - c:\program files\Nokia\NNPCS\RunLauncher.exe [2008-5-8 943568] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "7352:TCP"= 7352:TCP:BitComet 7352 TCP "7352:UDP"= 7352:UDP:BitComet 7352 UDP R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [19-Mar-08 00:32 15424] . . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://searchbox.digsby.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www6.yoog.com/search.php?q= FF - prefs.js: browser.search.selectedEngine - Yoog Search FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://www6.yoog.com/search.php?q= ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\fir

Profil

beli_80 Poslao: 22 Jul 2009 22:31 Idi na vrh
offline beli_80 Novi MyCity građanin Pridružio: 22 Jul 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png

Profil

dr_Bora Poslao: 22 Jul 2009 22:42 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: c:\program files\Dealio Firefox:: FF - ProfilePath - c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www6.yoog.com/search.php?q= FF - prefs.js: browser.search.selectedEngine - Yoog Search FF - prefs.js: keyword.URL - hxxp://www6.yoog.com/search.php?q= Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "au"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

beli_80 Poslao: 22 Jul 2009 22:50 Idi na vrh
offline beli_80 Novi MyCity građanin Pridružio: 22 Jul 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-07-22.01 - Belovic 31-Jul-09 22:39.3.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.3326.2752 [GMT 2:00] Running from: c:\documents and settings\Belovic\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Belovic\Desktop\CFScript.txt AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Dealio c:\program files\Dealio\DealioAU.exe c:\program files\Dealio\kb106\Dealio.dll c:\program files\Dealio\kb106\res\as_alert.html c:\program files\Dealio\kb106\res\as_alert.js c:\program files\Dealio\kb106\res\as_sidebar.html c:\program files\Dealio\kb106\res\asm_alert.html c:\program files\Dealio\kb106\res\asm_alert.js c:\program files\Dealio\kb106\res\blank.gif c:\program files\Dealio\kb106\res\button_find-similar.gif c:\program files\Dealio\kb106\res\button_find-similar_off.gif c:\program files\Dealio\kb106\res\button_view-item.gif c:\program files\Dealio\kb106\res\button_view-item_off.gif c:\program files\Dealio\kb106\res\buyitnow.gif c:\program files\Dealio\kb106\res\carts.jpg c:\program files\Dealio\kb106\res\carts340.jpg c:\program files\Dealio\kb106\res\corner_bl.gif c:\program files\Dealio\kb106\res\corner_br.gif c:\program files\Dealio\kb106\res\corner_ul.gif c:\program files\Dealio\kb106\res\corner_ur.gif c:\program files\Dealio\kb106\res\deal_report.jpg c:\program files\Dealio\kb106\res\deals-endcap.gif c:\program files\Dealio\kb106\res\deals-leftcap.gif c:\program files\Dealio\kb106\res\ebay_bar.gif c:\program files\Dealio\kb106\res\ebay_login.jpg c:\program files\Dealio\kb106\res\eBay_m_alert.html c:\program files\Dealio\kb106\res\eBay_m_alert.js c:\program files\Dealio\kb106\res\eBay_s_alert.html c:\program files\Dealio\kb106\res\eBay_s_alert.js c:\program files\Dealio\kb106\res\ebaylogo.gif c:\program files\Dealio\kb106\res\endcap.png c:\program files\Dealio\kb106\res\err_mainwindow.html c:\program files\Dealio\kb106\res\err_sidebar.html c:\program files\Dealio\kb106\res\err_toolbar.html c:\program files\Dealio\kb106\res\error_404.html c:\program files\Dealio\kb106\res\error_502.html c:\program files\Dealio\kb106\res\global_scripts.js c:\program files\Dealio\kb106\res\green_button_bg.gif c:\program files\Dealio\kb106\res\green_button_flat.gif c:\program files\Dealio\kb106\res\green_button_raised.gif c:\program files\Dealio\kb106\res\green_button_raised_bg.gif c:\program files\Dealio\kb106\res\header.gif c:\program files\Dealio\kb106\res\header340.gif c:\program files\Dealio\kb106\res\headerbgthin.jpg c:\program files\Dealio\kb106\res\headerbgthin_highlight.gif c:\program files\Dealio\kb106\res\image-frame_large.gif c:\program files\Dealio\kb106\res\image-frame_small.gif c:\program files\Dealio\kb106\res\logo.png c:\program files\Dealio\kb106\res\logo_over.png c:\program files\Dealio\kb106\res\man_sidebar.html c:\program files\Dealio\kb106\res\man_toolbar.html c:\program files\Dealio\kb106\res\man_toolbar.js c:\program files\Dealio\kb106\res\no-image_125.gif c:\program files\Dealio\kb106\res\no-image_large.gif c:\program files\Dealio\kb106\res\no-image_small.gif c:\program files\Dealio\kb106\res\pill_bg.gif c:\program files\Dealio\kb106\res\post-this-deal.gif c:\program files\Dealio\kb106\res\post-this-deal_over.gif c:\program files\Dealio\kb106\res\ps.png c:\program files\Dealio\kb106\res\ps_over.png c:\program files\Dealio\kb106\res\scripts.js c:\program files\Dealio\kb106\res\scroller.js c:\program files\Dealio\kb106\res\search-ebay.gif c:\program files\Dealio\kb106\res\search-google-hover.gif c:\program files\Dealio\kb106\res\search-google.gif c:\program files\Dealio\kb106\res\search_bg_blink.gif c:\program files\Dealio\kb106\res\separator.gif c:\program files\Dealio\kb106\res\settings.gif c:\program files\Dealio\kb106\res\settings_over.gif c:\program files\Dealio\kb106\res\sidebar.html c:\program files\Dealio\kb106\res\steals_bg.gif c:\program files\Dealio\kb106\res\tab_dotd_hover.gif c:\program files\Dealio\kb106\res\toast.css c:\program files\Dealio\kb106\res\toast_ybp1.css c:\program files\Dealio\kb106\res\toolbar_background.gif c:\program files\Dealio\kb106\res\tri_header_small.gif c:\program files\Dealio\kb106\res\xbutton.gif c:\program files\Dealio\kb106\res\xbutton_over.gif c:\program files\Dealio\kb106\rules\index.81.40 c:\program files\Dealio\kb106\rules\rules.1.10.76 c:\program files\Dealio\kb106\rules\rules.1.109.43 c:\program files\Dealio\kb106\rules\rules.1.110.43 c:\program files\Dealio\kb106\rules\rules.1.12.52 c:\program files\Dealio\kb106\rules\rules.1.13.58 c:\program files\Dealio\kb106\rules\rules.1.130.58 c:\program files\Dealio\kb106\rules\rules.1.135.50 c:\program files\Dealio\kb106\rules\rules.1.153.44 c:\program files\Dealio\kb106\rules\rules.1.155.43 c:\program files\Dealio\kb106\rules\rules.1.156.49 c:\program files\Dealio\kb106\rules\rules.1.16.60 c:\program files\Dealio\kb106\rules\rules.1.161.52 c:\program files\Dealio\kb106\rules\rules.1.178.66 c:\program files\Dealio\kb106\rules\rules.1.184.55 c:\program files\Dealio\kb106\rules\rules.1.188.52 c:\program files\Dealio\kb106\rules\rules.1.189.45 c:\program files\Dealio\kb106\rules\rules.1.196.43 c:\program files\Dealio\kb106\rules\rules.1.198.56 c:\program files\Dealio\kb106\rules\rules.1.199.43 c:\program files\Dealio\kb106\rules\rules.1.200.53 c:\program files\Dealio\kb106\rules\rules.1.201.43 c:\program files\Dealio\kb106\rules\rules.1.202.43 c:\program files\Dealio\kb106\rules\rules.1.203.71 c:\program files\Dealio\kb106\rules\rules.1.205.62 c:\program files\Dealio\kb106\rules\rules.1.213.71 c:\program files\Dealio\kb106\rules\rules.1.214.49 c:\program files\Dealio\kb106\rules\rules.1.215.43 c:\program files\Dealio\kb106\rules\rules.1.216.67 c:\program files\Dealio\kb106\rules\rules.1.217.67 c:\program files\Dealio\kb106\rules\rules.1.218.52 c:\program files\Dealio\kb106\rules\rules.1.219.43 c:\program files\Dealio\kb106\rules\rules.1.220.43 c:\program files\Dealio\kb106\rules\rules.1.221.57 c:\program files\Dealio\kb106\rules\rules.1.222.43 c:\program files\Dealio\kb106\rules\rules.1.223.68 c:\program files\Dealio\kb106\rules\rules.1.226.68 c:\program files\Dealio\kb106\rules\rules.1.227.43 c:\program files\Dealio\kb106\rules\rules.1.228.62 c:\program files\Dealio\kb106\rules\rules.1.229.76 c:\program files\Dealio\kb106\rules\rules.1.23.63 c:\program files\Dealio\kb106\rules\rules.1.239.43 c:\program files\Dealio\kb106\rules\rules.1.24.43 c:\program files\Dealio\kb106\rules\rules.1.240.43 c:\program files\Dealio\kb106\rules\rules.1.241.43 c:\program files\Dealio\kb106\rules\rules.1.242.43 c:\program files\Dealio\kb106\rules\rules.1.243.77 c:\program files\Dealio\kb106\rules\rules.1.244.63 c:\program files\Dealio\kb106\rules\rules.1.245.43 c:\program files\Dealio\kb106\rules\rules.1.247.43 c:\program files\Dealio\kb106\rules\rules.1.248.43 c:\program files\Dealio\kb106\rules\rules.1.249.43 c:\program files\Dealio\kb106\rules\rules.1.250.43 c:\program files\Dealio\kb106\rules\rules.1.251.43 c:\program files\Dealio\kb106\rules\rules.1.252.43 c:\program files\Dealio\kb106\rules\rules.1.253.43 c:\program files\Dealio\kb106\rules\rules.1.254.43 c:\program files\Dealio\kb106\rules\rules.1.255.43 c:\program files\Dealio\kb106\rules\rules.1.256.43 c:\program files\Dealio\kb106\rules\rules.1.257.43 c:\program files\Dealio\kb106\rules\rules.1.279.43 c:\program files\Dealio\kb106\rules\rules.1.28.58 c:\program files\Dealio\kb106\rules\rules.1.282.75 c:\program files\Dealio\kb106\rules\rules.1.283.43 c:\program files\Dealio\kb106\rules\rules.1.284.43 c:\program files\Dealio\kb106\rules\rules.1.289.67 c:\program files\Dealio\kb106\rules\rules.1.290.62 c:\program files\Dealio\kb106\rules\rules.1.291.61 c:\program files\Dealio\kb106\rules\rules.1.296.43 c:\program files\Dealio\kb106\rules\rules.1.297.43 c:\program files\Dealio\kb106\rules\rules.1.304.43 c:\program files\Dealio\kb106\rules\rules.1.307.43 c:\program files\Dealio\kb106\rules\rules.1.308.75 c:\program files\Dealio\kb106\rules\rules.1.31.47 c:\program files\Dealio\kb106\rules\rules.1.310.46 c:\program files\Dealio\kb106\rules\rules.1.311.43 c:\program files\Dealio\kb106\rules\rules.1.315.43 c:\program files\Dealio\kb106\rules\rules.1.316.43 c:\program files\Dealio\kb106\rules\rules.1.317.43 c:\program files\Dealio\kb106\rules\rules.1.318.43 c:\program files\Dealio\kb106\rules\rules.1.319.49 c:\program files\Dealio\kb106\rules\rules.1.32.48 c:\program files\Dealio\kb106\rules\rules.1.334.44 c:\program files\Dealio\kb106\rules\rules.1.335.60 c:\program files\Dealio\kb106\rules\rules.1.336.44 c:\program files\Dealio\kb106\rules\rules.1.337.44 c:\program files\Dealio\kb106\rules\rules.1.338.75 c:\program files\Dealio\kb106\rules\rules.1.339.47 c:\program files\Dealio\kb106\rules\rules.1.34.43 c:\program files\Dealio\kb106\rules\rules.1.340.47 c:\program files\Dealio\kb106\rules\rules.1.341.47 c:\program files\Dealio\kb106\rules\rules.1.349.50 c:\program files\Dealio\kb106\rules\rules.1.35.48 c:\program files\Dealio\kb106\rules\rules.1.350.50 c:\program files\Dealio\kb106\rules\rules.1.351.51 c:\program files\Dealio\kb106\rules\rules.1.352.77 c:\program files\Dealio\kb106\rules\rules.1.353.51 c:\program files\Dealio\kb106\rules\rules.1.354.51 c:\program files\Dealio\kb106\rules\rules.1.357.62 c:\program files\Dealio\kb106\rules\rules.1.358.52 c:\program files\Dealio\kb106\rules\rules.1.359.52 c:\program files\Dealio\kb106\rules\rules.1.360.53 c:\program files\Dealio\kb106\rules\rules.1.361.54 c:\program files\Dealio\kb106\rules\rules.1.362.68 c:\program files\Dealio\kb106\rules\rules.1.363.58 c:\program files\Dealio\kb106\rules\rules.1.364.54 c:\program files\Dealio\kb106\rules\rules.1.365.53 c:\program files\Dealio\kb106\rules\rules.1.367.56 c:\program files\Dealio\kb106\rules\rules.1.368.58 c:\program files\Dealio\kb106\rules\rules.1.369.55 c:\program files\Dealio\kb106\rules\rules.1.370.80 c:\program files\Dealio\kb106\rules\rules.1.371.56 c:\program files\Dealio\kb106\rules\rules.1.372.57 c:\program files\Dealio\kb106\rules\rules.1.373.55 c:\program files\Dealio\kb106\rules\rules.1.375.56 c:\program files\Dealio\kb106\rules\rules.1.376.57 c:\program files\Dealio\kb106\rules\rules.1.377.55 c:\program files\Dealio\kb106\rules\rules.1.378.65 c:\program files\Dealio\kb106\rules\rules.1.384.58 c:\program files\Dealio\kb106\rules\rules.1.386.71 c:\program files\Dealio\kb106\rules\rules.1.387.59 c:\program files\Dealio\kb106\rules\rules.1.388.59 c:\program files\Dealio\kb106\rules\rules.1.389.59 c:\program files\Dealio\kb106\rules\rules.1.390.60 c:\program files\Dealio\kb106\rules\rules.1.391.78 c:\program files\Dealio\kb106\rules\rules.1.392.60 c:\program files\Dealio\kb106\rules\rules.1.393.60 c:\program files\Dealio\kb106\rules\rules.1.394.60 c:\program files\Dealio\kb106\rules\rules.1.396.61 c:\program files\Dealio\kb106\rules\rules.1.397.61 c:\program files\Dealio\kb106\rules\rules.1.398.60 c:\program files\Dealio\kb106\rules\rules.1.399.60 c:\program files\Dealio\kb106\rules\rules.1.403.61 c:\program files\Dealio\kb106\rules\rules.1.404.63 c:\program files\Dealio\kb106\rules\rules.1.405.61 c:\program files\Dealio\kb106\rules\rules.1.406.61 c:\program files\Dealio\kb106\rules\rules.1.407.76 c:\program files\Dealio\kb106\rules\rules.1.408.63 c:\program files\Dealio\kb106\rules\rules.1.409.61 c:\program files\Dealio\kb106\rules\rules.1.412.62 c:\program files\Dealio\kb106\rules\rules.1.413.62 c:\program files\Dealio\kb106\rules\rules.1.414.62 c:\program files\Dealio\kb106\rules\rules.1.415.62 c:\program files\Dealio\kb106\rules\rules.1.416.62 c:\program files\Dealio\kb106\rules\rules.1.417.62 c:\program files\Dealio\kb106\rules\rules.1.418.62 c:\program files\Dealio\kb106\rules\rules.1.419.62 c:\program files\Dealio\kb106\rules\rules.1.420.62 c:\program files\Dealio\kb106\rules\rules.1.421.62 c:\program files\Dealio\kb106\rules\rules.1.423.77 c:\program files\Dealio\kb106\rules\rules.1.424.63 c:\program files\Dealio\kb106\rules\rules.1.425.63 c:\program files\Dealio\kb106\rules\rules.1.426.63 c:\program files\Dealio\kb106\rules\rules.1.427.63 c:\program files\Dealio\kb106\rules\rules.1.428.65 c:\program files\Dealio\kb106\rules\rules.1.429.63 c:\program files\Dealio\kb106\rules\rules.1.430.63 c:\program files\Dealio\kb106\rules\rules.1.432.65 c:\program files\Dealio\kb106\rules\rules.1.433.64 c:\program files\Dealio\kb106\rules\rules.1.434.65 c:\program files\Dealio\kb106\rules\rules.1.435.64 c:\program files\Dealio\kb106\rules\rules.1.436.76 c:\program files\Dealio\kb106\rules\rules.1.437.64 c:\program files\Dealio\kb106\rules\rules.1.438.71 c:\program files\Dealio\kb106\rules\rules.1.439.71 c:\program files\Dealio\kb106\rules\rules.1.440.75 c:\program files\Dealio\kb106\rules\rules.1.442.73 c:\program files\Dealio\kb106\rules\rules.1.443.73 c:\program files\Dealio\kb106\rules\rules.1.444.73 c:\program files\Dealio\kb106\rules\rules.1.445.68 c:\program files\Dealio\kb106\rules\rules.1.446.69 c:\program files\Dealio\kb106\rules\rules.1.450.67 c:\program files\Dealio\kb106\rules\rules.1.451.67 c:\program files\Dealio\kb106\rules\rules.1.452.68 c:\program files\Dealio\kb106\rules\rules.1.453.68 c:\program files\Dealio\kb106\rules\rules.1.454.69 c:\program files\Dealio\kb106\rules\rules.1.456.69 c:\program files\Dealio\kb106\rules\rules.1.457.75 c:\program files\Dealio\kb106\rules\rules.1.458.70 c:\program files\Dealio\kb106\rules\rules.1.459.70 c:\program files\Dealio\kb106\rules\rules.1.460.69 c:\program files\Dealio\kb106\rules\rules.1.462.74 c:\program files\Dealio\kb106\rules\rules.1.463.69 c:\program files\Dealio\kb106\rules\rules.1.464.70 c:\program files\Dealio\kb106\rules\rules.1.465.68 c:\program files\Dealio\kb106\rules\rules.1.468.70 c:\program files\Dealio\kb106\rules\rules.1.469.70 c:\program files\Dealio\kb106\rules\rules.1.470.70 c:\program files\Dealio\kb106\rules\rules.1.471.73 c:\program files\Dealio\kb106\rules\rules.1.472.70 c:\program files\Dealio\kb106\rules\rules.1.478.74 c:\program files\Dealio\kb106\rules\rules.1.479.73 c:\program files\Dealio\kb106\rules\rules.1.480.68 c:\program files\Dealio\kb106\rules\rules.1.481.71 c:\program files\Dealio\kb106\rules\rules.1.482.74 c:\program files\Dealio\kb106\rules\rules.1.49.67 c:\program files\Dealio\kb106\rules\rules.1.50.43 c:\program files\Dealio\kb106\rules\rules.1.500.71 c:\program files\Dealio\kb106\rules\rules.1.501.74 c:\program files\Dealio\kb106\rules\rules.1.502.71 c:\program files\Dealio\kb106\rules\rules.1.51.69 c:\program files\Dealio\kb106\rules\rules.1.52.72 c:\program files\Dealio\kb106\rules\rules.1.520.76 c:\program files\Dealio\kb106\rules\rules.1.521.76 c:\program files\Dealio\kb106\rules\rules.1.522.76 c:\program files\Dealio\kb106\rules\rules.1.53.51 c:\program files\Dealio\kb106\rules\rules.1.531.76 c:\program files\Dealio\kb106\rules\rules.1.532.75 c:\program files\Dealio\kb106\rules\rules.1.533.77 c:\program files\Dealio\kb106\rules\rules.1.534.75 c:\program files\Dealio\kb106\rules\rules.1.54.47 c:\program files\Dealio\kb106\rules\rules.1.55.81 c:\program files\Dealio\kb106\rules\rules.1.56.69 c:\program files\Dealio\kb106\rules\rules.1.57.43 c:\program files\Dealio\kb106\rules\rules.1.58.47 c:\program files\Dealio\kb106\rules\rules.1.591.79 c:\program files\Dealio\kb106\rules\rules.1.592.79 c:\program files\Dealio\kb106\rules\rules.1.593.76 c:\program files\Dealio\kb106\rules\rules.1.594.77 c:\program files\Dealio\kb106\rules\rules.1.595.76 c:\program files\Dealio\kb106\rules\rules.1.608.78 c:\program files\Dealio\kb106\rules\rules.1.610.80 c:\program files\Dealio\kb106\rules\rules.1.611.79 c:\program files\Dealio\kb106\rules\rules.1.614.79 c:\program files\Dealio\kb106\rules\rules.1.617.79 c:\program files\Dealio\kb106\rules\rules.1.624.80 c:\program files\Dealio\kb106\rules\rules.1.63.57 c:\program files\Dealio\kb106\rules\rules.1.640.80 c:\program files\Dealio\kb106\rules\rules.1.641.80 c:\program files\Dealio\kb106\rules\rules.1.66.47 c:\program files\Dealio\kb106\rules\rules.1.70.75 c:\program files\Dealio\kb106\rules\rules.1.71.43 c:\program files\Dealio\kb106\temp\_toolbar_tmp_1384_1304_6.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_216_2160_8.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_216_224_3.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_216_3280_10.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_216_3280_12.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_2208_3488_3.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_252_2352_20.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_252_284_5.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3056_2784_4.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3524_3.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3608_15.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3612_14.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3616_12.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3620_13.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3792_16.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3792_18.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3884_19.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3520_3884_21.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3824_900_3.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_3876_3488_5.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_1140_27.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_1448_117.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_1616_9.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_1668_60.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_1672_18.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_1736_6.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_1840_54.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_2148_51.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_2212_72.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_2464_39.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_2824_30.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_2912_57.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_2980_33.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3152_87.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3252_15.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3328_36.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3344_24.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3456_42.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3476_63.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3640_45.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3764_66.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3808_123.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3900_12.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3924_21.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3964_69.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_3984_105.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_4016_75.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_404_3.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_4052_48.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_4256_126.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_4432_135.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_496_108.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_5176_99.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_5304_84.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_5964_102.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_6008_114.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_6072_81.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_628_144.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_6348_132.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_6652_93.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_6956_96.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_7320_141.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_8460_78.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_8476_152.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_8624_111.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_8796_154.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_8840_120.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_8996_129.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_9148_138.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_400_9812_90.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_460_3760_3.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1120_204.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1276_246.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1400_6.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1440_306.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1452_201.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1592_15.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1620_153.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1720_252.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1732_105.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1792_108.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1808_66.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1952_12.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_1972_150.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2240_28.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2240_30.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2240_57.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2308_243.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2316_159.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2376_294.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2412_339.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_244_63.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2540_31.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2540_33.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2736_9.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_280_297.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2904_258.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_2948_156.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3080_54.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3088_162.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3128_18.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3148_207.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3232_210.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3248_12.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3304_255.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3324_9.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3348_51.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3380_102.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3536_249.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3684_303.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3724_13.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3724_15.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3800_195.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3828_111.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3876_99.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3904_16.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3904_18.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3912_6.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_3948_147.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_396_114.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_4024_19.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_4024_21.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_4028_198.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_4040_60.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_4044_291.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_428_22.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_428_24.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_4324_348.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_4944_342.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_5332_351.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_552_3.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_5704_345.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_816_300.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_868_3.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_896_25.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_548_896_27.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_936_1908_5.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_936_3056_10.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_936_3248_11.html c:\program files\Dealio\kb106\temp\_toolbar_tmp_936_3248_15.html c:\program files\Dealio\kb106\temp\dealio-14455.log c:\program files\Dealio\kb106\temp\dod_cache.xml . ((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-31 ))))))))))))))))))))))))))))))) . 2009-07-30 20:27 . 2009-07-30 20:27 -------- dc----w- c:\documents and settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1} 2009-07-30 19:53 . 2009-07-30 19:53 -------- d-----w- c:\documents and settings\Belovic\Application Data\Uniblue 2009-07-28 10:34 . 2009-07-28 10:34 -------- d-----w- c:\documents and settings\Belovic\Local Settings\Application Data\Fallout3 2009-07-28 10:22 . 2009-07-28 10:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Fallout3 2009-07-28 10:22 . 2008-09-16 22:20 121064 ------r- c:\documents and settings\All Users\Application Data\Fallout3\setup.exe 2009-07-28 10:18 . 2009-07-28 10:18 -------- d-----w- c:\windows\system32\xlive . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-31 20:37 . 2008-11-13 17:04 169936 ----a-w- c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\FlashGot.exe 2009-07-30 20:10 . 2008-03-05 12:02 -------- d-----w- c:\documents and settings\Belovic\Application Data\uTorrent 2009-07-30 19:43 . 2007-02-25 01:11 -------- d-----w- c:\program files\ICQToolbar 2009-07-30 10:52 . 2007-02-04 17:20 -------- d-----w- c:\program files\MSN Messenger 2009-07-28 11:47 . 2008-03-18 23:15 -------- d-----w- c:\program files\SpywareBlaster 2009-07-28 10:22 . 2007-01-17 15:15 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-28 10:21 . 2008-10-18 10:01 122976 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-07-13 11:09 . 2009-01-24 12:30 10240 ----a-w- c:\documents and settings\Belovic\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe 2009-06-26 17:27 . 2008-11-18 16:40 -------- d-----w- c:\program files\Java 2009-06-26 17:27 . 2009-06-26 17:27 152576 ----a-w- c:\documents and settings\Belovic\Application Data\Sun\Java\jre1.6.0_14\lzma.dll 2009-06-17 19:32 . 2009-04-28 16:06 -------- d-----w- c:\program files\MyPlayCity 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\documents and settings\Belovic\Application Data\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 22328 ----a-w- c:\documents and settings\Belovic\Application Data\PnkBstrK.sys 2009-06-05 19:56 . 2008-04-10 11:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-06-05 19:56 . 2008-04-10 11:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-05-21 09:33 . 2008-11-18 16:40 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-05-18 11:59 . 2007-01-17 15:20 47984 ----a-w- c:\documents and settings\Belovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-07 13:18 . 2009-05-07 13:18 152576 ----a-w- c:\documents and settings\Belovic\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-07-15 20:30 . 2009-07-30 19:46 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll 2008-05-05 09:30 . 2008-05-05 09:30 56 --sh--r- c:\windows\system32\EB64FDE2B9.sys 2009-02-06 19:09 . 2008-05-05 09:48 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-01-20 19:50 . 2007-01-20 15:25 68128 --sha-w- c:\windows\system32\drivers\fidbox.dat 2007-01-20 19:50 . 2007-01-20 15:25 2848 --sha-w- c:\windows\system32\drivers\fidbox2.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] 2009-06-17 19:32 2094616 ----a-w- c:\program files\MyPlayCity\tbMyP0.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"= "c:\program files\MyPlayCity\tbMyP0.dll" [2009-06-17 2094616] [HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 1232896] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-03-18 949376] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-08-11 1519616] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Nokia Nseries PC Suite.lnk - c:\program files\Nokia\NNPCS\RunLauncher.exe [2008-5-8 943568] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "7352:TCP"= 7352:TCP:BitComet 7352 TCP "7352:UDP"= 7352:UDP:BitComet 7352 UDP R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [19-Mar-08 00:32 15424] . . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://searchbox.digsby.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Belovic\Application Data\Mozilla\Firefox\Profiles\j210w81o.default\ FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-07-31 22:42 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-436374069-842925246-725345543-1003\Software\Genie"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Documents and Settings\\Belovic\\My Documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="" "ScreenshotsDir"="c:\\Documents and Settings\\Belovic\\My Documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Documents and Settings\\Belovic\\My Documents\\Sports Interactive\\Football Manager 2009\\" "LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-930\\db\\930\\lang_db.dat" "LastSaveGame"="c:\\Documents and Settings\\Belovic\\My Documents\\Sports Interactive\\Football Manager 2009\\games\\italy.fm" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000032 "GraphStep"=dword:00000000 "SkinName"="Champions League" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000067 "UniqueID"="E4-2A70-E4DF" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "Currency"=dword:0000001c "HistoryDir"="c:\\Documents and Settings\\Belovic\\Desktop\\fm_genie_scout_2009_xe_2009\\FM Genie Scout 2009 XE\\History Points" [HKEY_USERS\S-1-5-21-436374069-842925246-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY] "??"=hex:70,d0,53,0c,a6,e7,c7,94,f7,e4,3a,9a,e1,00,0f,65,cd,05,9c,7c,46,fd,e2, bf,da,46,63,c9,e3,5e,b3,85,e4,62,67,96,a5,de,ce,e5,7f,00,24,9f,39,cb,77,26,\ "??"=hex:46,3a,ab,de,5e,84,4d,b4,eb,f4,fc,eb,b9,6f,15,3d . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(768-) c:\windows\system32\imon.dll . Completion time: 2009-07-31 22:43 ComboFix-quarantined-files.txt 2009-07-31 20:43 ComboFix2.txt 2009-07-31 20:21 ComboFix3.txt 2009-07-31 19:32 Pre-Run: 6,502,916,096 bytes free Post-Run: 6,486,286,336 bytes free 668

Profil

dr_Bora Poslao: 22 Jul 2009 23:26 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo izgleda ok. Sem ako postoji neki konkretan problem, ovde smo gotovi. Ako smo gotovi... Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

beli_80 Poslao: 22 Jul 2009 23:35 Idi na vrh
offline beli_80 Novi MyCity građanin Pridružio: 22 Jul 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesmo. Hvala ti!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem sa stbapp.exe ili stbsvc.exe

Ko je trenutno na forumu

Ukupno su 905 korisnika na forumu :: 19 registrovanih, 2 sakrivenih i 884 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bigfoot, Buzdovan, dika69, FileFinder, HrcAk47, Istman, kihot, krkalon, KUZMAR, mercedesamg, Metanoja, miodrag, nikoladim, Oscar, Rogan33, ruma, ss10, wolverined4, Zimbabwe

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by