MyCity » Ambulanta -> Arhiva Ambulante » Dobro vece

Dobro vece

Napisano na dan: 22.6.2012

Dobro vece

Sledeća strana

Pagination

Odgovori

aca022 Poslao: 22 Jun 2012 22:28 Idi na vrh
offline aca022 Ugledni građanin Pridružio: 13 Nov 2011 Poruke: 367	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Pozdrav imam keylogger i hteo bih da ga uklonim pa me zanima dali postoji neki program za uklanjanje ili neki drugi nacin.Koristim Windows SP-3 32bit.

Profil

ivance95 Poslao: 22 Jun 2012 22:31 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Pozdrav, aca022. Isprati uputstvo koje se nalazi na ovom linku: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html Ivance95 (AMF Tim)

Profil

aca022 Poslao: 23 Jun 2012 00:10 Idi na vrh
offline aca022 Ugledni građanin Pridružio: 13 Nov 2011 Poruke: 367	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 22 Jun 2012 23:11 . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by aca at 22:32:14 on 2012-06-22 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.767.260 [GMT 2:00] . AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus Disabled . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\MPK\mpk.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\BitTorrent\BitTorrent.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MCShield\mcshieldrtm.exe svchost.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\WINDOWS\system32\svchost.exe -k imgsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wscntfy.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.babylon.com/?AF=111434&babsrc=HP_ss&mntrId=e8a0207300000000000000e05290b384 uSearch Page = hxxp://search.live.com uSearch Bar = hxxp://search.live.com/sphome.aspx mStart Page = hxxp://www.bigseekpro.com/splitcam/{6A239B75-50ED-4698-97E5-A83AFCBF82EC} mSearchAssistant = hxxp://search.live.com/sphome.aspx uURLSearchHooks: Search Results Toolbar: {94366e2c-9923-431c-b0d6-747447dd0f2b} - c:\program files\searchresults1\toolbar2X.dll mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\mpk\mpk.exe BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: TheBflix Class: {a20d3070-48a5-4d26-bc4e-2c0abf707493} - c:\documents and settings\all users\application data\thebflix\bhoclass.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Complitly: {d27fc31c-6e3d-4305-8d53-acdaefa5f862} - c:\documents and settings\aca\application data\complitly\Complitly.dll BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\dealbulldog toolbar\tbcore3.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: DealBulldog Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\dealbulldog toolbar\tbcore3.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Google Update] "c:\documents and settings\aca\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe" /MINIMIZED uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe mRun: [SoundMan] SOUNDMAN.EXE mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe" IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{46525721-73F6-48DA-B7A3-8E92D4F71FCC} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\aca\application data\mozilla\firefox\profiles\gps6eezm.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\aca\application data\mozilla\firefox\profiles\gps6eezm.default\extensions\{7d2fb79e-e58c-4db5-a36f-ac1c73967f4d}\plugins\npqbc.dll FF - plugin: c:\documents and settings\aca\application data\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\aca\application data\mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: c:\documents and settings\aca\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111434 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - e8a0207300000000000000e05290b384 FF - user.js: extensions.BabylonToolbar_i.hardId - e8a0207300000000000000e05290b384 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15477 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:00:55 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-5-11 24408] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2003-1-1 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2003-1-1 337880] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-4-25 242240] R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\hwinfo32\HWiNFO32.SYS [2012-3-12 21624] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2003-1-1 20696] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2003-1-1 44768] R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-5-30 3048136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2003-1-1 136176] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-22 257696] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2003-1-1 136176] S3 SureThing Labelflash service;SureThing Labelflash service;c:\program files\common files\surething shared\stllssvr.exe [2012-3-14 74392] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-06-12 17:17:52 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-05-30 11:59:30 4966600 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll 2012-05-28 15:57:04 -------- d-----w- c:\program files\directx 2012-05-28 15:53:34 -------- d-----w- c:\program files\Digitalo Studios 2012-05-28 15:44:56 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll 2012-05-28 15:44:56 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe 2012-05-28 15:44:56 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll 2012-05-28 15:44:56 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll 2012-05-28 15:44:55 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll 2012-05-28 15:44:54 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll 2012-05-28 15:44:54 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll 2012-05-24 20:43:17 5504 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2012-05-24 19:01:43 -------- d-----w- c:\documents and settings\all users\application data\Readon 2012-05-23 21:48:11 -------- d-----w- c:\windows\system32\NtmsData . ==================== Find3M ==================== . 2012-06-02 13:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18:58 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec 2012-05-05 14:15:24 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 14:15:22 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-25 17:59:56 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-04-19 18:40:07 98304 ----a-w- c:\windows\system32\CmdLineExt.dll . ============= FINISH: 22:33:06.64 =============== https://www.mycity.rs/must-login.png Evo dds a,Gmer mi jos skenira za sada je proslo vise od 10 minuta kako skenira Dopuna: 23 Jun 2012 0:10 https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

ivance95 Poslao: 23 Jun 2012 10:16 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	1Ovo se svidja korisniku: TwinHeadedEagle Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. Ivance95 (AMF Tim)

Profil

aca022 Poslao: 23 Jun 2012 23:08 Idi na vrh
offline aca022 Ugledni građanin Pridružio: 13 Nov 2011 Poruke: 367	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 23 Jun 2012 17:13 evo sada sam dosao sa posla i uradio ComboFix : ComboFix 12-06-23.05 - aca 06/23/2012 16:54:05.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.767.153 [GMT 2:00] Running from: c:\documents and settings\aca\Desktop\ComboFix.exe AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus Disabled {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\aca\Application Data\Toolbar4 c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\27c746d432b7a753a0af8d7c033b46fe c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2b4ad282984708f7b89800e17a257476 c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2cc60d08b36af576b11419505050cc6e c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2f67f9b7129266dcee9a12d98e35994e c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\757a20d7a75ae93435ac64a6095eab39 c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9956734e872eec3ea3e17f52e84dc6cc c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9d810aab3f7bcbacb07c241f8d726714 c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9d8130b58a287707712d6ec1d17db7e6 c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c48c9e27c16419ab995d48b077a802ff c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\d07510b741bd23d4aad1749f528c1ed3 c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\d57d3f554ba48c6d60c03fb39c9099f9 c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\d8ea4c9bb43f7b6eb8cb4c444ec42a4c c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\e929ea4d588ef8100cc7e650d2bfb758 c:\documents and settings\aca\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\fd9c1bbea7c840d5659a2f136d4185fa c:\documents and settings\All Users\Application Data\MPK c:\documents and settings\All Users\Application Data\MPK\1\D0000 c:\documents and settings\All Users\Application Data\MPK\1\I41046_9771648843 c:\documents and settings\All Users\Application Data\MPK\1\I41046_9806371065 c:\documents and settings\All Users\Application Data\MPK\1\I41046_9841093287 c:\documents and settings\All Users\Application Data\MPK\1\I41046_9875815509 c:\documents and settings\All Users\Application Data\MPK\1\I41046_9910537731 c:\documents and settings\All Users\Application Data\MPK\1\I41046_9945278125 c:\documents and settings\All Users\Application Data\MPK\1\I41046_9979982176 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0014704398 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0049426620 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0084148843 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0118939815 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0153593287 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0188315509 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0223037731 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0257759954 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0292482176 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0327204398 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0361926620 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0396648843 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0431371065 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0466093287 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0500815509 c:\documents and settings\All Users\Application Data\MPK\1\I41047_0535537731 c:\documents and settings\All Users\Application Data\MPK\1\I41055_8272994329 c:\documents and settings\All Users\Application Data\MPK\1\I41055_8395551157 c:\documents and settings\All Users\Application Data\MPK\1\I41055_8395583681 c:\documents and settings\All Users\Application Data\MPK\1\S0000 c:\documents and settings\All Users\Application Data\MPK\2\D0000 c:\documents and settings\All Users\Application Data\MPK\2\S0000 c:\documents and settings\All Users\Application Data\MPK\CPDM\cpfm.bin c:\documents and settings\All Users\Application Data\MPK\M0000 c:\documents and settings\All Users\Application Data\MPK\REFOG Free Keylogger.lnk c:\documents and settings\All Users\Application Data\MPK\REFOG Free Keylogger\ REFOG Free Keylogger on the Web.lnk c:\documents and settings\All Users\Application Data\MPK\REFOG Free Keylogger\Get discount!.lnk c:\documents and settings\All Users\Application Data\MPK\REFOG Free Keylogger\Order now!.lnk c:\documents and settings\All Users\Application Data\MPK\REFOG Free Keylogger\REFOG Free Keylogger.lnk c:\documents and settings\All Users\Application Data\MPK\REFOG Keylogger.lnk c:\documents and settings\All Users\Application Data\MPK\S0000 c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Application Data\TheBflix c:\documents and settings\All Users\Application Data\TheBflix\background.html c:\documents and settings\All Users\Application Data\TheBflix\bhOClass.dll c:\documents and settings\All Users\Application Data\TheBflix\content.js c:\documents and settings\All Users\Application Data\TheBflix\data\content.js c:\documents and settings\All Users\Application Data\TheBflix\data\jsondb.js c:\documents and settings\All Users\Application Data\TheBflix\joifgdlkhokekeaenpkaehbnjhncglbh.crx c:\documents and settings\All Users\Application Data\TheBflix\settings.ini c:\documents and settings\All Users\Application Data\TheBflix\uninstall.exe C:\install.exe c:\program files\Complitly c:\program files\Complitly\chrome\ComplitlyChrome.crx c:\program files\Complitly\FireFoxExtension.exe c:\program files\Complitly\InstTracker.exe c:\program files\Complitly\support@Complitly.com\chrome.manifest c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files\Complitly\support@Complitly.com\chrome\content\options.js c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files\Complitly\support@Complitly.com\install.rdf c:\program files\Complitly\unins000.dat c:\program files\Complitly\unins000.exe c:\program files\DealBulldog Toolbar c:\program files\DealBulldog Toolbar\affid.dat c:\program files\DealBulldog Toolbar\alert_plugin.dll c:\program files\DealBulldog Toolbar\basis.xml c:\program files\DealBulldog Toolbar\CustomTabPage.dll c:\program files\DealBulldog Toolbar\icons.bmp c:\program files\DealBulldog Toolbar\info.txt c:\program files\DealBulldog Toolbar\install.ico c:\program files\DealBulldog Toolbar\MacroParserPlugin.dll c:\program files\DealBulldog Toolbar\mbback.bmp c:\program files\DealBulldog Toolbar\mbbigopen.bmp c:\program files\DealBulldog Toolbar\mbclose.bmp c:\program files\DealBulldog Toolbar\mbfwd.bmp c:\program files\DealBulldog Toolbar\mbsep.bmp c:\program files\DealBulldog Toolbar\nav1c.bmp c:\program files\DealBulldog Toolbar\somoto.dll c:\program files\DealBulldog Toolbar\TbCommonUtils.dll c:\program files\DealBulldog Toolbar\tbcore3.dll c:\program files\DealBulldog Toolbar\tbcore3.inf c:\program files\DealBulldog Toolbar\TbHelper2.exe c:\program files\DealBulldog Toolbar\uninstall.exe c:\program files\DealBulldog Toolbar\update.exe c:\program files\DealBulldog Toolbar\version.txt c:\windows\system32\MPK c:\windows\system32\MPK\cinfo.bin c:\windows\system32\MPK\Help\English\alarms.htm c:\windows\system32\MPK\Help\English\clipboard.htm c:\windows\system32\MPK\Help\English\computer.htm c:\windows\system32\MPK\Help\English\delivery.htm c:\windows\system32\MPK\Help\English\file.htm c:\windows\system32\MPK\Help\English\filters.htm c:\windows\system32\MPK\Help\English\imhelp.htm c:\windows\system32\MPK\Help\English\internet.htm c:\windows\system32\MPK\Help\English\invisible.htm c:\windows\system32\MPK\Help\English\keyboard.htm c:\windows\system32\MPK\Help\English\log_size.htm c:\windows\system32\MPK\Help\English\logging.htm c:\windows\system32\MPK\Help\English\need_update_net.htm c:\windows\system32\MPK\Help\English\password.htm c:\windows\system32\MPK\Help\English\programs.htm c:\windows\system32\MPK\Help\English\screenshot.htm c:\windows\system32\MPK\Help\English\settings_node.htm c:\windows\system32\MPK\Help\English\update.htm c:\windows\system32\MPK\Help\English\users_node.htm c:\windows\system32\MPK\Help\German\alarms.htm c:\windows\system32\MPK\Help\German\clipboard.htm c:\windows\system32\MPK\Help\German\computer.htm c:\windows\system32\MPK\Help\German\delivery.htm c:\windows\system32\MPK\Help\German\file.htm c:\windows\system32\MPK\Help\German\filters.htm c:\windows\system32\MPK\Help\German\imhelp.htm c:\windows\system32\MPK\Help\German\internet.htm c:\windows\system32\MPK\Help\German\invisible.htm c:\windows\system32\MPK\Help\German\keyboard.htm c:\windows\system32\MPK\Help\German\log_size.htm c:\windows\system32\MPK\Help\German\logging.htm c:\windows\system32\MPK\Help\German\need_update_net.htm c:\windows\system32\MPK\Help\German\password.htm c:\windows\system32\MPK\Help\German\programs.htm c:\windows\system32\MPK\Help\German\screenshot.htm c:\windows\system32\MPK\Help\German\settings_node.htm c:\windows\system32\MPK\Help\German\users_node.htm c:\windows\system32\MPK\Help\Spanish\alarms.htm c:\windows\system32\MPK\Help\Spanish\clipboard.htm c:\windows\system32\MPK\Help\Spanish\computer.htm c:\windows\system32\MPK\Help\Spanish\delivery.htm c:\windows\system32\MPK\Help\Spanish\filters.htm c:\windows\system32\MPK\Help\Spanish\internet.htm c:\windows\system32\MPK\Help\Spanish\invisible.htm c:\windows\system32\MPK\Help\Spanish\keyboard.htm c:\windows\system32\MPK\Help\Spanish\log_size.htm c:\windows\system32\MPK\Help\Spanish\logging.htm c:\windows\system32\MPK\Help\Spanish\password.htm c:\windows\system32\MPK\Help\Spanish\programs.htm c:\windows\system32\MPK\Help\Spanish\screenshot.htm c:\windows\system32\MPK\Help\Spanish\settings_node.htm c:\windows\system32\MPK\Help\Spanish\users_node.htm c:\windows\system32\MPK\icon_1.ico c:\windows\system32\MPK\Images\banner_em_english.gif c:\windows\system32\MPK\Images\banner_em_english.swf c:\windows\system32\MPK\Images\banner_em_german.gif c:\windows\system32\MPK\Images\banner_em_german.swf c:\windows\system32\MPK\Images\banner_em_spanish.gif c:\windows\system32\MPK\Images\banner_em_spanish.swf c:\windows\system32\MPK\Images\banner_english.gif c:\windows\system32\MPK\Images\banner_english.swf c:\windows\system32\MPK\Images\banner_german.gif c:\windows\system32\MPK\Images\banner_german.swf c:\windows\system32\MPK\Images\banner_pm_english.gif c:\windows\system32\MPK\Images\banner_pm_english.swf c:\windows\system32\MPK\Images\banner_pm_german.gif c:\windows\system32\MPK\Images\banner_pm_german.swf c:\windows\system32\MPK\Images\banner_pm_spanish.gif c:\windows\system32\MPK\Images\banner_pm_spanish.swf c:\windows\system32\MPK\Images\banner_russian.gif c:\windows\system32\MPK\Images\banner_spanish.gif c:\windows\system32\MPK\Images\banner_spanish.swf c:\windows\system32\MPK\Images\english.gif c:\windows\system32\MPK\Images\german.gif c:\windows\system32\MPK\Images\upgrade_aeu.png c:\windows\system32\MPK\Images\upgrade_aus.png c:\windows\system32\MPK\Images\upgrade_eu.png c:\windows\system32\MPK\Images\upgrade_faeu.png c:\windows\system32\MPK\Images\upgrade_faus.png c:\windows\system32\MPK\Images\upgrade_feu.png c:\windows\system32\MPK\Images\upgrade_fus.png c:\windows\system32\MPK\Images\upgrade_us.png c:\windows\system32\MPK\Images\vista_hide.bmp c:\windows\system32\MPK\Images\xp_hide.bmp c:\windows\system32\MPK\key.bin c:\windows\system32\MPK\Lang\Brazilian.frc c:\windows\system32\MPK\Lang\Brazilian.lng c:\windows\system32\MPK\Lang\English.frc c:\windows\system32\MPK\Lang\French.frc c:\windows\system32\MPK\Lang\French.lng c:\windows\system32\MPK\Lang\German.frc c:\windows\system32\MPK\Lang\German.lng c:\windows\system32\MPK\Lang\Italian.frc c:\windows\system32\MPK\Lang\Italian.lng c:\windows\system32\MPK\Lang\Japanese.frc c:\windows\system32\MPK\Lang\Japanese.lng c:\windows\system32\MPK\Lang\Polish.frc c:\windows\system32\MPK\Lang\Polish.lng c:\windows\system32\MPK\Lang\Portuguese.frc c:\windows\system32\MPK\Lang\Portuguese.lng c:\windows\system32\MPK\Lang\Romanian.frc c:\windows\system32\MPK\Lang\Romanian.lng c:\windows\system32\MPK\Lang\Russian.frc c:\windows\system32\MPK\Lang\Spanish.frc c:\windows\system32\MPK\Lang\Spanish.lng c:\windows\system32\MPK\Lang\Turkish.frc c:\windows\system32\MPK\Lang\Turkish.lng c:\windows\system32\MPK\Lang\Ukrainian.frc c:\windows\system32\MPK\Lang\Ukrainian.lng c:\windows\system32\MPK\libeay32.dll c:\windows\system32\MPK\lnkmst.exe c:\windows\system32\MPK\logstart.vbs c:\windows\system32\MPK\loguninstall.vbs c:\windows\system32\MPK\MPK.exe c:\windows\system32\MPK\Mpk64.dll c:\windows\system32\MPK\MPK64.exe c:\windows\system32\MPK\MPKView.exe c:\windows\system32\MPK\sqlite3.dll c:\windows\system32\MPK\ssleay32.dll c:\windows\system32\MPK\unins000.dat c:\windows\system32\MPK\unins000.exe c:\windows\system32\MPK\unins000.msg c:\windows\system32\MPK\zlib1.dll c:\windows\system32\SET287.tmp c:\windows\system32\SET28B.tmp c:\windows\system32\SET28C.tmp c:\windows\system32\SET293.tmp c:\windows\system32\SET29C.tmp c:\windows\system32\SET29D.tmp c:\windows\system32\SET29E.tmp c:\windows\system32\SET2A1.tmp c:\windows\system32\SET2D6.tmp c:\windows\system32\SET85.tmp c:\windows\system32\SET87.tmp c:\windows\system32\SET95.tmp . . ((((((((((((((((((((((((( Files Created from 2012-05-23 to 2012-06-23 ))))))))))))))))))))))))))))))) . . 2012-06-19 20:21 . 2012-06-19 20:21 -------- d-----w- c:\program files\Microsoft.NET 2012-06-12 17:17 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-05-30 11:59 . 2012-05-30 11:59 4966600 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-05-28 15:57 . 2012-05-28 15:57 -------- d-----w- c:\program files\directx 2012-05-28 15:53 . 2012-05-28 15:53 -------- d-----w- c:\program files\Digitalo Studios 2012-05-28 15:44 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll 2012-05-28 15:44 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2012-05-28 15:44 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll 2012-05-28 15:44 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll 2012-05-28 15:44 . 2002-12-05 12:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll 2012-05-28 15:44 . 2012-05-28 15:44 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll 2012-05-28 15:44 . 2012-05-28 15:44 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll 2012-05-24 20:43 . 2009-11-12 12:48 5504 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2012-05-24 20:43 . 2012-05-24 20:43 -------- d-----w- c:\program files\CDBurnerXP 2012-05-24 19:32 . 2012-05-26 19:37 -------- d-----w- c:\documents and settings\aca\Application Data\vlc 2012-05-24 19:01 . 2012-05-24 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Readon . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-23 10:16 . 2012-04-22 20:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-23 10:15 . 2003-01-02 03:45 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-02 13:19 . 2009-08-06 18:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2009-08-06 18:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2003-01-01 10:24 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2003-01-01 10:24 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2003-01-01 10:24 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2009-08-06 18:24 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2009-08-06 18:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2008-04-14 04:41 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2003-01-01 10:24 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2003-01-01 10:24 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2009-08-06 18:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2003-01-01 10:24 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2003-01-01 10:24 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:18 . 2003-01-01 20:03 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2003-01-01 20:03 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:18 . 2003-01-01 20:03 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2008-04-14 04:41 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08 . 2008-04-14 04:42 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20 . 2008-04-14 00:00 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:42 . 2008-04-14 04:42 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 14:42 . 2008-04-14 04:41 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 11:38 . 2008-04-13 23:07 385024 ------w- c:\windows\system32\html.iec 2012-05-04 13:12 . 2008-04-13 23:57 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32 . 2008-04-14 00:01 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46 . 2003-01-01 10:22 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-25 17:59 . 2012-04-25 17:59 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2012-04-19 18:40 . 2012-04-19 18:40 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2012-04-25 10:10 . 2003-01-01 10:38 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408] "BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2012-05-12 6380400] "MCShield Monitor"="c:\program files\MCShield\mcshieldrtm.exe" [2012-03-12 583680] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-04-01 5562368] "nwiz"="nwiz.exe" [2005-04-01 1495040] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-04-01 86016] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Documents and Settings\\aca\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\BitTorrent\\BitTorrent.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [5/11/2012 6:33 PM 24408] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1/1/2003 1:16 PM 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/1/2003 1:16 PM 337880] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [4/25/2012 7:59 PM 242240] R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [3/12/2012 11:52 PM 21624] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 6:27 PM 12880] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 11:55 PM 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/12/2011 1:38 AM 116608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/1/2003 1:16 PM 20696] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/1/2003 1:16 PM 136176] S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [5/30/2012 1:56 PM 3048136] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [6/5/2012 3:17 PM 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/22/2012 10:20 PM 250056] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/1/2003 1:16 PM 136176] S3 SureThing Labelflash service;SureThing Labelflash service;c:\program files\Common Files\SureThing Shared\stllssvr.exe [3/14/2012 5:45 PM 74392] . Contents of the 'Scheduled Tasks' folder . 2012-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 10:16] . 2012-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2003-01-01 11:16] . 2012-06-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2003-01-01 11:16] . 2012-06-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-1592454029-1606980848-1003Core.job - c:\documents and settings\aca\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-10 21:47] . 2012-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-1592454029-1606980848-1003UA.job - c:\documents and settings\aca\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-10 21:47] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.babylon.com/?AF=111434&babsrc=HP_ss&mntrId=e8a0207300000000000000e05290b384 mStart Page = hxxp://www.bigseekpro.com/splitcam/{6A239B75-50ED-4698-97E5-A83AFCBF82EC} TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\aca\Application Data\Mozilla\Firefox\Profiles\gps6eezm.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111434 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - e8a0207300000000000000e05290b384 FF - user.js: extensions.BabylonToolbar_i.hardId - e8a0207300000000000000e05290b384 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15477 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:00 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{94366e2c-9923-431c-b0d6-747447dd0f2b} - c:\program files\searchresults1\toolbar2X.dll WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) AddRemove-Complitly_is1 - c:\program files\Complitly\unins000.exe AddRemove-{37476589-E48E-439E-A706-56189E2ED4C4} - c:\documents and settings\All Users\Application Data\TheBflix\uninstall.exe . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-06-23 17:04 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(756) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll . Completion time: 2012-06-23 17:08:15 ComboFix-quarantined-files.txt 2012-06-23 15:08 . Pre-Run: 19,483,115,520 bytes free Post-Run: 21,540,048,896 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - FD87216ED8720C5459D5254F8E3B7254 Dopuna: 23 Jun 2012 23:08 eto poslao sam izvestaj sa ComboFix dali postoji nacin da keylogger izbrisem iz racunara?da ga iskorenim

Profil

ivance95 Poslao: 24 Jun 2012 09:28 Idi na vrh
offline ivance95 AMF pripravnik Pridružio: 04 Jul 2011 Poruke: 5424	2Ovo se svidja korisnicima: TwinHeadedEagle, ThePhilosopher Registruj se da bi pohvalio/la poruku! Tvoj kompjuter je čist što se malware-a tiče. Takođe i keylogger je obrisan. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Obavezno poseti temu "Testirajte da li vam je pretrazivac ranjiv", procitaj i isprati link koji stoji u njoj. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html Ivance95 (AMF Tim)

Profil

aca022 Poslao: 24 Jun 2012 13:34 Idi na vrh
offline aca022 Ugledni građanin Pridružio: 13 Nov 2011 Poruke: 367	1Ovo se svidja korisniku: ThePhilosopher Registruj se da bi pohvalio/la poruku! Cao sada sam stigao sa posla i video poruku hvala Ivance95 svaka cast.Puno pozdrava.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Dobro vece

Ko je trenutno na forumu

Ukupno su 1358 korisnika na forumu :: 61 registrovanih, 5 sakrivenih i 1292 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Atomski čoban, babaroga, bladesu, Boris Bosiljčić, Boris90, botta, cenejac111, Denaya, doktor1964, Dorcolac, draganca, dragoljub11987, dule10savic, Faki-Valjevo, GandorCC, goxin, HogarStrashni, ikan, ivicasimo, JimmyNapoli, Joco Skljoco, JOntra, jukeboxer, kalens021, Karla, kokodakalo, Krusarac, kunktator, kybonacci, mercedesamg, Mercury, mile23, milenko crazy north, milimoj, MiroslavD, mrvica78, nemkea71, nikoladim, NoOneEver Dreams, oganj123, opt1, Panter, Parker, Romibrat, ruso, sasa87, Shinobi, Sirius, Sićko, slonic_tonic, SR-3m, vathra, virked, VJ, Vladko, vukovi, wizzardone, YugoSlav, Zimbabwe

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by