Win32 Heur, provera

Win32 Heur, provera

offline
  • Lead Developer ⠀ ⠀⠀⠀⠀⠀⠀ Go 5 Creative
  • Pridružio: 14 Feb 2008
  • Poruke: 12286

Poz ambulanto Smile, situacija je sledeća, pustio sam win32/heur koga je AVG detektovao no verovalo se da je isti false/positive, nalazi se u dll-u, ako niste pretrpani poslom zamolio bih vas da odradite malu proveru simptoma heur-a. Takođe pre jedno nedelju dana sam obrisao Malwarebytes-om infekciju u msn dll fajlu, koja je bila na foru smajlića nešto iako nisam ikada skidao iste te nisam mogao da sredim taj dll reinstalaciom, skinuo sam dll sa neta i proverio ga, bio je čist mada nisam baš nešto siguran ali Norton na drugom OS-u me više ne prijavljuje kao zaraženu osobu. Dakle ako imate vremena, jedna provera za simptome heur-a i čisto provera sistema jer često imam neke "false/positive" zaraze. Takođe ne mogu da instaliram poslednji Flash iz nekog razloga, uvek dobijem grešku prilikom instalacije doduše nisam pokušao iz safe moda.

Imam MCShield, AVG 2012 Free i do skoro OA no obrisah ga jer nije zadovoljavao moje uslove (koji su banalni ali eto, smetalo mi je par stvarčica)

Mogu da prikačim i "false/positive" fajl, oko 860 kb je preko specijalnog linka ukoliko to zatražite.
Inače već postoje testiranja jer je popularan fajl u pitanju tako da jedan od online skenera kaže :
http://f.virscan.org/sam3dll.dll.html da je 100% virus a detekcija je 9/32
Takođe još jedan od online skenera kaže :
http://virusscan.jotti.org/en/scanresult/a16367b8b.....2bec4e8dd1

Neki AV softveri ga prepoznaju kao trojan.gen neki kao win32.heur

Evo i mog skena sa virus totala, 18/43
http://www.virustotal.com/file-scan/report.html?id.....1324998614

OS Win 7 Ultimate
Internet : 4mb/s Kablovski K::CN
Browser : Chrome

Sretni Novogodišnji i Božićni praznici i izvinite sada za smor Ziveli

DDS :


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by Srki94 at 15:33:41 on 2011-12-27
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3067.1027 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Predator2\PredatorACE.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\iZ3D Driver\Win32\S3DCService.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\sppsvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\srpskey.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
D:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files\Multimedia Keyboard Driver\M-KbdDrv.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\MCShield\MCShieldTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Users\Srki94\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Adobe\Adobe InDesign CS5\InDesign.exe
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Users\Srki94\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Srki94\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Srki94\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Srki94\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Srki94\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Srki94\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Srki94\AppData\Local\Google\Chrome\Application\chrome.exe
F:\xampp\mysql\bin\mysqld.exe
F:\xampp\FileZillaFTP\FileZillaServer.exe
F:\xampp\xampp-control.exe
F:\xampp\apache\bin\httpd.exe
F:\xampp\apache\bin\httpd.exe
C:\Users\Srki94\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2304157
uSearch Bar = Preserve
uInternet Settings,ProxyServer = http=127.0.0.1:8888; https=127.0.0.1:8888
mSearchAssistant = hxxp://start.facemoods.com/?a=bf&s={searchTerms}&f=4
uURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfi0.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfi0.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - d:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: CBZurlmon Object: {311ba51f-64f2-439d-9a4a-772373d77312} - c:\program files\bufferzone\BZbho.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfi0.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\hypercam toolbar\tbcore3.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: HyperCam Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\hypercam toolbar\tbcore3.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfi0.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [Google Update] "c:\users\srki94\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AdobeBridge]
uRun: [MCShield] c:\program files\mcshield\MCShieldRTM.exe
uRun: [MCShieldTray] c:\program files\mcshield\MCShieldTray.exe
uRun: [Secure Folder] "c:\program files\secure folder\SecureFolder.exe" /AUTO
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [srpskey] c:\windows\system32\SRPSKEY.EXE
mRun: [AdobeAAMUpdater-1.0] -"c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Acrobat Assistant 7.0] "d:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC
mRun: [MutlimediaKbdDriver] c:\program files\multimedia keyboard driver\M-KbdDrv.exe
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [AdobeCS6ServiceManager] "c:\program files\common files\adobe\cs6servicemanager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
StartupFolder: c:\users\srki94\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\srki94\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\srki94\appdata\roaming\micros~1\windows\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000002}\SC_Acrobat.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
uPolicies-explorer: HideSCABattery = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Convert link target to Adobe PDF - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - d:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 178.79.22.6 178.79.0.3
TCP: Interfaces\{00AB3EFB-E7FB-473F-B225-DF68A459C164} : DhcpNameServer = 178.79.22.6 178.79.0.3
TCP: Interfaces\{6A022846-D308-4849-8137-C63FAA3F7B9B} : DhcpNameServer = 178.79.22.6 178.79.0.3
TCP: Interfaces\{80AE467F-3339-4B92-BA17-23F9EFDC8987} : DhcpNameServer = 10.96.72.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\windows\system32\skype4com.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
STS: CThemeResourceChangerObject Class: {f791a188-699d-4fd4-955a-eb59e89b1907} - \Program Files\Theme Resource Changer\ThemeResourceChanger.dll
SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - No File
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-1-21 21512]
R0 REDLIGHT;REDLIGHT;c:\windows\system32\drivers\redlight.sys [2010-11-29 378144]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R1 iZ3DInjectionDriver;Driver inject our D3D and OGL wrappers;c:\program files\iz3d driver\win32\S3DInjectionDriver.sys [2011-9-12 34968]
R1 TsLwWfF;WiFi Capture Driver;c:\windows\system32\drivers\TsLwWfF.sys [2010-4-22 22632]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2011-8-15 1361288]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-7-8 366152]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-10-2 2255464]
R2 PredatorACE;Predator ACE;c:\program files\predator2\PredatorACE.exe [2010-3-15 88064]
R2 S3DSvc32;S3D Service (Win32);c:\program files\iz3d driver\win32\S3DCService.exe [2011-9-12 360960]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2009-11-28 4096]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-1-21 26248]
R3 KuirKbdFltr;KuirKbdFltr overlay support subsystem;c:\windows\system32\drivers\KuirKbdFltr.sys [2010-4-8 21792]
R3 KuirMouFltr;KuirMouFltr overlay support subsystem;c:\windows\system32\drivers\KuirMouFltr.sys [2010-4-8 38176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-7-8 22216]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-6-17 139368]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-7-4 119016]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 BsMobileCS;BsMobileCS;c:\program files\ivt corporation\bluesoleil\BsMobileCS.exe [2008-6-4 143467]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-30 135664]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-4-1 183560]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2009-9-24 22528]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-12-19 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-30 135664]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-6-20 100736]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-8-21 4639136]
S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2009-12-16 38976]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-4-6 23064]
S3 SIVDriver;SIV Kernel Driver;c:\windows\system32\drivers\SIVX32.sys [2011-11-14 93464]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2011-11-6 12984]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [2011-10-3 82736]
S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2011-9-22 252928]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2011-9-22 398720]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
.
=============== File Associations ===============
.
.txt=Notepad++_file
.
=============== Created Last 30 ================
.
2011-12-27 14:32:36 -------- d-----w- c:\users\srki94\appdata\local\{0EFFB472-8243-4E75-8A69-AEC535845CE2}
2011-12-27 14:31:47 -------- d-----w- c:\users\srki94\appdata\local\{16EDAF5B-E250-4EA3-8DF4-B6E77E28413C}
2011-12-27 03:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-12-27 03:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-12-27 03:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-12-27 03:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-12-27 03:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-12-27 03:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-12-27 03:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-12-27 02:31:32 -------- d-----w- c:\users\srki94\appdata\local\{89271ECE-8B36-4AFE-ADFF-19209401F5AA}
2011-12-26 14:30:25 -------- d-----w- c:\users\srki94\appdata\local\{14A1F15A-A4CA-4BE0-AC63-9D37F3748A38}
2011-12-26 14:29:35 -------- d-----w- c:\users\srki94\appdata\local\{524FC52E-EC3F-4EB7-81A2-1FB6F569629D}
2011-12-26 02:29:04 -------- d-----w- c:\users\srki94\appdata\local\{28DEF4D5-2494-4318-9F76-3FE16DBBB180}
2011-12-26 02:28:17 -------- d-----w- c:\users\srki94\appdata\local\{D8F1B044-79F1-4342-A844-1D641556D2CD}
2011-12-25 14:27:41 -------- d-----w- c:\users\srki94\appdata\local\{C4EC8043-EF64-4CD2-A978-6CC7104403D2}
2011-12-25 02:26:33 -------- d-----w- c:\users\srki94\appdata\local\{8C5AB7F1-84C4-45CB-8475-DCEF276D873B}
2011-12-25 02:25:44 -------- d-----w- c:\users\srki94\appdata\local\{94A1CE03-0445-4F8F-A934-F512AD719BE2}
2011-12-24 19:23:08 -------- d-----w- C:\Program Files (x86)
2011-12-24 13:50:02 -------- d-----w- c:\users\srki94\appdata\local\{7A4C9A7F-193F-498E-8973-943CB40EA408}
2011-12-24 01:48:53 -------- d-----w- c:\users\srki94\appdata\local\{30FBEF30-9B10-4E63-A7ED-37B636AFFBBA}
2011-12-24 01:48:03 -------- d-----w- c:\users\srki94\appdata\local\{FA42E4A0-2F31-4B93-A0D3-703C4820F3F4}
2011-12-23 13:47:30 -------- d-----w- c:\users\srki94\appdata\local\{5B39ED6A-3352-4367-9A69-31E2E134292C}
2011-12-23 01:46:26 -------- d-----w- c:\users\srki94\appdata\local\{291F33B7-2E9E-4D3F-90BA-5778AAB915F1}
2011-12-22 13:45:20 -------- d-----w- c:\users\srki94\appdata\local\{D5AB4034-7297-41AE-9495-9D334541E2DB}
2011-12-22 13:44:44 -------- d-----w- c:\users\srki94\appdata\local\{2AB54C7F-F142-4553-A122-44F25655E3C8}
2011-12-22 00:39:52 -------- d-----w- c:\users\srki94\appdata\local\{3CE9C5AF-E490-4025-9EDB-E8E944AC0974}
2011-12-21 12:38:56 -------- d-----w- c:\users\srki94\appdata\local\{45895000-4806-4D5D-89FC-6BD839EDC161}
2011-12-21 00:38:00 -------- d-----w- c:\users\srki94\appdata\local\{0BC162EC-2805-4E35-AB09-405D884147C2}
2011-12-20 16:52:33 -------- d-----w- c:\users\srki94\appdata\local\ElevatedDiagnostics
2011-12-20 14:08:48 -------- d-----w- c:\users\srki94\appdata\roaming\Windows Live Writer
2011-12-20 14:08:48 -------- d-----w- c:\users\srki94\appdata\local\Windows Live Writer
2011-12-20 12:36:57 -------- d-----w- c:\users\srki94\appdata\local\{E1A63262-DB9A-4961-96DD-00061511806A}
2011-12-20 12:36:19 -------- d-----w- c:\users\srki94\appdata\local\{2DA7E845-5959-45EE-A425-FFEB85F486D4}
2011-12-20 02:56:07 -------- d-----w- c:\users\srki94\appdata\local\{3E579399-6B2F-4B81-AAA5-78FF8725AC8F}
2011-12-19 14:54:41 -------- d-----w- c:\users\srki94\appdata\local\{62EB9942-F98C-48A2-91CA-DFC50CB1A12F}
2011-12-19 14:54:05 -------- d-----w- c:\users\srki94\appdata\local\{74EC516B-5E50-4336-8D66-A14829F76A01}
2011-12-19 14:37:17 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-12-19 14:17:39 -------- d-----w- c:\program files\Microsoft
2011-12-19 14:14:16 7450888 ----a-w- c:\program files\common files\windows live\.cache\74a9764f1ccbe5804\bingbarsetup.exe
2011-12-19 14:13:11 15712 ----a-w- c:\program files\common files\windows live\.cache\567e8c1a1ccbe5803\MeshBetaRemover.exe
2011-12-19 07:04:00 -------- d-----w- c:\users\srki94\appdata\local\{0A15AB5B-20DF-4E2D-9FC4-926C8D18B9DB}
2011-12-18 21:16:20 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-18 19:03:10 -------- d-----w- c:\users\srki94\appdata\local\{3509CE3D-3BD5-4120-9C9C-6964E812FCF8}
2011-12-18 19:02:35 -------- d-----w- c:\users\srki94\appdata\local\{984C2CC7-D029-453B-AD17-FF89FB4FF546}
2011-12-18 06:21:22 -------- d-----w- c:\users\srki94\appdata\local\{C8AB9941-14A8-4771-B4B6-3270730FFA20}
2011-12-18 06:20:46 -------- d-----w- c:\users\srki94\appdata\local\{B94F1CC5-463B-48A5-B103-F1678F430F5F}
2011-12-17 18:20:30 -------- d-----w- c:\users\srki94\appdata\local\{86F5F74E-9309-4BB9-9242-EA0E41212CFF}
2011-12-17 18:19:54 -------- d-----w- c:\users\srki94\appdata\local\{0FA20823-F008-4003-9CEE-E00CB39B847C}
2011-12-17 06:19:39 -------- d-----w- c:\users\srki94\appdata\local\{25B307BC-FB46-4857-9B52-CA5B0843926B}
2011-12-17 06:19:02 -------- d-----w- c:\users\srki94\appdata\local\{8141D6E2-A802-4DFB-8554-540E98389B95}
2011-12-16 18:18:44 -------- d-----w- c:\users\srki94\appdata\local\{C713B545-DB70-4D76-92AF-EE50B4ED6488}
2011-12-16 18:18:06 -------- d-----w- c:\users\srki94\appdata\local\{5FDB2375-0BB0-4DF7-908B-5E43B8ACDCC1}
2011-12-16 06:17:43 -------- d-----w- c:\users\srki94\appdata\local\{11A62770-6A8B-4599-8C93-B9CA7499E877}
2011-12-16 06:16:57 -------- d-----w- c:\users\srki94\appdata\local\{AC4C582A-AB10-45C2-8FBC-5AE78F3939A1}
2011-12-15 18:16:37 -------- d-----w- c:\users\srki94\appdata\local\{B27847A7-4DDA-4FFE-8988-8518F8A93DDA}
2011-12-15 18:15:59 -------- d-----w- c:\users\srki94\appdata\local\{D16E18D2-92C4-48B6-B462-2DAC13DFF29F}
2011-12-15 06:15:29 -------- d-----w- c:\users\srki94\appdata\local\{FF37DDE6-2FEC-4D84-BC85-AD0D443A9D54}
2011-12-15 06:14:47 -------- d-----w- c:\users\srki94\appdata\local\{142F37C0-19BA-4569-95DF-09926899D0DD}
2011-12-14 18:05:31 -------- d-----w- c:\users\srki94\appdata\local\{A230E1AC-C13B-488D-B949-129412097E3D}
2011-12-14 18:04:54 -------- d-----w- c:\users\srki94\appdata\local\{8B9ADDEE-E9B5-406D-A8A0-13990CD071C0}
2011-12-14 12:14:13 -------- d-sh--w- C:\found.000
2011-12-14 06:04:15 -------- d-----w- c:\users\srki94\appdata\local\{0CD4A3D4-36B9-4E69-AE3F-4912199A193E}
2011-12-14 06:03:24 -------- d-----w- c:\users\srki94\appdata\local\{3E84DD48-1B05-45C5-990F-DA609CE61DE7}
2011-12-13 18:02:40 -------- d-----w- c:\users\srki94\appdata\local\{F80D057A-3AA5-4853-855F-51653036D613}
2011-12-13 06:01:32 -------- d-----w- c:\users\srki94\appdata\local\{B1FE7EFB-CF95-417E-9DD2-6DEFC052BD4B}
2011-12-13 01:18:50 -------- d-----w- c:\program files\VentSrv
2011-12-12 18:00:25 -------- d-----w- c:\users\srki94\appdata\local\{B3F0B374-B77F-485F-9EF8-E06CA52DFC5C}
2011-12-12 05:59:21 -------- d-----w- c:\users\srki94\appdata\local\{888F3943-E0A1-4C85-A10F-369A0BCE8661}
2011-12-11 17:58:17 -------- d-----w- c:\users\srki94\appdata\local\{A89797B8-1225-4635-9745-665205959E23}
2011-12-11 05:57:07 -------- d-----w- c:\users\srki94\appdata\local\{0A98E2EC-9235-4349-AB3E-44970C999AE4}
2011-12-10 17:55:56 -------- d-----w- c:\users\srki94\appdata\local\{CCDF6D6D-6680-40B8-812A-6FCE4B1B6EF6}
2011-12-10 05:54:45 -------- d-----w- c:\users\srki94\appdata\local\{12C8261E-13F4-4895-903E-3CEF38987A88}
2011-12-10 04:15:25 -------- d-----w- c:\program files\MSECache
2011-12-09 21:28:45 -------- d-----w- c:\users\srki94\appdata\local\Deployment
2011-12-09 17:53:33 -------- d-----w- c:\users\srki94\appdata\local\{5D0BE88B-E5E3-45AD-990F-4DAFF6E158A0}
2011-12-09 17:52:44 -------- d-----w- c:\users\srki94\appdata\local\{BB11DF57-6B6C-4ACF-A8B5-11AF49DDEB47}
2011-12-09 03:52:32 -------- d-----w- c:\users\srki94\appdata\local\{C0025450-1969-4FCD-80A6-C0370E342F07}
2011-12-08 15:51:27 -------- d-----w- c:\users\srki94\appdata\local\{E477F199-9885-4FAE-9C53-5819CE2A2E47}
2011-12-08 15:50:41 -------- d-----w- c:\users\srki94\appdata\local\{AEAF0FEF-6A51-43D5-974E-CA44AEABAAC2}
2011-12-08 03:50:09 -------- d-----w- c:\users\srki94\appdata\local\{24C3DF15-6435-4F86-AEEA-4C163284817E}
2011-12-08 03:49:18 -------- d-----w- c:\users\srki94\appdata\local\{BFE312A9-7C07-46BA-A7E1-0A9549778F3E}
2011-12-07 15:48:44 -------- d-----w- c:\users\srki94\appdata\local\{623D855D-A63D-4A4D-B0E6-DAF7E87238FD}
2011-12-07 03:47:47 -------- d-----w- c:\users\srki94\appdata\local\{C9589C9D-DFF8-405E-8108-F8A013450946}
2011-12-07 03:47:07 -------- d-----w- c:\users\srki94\appdata\local\{5C572F1E-2EDE-4E44-B878-8DAFD9DDA6C2}
2011-12-06 15:46:34 -------- d-----w- c:\users\srki94\appdata\local\{65AA7F47-014E-4C60-A2E5-0C5E63B11516}
2011-12-06 15:45:58 -------- d-----w- c:\users\srki94\appdata\local\{86C13A16-AD19-4DD3-ACAF-7551BA5F615E}
2011-12-05 17:40:07 -------- d-----w- c:\users\srki94\appdata\local\{E10AD691-E3B5-4080-AE81-913EC5682A73}
2011-12-05 17:39:28 -------- d-----w- c:\users\srki94\appdata\local\{C160E81C-1173-47FA-AC30-3069BE179510}
2011-12-05 05:24:45 -------- d-----w- c:\users\srki94\appdata\local\{D6988C25-B262-458A-AFA4-FA324B907DFA}
2011-12-05 05:24:09 -------- d-----w- c:\users\srki94\appdata\local\{08C4D44F-997D-4265-8B98-CCACD0701F93}
2011-12-04 17:23:15 -------- d-----w- c:\users\srki94\appdata\local\{AE50C45F-52BF-4C56-B7B3-2110A053D903}
2011-12-04 05:21:48 -------- d-----w- c:\users\srki94\appdata\local\{D5EC0735-72AF-42E5-A52E-2652BB88AA0B}
2011-12-04 05:20:51 -------- d-----w- c:\users\srki94\appdata\local\{E1B840E2-D46F-4F90-8B47-31AEF6721A66}
2011-12-02 19:35:26 -------- d-----w- c:\users\srki94\appdata\local\{BC35E0EF-F464-4474-A3A7-801E9C024661}
2011-12-01 13:32:53 -------- d-----w- c:\users\srki94\appdata\local\{2897F0AC-C30E-4BD1-8B15-FC1457158ECB}
2011-12-01 13:32:17 -------- d-----w- c:\users\srki94\appdata\local\{0A5E216E-13F9-4EFD-8589-9D2847FE7B29}
2011-11-30 02:45:14 -------- d-----w- c:\users\srki94\appdata\local\{E52454D6-11AD-4801-A8D6-CA74F6469D8C}
2011-11-30 02:44:18 -------- d-----w- c:\users\srki94\appdata\local\{BB319889-7F70-43C0-8E9B-DE33BBB4B6C2}
2011-11-29 12:45:43 -------- d-----w- c:\users\srki94\appdata\local\{62AB691D-DA20-4EBD-82B5-F32BF5A530FC}
2011-11-29 12:45:00 -------- d-----w- c:\users\srki94\appdata\local\{C9DD69C3-1B13-4C24-9F7B-B4B54DE5135E}
2011-11-29 03:32:51 -------- d-----w- c:\users\srki94\appdata\roaming\To the Moon - Freebird Games
2011-11-27 23:42:05 -------- d-----w- c:\users\srki94\appdata\local\realtech_VR
2011-11-27 23:34:38 -------- d-----w- c:\programdata\realtech VR
2011-11-27 23:33:56 -------- d-----w- c:\program files\realtech VR
.
==================== Find3M ====================
.
2011-12-26 02:19:13 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-06 02:10:42 36864 ----a-w- c:\windows\system32\srpskey.exe
2011-11-14 08:26:54 93464 ----a-w- c:\windows\system32\drivers\SIVX32.sys
2011-11-13 18:30:07 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-10-24 13:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-09 20:55:51 73 ----a-w- c:\windows\system32\ssprs.dll
2011-10-09 20:55:51 205 ----a-w- c:\windows\system32\lsprst7.dll
2011-10-07 05:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 05:21:28 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-10-04 01:18:12 1025 ----a-w- c:\windows\system32\sysprs7.dll
2011-10-04 01:18:12 1025 ----a-w- c:\windows\system32\clauth2.dll
2011-10-04 01:18:12 1025 ----a-w- c:\windows\system32\clauth1.dll
2011-10-03 14:49:32 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-10-03 14:49:32 82736 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2011-10-03 14:49:32 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-10-03 14:49:32 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-10-03 14:49:32 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-10-03 14:49:32 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-10-01 02:59:14 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-29 15:43:37 1285488 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-29 04:20:25 2339840 ----a-w- c:\windows\system32\win32k.sys
2011-09-28 21:54:48 947472 ----a-w- c:\windows\system32\msjava.dll
.
============= FINISH: 153548.54 ===============

DDS Attachment

https://www.mycity.rs/must-login.png

E sada, Gmer je skenirao 5h i ubagovao je na jednom fajlu pri prvom skeniranju :


I tako stoji već 30 minuta nisam uspeo ništa da uradim, jednostavno ne nastavlja, pritom ne zauzima procesor 100% međutim laptop laguje kao i zvuk. Ja sam sačuvao taj log dokle je on stigao i prikačio ga kao Gmer1.log Rootapeal ne radi uopšte dobijam sledeću grešku :



Zaustavio sam skeniranje Gmer-a posle tog baga i nastavio prema uputstvu, dakle Gmer1 log nije potpun jer nisam uspeo da odradim skeniranje do kraja.

Gmer 1
https://www.mycity.rs/must-login.png

Gmer 2
https://www.mycity.rs/must-login.png

Gmer 3
https://www.mycity.rs/must-login.png

P.S. Nemam pojma odakle gore onaj link za facemoods, možda sam imao ranije taj krš ali sam ga očistio, ne koristim IE Mozillu i maxthon tako da zaista nemam pojma odakle to, takođe prilikom MWBytes skeniranja nisam našao ostatke Facemoods-a sem eto tog linka koji je iskočio sada Confused
Evo upravo sam proverio nije to početna u IE već Xfire , tako da zaista nemam pojma odakle taj link gore, nema ga kao default startup stranice ni u jednom browseru. Jedino što mi dolazi kao ideja jeste da je neko od porodice naknadno instalirao jer koriste laptop nekada.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10497
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Pozdrav,

U sistemu nemaš tragove aktivnog malwarea i sporni fajl ne moraš da nam šalješ.

offline
  • Lead Developer ⠀ ⠀⠀⠀⠀⠀⠀ Go 5 Creative
  • Pridružio: 14 Feb 2008
  • Poruke: 12286

Zahvaljujem na brzom odgovoru, sretni Novogodišnji praznici AMF-ovci Smile Hvala! Ziveli

Ko je trenutno na forumu
 

Ukupno su 810 korisnika na forumu :: 46 registrovanih, 8 sakrivenih i 756 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Petar, A.R.Chafee.Jr., axa, babaroga, Cigi, dado1, darkangel2, DELL4, dozorni, Dragan1998, Drug pukovnik, galijot, Georgius, gorangogs88, goxin, Kubovac, Levi, Lieutenant, mean_machine, Mercury2, Metanoja, milijarder, Mirage 2000N, mushroom, Panonsky, pein, pokemoni, Rakenica, raketaš, Rote Baron, sakota79, shone34, sombrero, Srna2, stalker2, suton2, Sveto, Toni, trajkoni018, vasa.93, vathra, voja64, VP3987, zdrebac2, zogi036, zoidbergs