Virus mi resetuje racunar!

2

Virus mi resetuje racunar!

offline
  • Pridružio: 11 Avg 2010
  • Poruke: 36

ComboFix 10-08-12.01 - Milan 08/12/2010 21:06:57.1.3 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.973 [GMT 2:00]
Running from: c:\users\Milan\Desktop\ComboFix.exe
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet 3\adns.dll
c:\program files\FlashGet Network\FlashGet 3\btcoreu.dll
c:\program files\FlashGet Network\FlashGet 3\BugReport.dll
c:\program files\FlashGet Network\FlashGet 3\BugReport.exe
c:\program files\FlashGet Network\FlashGet 3\cd1.ico
c:\program files\FlashGet Network\FlashGet 3\ckcore.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\14_43260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\28_83260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\atrc.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\Codecs.zip
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\cook.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\ddnt3260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\dnet3260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drv1.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drv2.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drvc.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\hxltcolor.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\raac.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\ralf.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv10.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv20.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv30.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv40.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\sipr.dll
c:\program files\FlashGet Network\FlashGet 3\commonlib.dll
c:\program files\FlashGet Network\FlashGet 3\componentskrnl.dll
c:\program files\FlashGet Network\FlashGet 3\config\clients.met
c:\program files\FlashGet Network\FlashGet 3\config\clients.met.bak
c:\program files\FlashGet Network\FlashGet 3\config\cryptkey.dat
c:\program files\FlashGet Network\FlashGet 3\config\emfriends.met
c:\program files\FlashGet Network\FlashGet 3\config\known.met
c:\program files\FlashGet Network\FlashGet 3\config\known2_64.met
c:\program files\FlashGet Network\FlashGet 3\config\preferences.dat
c:\program files\FlashGet Network\FlashGet 3\config\preferences.ini
c:\program files\FlashGet Network\FlashGet 3\config\server.met
c:\program files\FlashGet Network\FlashGet 3\config\server_met.old
c:\program files\FlashGet Network\FlashGet 3\config\upload.met
c:\program files\FlashGet Network\FlashGet 3\corestat.dll
c:\program files\FlashGet Network\FlashGet 3\dbghelp.dll
c:\program files\FlashGet Network\FlashGet 3\fg.ico
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\default.htm
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\banner.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\bullet.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\close.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\closelabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\download-icon.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\explorer.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\ftp.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\image.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\introTextBg.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\loading.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\nextlabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\prevlabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\software.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\vod.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\FGResDetector.exe
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\about.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\ftplist_tree_icon.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\option_icon.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\quickop_hide.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\quickop_show.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\statusbar_bk.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\tasktab_close.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_back.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_bk.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_close.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_forward.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_refresh.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\lang\l.eng.xml
c:\program files\FlashGet Network\FlashGet 3\FGSoftware.exe
c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe
c:\program files\FlashGet Network\FlashGet 3\FlashGet3.xpi
c:\program files\FlashGet Network\FlashGet 3\FlashGetBHO3.dll
c:\program files\FlashGet Network\FlashGet 3\FlashGetHook.dll
c:\program files\FlashGet Network\FlashGet 3\fnsArchive.dll
c:\program files\FlashGet Network\FlashGet 3\fnsDirectuix.dll
c:\program files\FlashGet Network\FlashGet 3\fnsLanguage.dll
c:\program files\FlashGet Network\FlashGet 3\fnslanguage_en.dll
c:\program files\FlashGet Network\FlashGet 3\fnsScheduler.dll
c:\program files\FlashGet Network\FlashGet 3\fnsSecurity.dll
c:\program files\FlashGet Network\FlashGet 3\fnsSkinX.dll
c:\program files\FlashGet Network\FlashGet 3\fnsStatistics.dll
c:\program files\FlashGet Network\FlashGet 3\game.ico
c:\program files\FlashGet Network\FlashGet 3\gb2312-unicode.dic
c:\program files\FlashGet Network\FlashGet 3\gdiplus.dll
c:\program files\FlashGet Network\FlashGet 3\GetAllUrl.htm
c:\program files\FlashGet Network\FlashGet 3\GetUrl.htm
c:\program files\FlashGet Network\FlashGet 3\GoogleToolbarInstaller_download_signed.exe
c:\program files\FlashGet Network\FlashGet 3\libem.dll
c:\program files\FlashGet Network\FlashGet 3\license.txt
c:\program files\FlashGet Network\FlashGet 3\lst_tz.bin
c:\program files\FlashGet Network\FlashGet 3\P2PCore.dll
c:\program files\FlashGet Network\FlashGet 3\P2SCore.dll
c:\program files\FlashGet Network\FlashGet 3\perf.ini
c:\program files\FlashGet Network\FlashGet 3\pncrt.dll
c:\program files\FlashGet Network\FlashGet 3\RdOldDb.dll
c:\program files\FlashGet Network\FlashGet 3\RealMediaSplitter.ax
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\BarSet.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\bmsgbox_clock.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\bmsgbox_disk.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_check.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_normal.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_radio.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\desktoplink.ico
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\login_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\menu_icon.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\option_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\option_page_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\skin.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\SuspendLogo.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\SuspendNoLogo.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_backgrand.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_cancle.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_catgroy.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_group.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_new.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_open.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_option.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_pause.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_recly.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_start.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_left.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_middle.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_right.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\top_logotitle.gif
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\torrent.ico
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\userinfo_head.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\VistaStyleListItems.bmp
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\preview.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\skin.xml
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\notify.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\Gray\BarSet.png
c:\program files\FlashGet Network\FlashGet 3\storage.dll
c:\program files\FlashGet Network\FlashGet 3\SysOptimize.exe
c:\program files\FlashGet Network\FlashGet 3\uninst.exe
c:\program files\FlashGet Network\FlashGet 3\VodCore.dll
c:\program files\FlashGet Network\FlashGet 3\zlib.dll
c:\users\Milan\AppData\Roaming\.#
c:\users\Milan\AppData\Roaming\BITS
c:\users\Milan\AppData\Roaming\BITS\BITS.ini
c:\users\Milan\AppData\Roaming\BITS\DHTTable.dat
c:\users\Milan\AppData\Roaming\BITS\P2PCfg.ini
c:\users\Milan\AppData\Roaming\BITS\ProxyList.ini
c:\users\Milan\AppData\Roaming\BITS\pstat.dat
c:\users\Milan\AppData\Roaming\BITS\pup.dat
c:\users\Milan\AppData\Roaming\FlashGetBHO
c:\users\Milan\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
c:\users\Milan\AppData\Roaming\FlashGetBHO\FlashGetHook.dll
c:\users\Milan\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
c:\users\Milan\AppData\Roaming\FlashGetBHO\GetUrl.htm
c:\windows\system32\secushr.dat
c:\windows\system32\secustat.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_osppsvc


((((((((((((((((((((((((( Files Created from 2010-07-12 to 2010-08-12 )))))))))))))))))))))))))))))))
.

2010-08-12 19:04 . 2010-08-12 19:04 -------- d-----w- C:\32788R22FWJFW
2010-08-12 15:30 . 2010-02-26 23:51 6870864 ---ha-w- c:\users\Milan\AppData\Roaming\mjusbsp\in00000\setup.exe
2010-08-12 15:30 . 2010-02-26 23:45 743872 ---ha-w- c:\users\Milan\AppData\Roaming\mjusbsp\ar00000\install.exe
2010-08-11 15:10 . 2010-08-11 15:15 -------- d-----w- c:\users\Milan\AppData\Roaming\TeamViewer
2010-08-11 15:10 . 2010-08-11 15:10 -------- d-----w- c:\program files\TeamViewer
2010-08-10 18:35 . 2010-08-10 18:35 388096 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-10 18:35 . 2010-08-10 18:35 -------- d-----w- c:\program files\Trend Micro
2010-08-10 18:24 . 2010-08-10 18:24 -------- d-----w- C:\HiJackThis
2010-08-10 17:55 . 2010-06-19 04:07 2326016 ----a-w- c:\windows\system32\win32k.sys
2010-08-08 14:55 . 2010-08-08 14:55 -------- d-----w- c:\users\Milan\AppData\Local\PokerStars
2010-08-08 14:54 . 2010-08-08 14:55 -------- d-----w- c:\program files\PokerStars
2010-08-08 13:57 . 2010-08-08 13:58 -------- d-----w- c:\program files\WhereIsIt
2010-08-08 11:52 . 2010-08-08 11:54 -------- d-----w- c:\users\Milan\AppData\Local\Microsoft Games
2010-08-08 11:12 . 2010-08-08 11:52 -------- d-----w- c:\users\Milan\AppData\Roaming\SolSuite
2010-08-08 11:12 . 2010-08-08 11:12 -------- d-----w- c:\programdata\TreeCardGames
2010-08-08 11:12 . 2010-08-08 11:12 -------- d-----w- c:\program files\SolSuite
2010-08-07 22:59 . 2010-08-12 14:07 -------- d-----w- c:\program files\JDownloader
2010-08-07 22:59 . 2010-08-07 22:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-08-07 22:59 . 2010-08-07 22:59 -------- d-----w- c:\program files\Java
2010-08-07 16:46 . 2010-08-07 16:46 -------- d-----w- c:\program files\Pocket Tanks Deluxe
2010-08-07 16:23 . 2010-08-07 16:23 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-08-07 16:22 . 2008-04-07 03:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2010-08-07 16:22 . 2008-04-07 03:38 45392 ----a-r- c:\windows\system32\AdobePDF.dll
2010-08-07 16:05 . 2010-08-08 06:37 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-08-07 15:59 . 2010-08-07 15:59 -------- d-----w- c:\programdata\ALM
2010-08-07 15:51 . 2010-08-07 15:51 -------- d-----w- c:\users\Milan\Adobe Flash Builder 4
2010-08-07 15:44 . 2010-08-07 15:44 -------- d-----w- c:\program files\Adobe Media Player
2010-08-07 15:43 . 2010-08-07 15:43 10134 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe
2010-08-07 15:43 . 2010-08-07 15:43 -------- d-----w- c:\program files\My Company Name
2010-08-07 15:41 . 2010-08-07 15:41 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-07 15:41 . 2010-08-07 15:41 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-08-07 15:36 . 2010-08-07 16:29 -------- d-----w- c:\users\Milan\AppData\Local\Adobe
2010-08-07 15:20 . 2010-08-07 16:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-07 05:42 . 2003-04-30 03:02 40960 ----a-w- c:\windows\system32\ForgiveMe.exe
2010-08-06 20:24 . 2010-08-06 20:24 -------- d-----w- c:\program files\MSXML 4.0
2010-08-06 20:18 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-08-06 20:17 . 2010-08-06 20:17 -------- d-----w- c:\program files\Winamp Detect
2010-08-06 20:17 . 2010-08-07 15:43 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-08-06 20:17 . 2010-08-06 20:21 -------- d-----w- c:\users\Milan\AppData\Roaming\Winamp
2010-08-06 20:17 . 2010-08-06 20:18 -------- d-----w- c:\program files\Winamp
2010-08-06 20:14 . 2010-08-06 20:14 -------- d-----w- c:\users\Milan\AppData\Roaming\Nero
2010-08-06 20:06 . 2010-08-06 20:12 -------- d-----w- c:\programdata\Nero
2010-08-06 20:06 . 2010-08-06 20:06 -------- d-----w- c:\program files\Common Files\Nero
2010-08-06 20:06 . 2010-08-06 20:12 -------- d-----w- c:\program files\Nero
2010-08-06 19:59 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-08-06 19:59 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-08-06 19:59 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-08-06 19:59 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-08-06 19:58 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2010-08-06 19:31 . 2010-08-06 19:31 -------- d-----w- c:\program files\Alcohol Soft
2010-08-06 18:43 . 2010-08-06 18:43 -------- d-----w- c:\users\Milan\AppData\Local\Xenocode
2010-08-06 15:58 . 2010-08-07 05:36 -------- d-----w- c:\users\Milan\AppData\Local\ElevatedDiagnostics
2010-08-06 15:42 . 2010-08-06 15:42 74703 ----a-w- c:\windows\system32\mfc45.dll
2010-08-06 15:42 . 2009-11-11 17:24 20392 ----a-w- c:\programdata\iolo\RawDisk\elrawdsk.sys
2010-08-06 15:42 . 2010-08-06 15:42 -------- d-----w- c:\programdata\iolo
2010-08-06 15:42 . 2010-08-06 15:42 -------- d-----w- c:\users\Milan\AppData\Roaming\iolo
2010-08-06 15:39 . 2010-08-06 15:39 180224 ----a-w- c:\windows\system32\WinVd32.sys
2010-08-06 15:39 . 2010-08-06 15:39 7680 ----a-w- c:\windows\system32\WinFLsrv.exe
2010-08-06 15:39 . 2010-08-06 15:39 10752 ----a-w- c:\windows\system32\WinFLdrv.sys
2010-08-06 15:39 . 2010-08-06 15:40 -------- d-----w- c:\program files\Folder Lock 6
2010-08-06 15:13 . 2010-08-10 12:47 -------- d-----w- c:\users\Milan\AppData\Roaming\skypePM
2010-08-06 15:13 . 2010-08-06 15:13 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-06 15:08 . 2010-08-10 13:14 -------- d-----w- c:\users\Milan\AppData\Roaming\Skype
2010-08-06 15:08 . 2010-08-06 15:14 -------- d-----w- c:\users\Milan\AppData\Local\Google
2010-08-06 15:08 . 2010-08-06 15:10 -------- d-----w- c:\program files\Google
2010-08-06 15:08 . 2010-08-06 15:08 -------- d-----w- c:\program files\Common Files\Skype
2010-08-06 15:08 . 2010-08-06 15:08 -------- d-----r- c:\program files\Skype
2010-08-06 15:08 . 2010-08-06 15:08 -------- d-----w- c:\programdata\Skype
2010-08-06 15:02 . 2006-07-03 08:31 94208 ----a-w- c:\windows\amcap.exe
2010-08-06 15:02 . 2009-03-10 16:28 258048 ----a-w- c:\windows\tsnp2std.exe
2010-08-06 15:02 . 2007-08-07 09:38 675840 ----a-w- c:\windows\vsnp2std.exe
2010-08-06 15:02 . 2007-01-25 16:48 25472 ----a-w- c:\windows\system32\drivers\sncamd.sys
2010-08-06 15:02 . 2008-02-13 09:34 12067328 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2010-08-06 15:01 . 2010-08-06 15:02 -------- d-----w- c:\program files\Common Files\snp2std
2010-08-06 15:01 . 2007-03-29 14:04 249856 ----a-w- c:\windows\system32\vsnp2std.dll
2010-08-06 15:01 . 2006-11-16 13:57 77824 ----a-w- c:\windows\system32\csnp2std.dll
2010-08-06 15:01 . 2006-10-12 15:21 151552 ----a-w- c:\windows\system32\rsnp2std.dll
2010-08-06 14:39 . 2010-08-06 14:39 -------- d-----w- c:\programdata\Contrast
2010-08-06 14:39 . 2010-08-06 14:39 -------- d-----w- c:\program files\Contrast
2010-08-06 14:15 . 2010-08-06 14:15 -------- d-----w- c:\users\Milan\AppData\Roaming\Contrast
2010-08-06 13:55 . 2010-08-12 15:30 -------- d-----w- c:\users\Milan\Tracing
2010-08-06 13:48 . 2010-08-07 12:32 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-06 13:48 . 2010-08-06 13:48 -------- dc----w- c:\windows\system32\DRVSTORE
2010-08-06 13:48 . 2010-04-28 05:44 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-08-06 13:47 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-08-06 13:46 . 2010-08-06 13:46 -------- d-----w- c:\program files\Microsoft
2010-08-06 13:46 . 2010-08-06 13:46 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-08-06 13:46 . 2010-08-06 13:48 -------- d-----w- c:\program files\Windows Live
2010-08-06 13:34 . 2010-08-06 13:34 -------- d-----w- c:\program files\Common Files\Windows Live
2010-08-06 13:22 . 2003-04-18 17:06 8192 ----a-w- c:\windows\system32\srvany.exe
2010-08-06 11:27 . 2010-08-06 11:27 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-08-06 11:27 . 2010-08-06 13:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-08-06 11:27 . 2010-08-06 11:27 -------- d-----w- c:\windows\PCHEALTH
2010-08-06 11:27 . 2010-08-06 11:27 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-08-06 11:26 . 2010-08-06 11:26 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-08-06 11:25 . 2010-08-06 11:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-08-06 11:25 . 2010-08-06 11:25 -------- d-----w- c:\users\Milan\AppData\Local\Microsoft Help
2010-08-06 11:25 . 2010-08-10 18:00 -------- d-----w- c:\programdata\Microsoft Help
2010-08-06 11:25 . 2010-08-06 11:25 -------- d-----r- C:\MSOCache
2010-08-06 11:12 . 2010-08-06 11:12 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-06 11:12 . 2010-08-10 21:32 -------- d-----w- c:\program files\DAEMON Tools Pro
2010-08-06 11:11 . 2010-08-06 11:20 -------- d-----w- c:\users\Milan\AppData\Roaming\DAEMON Tools Pro
2010-08-06 11:11 . 2010-08-06 11:12 -------- d-----w- c:\programdata\DAEMON Tools Pro
2010-08-06 10:57 . 2010-08-06 10:57 -------- d-----w- c:\users\Milan\AppData\Local\VS Revo Group
2010-08-06 10:57 . 2009-12-30 10:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-08-06 10:57 . 2010-08-06 10:57 -------- d-----w- c:\program files\VS Revo Group
2010-08-06 10:25 . 2009-07-20 02:26 27648 ----a-w- c:\windows\system32\drivers\RtNdPt60.sys
2010-08-06 10:15 . 2010-08-06 10:15 -------- d-----w- c:\users\Milan\AppData\Local\tjnet
2010-08-06 10:14 . 2010-08-06 10:14 -------- d-----w- c:\windows\system32\RTCOM
2010-08-06 10:12 . 2010-08-07 05:41 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-06 10:12 . 2010-08-06 10:12 -------- d-----w- c:\program files\AMD
2010-08-06 10:11 . 2010-08-06 10:11 -------- d-----w- c:\windows\Downloaded Installations
2010-08-06 09:56 . 2010-08-06 09:57 -------- d-----w- c:\program files\QuickTime
2010-08-06 09:56 . 2010-08-06 09:56 -------- d-----w- c:\programdata\Apple Computer
2010-08-06 09:56 . 2010-08-06 09:56 -------- d-----w- c:\program files\Common Files\Apple
2010-08-06 09:56 . 2010-08-06 09:56 -------- d-----w- c:\users\Milan\AppData\Local\Apple
2010-08-06 09:56 . 2010-08-06 09:56 -------- d-----w- c:\programdata\Apple
2010-08-06 09:56 . 2010-08-06 09:56 -------- d-----w- c:\program files\Apple Software Update
2010-08-06 09:28 . 2010-08-06 09:28 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-08-06 09:27 . 2010-07-09 22:37 56936 ----a-w- c:\windows\system32\OpenCL.dll
2010-08-06 09:27 . 2010-07-09 22:37 11008040 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-08-06 09:27 . 2010-07-09 22:37 314984 ----a-w- c:\windows\system32\nvdecodemft.dll
2010-08-06 09:27 . 2010-07-09 22:37 2892904 ----a-w- c:\windows\system32\nvcuvid.dll
2010-08-06 09:27 . 2010-07-09 22:37 14092904 ----a-w- c:\windows\system32\nvoglv32.dll
2010-08-06 09:27 . 2010-07-09 22:37 4553832 ----a-w- c:\windows\system32\nvcuda.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-06 11:27 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-08-06 10:27 . 2010-08-06 10:13 -------- d-----w- c:\program files\Realtek
2010-08-06 10:14 . 2010-08-06 10:13 -------- d--h--w- c:\program files\Temp
2010-08-06 10:13 . 2010-08-06 10:13 -------- d-----w- c:\program files\Common Files\InstallShield
2010-08-06 06:15 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-08-06 05:48 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Sidebar
2010-08-06 05:48 . 2009-07-14 07:50 -------- d-----w- c:\program files\Windows Journal
2010-08-06 05:48 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Photo Viewer
2010-08-06 05:48 . 2009-07-14 04:52 -------- d-----w- c:\program files\DVD Maker
2010-08-06 05:48 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Defender
2010-08-06 04:12 . 2010-08-06 04:12 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-07-29 06:30 . 2010-08-10 17:56 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-10 17:56 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-09 22:37 . 2010-08-06 09:27 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2010-07-09 22:37 . 2010-04-03 20:55 9818728 ----a-w- c:\windows\system32\nvd3dum.dll
2010-07-09 22:37 . 2010-04-03 20:55 1625192 ----a-w- c:\windows\system32\nvapi.dll
2010-07-09 22:37 . 2009-07-13 22:09 5107816 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-07-09 14:37 . 2010-07-09 14:37 1469544 ----a-w- c:\windows\system32\nvsvc.dll
2010-07-09 14:37 . 2010-07-09 14:37 13939816 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 14:37 . 2010-07-09 14:37 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-07-09 14:37 . 2010-07-09 14:37 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-06-30 06:25 . 2010-08-10 17:56 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-22 02:47 . 2010-08-10 17:56 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-10 17:56 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-10 17:56 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33 . 2010-08-10 17:56 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33 . 2010-08-10 17:56 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23 . 2010-08-10 17:56 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-16 05:48 . 2010-08-10 17:56 224256 ----a-w- c:\windows\system32\schannel.dll
2010-06-14 06:12 . 2010-08-10 17:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-08 06:02 . 2010-08-10 17:56 1233920 ----a-w- c:\windows\system32\msxml3.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2010-02-28 00:20 561552 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="c:\users\Milan\AppData\Roaming\mjusbsp\cdloader2.exe" [2010-02-26 50520]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"tsnp2std"="c:\windows\tsnp2std.exe" [2009-03-10 258048]
"snp2std"="c:\windows\vsnp2std.exe" [2007-08-07 675840]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Media Key.lnk - c:\program files\Media Key\MagicKey.exe [2010-8-5 159744]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2049344]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-06 136176]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2003-04-18 8192]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-06 697328]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-09-19 122880]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 98304]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [2010-08-06 10752]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]

.
Contents of the 'Scheduled Tasks' folder

2010-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-06 15:08]

2010-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-06 15:08]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Download all by FlashGet3 - c:\users\Milan\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Milan\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: {5A86D9A7-19C0-4F51-9C32-688D027BE138} = 212.200.191.166,212.200.190.166
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\6xbeuy8c.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox 4.0 Beta 2\plugins\npwachk.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
- - - - ORPHANS REMOVED - - - -

AddRemove-FlashGet 3.5 - c:\program files\FlashGet Network\FlashGet 3\uninst.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.032"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.abr"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ani"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.arw"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.bay"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.bmp"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.bw"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.cr2"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.crw"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.cs1"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.cur"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.dcr"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.dcx"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.dib"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.djv"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.djvu"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.dng"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.emf"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.eps"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.erf"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.fff"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.fpx"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.gif"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.hdr"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.icl"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.icn"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-2012522400-1310380906-1606802981-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.iff"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ilbm"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.int"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.inta"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.iw4"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.j2c"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.j2k"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jbr"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jfif"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jif"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jp2"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpc"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpe"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpeg"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpg"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpk"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.jpx"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.kdc"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.lbm"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.mef"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.mos"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.mrw"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.nef"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.orf"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pbm"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pbr"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pcd"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pct"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pcx"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pef"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pgm"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pic"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pict"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pix"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.png"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ppm"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.psd"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.psp"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pspbrush"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.pspimage"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.raf"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ras"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-2012522400-1310380906-1606802981-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.raw"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.rgb"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.rgba"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.rle"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.rsb"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.sgi"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.sr2"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.srf"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.tga"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.thm"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.tif"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.tiff"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ttc"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.ttf"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v20po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.v20po"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v20pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.v20pp"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v20ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.v20ppf"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.wbm"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.wbmp"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.wmf"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.xbm"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.xif"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.xmp"

[HKEY_USERS\S-1-5-21-2012522400-1310380906-1606802981-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 2.0.xpm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\conhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Media Key\OSD.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\WinMsgBalloonServer.exe
c:\windows\system32\WinMsgBalloonClient.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2010-08-12 21:18:55 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-12 19:18

Pre-Run: 121,199,841,280 bytes free
Post-Run: 122,879,127,552 bytes free

- - End Of File - - C1EFD65BB68231E58221A04FC19256A7

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Okaci mi sveze gmer logove.

offline
  • Pridružio: 11 Avg 2010
  • Poruke: 36

Napisano: 12 Avg 2010 21:44

Uhhhh, sada kada sam pokrenuo GMER, desio mi se odmah reset racunara!
Pokrenucu ga sada ponovo!

Dopuna: 12 Avg 2010 22:08

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

P.S. Jedno pitanje, da li kada pokrenem GMER trebam da cekiram sve particije od HDD-ova ili samo C:, posto ja uvek cekiram sve pa GMER radi malo duze?

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Idemo na sledeci alat :

Btw, za ovo ti je potrebno kolko tolko znanje engleskog jezika.

Skini program MBRCheck.exe na desktop sa sledeceg linka:

http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe

Privremeno onesposobi/iskljuci Eset i sve ostale programe za zastitu.
Pokreni program dvoklikom(ako ti nije iskljucen UAC, onda obavezno dozvoli pokretanje programa.
Pojavice se prozor na ekranu.
Ako program detektuje neke nepravilnosti u MBR-u, ispisace ti sta je problem ti pazljivo procitaj i u tom slucaju pritisni N i Enter dva puta.
Ako nista nije nadjeno pritisni Enter
.txt fajl sa imenom MBRCheck_mm.dd.yy_hh.mm.ss trebalo bi da se pojavi na tvom dekstopu.
Okaci sadrzaj tog text fajla u tvojoj sledecoj poruci.

offline
  • Pridružio: 11 Avg 2010
  • Poruke: 36

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Gigabyte Technology Co., Ltd.
BIOS Manufacturer: Award Software International, Inc.
System Manufacturer: Gigabyte Technology Co., Ltd.
System Product Name: GA-MA790FX-DS5
Logical Drives Mask: 0x0000063d

Kernel Drivers (total 203):
0x82C42000 \SystemRoot\system32\ntkrnlpa.exe
0x82C0B000 \SystemRoot\system32\halmacpi.dll
0x80BD1000 \SystemRoot\system32\kdcom.dll
0x83226000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x83231000 \SystemRoot\system32\PSHED.dll
0x83242000 \SystemRoot\system32\BOOTVID.dll
0x8324A000 \SystemRoot\system32\CLFS.SYS
0x8328C000 \SystemRoot\system32\CI.dll
0x83337000 \SystemRoot\system32\drivers\Wdf01000.sys
0x833A8000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x833B6000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x83200000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x83209000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x83211000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x88A2A000 \SystemRoot\system32\DRIVERS\pci.sys
0x88A54000 \SystemRoot\System32\drivers\partmgr.sys
0x88A65000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x88A75000 \SystemRoot\System32\drivers\volmgrx.sys
0x88AC0000 \SystemRoot\system32\DRIVERS\pciide.sys
0x88AC7000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x88AD5000 \SystemRoot\System32\drivers\mountmgr.sys
0x88AEB000 \SystemRoot\system32\DRIVERS\atapi.sys
0x88AF4000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x88B17000 \SystemRoot\system32\DRIVERS\msahci.sys
0x88B21000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x88B2A000 \SystemRoot\system32\drivers\fltmgr.sys
0x88B5E000 \SystemRoot\system32\drivers\fileinfo.sys
0x88B6F000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x88C11000 \SystemRoot\System32\Drivers\Ntfs.sys
0x88D40000 \SystemRoot\System32\Drivers\msrpc.sys
0x88D6B000 \SystemRoot\System32\Drivers\ksecdd.sys
0x88D7E000 \SystemRoot\System32\Drivers\cng.sys
0x88DDB000 \SystemRoot\System32\drivers\pcw.sys
0x88DE9000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x88E14000 \SystemRoot\system32\drivers\ndis.sys
0x88ECB000 \SystemRoot\system32\drivers\NETIO.SYS
0x88F09000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8903B000 \SystemRoot\System32\drivers\tcpip.sys
0x89184000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x891B5000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x891BE000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x89000000 \SystemRoot\System32\Drivers\spldr.sys
0x89008000 \SystemRoot\System32\drivers\rdyboost.sys
0x88F2E000 \SystemRoot\System32\Drivers\mup.sys
0x88F3E000 \SystemRoot\System32\drivers\hwpolicy.sys
0x88F46000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x88F78000 \SystemRoot\system32\DRIVERS\disk.sys
0x88F89000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x88FE0000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x88E00000 \SystemRoot\System32\Drivers\Null.SYS
0x88E07000 \SystemRoot\System32\Drivers\Beep.SYS
0x88B79000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0x88DF2000 \SystemRoot\System32\drivers\vga.sys
0x88B95000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x88C00000 \SystemRoot\System32\drivers\watchdog.sys
0x88BB6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x88BBE000 \SystemRoot\system32\drivers\rdpencdd.sys
0x88BC6000 \SystemRoot\system32\drivers\rdprefmp.sys
0x88BCE000 \SystemRoot\System32\Drivers\Msfs.SYS
0x88BD9000 \SystemRoot\System32\Drivers\Npfs.SYS
0x88BE7000 \SystemRoot\system32\DRIVERS\tdx.sys
0x88A00000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8E836000 \SystemRoot\system32\drivers\afd.sys
0x8E890000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8E8C2000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8E8C9000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8E8E8000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8E8F6000 \SystemRoot\system32\DRIVERS\serial.sys
0x8E910000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8E923000 \SystemRoot\System32\Drivers\VD_FileDisk.SYS
0x8E927000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8E937000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8E978000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8E982000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8E98C000 \SystemRoot\System32\drivers\discache.sys
0x8E998000 \SystemRoot\system32\drivers\csc.sys
0x8E800000 \SystemRoot\System32\Drivers\dfsc.sys
0x8E818000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8DC17000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8DC38000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x8DC49000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8F00B000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8FA89000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x8FA8B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8FB42000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8FB7B000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x8FBB7000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8DC52000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8FBC1000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8FBD0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8DC9D000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x8FBEF000 \SystemRoot\system32\DRIVERS\fdc.sys
0x8F000000 \SystemRoot\system32\DRIVERS\serenum.sys
0x8DCC9000 \SystemRoot\system32\DRIVERS\parport.sys
0x8DCE1000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8FBFA000 \SystemRoot\system32\DRIVERS\KBFILTER.SYS
0x8DCF9000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8DD06000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8DD13000 \SystemRoot\system32\DRIVERS\Epfwndis.sys
0x8DD1E000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8DD30000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8DD48000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8DD53000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8DD75000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8DD8D000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8DDA4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8DDBB000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x8DDC5000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8FBFD000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90007000 \SystemRoot\system32\DRIVERS\ks.sys
0x9003B000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90049000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x9008D000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0x90097000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x95237000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x95527000 \SystemRoot\system32\drivers\portcls.sys
0x95556000 \SystemRoot\system32\drivers\drmk.sys
0x96950000 \SystemRoot\System32\win32k.sys
0x9556F000 \SystemRoot\System32\drivers\Dxapi.sys
0x95579000 \SystemRoot\System32\Drivers\crashdmp.sys
0x95586000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x95591000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x9559A000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x955AB000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x955C2000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x955C4000 \SystemRoot\system32\DRIVERS\wdcsam.sys
0x955C7000 \SystemRoot\system32\DRIVERS\monitor.sys
0x96BB0000 \SystemRoot\System32\TSDDD.dll
0x96BE0000 \SystemRoot\System32\cdd.dll
0x955D2000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x955DD000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x955F0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x95200000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x96800000 \SystemRoot\System32\ATMFD.DLL
0x9520B000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x95222000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x9D00D000 \SystemRoot\system32\DRIVERS\snp2sxp.sys
0x9DB90000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x9DB9E000 \SystemRoot\system32\DRIVERS\SNCAMD.SYS
0x9DBA5000 \SystemRoot\System32\Drivers\Gt680x.sys
0x9DBA9000 \SystemRoot\system32\drivers\luafv.sys
0x900A8000 \SystemRoot\system32\DRIVERS\eamon.sys
0x9DBC4000 \SystemRoot\system32\drivers\WudfPf.sys
0x90164000 \SystemRoot\system32\DRIVERS\epfw.sys
0x9DBDE000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x90187000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9019A000 \SystemRoot\system32\DRIVERS\udfs.sys
0x9E031000 \SystemRoot\system32\drivers\HTTP.sys
0x9E0B6000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9E0CF000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9E0E1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9E104000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9E13F000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9E15A000 \SystemRoot\system32\DRIVERS\parvdm.sys
0x9E161000 \SystemRoot\system32\DRIVERS\epfwwfp.sys
0xA0A1C000 \SystemRoot\system32\drivers\peauth.sys
0xA0AB3000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA0ABD000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA0ADE000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA0AEB000 \SystemRoot\system32\WinFLdrv.sys
0xA0AF3000 \??\C:\Windows\system32\WinVd32.sys
0xA0B1F000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA0B6E000 \SystemRoot\System32\DRIVERS\srv.sys
0xA0BBF000 \??\C:\Users\Milan\AppData\Local\Temp\aglcypow.sys
0x77510000 \Windows\System32\ntdll.dll
0x47B20000 \Windows\System32\smss.exe
0x77750000 \Windows\System32\apisetschema.dll
0x00F90000 \Windows\System32\autochk.exe
0x77670000 \Windows\System32\user32.dll
0x77660000 \Windows\System32\lpk.dll
0x77470000 \Windows\System32\usp10.dll
0x77390000 \Windows\System32\kernel32.dll
0x77650000 \Windows\System32\nsi.dll
0x77300000 \Windows\System32\clbcatq.dll
0x772F0000 \Windows\System32\normaliz.dll
0x77220000 \Windows\System32\msctf.dll
0x771C0000 \Windows\System32\shlwapi.dll
0x77110000 \Windows\System32\msvcrt.dll
0x764C0000 \Windows\System32\shell32.dll
0x764A0000 \Windows\System32\imm32.dll
0x76440000 \Windows\System32\difxapi.dll
0x76420000 \Windows\System32\sechost.dll
0x76390000 \Windows\System32\oleaut32.dll
0x76250000 \Windows\System32\urlmon.dll
0x76240000 \Windows\System32\psapi.dll
0x76040000 \Windows\System32\iertutil.dll
0x75FC0000 \Windows\System32\comdlg32.dll
0x75F80000 \Windows\System32\ws2_32.dll
0x75F30000 \Windows\System32\Wldap32.dll
0x75DD0000 \Windows\System32\ole32.dll
0x75CD0000 \Windows\System32\wininet.dll
0x75C80000 \Windows\System32\gdi32.dll
0x75C50000 \Windows\System32\imagehlp.dll
0x75AB0000 \Windows\System32\setupapi.dll
0x75A10000 \Windows\System32\advapi32.dll
0x75960000 \Windows\System32\rpcrt4.dll
0x75930000 \Windows\System32\wintrust.dll
0x75900000 \Windows\System32\cfgmgr32.dll
0x75870000 \Windows\System32\comctl32.dll
0x75850000 \Windows\System32\devobj.dll
0x75800000 \Windows\System32\KernelBase.dll
0x756E0000 \Windows\System32\crypt32.dll
0x756D0000 \Windows\System32\msasn1.dll

Processes (total 62):
0 System Idle Process
4 System
332 C:\Windows\System32\smss.exe
464 csrss.exe
528 C:\Windows\System32\wininit.exe
536 csrss.exe
576 C:\Windows\System32\services.exe
600 C:\Windows\System32\lsass.exe
608 C:\Windows\System32\lsm.exe
688 C:\Windows\System32\winlogon.exe
756 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\nvvsvc.exe
868 C:\Windows\System32\svchost.exe
980 C:\Windows\System32\svchost.exe
1016 C:\Windows\System32\svchost.exe
1048 C:\Windows\System32\svchost.exe
1192 C:\Windows\System32\svchost.exe
1264 C:\Windows\System32\nvvsvc.exe
1336 C:\Windows\System32\svchost.exe
1464 C:\Windows\System32\spoolsv.exe
1548 C:\Windows\System32\dwm.exe
1572 C:\Windows\explorer.exe
1612 C:\Windows\System32\svchost.exe
1712 C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe
1740 C:\Program Files\AMD\RAIDXpert\bin\RAIDXpert.exe
1760 C:\Windows\System32\conhost.exe
1820 C:\Program Files\ESET\ESET Smart Security\ekrn.exe
1976 C:\Windows\System32\taskhost.exe
376 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
772 C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
1360 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1868 C:\Windows\System32\svchost.exe
116 C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
2096 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
2316 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
2752 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
2796 C:\Windows\tsnp2std.exe
2836 C:\Windows\vsnp2std.exe
3076 C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
3228 C:\Program Files\Windows Sidebar\sidebar.exe
3240 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
3448 C:\Program Files\Media Key\MagicKey.exe
3508 C:\Windows\System32\SearchIndexer.exe
3536 C:\Program Files\Media Key\OSD.exe
3668 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
3916 C:\Windows\System32\svchost.exe
2408 C:\Program Files\Windows Media Player\wmpnetwk.exe
3152 C:\Windows\System32\svchost.exe
3836 C:\Program Files\Mozilla Firefox 4.0 Beta 2\firefox.exe
4244 C:\Program Files\Mozilla Firefox 4.0 Beta 2\plugin-container.exe
4676 C:\Windows\System32\WinMsgBalloonServer.exe
4700 C:\Windows\System32\WinMsgBalloonClient.exe
4828 C:\Program Files\Nero\Update\NASvc.exe
4900 C:\Windows\System32\svchost.exe
976 C:\Windows\System32\taskeng.exe
1204 C:\Windows\System32\SearchProtocolHost.exe
2484 C:\Windows\System32\SearchFilterHost.exe
3392 C:\Windows\System32\SearchProtocolHost.exe
5312 MpCmdRun.exe
5828 C:\Users\Milan\Desktop\MBRCheck.exe
5196 C:\Windows\System32\conhost.exe
5332 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000025`42cf2000 (NTFS)
\\.\K: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000AAKS-00A7B0, Rev: 01.03B01
PhysicalDrive1 Model Number: WDMy Passport 070A, Rev: 2003

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
465 GB \\.\PhysicalDrive1 RE: Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Ima li jos detekcije? Logovi govore da je sve u redu.

offline
  • Pridružio: 11 Avg 2010
  • Poruke: 36

Napisano: 12 Avg 2010 22:45

Cek da proverim! Smile

Dopuna: 12 Avg 2010 22:50

Sada sam pokrenuo ESET da mi pretrazi D: particiju i ovaj externi HDD i za sada nema reseta, ali da sacekam da mi odradi sve, pa cu javiti sta je bilo, posto ce ovo malo potrajati!

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Sad je malo bitniji ovaj startup sken i njegova detekcija. Smile

offline
  • Pridružio: 11 Avg 2010
  • Poruke: 36

Pa za sada je dobro, posto po pokretanju ESET-a nema reseta, ali mi i dalje pronalazi nesto (stavicu sliku)

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Prvi put cujem za inflitrations pojam kod Noda.. Mora da je nesto novo. Nebitno.. Kad zavrsi sken okaci mi log od Noda ovde.

Ko je trenutno na forumu
 

Ukupno su 649 korisnika na forumu :: 10 registrovanih, 2 sakrivenih i 637 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Bobrock1, cikadeda, dejoglina, DPera, Kruger, mikki jons, novator, Parker, repac, slonic_tonic