MyCity » Ambulanta -> Arhiva Ambulante » Posle restarta pojavljuje se opcija za rename My Computer ikonice

Posle restarta pojavljuje se opcija za rename My Computer ikonice

Napisano na dan: 18.12.2013

Posle restarta pojavljuje se opcija za rename My Computer ikonice

Sledeća strana

Pagination

Odgovori

Wisdomseeker Poslao: 18 Dec 2013 00:05 Idi na vrh
offline Wisdomseeker Super građanin Pridružio: 12 Feb 2007 Poruke: 1239	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Kao što se iz naslova vidi od juče se pojavljuje ova opcija odmah posle restarta Windows XP SP3 OS prikazano na donjoj slici. Ako može neko da proveri da li je u pitanju neki malware u pitanju. I opcije Ctrl+C i Ctrl+V se čudno ponašaju. Tekst se ne kopira i prenosi na drugo mesto pritiskom na Ctrl+C i Ctrl+V tastere. Proverio sam tasteri na tastaturi rade, rade druge kombinacije sa levim i desnim Ctrl tasterom kao i slova C i V. DDS log DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Viper at 23:53:02 on 2013-12-17 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1509 [GMT 1:00] . AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Online Armor Firewall Disabled . ============== Running Processes ================ . C:\Program Files\Sandboxie\SbieSvc.exe C:\Program Files\Online Armor\OAcat.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\Comodo\Dragon\dragon_updater.exe C:\WINDOWS\System32\alg.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = about:blank BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - c:\program files\avast software\avast! ad blocker ie\Adblocker32.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe" mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui uPolicies-Explorer: NoRecentDocsHistory = dword:1 uPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1349356710421 DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D1A4EF66-AEFA-4EDA-B556-514984963CEF} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - c:\program files\online armor\oaevent.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\viper\application data\mozilla\firefox\profiles\r9dhflej.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\viper\application data\mozilla\firefox\profiles\r9dhflej.default\extensions\{7d2fb79e-e58c-4db5-a36f-ac1c73967f4d}\plugins\npqbc.dll FF - plugin: c:\documents and settings\viper\local settings\application data\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\program files\sumatrapdf\npPdfViewer.dll FF - plugin: c:\windows\npMSDM.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-1 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-1 178304] R1 aflfile;AFLFile;c:\windows\system32\drivers\aflfile.sys [2012-11-18 22984] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-9-8 774392] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-9-8 403440] R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-8-13 22560] R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2012-9-22 210360] R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2012-9-22 34856] R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2012-9-22 31912] R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2012-12-24 203024] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2012-12-24 103696] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-9-8 35656] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-1 70384] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-9-8 50344] R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2013-11-11 2098880] R2 OAcat;Online Armor Helper Service;c:\program files\online armor\OAcat.exe [2012-9-22 584864] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-7-16 73216] R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2013-10-16 159840] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2012-12-19 114960] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2013-11-29 126224] S1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2012-9-22 44984] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680] S2 SvcOnlineArmor;Online Armor;c:\program files\online armor\OAsrv.exe [2012-9-22 4457688] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-9-8 1691480] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2013-7-16 102784] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2013-7-16 235392] S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2013-7-16 90112] S3 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\all users\application data\datacardservice\HWDeviceService.exe [2011-3-14 271712] S3 mts mobilni internet. RunOuc;mts mobilni internet. OUC;c:\program files\mts mobilni internet\updatedog\ouc.exe [2013-7-16 239968] S3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys --> c:\windows\system32\drivers\nlndis.sys [?] S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys --> c:\windows\system32\drivers\nlndis.sys [?] S3 OODefragAgent;O&O Defrag Agent;c:\program files\oo software\defrag\oodag.exe [2012-11-30 2504560] S3 rootrepeal;rootrepeal;\??\c:\windows\system32\drivers\rootrepeal.sys --> c:\windows\system32\drivers\rootrepeal.sys [?] S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 TeamViewer9;TeamViewer 9;c:\program files\teamviewer\version9\TeamViewer_Service.exe [2013-12-5 5316448] S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2012-10-1 25088] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856] . =============== File Associations =============== . FileExt: .scr: AutoCADScriptFile="c:\windows\notepad.exe" "%1" ShellExec: Opera.exe: open="c:\program files\opera\Launcher.exe" "%1" . =============== Created Last 30 ================ . 2013-12-15 03:31:43 -------- d-----w- c:\program files\Pale Moon 2013-12-14 03:32:29 -------- d-----w- c:\program files\BlackIsle 2013-11-29 18:54:36 126224 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2013-11-29 18:54:30 174864 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll 2013-11-24 10:34:59 -------- d-----w- c:\documents and settings\viper\application data\.mono 2013-11-22 03:52:45 598288 ----a-w- c:\windows\system\OLEAUT32.DLL 2013-11-22 03:52:45 1409024 ----a-w- c:\windows\system\MSVBVM60.DLL . ==================== Find3M ==================== . 2013-12-14 03:34:23 52736 ----a-w- c:\windows\ipuninst.exe 2013-12-13 00:22:38 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-12-13 00:22:37 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-11-29 18:55:30 203024 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2013-11-29 18:54:36 114960 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2013-11-29 18:54:36 103696 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2013-11-25 03:58:11 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-11-25 03:58:11 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-11-25 03:58:11 43152 ----a-w- c:\windows\avastSS.scr 2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll 2013-11-12 00:07:26 48392 ----a-w- c:\windows\system32\certsentry.dll 2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll 2013-10-30 23:43:22 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-10-30 23:43:22 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys 2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll 2013-10-29 07:57:33 43520 ------w- c:\windows\system32\licmgr10.dll 2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll 2013-10-29 07:57:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-10-29 00:45:02 385024 ------w- c:\windows\system32\html.iec 2013-10-23 23:45:49 172032 ----a-w- c:\windows\system32\scrrun.dll 2013-10-17 15:32:56 25088 ----a-w- c:\windows\system32\drivers\teamviewervpn.sys 2013-10-15 09:09:12 31912 ----a-w- c:\windows\system32\drivers\OAnet.sys 2013-10-15 09:07:48 34856 ----a-w- c:\windows\system32\drivers\OAmon.sys 2013-10-15 09:07:20 44984 ----a-w- c:\windows\system32\drivers\oahlp32.sys 2013-10-15 09:07:06 210360 ----a-w- c:\windows\system32\drivers\OADriver.sys 2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll 2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll 2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll . ============= FINISH: 23:53:19,53 =============== Attach log https://www.mycity.rs/must-login.png

Profil

NIx Car Poslao: 19 Dec 2013 00:30 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, izvini na kasnom odgovoru... Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku; Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata; Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata; Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem. Preuzmite program GMER sa donjeg linka na Desktop: GMER download Kliknite dati link; Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save. Dvoklikom pokrenite GMER. Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No; kliknite Scan i sačekajte da skeniranje bude završeno; kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1); kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan; po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2); kliknite taster >>> i odaberite Autostart karticu; po završetku kratkotrajnog skeniranja, kliknite Copy; otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3); Slikoviti prikaz postupka Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

Profil

Wisdomseeker Poslao: 19 Dec 2013 02:40 Idi na vrh
offline Wisdomseeker Super građanin Pridružio: 12 Feb 2007 Poruke: 1239	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 19 Dec 2013 2:33 ComboFix 13-12-18.01 - Viper 19.12.2013 1:13.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1567 [GMT 1:00] Running from: c:\documents and settings\Viper\Desktop\ComboFix.exe AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Online Armor Firewall Disabled {B797DAA0-7E2E-4711-8BB3-D12744F1922A} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Viper\WINDOWS c:\windows\system\msvbvm60.dll c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Created from 2013-11-19 to 2013-12-19 ))))))))))))))))))))))))))))))) . . 2013-12-18 01:45 . 2008-04-14 04:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2013-12-18 01:45 . 2001-08-17 21:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2013-12-18 01:45 . 2008-04-14 04:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2013-12-18 01:45 . 2001-08-17 21:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2013-12-18 01:45 . 2001-08-17 21:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2013-12-18 01:45 . 2001-08-17 21:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2013-12-18 01:45 . 2001-08-17 11:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys 2013-12-18 01:45 . 2008-04-13 21:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys 2013-12-18 01:44 . 2008-04-13 21:04 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys 2013-12-18 01:44 . 2008-04-14 04:42 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll 2013-12-18 01:44 . 2008-04-13 23:06 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys 2013-12-18 01:44 . 2008-04-13 21:05 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys 2013-12-18 01:44 . 2001-08-17 11:12 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys 2013-12-18 01:44 . 2001-08-17 12:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys 2013-12-18 01:43 . 2001-08-17 21:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll 2013-12-18 01:43 . 2001-08-17 21:36 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll 2013-12-18 01:43 . 2001-08-17 12:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys 2013-12-18 01:43 . 2008-04-13 21:04 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys 2013-12-18 01:43 . 2008-04-13 23:15 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys 2013-12-18 01:43 . 2001-08-17 11:10 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys 2013-12-18 01:43 . 2008-04-13 21:04 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys 2013-12-18 01:43 . 2008-04-13 21:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys 2013-12-18 01:43 . 2008-04-13 21:04 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys 2013-12-18 01:43 . 2008-04-13 21:04 11775 -c--a-w- c:\windows\system32\dllcache\wadv05nt.sys 2013-12-18 01:43 . 2008-04-13 21:04 12127 -c--a-w- c:\windows\system32\dllcache\wadv02nt.sys 2013-12-18 01:43 . 2008-04-13 21:04 12415 -c--a-w- c:\windows\system32\dllcache\wadv01nt.sys 2013-12-18 01:42 . 2001-08-17 11:13 16925 -c--a-w- c:\windows\system32\dllcache\w940nd.sys 2013-12-18 01:42 . 2001-08-17 11:13 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys 2013-12-18 01:42 . 2001-08-17 11:13 19528 -c--a-w- c:\windows\system32\dllcache\w840nd.sys 2013-12-18 01:42 . 2001-08-17 12:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys 2013-12-18 01:42 . 2001-08-17 12:28 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys 2013-12-18 01:42 . 2001-08-17 12:28 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys 2013-12-18 01:42 . 2001-08-17 11:14 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys 2013-12-18 01:42 . 2001-08-17 12:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys 2013-12-18 01:42 . 2008-04-13 23:10 5376 -c--a-w- c:\windows\system32\dllcache\viaide.sys 2013-12-18 01:41 . 2001-08-17 12:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys 2013-12-18 01:41 . 2001-08-17 12:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys 2013-12-18 01:41 . 2001-08-17 12:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys 2013-12-18 01:41 . 2001-08-17 12:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys 2013-12-18 01:41 . 2001-08-17 12:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys 2013-12-18 01:41 . 2001-08-17 12:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys 2013-12-18 01:41 . 2001-08-17 12:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys 2013-12-18 01:41 . 2001-08-17 12:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys 2013-12-18 01:41 . 2008-04-13 23:15 20608 -c--a-w- c:\windows\system32\dllcache\usbuhci.sys 2013-12-18 01:41 . 2008-04-13 23:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys 2013-12-18 01:41 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2013-12-18 01:39 . 2001-08-17 11:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys 2013-12-18 01:39 . 2001-08-17 21:36 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll 2013-12-18 01:39 . 2001-08-17 11:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys 2013-12-18 01:39 . 2001-08-17 13:56 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll 2013-12-18 01:39 . 2001-08-17 11:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys 2013-12-18 01:39 . 2001-08-17 13:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll 2013-12-18 01:39 . 2001-08-17 11:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys 2013-12-18 01:39 . 2001-08-17 21:35 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll 2013-12-18 01:39 . 2008-04-14 04:42 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe 2013-12-18 01:39 . 2001-08-17 21:36 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll 2013-12-18 01:39 . 2001-08-17 12:51 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys 2013-12-18 01:39 . 2001-08-17 13:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys 2013-12-18 01:39 . 2001-08-17 13:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys 2013-12-18 01:38 . 2001-08-17 11:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys 2013-12-18 01:38 . 2001-08-17 11:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys 2013-12-18 01:38 . 2001-08-17 11:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys 2013-12-18 01:38 . 2001-08-17 13:56 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll 2013-12-18 01:38 . 2008-04-13 23:10 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys 2013-12-18 01:38 . 2001-08-17 11:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys 2013-12-18 01:38 . 2001-08-17 11:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys 2013-12-18 01:38 . 2001-08-17 12:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys 2013-12-18 01:38 . 2001-08-17 12:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys 2013-12-18 01:36 . 2001-08-17 11:18 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys 2013-12-18 01:36 . 2001-08-17 12:51 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys 2013-12-18 01:36 . 2001-08-17 11:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys 2013-12-18 01:36 . 2001-08-17 21:36 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll 2013-12-18 01:36 . 2001-08-17 21:36 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll 2013-12-18 01:36 . 2001-08-17 12:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys 2013-12-18 01:36 . 2001-08-17 21:36 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll 2013-12-18 01:36 . 2001-08-17 13:07 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys 2013-12-18 01:36 . 2001-08-17 12:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys 2013-12-18 01:36 . 2001-08-17 11:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys 2013-12-18 01:36 . 2001-08-17 21:36 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll 2013-12-18 01:34 . 2001-08-17 21:36 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll 2013-12-18 01:34 . 2008-04-13 21:05 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys 2013-12-18 01:34 . 2001-08-17 11:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys 2013-12-18 01:34 . 2001-08-17 11:12 94698 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys 2013-12-18 01:34 . 2001-08-17 13:56 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll 2013-12-18 01:34 . 2001-08-17 11:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys 2013-12-18 01:34 . 2008-04-13 21:05 32768 -c--a-w- c:\windows\system32\dllcache\sisnic.sys 2013-12-18 01:34 . 2001-08-17 21:36 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll 2013-12-18 01:34 . 2001-08-17 11:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys 2013-12-18 01:34 . 2001-08-17 13:56 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll 2013-12-18 01:34 . 2001-08-17 11:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys 2013-12-18 01:34 . 2001-08-17 13:56 252032 -c--a-w- c:\windows\system32\dllcache\sis300iv.dll 2013-12-18 01:34 . 2001-08-17 11:50 101760 -c--a-w- c:\windows\system32\dllcache\sis300ip.sys 2013-12-18 01:33 . 2001-07-21 13:29 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys 2013-12-18 01:33 . 2001-07-21 13:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys 2013-12-18 01:33 . 2001-08-17 11:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys 2013-12-18 01:33 . 2001-08-17 21:36 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll 2013-12-18 01:33 . 2001-08-17 11:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys 2013-12-18 01:33 . 2001-08-17 12:53 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys 2013-12-18 01:33 . 2001-08-17 12:48 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys 2013-12-18 01:33 . 2001-08-17 12:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys 2013-12-18 01:33 . 2008-04-13 23:15 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys 2013-12-18 01:33 . 2001-08-17 12:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys 2013-12-18 01:33 . 2001-08-17 12:51 17280 -c--a-w- c:\windows\system32\dllcache\scr111.sys 2013-12-18 01:31 . 2008-04-14 04:42 27648 -c--a-w- c:\windows\system32\dllcache\rw430ext.dll 2013-12-18 01:31 . 2008-04-13 21:05 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys 2013-12-18 01:31 . 2001-08-17 11:12 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys 2013-12-18 01:31 . 2001-08-17 11:19 30720 -c--a-w- c:\windows\system32\dllcache\rthwcls.sys 2013-12-18 01:31 . 2001-08-17 21:36 9216 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll 2013-12-18 01:31 . 2001-08-17 11:19 3840 -c--a-w- c:\windows\system32\dllcache\rpfun.sys 2013-12-18 01:31 . 2008-04-13 23:10 79104 -c--a-w- c:\windows\system32\dllcache\rocket.sys 2013-12-18 01:31 . 2001-08-17 11:12 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys 2013-12-18 01:31 . 2001-08-17 21:36 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll 2013-12-18 01:30 . 2001-08-17 12:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys 2013-12-18 01:30 . 2001-08-17 12:28 714762 -c--a-w- c:\windows\system32\dllcache\r2mdmkxx.sys 2013-12-18 01:30 . 2001-08-17 12:28 899146 -c--a-w- c:\windows\system32\dllcache\r2mdkxga.sys 2013-12-18 01:30 . 2001-08-17 21:36 41472 -c--a-w- c:\windows\system32\dllcache\qvusd.dll 2013-12-18 01:30 . 2001-08-17 12:53 3328 -c--a-w- c:\windows\system32\dllcache\qv2kux.sys 2013-12-18 01:28 . 2001-08-17 21:36 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll 2013-12-18 01:27 . 2001-08-17 11:12 26153 -c--a-w- c:\windows\system32\dllcache\pcmlm56.sys 2013-12-18 01:26 . 2001-08-17 11:12 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys 2013-12-18 01:26 . 2001-08-17 11:20 54528 -c--a-w- c:\windows\system32\dllcache\opl3sax.sys 2013-12-18 01:26 . 2008-04-13 23:16 61696 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys 2013-12-18 01:26 . 2001-08-17 11:50 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys 2013-12-18 01:26 . 2001-08-17 21:36 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll 2013-12-18 01:26 . 2001-08-17 11:49 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-12-18 02:04 . 2013-03-01 02:40 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-12-18 02:04 . 2013-03-01 02:40 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-12-18 02:04 . 2012-09-08 22:19 410528 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-12-18 02:04 . 2012-09-08 22:19 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2013-12-18 02:04 . 2012-09-08 22:19 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-12-18 02:04 . 2012-09-08 22:19 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-12-18 02:04 . 2012-09-08 22:18 43152 ----a-w- c:\windows\avastSS.scr 2013-12-18 02:04 . 2012-09-08 22:18 270240 ----a-w- c:\windows\system32\aswBoot.exe 2013-12-14 03:34 . 2012-12-31 13:40 52736 ----a-w- c:\windows\ipuninst.exe 2013-12-13 00:22 . 2012-09-08 23:03 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-12-13 00:22 . 2012-09-08 23:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-11-29 18:55 . 2012-12-24 00:15 203024 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2013-11-29 18:54 . 2012-12-24 00:14 103696 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2013-11-29 18:54 . 2012-12-19 14:36 114960 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2013-11-13 02:59 . 2004-08-04 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll 2013-11-12 00:07 . 2013-10-10 19:19 48392 ----a-w- c:\windows\system32\certsentry.dll 2013-11-07 05:38 . 2004-08-04 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-11-06 01:03 . 2012-09-08 22:33 7168 ----a-w- c:\windows\system32\xpsp4res.dll 2013-10-30 23:43 . 2013-03-01 02:40 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-10-30 02:26 . 2004-08-04 12:00 1879040 ----a-w- c:\windows\system32\win32k.sys 2013-10-29 07:57 . 2004-08-04 12:00 920064 ----a-w- c:\windows\system32\wininet.dll 2013-10-29 07:57 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2013-10-29 07:57 . 2004-08-04 12:00 18944 ----a-w- c:\windows\system32\corpol.dll 2013-10-29 07:57 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-10-29 00:45 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec 2013-10-23 23:45 . 2004-08-04 12:00 172032 ----a-w- c:\windows\system32\scrrun.dll 2013-10-17 15:32 . 2012-10-01 20:19 25088 ----a-w- c:\windows\system32\drivers\teamviewervpn.sys 2013-10-15 09:09 . 2012-09-22 22:52 31912 ----a-w- c:\windows\system32\drivers\OAnet.sys 2013-10-15 09:07 . 2012-09-22 22:52 34856 ----a-w- c:\windows\system32\drivers\OAmon.sys 2013-10-15 09:07 . 2012-09-22 22:52 44984 ----a-w- c:\windows\system32\drivers\oahlp32.sys 2013-10-15 09:07 . 2012-09-22 22:52 210360 ----a-w- c:\windows\system32\drivers\OADriver.sys 2013-10-12 15:56 . 2004-08-04 12:00 278528 ----a-w- c:\windows\system32\oakley.dll 2013-10-09 13:12 . 2004-08-04 12:00 287744 ----a-w- c:\windows\system32\gdi32.dll 2013-10-07 10:59 . 2004-08-04 12:00 603136 ----a-w- c:\windows\system32\crypt32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"= "c:\program files\AVAST Software\Avast\aswWebRepIE.dll" [2013-12-18 1138536] . [HKEY_CLASSES_ROOT\clsid\{cc1a175a-e45b-41ed-a30c-c9b1d7a0c02f}] [HKEY_CLASSES_ROOT\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-12-18 02:04 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\documents and settings\Viper\Application Data\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\documents and settings\Viper\Application Data\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\documents and settings\Viper\Application Data\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\documents and settings\Viper\Application Data\Dropbox\bin\DropboxExt.22.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MCShield Monitor"="c:\program files\MCShield\mcshieldrtm.exe" [2013-10-26 607232] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "@OnlineArmor GUI"="c:\program files\Online Armor\oaui.exe" [2013-10-15 7558464] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-18 3764024] . [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] Source= d:\igrice\1 - Games\Fallout 2\fallout2.html FriendlyName= . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\ONLINE~2\oaevent.dll" [2013-10-15 1033968] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0OODBS . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2012-04-04 04:09 446392 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager] 2012-03-09 14:26 1073312 ----a-w- c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser] 2012-05-22 06:13 980920 ----a-w- c:\progra~1\Eraser\Eraser.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightShot] 2013-02-21 10:45 226152 ----a-w- c:\documents and settings\Viper\Local Settings\Application Data\Skillbrains\lightshot\LightShot.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray] 2012-11-30 17:57 2775920 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2010-03-17 08:52 19520544 ----a-w- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] 2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Westwood\\Dune2000\\DUNE2000.DAT"= "c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"= "c:\\Games\\World_of_Tanks\\WoTLauncher.exe"= "c:\\SIERRA\\Half-Life\\hl.exe"= "c:\\Documents and Settings\\Viper\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"= "c:\\Documents and Settings\\Viper\\Application Data\\uTorrent\\uTorrent.exe"= . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [01.03.2013 03:40 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [01.03.2013 03:40 180248] R1 aflfile;AFLFile;c:\windows\system32\drivers\aflfile.sys [18.11.2012 07:59 22984] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [08.09.2012 23:19 775952] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [08.09.2012 23:19 410528] R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [13.08.2013 00:26 22560] R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [22.09.2012 23:52 210360] R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [22.09.2012 23:52 34856] R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [22.09.2012 23:52 31912] R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [24.12.2012 01:15 203024] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [24.12.2012 01:14 103696] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [01.03.2013 03:40 67824] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [16.07.2013 15:13 73216] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [19.12.2012 15:36 114960] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [29.11.2013 19:54 126224] S1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [22.09.2012 23:52 44984] S2 aswFsBlk;aswFsBlk;\??\c:\windows\system32\drivers\aswFsBlk.sys --> c:\windows\system32\drivers\aswFsBlk.sys [?] S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [11.11.2013 16:23 2098880] S2 OAcat;Online Armor Helper Service;c:\program files\Online Armor\OAcat.exe [22.09.2012 23:52 584864] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [05.09.2013 09:34 171680] S2 SvcOnlineArmor;Online Armor;c:\program files\Online Armor\OAsrv.exe [22.09.2012 23:52 4457688] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [08.09.2012 22:21 1691480] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [16.07.2013 15:13 102784] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [16.07.2013 15:13 235392] S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [16.07.2013 15:13 90112] S3 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\All Users\Application Data\DatacardService\HWDeviceService.exe [14.03.2011 16:27 271712] S3 mts mobilni internet. RunOuc;mts mobilni internet. OUC;c:\program files\mts mobilni internet\UpdateDog\ouc.exe [16.07.2013 15:13 239968] S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys --> c:\windows\system32\DRIVERS\nlndis.sys [?] S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys --> c:\windows\system32\DRIVERS\nlndis.sys [?] S3 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [30.11.2012 18:57 2504560] S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.02.2010 12:37 517096] S3 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [05.12.2013 19:04 5316448] S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [01.10.2012 21:19 25088] . Contents of the 'Scheduled Tasks' folder . 2013-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-08 00:22] . 2013-12-18 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-08 02:04] . 2013-04-14 c:\windows\Tasks\update-S-1-5-21-854245398-1682526488-1801674531-1003.job - c:\program files\Skillbrains\Updater\Updater.exe [2013-04-14 22:26] . 2013-04-14 c:\windows\Tasks\update-sys.job - c:\program files\Skillbrains\Updater\Updater.exe [2013-04-14 22:26] . . ------- Supplementary Scan ------- . uStart Page = about:blank IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Viper\Application Data\Mozilla\Firefox\Profiles\r9dhflej.default\ FF - prefs.js: network.proxy.type - 0 . . ------- File Associations ------- . .scr=AutoCADScriptFile . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-12-19 01:17 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG15.00.00.01PROFESSIONAL"="4C5644E7437CD34D14CBCE2CECBF6163BBA4ACC89D13D9392EC8B39E9FC83BFA84A8ECF5586D23FC23D4535DB5861185756817CCA5A834DC293CF2ADA450C63305F6951FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74CC038D530D6EB3452BA7FD869164D6794252456C186353AAA7E63E97F32B527AFDD0C5AA0C513D5A93792E042237845AE277FCACD9B5AE188FDCC5C5A407F79035D99BB64C157A505DBA9F1526824DA02C8B6FA478E76F7AE6D0D5F4ABEEEF4956C81E6B648DC9170AD31D305FE239FD2548C365D72F259274D3D447A48D3478067544EE01DF9B6AEFECD3A62F36FC231B65C1173B992E4F0458B214BDCD221CCCCB4A960E6563AF7C6389B25B7D878A30012E220C0E5007D1E3C4D525CE5B77B3F59F1E531F240F8A3BB32B91E00772265B0C83142D51432C4236757105847FD850E65D86B1FF4D05339FE46605DFC9ABF4BA2A4E19F8D6ACD2C50D6A04C0ABB0BB18651E80187143A25C49D1ABBC76D8B8C94AD24D05CF2ECD4AC029BB4458F5E399A1EE193A8CA608789CC4CB91BEEEA328634F04FF58EFC2FE4BCF5DBBBC933A82DBE70A210EFF1FB9991DA4A3F69218CA4D4985152727BE2A79F045EB72CDE9E8B6A145278F53EB4835D8FB27F9999815FDDCA63EEC98AA8E5F681AC87EDDCC8C78A3296213E39F39AD8940FAB305E096A541DE3CBB1EFCF54448B0C7D3A4DE9B8BB0FB94BA27B13F65D7C4E17D1A2B1BEED0989EDBD953AEBBA25936DB0715A77CF59D9BE6E40FDF1F8B9331A98399C9796EB59DCF08A5E6AC4B43232E3B105E1CD1DE8C56167B42C6F265490111D7F75ED0730A6497E45507D05A7A8D917E99CECD0AB2F3076CC08367D9BD83CE8A21DC800BD5C31488FE335C309B30FD21A8B1CCA3DCD8292ECACF76048568FDF6316AC6106118C636D2D70843F37713640D8FBC48A77F38A528514D36F73F26533AC5716DF5E31EA26F8693C069E65B794F3E3E05586164B4DC19B3F739844839770B5F079E0682394D90BC57057C0F3E70F5BA0B3DB6B6BC1D3576F9238D4E42AB6EC284F39F0F0A4247560E0D1CEA81C9EA06C8E57EBA0A7743F945B44E7DC18965553B78AFC5DDBF0FE2D11054F39AA5D260FA5E205C88B9D83432E34B95FA2ECF77159003318CD1E2FB38D6973AC1E4B0F3809E595E28E8E06F34484F3859DD996622F452B7226CCC15D377D652D94A737FA9E50F192E34B5E8227B4B98CF3C0A4EC8B0A75E123E029F9C342BC0A427BAB5021156220D419543036489F55A24A473A8F849280950408BA3A3E8A37ED0FAD111D2AA1F6BC856922A446AD633B63DC57B4EB790C66A3B736787A5149F2EF32FDF58C62A70C5DCFDD773C6260613A73B5C57E14660E7144" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(1496) c:\windows\system32\Ati2evxx.dll . Completion time: 2013-12-19 01:19:14 ComboFix-quarantined-files.txt 2013-12-19 00:19 . Pre-Run: 48.884.064.256 bytes free Post-Run: 49.130.307.584 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 4C8AA5EEFB658C85BDEE7C7FE0E98536 10AE9EB13951B8E206480773F877A330 https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png Dopuna: 19 Dec 2013 2:40 Izgubila se opcija language bar iz taskbara.

Profil

NIx Car Poslao: 19 Dec 2013 11:58 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pronađi C:\Qoobox\Quarantine Zapakuj ga u arhivu i pošalji ga preko sledećeg linka: http://www.mycity.rs/ambulanta-upload.php Javi kad odradiš.

Profil

Wisdomseeker Poslao: 19 Dec 2013 14:56 Idi na vrh
offline Wisdomseeker Super građanin Pridružio: 12 Feb 2007 Poruke: 1239	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradio upload traženog foldera.

Profil

NIx Car Poslao: 19 Dec 2013 15:47 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Otvoriti Notepad i iskopirati sledeci tekst: `DeQuarantine:: C:\Qoobox\Quarantine\c\windows\system\msvbvm60.dll.vir Quit::` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Korak 2 Preuzmi TDSSKiller, sacuvaj alat na Desktop i dvoklikom pokreni TDSSKiller.exe U "End user Licence Agreement" dijalogu klikni na Accept. Takođe, u "KSN Statement" dijalogu klikni na Accept. klikni na dugme Start Scan Ukoliko sumnjive stavke Suspicious object budu detektovani, podrazumevana opcija (default action) jeste Skip, klikni na Continue. Ukoliko maliciozni objekti Malicious objects budu detektovani, izaberi opciju Cure. Okaci mi sadrzaj log-a sa sledece lokacije: C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt (DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)

Profil

Wisdomseeker Poslao: 19 Dec 2013 16:09 Idi na vrh
offline Wisdomseeker Super građanin Pridružio: 12 Feb 2007 Poruke: 1239	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

NIx Car Poslao: 19 Dec 2013 17:51 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Računar ti je čist što se malware-a tiče. Potrebno je da uklonimo alate koji su bili korišćeni. Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Alat ce ukloniti sve koriscene alate u ovoj temi... Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Nije potrebno dostavljati izvestaj.

Profil

Wisdomseeker Poslao: 19 Dec 2013 20:50 Idi na vrh
offline Wisdomseeker Super građanin Pridružio: 12 Feb 2007 Poruke: 1239	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK Hvala na pomoći.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Posle restarta pojavljuje se opcija za rename My Computer ikonice

Ko je trenutno na forumu

Ukupno su 906 korisnika na forumu :: 39 registrovanih, 6 sakrivenih i 861 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., AC-DC, amonsrb, Battlehammer, bojank, bojcistv, Boris90, BSD, cavatina, Denaya, DPera, Dvojac005, GandorCC, Georgius, gorican, h8propaganda, HrcAk47, Ivica1102, Karla, ksyyaj, ljuba, Lubica, marsovac 2, mercedesamg, Mi lao shu, mikrimaus, milenko crazy north, nemkea71, pein, powSrb, Rogan33, stegonosa, Sumadija34, vaso1, VP6919, yrraf, YU-UKI, |_MeD_|, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by