Adware.virtumonde.fp application

3

Adware.virtumonde.fp application

offline
  • Pridružio: 04 Apr 2008
  • Poruke: 15

Uspešno uradio, dali trebo još nešto?

Zahvaljujem na pomoči dosada.

Bogo!

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Treba da postavis novi CF log.

offline
  • Pridružio: 04 Apr 2008
  • Poruke: 15

ComboFix 08-04-08.10 - XP 2008-04-18 11:32:17.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.548 [GMT 2:00]
Running from: C:\Documents and Settings\XP\Desktop\ComboFix.exe
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
TimedOut: progfile.dat

((((((((((((((((((((((((( Files Created from 2008-03-18 to 2008-04-18 )))))))))))))))))))))))))))))))
.

2008-04-17 12:47 . 2008-04-17 12:48 <DIR> d-------- C:\Program Files\Dictionary
2008-04-17 11:22 . 2008-04-17 11:30 <DIR> d-------- C:\Program Files\eMule
2008-04-17 08:29 . 2008-04-17 08:30 <DIR> d-------- C:\Program Files\Common Files\AVSMedia
2008-04-17 08:29 . 2008-04-17 08:30 <DIR> d-------- C:\Program Files\AVSMedia
2008-04-17 08:23 . 2008-04-17 08:23 <DIR> d-------- C:\Program Files\GNU
2008-04-16 08:31 . 2008-04-16 08:31 250 --a------ C:\WINDOWS\gmer.ini
2008-04-16 08:30 . 2008-04-16 08:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-04-09 15:06 . 2008-04-09 15:06 <DIR> d-------- C:\VundoFix Backups
2008-04-09 14:15 . 2008-04-09 14:15 <DIR> d-------- C:\WINDOWS\system32\sl-SI
2008-04-09 13:53 . 2008-03-01 15:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-09 13:53 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-09 13:53 . 2007-07-01 05:36 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-09 13:53 . 2008-03-01 15:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-09 13:53 . 2008-03-01 15:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-09 13:53 . 2008-03-01 15:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-09 13:53 . 2008-03-01 15:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-09 13:53 . 2008-03-01 15:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-09 13:53 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-04 13:10 . 2008-04-04 13:10 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-04 09:44 . 2008-04-04 09:44 <DIR> d-------- C:\Program Files\Windows Defender
2008-04-04 08:55 . 2008-04-04 08:55 1,823 --a------ C:\WINDOWS\mozver.dat
2008-04-04 08:09 . 2008-04-04 08:13 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-04-01 10:44 . 2008-04-01 10:44 <DIR> d-------- C:\Program Files\Lavasoft
2008-04-01 10:44 . 2008-04-01 10:44 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-01 10:44 . 2008-04-01 10:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-28 10:43 . 2008-03-31 09:11 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-03-26 15:24 . 2008-04-17 15:02 16 --a------ C:\WINDOWS\popcinfo.dat
2008-03-26 14:54 . 2008-03-26 14:57 <DIR> d-------- C:\Program Files\Bejeweled 2 Deluxe
2008-03-26 14:54 . 2008-03-26 14:54 720,896 --a------ C:\WINDOWS\iun6002ev.exe
2008-03-26 14:27 . 2008-03-26 14:54 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-03-26 11:30 . 2008-03-26 11:30 <DIR> d-------- C:\Documents and Settings\XP\Application Data\GRETECH
2008-03-26 11:30 . 2008-03-26 11:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\GRETECH
2008-03-26 08:57 . 2008-04-09 09:18 564 --a------ C:\WINDOWS\system32\MRT.INI
2008-03-26 08:56 . 2008-03-26 08:56 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-03-25 15:07 . 2008-03-25 15:07 8,464 --a------ C:\WINDOWS\system32\sporder.dll
2008-03-25 14:54 . 2008-03-25 14:54 <DIR> d-------- C:\Program Files\ESET
2008-03-25 14:54 . 2008-03-25 14:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-03-25 11:29 . 2008-03-25 11:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-03-25 11:11 . 2008-03-25 11:11 <DIR> d-------- C:\Program Files\Common Files\Control Panels
2008-03-25 11:09 . 2008-03-25 11:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ALM
2008-03-25 10:56 . 2008-03-25 10:56 <DIR> d-------- C:\Program Files\QuickTime
2008-03-25 10:48 . 2007-02-20 17:04 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2008-03-25 10:48 . 2007-02-20 17:04 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2008-03-25 10:41 . 2008-03-25 10:41 <DIR> d-------- C:\Program Files\Bonjour
2008-03-25 10:37 . 2008-03-25 10:37 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-03-25 10:27 . 2008-03-25 10:27 <DIR> d-------- C:\Documents and Settings\XP\Application Data\Nero
2008-03-25 10:23 . 2008-03-25 10:23 <DIR> d-------- C:\Program Files\Nero
2008-03-25 10:23 . 2008-03-28 10:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-03-25 10:01 . 2008-03-25 10:03 <DIR> d-------- C:\Program Files\TIS 2008
2008-03-20 14:26 . 2008-03-20 14:26 0 --a------ C:\WINDOWS\nsreg.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-25 12:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-03-25 09:13 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-22 08:05 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-02-22 08:05 --------- d-----w C:\Program Files\Autodesk
2008-02-22 08:05 --------- d-----w C:\Program Files\AutoCAD 2005
2008-02-22 08:04 --------- d-----w C:\Program Files\AnswerWorks 4.0
2008-02-22 08:00 --------- d-----w C:\Documents and Settings\XP\Application Data\Autodesk
2008-02-22 08:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-02-20 10:11 33,800 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2008-02-20 10:02 29,704 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2008-02-20 10:01 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\SET9B76.tmp
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\SETC3E7.tmp
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\SET9B05.tmp
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ------w C:\WINDOWS\system32\SETC3DF.tmp
2008-02-20 05:32 148,992 ----a-w C:\WINDOWS\system32\SET9B06.tmp
2008-02-20 05:32 148,992 ------w C:\WINDOWS\system32\SETC3E0.tmp
2008-02-16 22:29 3,059,712 ----a-w C:\WINDOWS\system32\SET9B93.tmp
2008-02-16 22:29 3,059,712 ------w C:\WINDOWS\system32\SETC3F5.tmp
2008-02-16 08:59 659,456 ----a-w C:\WINDOWS\system32\SET9B8A.tmp
2008-02-16 08:59 659,456 ------w C:\WINDOWS\system32\SETC3F1.tmp
2008-02-16 08:59 615,936 ----a-w C:\WINDOWS\system32\SET9B8B.tmp
2008-02-16 08:59 615,936 ------w C:\WINDOWS\system32\SETC3F2.tmp
2008-02-16 08:59 474,112 ----a-w C:\WINDOWS\system32\SET9B8C.tmp
2008-02-16 08:59 474,112 ------w C:\WINDOWS\system32\SETC3F3.tmp
2008-02-16 08:59 1,494,528 ----a-w C:\WINDOWS\system32\SET9B8D.tmp
2008-02-16 08:59 1,494,528 ------w C:\WINDOWS\system32\SETC3F4.tmp
2008-02-16 08:59 1,023,488 ----a-w C:\WINDOWS\system32\SET9B9D.tmp
2008-02-16 08:59 1,023,488 ------w C:\WINDOWS\system32\SETC3F7.tmp
2008-02-15 09:06 351,744 ----a-w C:\WINDOWS\system32\SETC3F8.tmp
2008-02-15 09:06 351,744 ----a-w C:\WINDOWS\system32\SET9BA0.tmp
.

((((((((((((((((((((((((((((( snapshot@2008-04-09_14.42.10.73 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-12 23:28:55 765,952 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2008-04-16 06:31:25 819,200 ----a-w C:\WINDOWS\gmer.dll
+ 2008-03-03 18:29:06 761,856 ----a-w C:\WINDOWS\gmer.exe
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-14 01:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2008-04-16 06:30:29 632,320 ----a-r C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}\IconCD95F66110.exe
+ 2008-04-16 06:30:29 29,184 ----a-r C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}\IconCD95F6617.exe
+ 2003-05-22 11:26:16 638,976 ----a-w C:\WINDOWS\system32\divx.dll
- 2007-08-14 01:54:10 765,952 -c--a-w C:\WINDOWS\system32\dllcache\VGX.dll
+ 2007-07-12 23:31:54 765,952 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2008-04-16 06:31:25 86,097 ----a-w C:\WINDOWS\system32\drivers\gmer.sys
- 2008-04-09 07:22:51 1,481,392 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-17 08:14:29 1,481,416 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2003-05-21 22:50:34 1,700,352 ----a-w C:\WINDOWS\system32\GdiPlus.dll
+ 2003-05-21 22:50:36 261,632 ----a-w C:\WINDOWS\system32\mcdvd_32.dll
+ 2002-01-05 14:48:16 974,848 ----a-w C:\WINDOWS\system32\mfc70.dll
+ 2002-08-19 23:41:12 413,760 ----a-w C:\WINDOWS\system32\mpg4c32.dll
+ 2002-01-05 13:40:18 487,424 ----a-w C:\WINDOWS\system32\msvcp70.dll
+ 2002-01-05 01:37:26 344,064 ----a-w C:\WINDOWS\system32\msvcr70.dll
+ 2003-05-21 11:50:38 24,576 ----a-w C:\WINDOWS\system32\msxml3a.dll
- 2006-09-07 00:43:16 14,048 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-03-06 01:22:36 14,048 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 12:44:58 282,624 ----a-w C:\WINDOWS\system32\spool\drivers\color\MXF_SDK_GenericContainer_DV_r.4.1.1.223.dll
+ 2007-11-30 12:44:58 151,552 ----a-w C:\WINDOWS\system32\spool\drivers\color\MXF_SDK_GenericContainer_MPEG_ESAudio_r.4.1.1.223.dll
+ 2007-11-30 12:44:56 401,408 ----a-w C:\WINDOWS\system32\spool\drivers\color\MXF_SDK_GenericContainer_Wave_r.4.1.1.223.dll
+ 2004-07-03 19:59:06 524,288 ----a-w C:\WINDOWS\system32\xvidcore.dll
+ 2004-07-03 20:08:04 139,264 ----a-w C:\WINDOWS\system32\xvidvfw.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2007-07-27 14:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 12:12 90112]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 20:54 623992]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 17:40 1884160]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 12:06 1443072]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 14:06 40048]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2007-07-27 14:00 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [2004-02-25 02:35:22 10872]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2008-04-13 11:20:00 415072]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 12:11]

.
Contents of the 'Scheduled Tasks' folder
"2008-04-18 09:32:42 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-04-18 11:34:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

? [1324]

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-18 11:35:25
ComboFix-quarantined-files.txt 2008-04-18 09:35:20
ComboFix2.txt 2008-04-15 06:38:29
ComboFix3.txt 2008-04-14 07:06:16
ComboFix4.txt 2008-04-11 06:21:59
ComboFix5.txt 2008-04-09 12:42:24
Pre-Run: 229,750,632,448 bytes free
Post-Run: 229,738,762,240 bytes free
.
2008-04-18 06:33:31 --- E O F ---

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Pokreni ponovo GMER, idi na "options", cekiraj "Only non MS files" i Scan.

offline
  • Pridružio: 04 Apr 2008
  • Poruke: 15

GMER 1.0.14.14205 - gmer.net
Rootkit scan 2008-04-21 09:27:23
Windows 5.1.2600 Service Pack 2


---- Modules - GMER 1.0.14 ----

Module \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) F700E000-F71CD000 (1830912 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) F6F8F000-F6FB4000 (151552 bytes)
Module \SystemRoot\system32\DRIVERS\RTL8139.SYS (Realtek RTL8139 NDIS 5.0 Driver/Realtek Semiconductor Corporation) F7870000-F7876000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F7890000-F7895000 (20480 bytes)
Module \SystemRoot\system32\drivers\RtkHDAud.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) EE98F000-EEDDE000 (4517888 bytes)
Module \SystemRoot\system32\DRIVERS\epfwtdir.sys F7600000-F760C000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\easdrv.sys (Eset AntiStealth driver/ESET) F7650000-F765B000 (45056 bytes)
Module \SystemRoot\System32\ati2dvag.dll (ATI Radeon WindowsNT Display Driver/ATI Technologies Inc.) BF9D5000-BFA18000 (274432 bytes)
Module \SystemRoot\System32\ati2cqag.dll (Central Memory Manager / Queue Server Module/ATI Technologies Inc.) BFA18000-BFA60000 (294912 bytes)
Module \SystemRoot\System32\atikvmag.dll (Virtual Command And Memory Manager/ATI Technologies Inc.) BFA60000-BFAA6000 (286720 bytes)
Module \SystemRoot\System32\ati3duag.dll (ati3duag.dll/ATI Technologies Inc. ) BFAA6000-BFCF3000 (2412544 bytes)
Module \SystemRoot\System32\ativvaxx.dll (Radeon Video Acceleration Universal Driver/ATI Technologies Inc. ) BFCF3000-BFDFD000 (1089536 bytes)
Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BFFA0000-BFFE6000 (286720 bytes)
Module \SystemRoot\system32\DRIVERS\eamon.sys (Amon monitor/ESET) EBB99000-EBBE6000 (315392 bytes)
Module \SystemRoot\System32\DRIVERS\gmer.sys (GMER Driver gmer.net/GMER) EB439000-EB44E000 (86016 bytes)

---- Processes - GMER 1.0.14 ----

Process C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Computer, Inc.) 236
Library C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Computer, Inc.) 0x00400000

Process C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Eset Service/ESET) 280
Library C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Eset Service/ESET) 0x00400000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll (Eset On-demmand Scanner Kernel/ESET) 0x21E00000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll (Eset Amon Service/ESET) 0x21300000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll (Eset Emon Service/ESET) 0x21500000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll (Eset Personal Firewall service/ESET) 0x20300000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll (Eset Update Service/ESET) 0x21100000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll (Eset Update Engine/ESET) 0x21000000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll (Eset MailPlugins Service/ESET) 0x22900000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Computer, Inc.) 0x16080000

Process C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (CLI Application (Command Line Interface)/ATI Technologies Inc.) 420
Library C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (CLI Application (Command Line Interface)/ATI Technologies Inc.) 0x00400000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Implementation.dll (CLI Application Implementation (Command Line Interface)/ATI Technologies Inc.) 0x11000000
Library C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll (LOG Foundation/ATI Technologies Inc.) 0x01030000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll (CLI Foundation/ATI Technologies Inc.) 0x01050000
Library C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll (LOG Foundation Service/ATI Technologies Inc.) 0x01090000
Library C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll (LOG Foundation Shared/ATI Technologies Inc.) 0x010B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll (CLI Foundation for XML/ATI Technologies Inc.) 0x010D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Wizard.dll (Wizard Component/ATI Technologies Inc.) 0x034D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.Clients.dll (CLI Foundation for Clients/ATI Technologies Inc.) 0x03610000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Wizard.Shared.dll (Wizard Component Shared Types/ATI Technologies Inc.) 0x03630000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.dll (Runtime Component/ATI Technologies Inc.) 0x036C0000
Library C:\Program Files\ATI Technologies\ATI.ACE\ATICCCom.dll (CCCCom/ATI Technologies Inc.) 0x03700000
Library C:\Program Files\ATI Technologies\ATI.ACE\Branding.dll ( / ) 0x03720000
Library C:\Program Files\ATI Technologies\ATI.ACE\AEM.Foundation.dll (AEM Foundation/ATI Technologies Inc.) 0x03740000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll (Shared Graphics Caste/ATI Technologies Inc.) 0x03760000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Wizard.dll (Wizard Graphics Caste/ATI Technologies Inc.) 0x03780000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Wizard.Shared.dll (Wizard Graphics Shared Caste/ATI Technologies Inc.) 0x037C0000
Library C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.DisplaysManager.Shared.dll (ACE Graphics DisplaysManager Shared/ATI Technologies Inc.) 0x03800000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Wizard.dll (Wizard DeviceCV Aspect/ATI Technologies Inc.) 0x03820000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Wizard.dll (Wizard DeviceCV2 Aspect/ATI Technologies Inc.) 0x03A80000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll (Wizard DeviceLCD Aspect/ATI Technologies Inc.) 0x03CE0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Wizard.dll (Wizard DeviceLCD2 Aspect/ATI Technologies Inc.) 0x03DC0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Wizard.dll (Wizard DeviceTV Aspect/ATI Technologies Inc.) 0x03EA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Wizard.dll (Wizard DeviceTV2 Aspect/ATI Technologies Inc.) 0x03F00000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll (Wizard DisplaysManager Aspect/ATI Technologies Inc.) 0x04400000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ( / ) 0x03F70000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Wizard.dll (Wizard Video Aspect - Quick Tasks/ATI Technologies Inc.) 0x03FD0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.TransCode.Local.Wizard.dll (Dashboard Local Caste TransCode Wizard/ATI Technologies Inc.) 0x040D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Wizard.dll (Wizard Graphics Caste InfoCentre Aspect/ATI Technologies Inc.) 0x04150000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Shared.dll (Shared Graphics Caste CV Aspect/ATI Technologies Inc.) 0x04730000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty.Graphics.Shared.dll (Shared Graphics Caste Common Display Device Aspect/ATI Technologies Inc.) 0x04750000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Shared.dll (Shared Graphics Caste CV 2 Aspect/ATI Technologies Inc.) 0x04770000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty2.Graphics.Shared.dll (Shared Graphics Caste Common Display Device Aspect/ATI Technologies Inc.) 0x04790000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Shared.dll (Shared Graphics Caste LCD Aspect/ATI Technologies Inc.) 0x047B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Shared.dll (Shared Graphics Caste LCD 2 Aspect/ATI Technologies Inc.) 0x047F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Shared.dll (Shared Graphics Caste TV Aspect/ATI Technologies Inc.) 0x04800000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Shared.dll (Shared Graphics Caste TV Aspect/ATI Technologies Inc.) 0x04840000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Shared.dll (Shared Graphics Caste R300/R400 Radeon3D Aspect/ATI Technologies Inc.) 0x04880000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Shared.dll (Shared Graphics Caste MM Video Aspect/ATI Technologies Inc.) 0x048D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.TransCode.Local.Shared.dll (Dashboard Local Caste TransCode Shared/ATI Technologies Inc.) 0x04990000
Library C:\Program Files\ATI Technologies\ATI.ACE\atixclib.dll ( / ) 0x04900000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Shared.dll (Shared Graphics Caste InforCentre Aspect/ATI Technologies Inc.) 0x04920000

Process C:\WINDOWS\system32\winlogon.exe (Windows NT Logon Application/Microsoft Corporation) 592
Library C:\WINDOWS\system32\Ati2evxx.dll (ATI External Event Utility DLL Module/ATI Technologies Inc.) 0x10000000

Process C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 812
Library C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 0x00400000
Library C:\WINDOWS\system32\Ati2edxx.dll (ati2edxx/ATI Technologies, Inc.) 0x00BB0000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 892
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Computer, Inc.) 0x16080000

Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Computer, Inc.) 0x16080000

Process C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE (CLI Application (Command Line Interface)/ATI Technologies Inc.) 1032
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE (CLI Application (Command Line Interface)/ATI Technologies Inc.) 0x00400000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Implementation.dll (CLI Application Implementation (Command Line Interface)/ATI Technologies Inc.) 0x11000000
Library C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.dll (LOG Foundation/ATI Technologies Inc.) 0x01030000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.dll (CLI Foundation/ATI Technologies Inc.) 0x01050000
Library C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Service.dll (LOG Foundation Service/ATI Technologies Inc.) 0x01090000
Library C:\Program Files\ATI Technologies\ATI.ACE\LOG.Foundation.Shared.dll (LOG Foundation Shared/ATI Technologies Inc.) 0x010B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Foundation.XManifestation.dll (CLI Foundation for XML/ATI Technologies Inc.) 0x010D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.dll (Runtime Component/ATI Technologies Inc.) 0x034D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\ATICCCom.dll (CCCCom/ATI Technologies Inc.) 0x03510000
Library C:\Program Files\ATI Technologies\ATI.ACE\AEM.Foundation.dll (AEM Foundation/ATI Technologies Inc.) 0x03530000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Shared.dll (Shared Graphics Caste/ATI Technologies Inc.) 0x036B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Caste.Graphics.Runtime.dll (Runtime Graphics Caste/ATI Technologies Inc.) 0x036D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Component.Runtime.Shared.dll (Runtime Shared/ATI Technologies Inc.) 0x03770000
Library C:\Program Files\ATI Technologies\ATI.ACE\DEM.Foundation.dll (DEM Foundation/ATI Technologies Inc.) 0x03790000
Library C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0601.dll (DEM Graphics I0601/ATI Technologies Inc.) 0x037B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.DisplaysManager.Shared.dll (ACE Graphics DisplaysManager Shared/ATI Technologies Inc.) 0x037D0000
Library C:\WINDOWS\system32\ATIDEMGR.dll (Graphics DEM/ATI Technologies Inc.) 0x04630000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU3.Graphics.Runtime.dll (Runtime Graphics Caste MultiVPU3 Aspect/ATI Technologies Inc.) 0x04A80000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU3.Graphics.Shared.dll (Shared Graphics Caste MultiVPU3 Aspect/ATI Technologies Inc.) 0x04AB0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Runtime.dll (Runtime Graphics Caste MultiVPU2 Aspect/ATI Technologies Inc.) 0x04AD0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU2.Graphics.Shared.dll (Shared Graphics Caste MultiVPU2 Aspect/ATI Technologies Inc.) 0x04AF0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Runtime.dll (Runtime Graphics Caste MultiVPU Aspect/ATI Technologies Inc.) 0x04B30000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MultiVPU.Graphics.Shared.dll (Shared Graphics Caste MultiVPU Aspect/ATI Technologies Inc.) 0x04B40000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VeryLargeDesktop.Graphics.Runtime.dll (Runtime Graphics Caste VeryLargeDesktop Aspect/ATI Technologies Inc.) 0x04D60000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VeryLargeDesktop.Graphics.Shared.dll (Shared Graphics Caste VeryLargeDesktop Aspect/ATI Technologies Inc.) 0x04D80000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Runtime.dll (Runtime Graphics Caste R300/R400 Radeon3D Aspect/ATI Technologies Inc.) 0x04DA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3DLegacy.Graphics.Runtime.dll (Runtime Graphics Caste R100/R200 Radeon3D Aspect/ATI Technologies Inc.) 0x04DE0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll (Runtime Graphics Caste Display Colour 2/ATI Technologies Inc.) 0x04E00000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll (Shared Graphics Caste Display Colour 2 Aspect/ATI Technologies Inc.) 0x04E20000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Runtime.dll (Runtime Graphics Caste Display Colour/ATI Technologies Inc.) 0x04E40000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysColour.Graphics.Shared.dll (Shared Graphics Caste Display Colour Aspect/ATI Technologies Inc.) 0x04E60000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Runtime.dll (Runtime Graphics Caste MM Video Aspect/ATI Technologies Inc.) 0x04EA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.MMVideo.Graphics.Shared.dll (Shared Graphics Caste MM Video Aspect/ATI Technologies Inc.) 0x04EB0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Runtime.dll (Runtime Graphics Caste VideoOverlay Aspect/ATI Technologies Inc.) 0x04ED0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VideoOverlay.Graphics.Shared.dll (Shared Graphics Caste VideoOverlay Aspect/ATI Technologies Inc.) 0x04EF0000
Library C:\Program Files\ATI Technologies\ATI.ACE\ACE.Graphics.VideoOverlay.Shared.dll (DACE Graphics VideoOverlay Shared/ATI Technologies Inc.) 0x04F10000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Runtime.dll (Runtime Graphics Caste SMARTGART Aspect/ATI Technologies Inc.) 0x04F30000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Runtime.dll (Runtime Graphics Caste VPU Recover Aspect/ATI Technologies Inc.) 0x04F70000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.VPURecover.Graphics.Shared.dll (Shared Graphics Caste VPU Recover Aspect/ATI Technologies Inc.) 0x04F80000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Runtime.dll (Runtime Graphics Caste WorkstationConfig Aspect/ATI Technologies Inc.) 0x04FA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll (Runtime Graphics Caste CRT Aspect/ATI Technologies Inc.) 0x04FC0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT.Graphics.Shared.dll (Shared Graphics Caste CRT Aspect/ATI Technologies Inc.) 0x04FE0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT2.Graphics.Runtime.dll (Runtime Graphics Caste CRT 2 Aspect/ATI Technologies Inc.) 0x05040000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCRT2.Graphics.Shared.dll (Shared Graphics Caste CRT 2 Aspect/ATI Technologies Inc.) 0x05050000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll (Runtime Graphics Caste LCD Aspect/ATI Technologies Inc.) 0x05090000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD.Graphics.Shared.dll (Shared Graphics Caste LCD Aspect/ATI Technologies Inc.) 0x050B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Runtime.dll (Runtime Graphics Caste LCD 2 Aspect/ATI Technologies Inc.) 0x050D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceLCD2.Graphics.Shared.dll (Shared Graphics Caste LCD 2 Aspect/ATI Technologies Inc.) 0x050F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Runtime.dll (Runtime Graphics Caste CV Aspect/ATI Technologies Inc.) 0x05110000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV.Graphics.Shared.dll (Shared Graphics Caste CV Aspect/ATI Technologies Inc.) 0x05150000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.CustomFormats.Graphics.Shared.dll (Shared Custom Formats/ATI Technologies Inc.) 0x05170000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Runtime.dll (Runtime Graphics Caste CV Aspect/ATI Technologies Inc.) 0x05190000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceCV2.Graphics.Shared.dll (Shared Graphics Caste CV 2 Aspect/ATI Technologies Inc.) 0x051F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Runtime.dll (Runtime Graphics Caste CRT Aspect/ATI Technologies Inc.) 0x05200000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Runtime.dll (Runtime Graphics Caste CRT Aspect/ATI Technologies Inc.) 0x05240000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll (Runtime Graphics Caste DFP Aspect/ATI Technologies Inc.) 0x05280000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP.Graphics.Shared.dll (Shared Graphics Caste DFP Aspect/ATI Technologies Inc.) 0x052A0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP2.Graphics.Runtime.dll (Runtime Graphics Caste DFP 2 Aspect/ATI Technologies Inc.) 0x052C0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceDFP2.Graphics.Shared.dll (Shared Graphics Caste DFP 2 Aspect/ATI Technologies Inc.) 0x052E0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Runtime.dll (Runtime Graphics Caste OverDrive3 Aspect/ATI Technologies Inc.) 0x05300000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive3.Graphics.Shared.dll (Shared Graphics Caste OverDrive3 Aspect/ATI Technologies Inc.) 0x05340000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Runtime.dll (Runtime Graphics Caste OverDrive2 Aspect/ATI Technologies Inc.) 0x05360000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Runtime.dll (Runtime Graphics Caste PowerPlay3 Aspect/ATI Technologies Inc.) 0x05390000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.PowerPlay3.Graphics.Shared.dll (Shared Graphics Caste PowerPlay3 Aspect/ATI Technologies Inc.) 0x054B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll (Runtime Graphics Caste Display Option Aspect/ATI Technologies Inc.) 0x054D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Runtime.dll (Runtime Graphics Caste Integrated UMA Frame Buffer Aspect/ATI Technologies Inc.) 0x054F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Runtime.dll (Runtime Graphics Caste InfoCentre Aspect/ATI Technologies Inc.) 0x05510000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.InfoCentre.Graphics.Shared.dll (Shared Graphics Caste InforCentre Aspect/ATI Technologies Inc.) 0x05530000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll (Runtime Graphics Caste HotkeysHandling Aspect/ATI Technologies Inc.) 0x05550000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll (Shared Graphics Caste HotkeysHandling Aspect/ATI Technologies Inc.) 0x05590000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3D.Graphics.Shared.dll (Shared Graphics Caste R300/R400 Radeon3D Aspect/ATI Technologies Inc.) 0x055A0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.Radeon3DLegacy.Graphics.Shared.dll (Shared Graphics Caste R100/R200 Radeon3D Aspect/ATI Technologies Inc.) 0x055F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0600.dll (DEM Graphics I0600/ATI Technologies Inc.) 0x05660000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.SmartGart.Graphics.Shared.dll (Shared Graphics Caste SMARTGART Aspect/ATI Technologies Inc.) 0x05670000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.WorkstationConfig.Graphics.Shared.dll (Shared Graphics Caste WorkstationConfig Aspect/ATI Technologies Inc.) 0x05690000
Library C:\Program Files\ATI Technologies\ATI.ACE\DEM.Graphics.I0602.dll (DEM Graphics I0602/ATI Technologies Inc.) 0x056B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty.Graphics.Shared.dll (Shared Graphics Caste Common Display Device Aspect/ATI Technologies Inc.) 0x056D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceProperty2.Graphics.Shared.dll (Shared Graphics Caste Common Display Device Aspect/ATI Technologies Inc.) 0x05710000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV2.Graphics.Shared.dll (Shared Graphics Caste TV Aspect/ATI Technologies Inc.) 0x05760000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DeviceTV.Graphics.Shared.dll (Shared Graphics Caste TV Aspect/ATI Technologies Inc.) 0x05780000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.OverDrive2.Graphics.Shared.dll (Shared Graphics Caste OverDrive2 Aspect/ATI Technologies Inc.) 0x05730000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll (Shared Graphics Caste Display Option Aspect/ATI Technologies Inc.) 0x057D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\CLI.Aspect.IntegratedUMAFrameBuffer.Graphics.Shared.dll (Shared Graphics Caste Integrated UMA Frame Buffer Aspect/ATI Technologies Inc.) 0x05820000
Library C:\Program Files\ATI Technologies\ATI.ACE\APM.Foundation.dll (APM Foundation/ATI Technologies Inc.) 0x058B0000

Process C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 1172
Library C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 0x00400000
Library C:\WINDOWS\system32\Ati2edxx.dll (ati2edxx/ATI Technologies, Inc.) 0x00C00000
Library C:\WINDOWS\system32\ati2evxx.dll (ATI External Event Utility DLL Module/ATI Technologies Inc.) 0x10000000

Process C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Ad-Aware 2007 Service/Lavasoft) 1420
Library C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Ad-Aware 2007 Service/Lavasoft) 0x00400000
Library C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll (CEAPI Dynamic Link Library/Lavasoft) 0x10000000
Library C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive85u.dll (PKWARE Archive API - CryptoAPI (Unicode)/PKWARE, Inc.) 0x004A0000
Library C:\Program Files\Lavasoft\Ad-Aware 2007\lavalicense.dll (License solution for Ad-Aware 2007 (desktop edition)/Lavasoft AB) 0x03E40000

Process C:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation) 1508
Library C:\WINDOWS\system32\AcSignIcon.dll (AcSignIcon Module/Autodesk) 0x626B0000
Library C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll (AcSignCore Module/Autodesk) 0x62760000
Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (PDF Shell Extension/Adobe Systems, Inc.) 0x10000000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll (Shell Extension/ESET) 0x22000000
Library C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll (Adobe Acrobat Context Menu/Adobe Systems Inc.) 0x020E0000
Library C:\Program Files\WinZip\wzshlstb.dll (WinZip Shell Extension DLL/WinZip Computing, S.L.) 0x16200000

Process C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (AcroTray/Adobe Systems Inc.) 1644
Library C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (AcroTray/Adobe Systems Inc.) 0x00400000
Library C:\Program Files\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll (Activation Licensing Service Installer/Macrovision Europe Ltd.) 0x66E00000
Library C:\Program Files\Adobe\Acrobat 8.0\Acrobat\asneu.dll (AsnEndUser Dynamic Link Library/Adobe Systems Inc.) 0x10000000
Library C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll (Adobe EPIC Personalization DLL/Adobe Systems Incorporated) 0x00B00000
Library C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll (Adobe EPIC DLL/Adobe Systems Incorporated) 0x00B70000
Library C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll (Adobe PCD DLL/Adobe Systems Incorporated) 0x00EE0000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Computer, Inc.) 0x16080000

Process C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Eset GUI/ESET) 1660
Library C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Eset GUI/ESET) 0x00400000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll (Eset On-demmand Scanner GUI/ESET) 0x21C00000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll (Eset Amon GUI/ESET) 0x21400000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll (Eset Emon GUI/ESET) 0x21600000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll (Eset Personal Firewall UI/ESET) 0x20400000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll (Eset Update GUI/ESET) 0x21200000
Library C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll (Eset MailPlugins GUI/ESET) 0x22B00000

Process C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Activation Licensing Service/Macrovision Europe Ltd.) 1744
Library C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Activation Licensing Service/Macrovision Europe Ltd.) 0x00400000

Process C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Executable/WinZip Computing, S.L.) 1756
Library C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Executable/WinZip Computing, S.L.) 0x00400000

Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1924
Library C:\WINDOWS\system32\AdobePDF.dll (Acrobat ® PDF Port/Adobe Systems Incorporated.) 0x50400000
Library C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll (Acrobat Distiller/Adobe Systems Incorporated.) 0x65000000
Library C:\WINDOWS\system32\CNMLM64.DLL (BJ Language Monitor/CANON INC.) 0x66F40000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD64.DLL (Canon BJ Print Processor Dispatcher/CANON INC.) 0x00E50000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Computer, Inc.) 0x16080000
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNMUI64.DLL (BJ Printer Driver Interface Driver/CANON INC.) 0x66900000

Process C:\Documents and Settings\XP\Desktop\gmer.exe 3880
Library C:\Documents and Settings\XP\Desktop\gmer.exe 0x00400000
Library C:\WINDOWS\gmer.dll 0x72000000

---- Services - GMER 1.0.14 ----

Service C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Ad-Aware 2007 Service/Lavasoft) [AUTO] aawservice
Service C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Version Cue CS3/Adobe Systems Incorporated) [MANUAL] Adobe Version Cue CS3
Service C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) [AUTO] Ati HotKey Poller
Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag
Service Atierecord
Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (System Level Service Utility/Autodesk, Inc.) [MANUAL] Autodesk Licensing Service
Service C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Computer, Inc.) [AUTO] Bonjour Service
Service C:\DOCUME~1\XP\LOCALS~1\Temp\catchme.sys [MANUAL] catchme
Service C:\WINDOWS\system32\DRIVERS\eamon.sys (Amon monitor/ESET) [AUTO] eamon
Service C:\WINDOWS\system32\DRIVERS\easdrv.sys (Eset AntiStealth driver/ESET) [SYSTEM] easdrv
Service C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (Eset HTTP Server Service/ESET) [MANUAL] EhttpSrv
Service C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Eset Service/ESET) [AUTO] ekrn
Service C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [SYSTEM] epfwtdir
Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Activation Licensing Service/Macrovision Europe Ltd.) [MANUAL] FLEXnet Licensing Service
Service C:\WINDOWS\System32\DRIVERS\gmer.sys (GMER Driver gmer.net/GMER) [MANUAL] gmer
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService
Service Outlook
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek RTL8139 NDIS 5.0 Driver/Realtek Semiconductor Corporation) [MANUAL] rtl8139
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv

---- EOF - GMER 1.0.14 ----

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zipuj/raruj mi sledeci folder:

C:\qoobox\quarantine

i uploaduj na sledeci link:

http://www.mycity.rs/ambulanta-upload.php

Pre toga iskljuci NOD za svaki slucaj na sledeci nacin:
http://www.nod32.com.sg/html/167/654/

offline
  • Pridružio: 04 Apr 2008
  • Poruke: 15

Fajl sam uploadao, na link koji ste naveli.

Bogo

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Kako se sad kompjuter ponasa? Ima li problema?

offline
  • Pridružio: 04 Apr 2008
  • Poruke: 15

Sada izgleda u redu, bez nekih problema. Nema više nikakvih poruka od NODa, a nema ni nikakvih otvaranja prozora u IE. Izglada, da je problem rešen.

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Ko je trenutno na forumu
 

Ukupno su 1392 korisnika na forumu :: 25 registrovanih, 3 sakrivenih i 1364 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Alibaba1981, bestguarder, Bobrock1, croato, Dimitrise93, GandorCC, Georgius, jackreacher011011, janbo, Koca Popovic, loon123, Luka Blažević, M1los, Mi lao shu, milimoj, Milometer, mrav pesadinac, Trpe Grozni, Tvrtko I, Vatreni Zmaj, VJ, Vlada1389, Volkhov-M, zlaya011, zzapNDjuric99