MyCity » Ambulanta -> Arhiva Ambulante » pomoc sve je sifrovano sa dds-om

pomoc sve je sifrovano sa dds-om

Napisano na dan: 4.2.2011

pomoc sve je sifrovano sa dds-om
Sledeća strana Pagination

Idi na vrh

Poslao: 04 Feb 2011 00:50
Idi na vrh
offline
  • Pridružio: 03 Feb 2011
  • Poruke: 54

Napisano: 04 Feb 2011 0:33

poceo sam da radim po pravilima za otvaranje teme u ambulanti kada sam hteo da pokrenem dds ,nema da pocne ono kao u comand promptu nego odmah mi otvara to sifrovano,iskljucio sam u aviri kako treba ali opet evo od gmera
mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 04 Feb 2011 0:50

mycity.rs/must-login.png
u ovovm je sve sifrovano,a kada otvorim na desktopu i hocu da iskopiram ovde u temi , ono iskopira ali strelica pstane pescani sat i zblokira.Mozila prijavljuje (not respodending) ,pre nekoliko dana je radio dds super, skenirao je kako treba,ja orisem ponov ga pokrenem ono isto

Poslao: 04 Feb 2011 00:58
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Pozdrav Vivaldi82!








Arrow


Skini program RSIT na Desktop:

http://images.malwareremoval.com/random/RSIT.exe


Pokreni ga dvoklikom a zatim klikni Continue.


Na kraju procesa će se otvoriti dva loga: prvi, log.txt će biti maksimizovan i njega je potrebno iskopirati u temu na forumu, te drugi, info.txt koji će biti minimizovan (koji nam za sada ne treba).


Postavi sadržaj file-a log.txt u iduću poruku (taj file će biti sačuvan kao C:\rsit\log.txt).







goran9888 (AMF Tim)

Poslao: 04 Feb 2011 13:31
Idi na vrh
offline
  • Pridružio: 03 Feb 2011
  • Poruke: 54

Napisano: 04 Feb 2011 1:04

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pc at 2011-02-03 13:02:10
Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (53%) free of 20 GB
Total RAM: 895 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:02:39 PM, on 2/3/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\avira\antivir desktop\avcenter.exe
C:\Program Files\Avira\AntiVir Desktop\avscan.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Pc\Desktop\RSIT.exe
C:\Program Files\trend micro\Pc.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [IDMan] D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O8 - Extra context menu item: Download all links with IDM - D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BEAF52F-8468-4193-B32A-F0264EB3567B}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 5929 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IDMIECC.dll [2010-12-23 202160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-02 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-01-10 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IDMan.exe [2011-01-11 3274136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-01-26 289584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitmanPro35]
C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe [2011-01-29 6347584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IDMan.exe [2011-01-11 3274136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-07-29 18671104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2010-11-18 524288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-01-03 15028104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-01-13 2424560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2011-01-26 289584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"MDM"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-09-28 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro35Crusader]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Pc\Local Settings\temp\7zS3.tmp\SymNRT.exe"="C:\Documents and Settings\Pc\Local Settings\temp\7zS3.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Documents and Settings\Pc\Local Settings\temp\7zS1.tmp\SymNRT.exe"="C:\Documents and Settings\Pc\Local Settings\temp\7zS1.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.js - open - NOTEPAD.EXE %1
.reg - open - NOTEPAD.EXE %1
.scr - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2011-02-03 13:02:13 ----D---- C:\Program Files\trend micro
2011-02-03 13:02:10 ----D---- C:\rsit
2011-02-03 10:19:44 ----SHD---- C:\Config.Msi
2011-02-03 09:40:53 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2011-02-03 09:08:05 ----D---- C:\Documents and Settings\Pc\Application Data\Avira
2011-02-03 08:51:02 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2011-02-03 08:51:00 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2011-02-03 08:51:00 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2011-02-03 08:51:00 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2011-02-03 08:51:00 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2011-02-03 08:50:59 ----D---- C:\Program Files\Avira
2011-02-03 08:50:59 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2011-02-03 04:51:01 ----A---- C:\WINDOWS\system32\mfc45.dll
2011-02-03 04:25:30 ----D---- C:\Documents and Settings\Pc\Application Data\iolo
2011-02-03 04:25:30 ----D---- C:\Documents and Settings\All Users\Application Data\iolo
2011-02-02 04:22:56 ----D---- C:\Documents and Settings\Pc\Application Data\111 Pix Ltd
2011-02-02 04:22:07 ----D---- C:\Program Files\FilmOn HDi Player
2011-02-02 04:00:34 ----D---- C:\WINDOWS\Sun
2011-02-02 04:00:16 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2011-02-02 04:00:08 ----D---- C:\Program Files\Common Files\Java
2011-02-02 03:59:46 ----A---- C:\WINDOWS\system32\javaws.exe
2011-02-02 03:59:46 ----A---- C:\WINDOWS\system32\javaw.exe
2011-02-02 03:59:46 ----A---- C:\WINDOWS\system32\java.exe
2011-02-02 03:59:46 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-02-02 03:59:25 ----D---- C:\Program Files\Java
2011-02-02 03:57:54 ----D---- C:\Documents and Settings\Pc\Application Data\Sun
2011-02-01 11:05:15 ----SHD---- C:\RECYCLER
2011-02-01 10:57:31 ----A---- C:\ComboFix.txt
2011-02-01 09:03:48 ----D---- C:\Documents and Settings\Pc\Application Data\IObit
2011-02-01 08:38:45 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2011-02-01 08:38:45 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2011-02-01 08:37:34 ----D---- C:\Documents and Settings\All Users\Application Data\IObit
2011-02-01 08:34:42 ----D---- C:\Program Files\IObit
2011-02-01 08:01:51 ----D---- C:\Program Files\tixati
2011-02-01 04:28:46 ----D---- C:\Program Files\WinUtilities
2011-02-01 04:28:46 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2011-02-01 04:28:46 ----A---- C:\WINDOWS\system32\W95INF32.DLL
2011-02-01 04:28:46 ----A---- C:\WINDOWS\system32\W95INF16.DLL
2011-02-01 04:28:46 ----A---- C:\WINDOWS\system32\unicows.dll
2011-02-01 04:28:46 ----A---- C:\WINDOWS\system32\gdiplus.dll
2011-02-01 04:28:46 ----A---- C:\WINDOWS\system32\anim.dll
2011-02-01 02:50:49 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-01 02:50:46 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-01-30 12:58:09 ----D---- C:\Program Files\MSSOAP
2011-01-30 12:57:42 ----D---- C:\Program Files\Webroot
2011-01-30 05:37:40 ----D---- C:\Documents and Settings\All Users\Application Data\Soluto
2011-01-30 03:42:25 ----D---- C:\!KillBox
2011-01-29 07:19:24 ----D---- C:\Documents and Settings\Pc\Application Data\IDM
2011-01-29 07:19:21 ----D---- C:\Program Files\Internet Download Manager
2011-01-28 09:00:54 ----D---- C:\Documents and Settings\Pc\Application Data\YouTube Downloader
2011-01-28 07:33:35 ----D---- C:\Documents and Settings\Pc\Application Data\Search Settings
2011-01-28 07:33:31 ----D---- C:\Program Files\Application Updater
2011-01-28 07:33:30 ----D---- C:\Program Files\YouTube Downloader Toolbar
2011-01-28 07:33:30 ----D---- C:\Program Files\Common Files\Spigot
2011-01-28 07:32:38 ----D---- C:\Program Files\YouTube Downloader
2011-01-28 02:35:47 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-28 02:26:54 ----D---- C:\New Folder
2011-01-27 11:51:18 ----D---- C:\Program Files\MSXML 4.0
2011-01-27 07:47:25 ----D---- C:\WINDOWS\ie8updates
2011-01-27 07:46:37 ----D---- C:\WINDOWS\WBEM
2011-01-27 07:45:30 ----HDC---- C:\WINDOWS\ie8
2011-01-27 07:43:49 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-27 05:08:18 ----D---- C:\Documents and Settings\Pc\Application Data\ImgBurn
2011-01-27 05:07:22 ----D---- C:\Program Files\ImgBurn
2011-01-27 03:25:18 ----D---- C:\WINDOWS\temp
2011-01-27 03:20:22 ----RASHD---- C:\cmdcons
2011-01-27 03:16:14 ----A---- C:\WINDOWS\zip.exe
2011-01-27 03:16:14 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-01-27 03:16:14 ----A---- C:\WINDOWS\SWSC.exe
2011-01-27 03:16:14 ----A---- C:\WINDOWS\SWREG.exe
2011-01-27 03:16:14 ----A---- C:\WINDOWS\sed.exe
2011-01-27 03:16:14 ----A---- C:\WINDOWS\PEV.exe
2011-01-27 03:16:14 ----A---- C:\WINDOWS\NIRCMD.exe
2011-01-27 03:16:14 ----A---- C:\WINDOWS\MBR.exe
2011-01-27 03:16:14 ----A---- C:\WINDOWS\grep.exe
2011-01-27 03:16:07 ----D---- C:\WINDOWS\ERDNT
2011-01-27 03:13:46 ----D---- C:\Qoobox
2011-01-26 12:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-01-26 12:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-01-26 12:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-01-26 12:33:12 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-01-26 12:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-01-26 12:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-01-26 12:32:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-01-26 12:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-01-26 12:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-01-26 12:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-01-26 12:32:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-01-26 12:32:30 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-01-26 12:32:24 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-01-26 12:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-01-26 12:32:14 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-26 12:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-01-26 12:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-01-26 12:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-01-26 12:31:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-26 12:31:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-01-26 12:31:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-01-26 12:31:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-01-26 12:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-01-26 12:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-26 12:31:22 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2011-01-26 12:31:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-26 12:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-01-26 12:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-26 12:31:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-01-26 12:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-26 12:30:52 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-01-26 12:30:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-01-26 12:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-26 12:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-01-26 12:30:34 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-01-26 12:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-01-26 12:30:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-01-26 12:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-01-26 12:30:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-01-26 12:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-01-26 12:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-01-26 12:29:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-01-26 12:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-01-26 12:29:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-01-26 12:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-01-26 12:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-01-26 11:34:58 ----D---- C:\Documents and Settings\Pc\Application Data\Samsung
2011-01-26 11:34:26 ----A---- C:\WINDOWS\system32\framedyn.dll
2011-01-26 11:33:59 ----A---- C:\WINDOWS\system32\drivers\sscdwhnt.sys
2011-01-26 11:33:59 ----A---- C:\WINDOWS\system32\drivers\sscdwh.sys
2011-01-26 11:33:59 ----A---- C:\WINDOWS\system32\drivers\sscdmdm.sys
2011-01-26 11:33:59 ----A---- C:\WINDOWS\system32\drivers\sscdmdfl.sys
2011-01-26 11:33:59 ----A---- C:\WINDOWS\system32\drivers\sscdcmnt.sys
2011-01-26 11:33:59 ----A---- C:\WINDOWS\system32\drivers\sscdcm.sys
2011-01-26 11:33:59 ----A---- C:\WINDOWS\system32\drivers\sscdbus.sys
2011-01-26 11:33:53 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2011-01-26 11:33:29 ----A---- C:\WINDOWS\system32\drivers\StarOpen.sys
2011-01-26 11:33:13 ----D---- C:\Program Files\Samsung
2011-01-26 11:00:13 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-01-26 10:51:15 ----D---- C:\Program Files\cFosSpeed
2011-01-26 00:42:40 ----D---- C:\Documents and Settings\Pc\Application Data\uTorrent
2011-01-26 00:35:10 ----D---- C:\Program Files\uTorrent
2011-01-25 22:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-01-25 22:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-01-25 22:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-01-25 22:35:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-01-25 22:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-01-25 22:35:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-01-25 22:35:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-25 22:35:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-01-25 22:35:29 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-01-25 22:35:17 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-25 22:35:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-01-25 22:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-01-25 22:35:02 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-25 22:34:58 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-01-25 22:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-01-25 22:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-01-25 22:34:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-25 22:34:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-01-25 22:34:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-01-25 22:34:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-01-25 22:34:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-01-25 22:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-25 22:34:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-01-25 22:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-01-25 22:34:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-01-25 22:33:57 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-25 22:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-01-25 22:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-25 22:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2416400$
2011-01-25 22:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-25 22:33:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-01-25 22:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-25 22:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-25 22:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-25 22:32:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-01-25 22:32:50 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-01-25 22:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-01-25 22:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-25 22:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-01-25 22:32:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-01-25 22:32:27 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-01-25 22:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-01-25 22:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-01-25 22:32:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-01-25 22:32:05 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-01-25 22:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-01-25 22:31:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-01-25 12:17:33 ----D---- C:\Documents and Settings\Pc\Application Data\GRETECH
2011-01-25 09:14:24 ----SHD---- C:\WINDOWS\CSC
2011-01-25 07:57:18 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-01-25 07:33:51 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2011-01-25 07:31:53 ----D---- C:\WINDOWS\system32\PreInstall
2011-01-25 07:31:52 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-01-25 07:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2011-01-25 07:31:51 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-25 07:07:01 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-01-25 06:38:02 ----A---- C:\Documents and Settings\Pc\Application Data\SuPeRGeNiUs_IDM.6.04.2.exe
2011-01-25 06:30:54 ----D---- C:\Documents and Settings\Pc\Application Data\Help
2011-01-25 05:31:48 ----D---- C:\Documents and Settings\Pc\Application Data\URSoft
2011-01-25 05:31:25 ----D---- C:\Program Files\Your Uninstaller 2010
2011-01-25 05:30:25 ----AH---- C:\WINDOWS\system32\v3shrtkgn.dll
2011-01-25 05:29:26 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-01-25 05:21:08 ----D---- C:\Documents and Settings\Pc\Application Data\skypePM
2011-01-25 05:19:26 ----D---- C:\Program Files\Common Files\Skype
2011-01-25 05:19:25 ----RD---- C:\Program Files\Skype
2011-01-25 05:19:25 ----D---- C:\Documents and Settings\Pc\Application Data\Skype
2011-01-25 05:19:21 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-01-25 04:50:26 ----D---- C:\Documents and Settings\Pc\Application Data\SUPERAntiSpyware.com
2011-01-25 04:50:26 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2011-01-25 04:50:16 ----D---- C:\Program Files\SUPERAntiSpyware
2011-01-25 01:41:02 ----A---- C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011-01-25 01:41:00 ----D---- C:\Program Files\Hitman Pro 3.5
2011-01-25 01:40:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hitman Pro
2011-01-25 01:36:59 ----D---- C:\Documents and Settings\Pc\Application Data\Malwarebytes
2011-01-25 01:36:54 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-01-25 01:36:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-25 01:30:48 ----D---- C:\Documents and Settings\Pc\Application Data\WinRAR
2011-01-25 01:30:44 ----D---- C:\Program Files\WinRAR
2011-01-24 20:37:29 ----D---- C:\Documents and Settings\Pc\Application Data\Macromedia
2011-01-24 15:31:03 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2011-01-24 15:30:55 ----D---- C:\Program Files\WinZip
2011-01-24 14:43:03 ----A---- C:\WINDOWS\system32\PuranDefragS.exe
2011-01-24 14:43:03 ----A---- C:\WINDOWS\system32\PuranDefragBT.exe
2011-01-24 14:43:03 ----A---- C:\WINDOWS\system32\PuranDefrag.dll
2011-01-24 14:43:03 ----A---- C:\WINDOWS\system32\PuranDC.exe
2011-01-24 14:43:02 ----D---- C:\Program Files\Puran Defrag
2011-01-24 14:43:02 ----A---- C:\WINDOWS\system32\PuranFD.exe
2011-01-24 14:24:15 ----D---- C:\Program Files\Google
2011-01-24 14:00:10 ----D---- C:\Program Files\VITSOFT
2011-01-24 13:47:27 ----D---- C:\Documents and Settings\Pc\Application Data\vlc
2011-01-24 13:46:50 ----D---- C:\Program Files\VideoLAN
2011-01-24 13:37:37 ----D---- C:\Program Files\GRETECH
2011-01-24 13:29:17 ----D---- C:\WINDOWS\system32\appmgmt
2011-01-24 13:09:04 ----D---- C:\Documents and Settings\Pc\Application Data\Tific
2011-01-24 13:02:40 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2011-01-24 12:58:20 ----D---- C:\Program Files\Windows Sidebar
2011-01-24 12:58:19 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2011-01-24 12:58:07 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller

======List of files/folders modified in the last 1 months======

2011-02-03 13:02:13 ----RD---- C:\Program Files
2011-02-03 12:56:43 ----D---- C:\WINDOWS\Registration
2011-02-03 12:37:52 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-03 11:12:16 ----D---- C:\Documents and Settings\Pc\Application Data\DMCache
2011-02-03 10:49:10 ----D---- C:\WINDOWS
2011-02-03 10:21:08 ----D---- C:\WINDOWS\system32
2011-02-03 10:19:59 ----SHD---- C:\WINDOWS\Installer
2011-02-03 10:19:51 ----D---- C:\WINDOWS\system32\drivers
2011-02-03 09:44:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-03 06:28:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-03 05:39:02 ----SHD---- C:\System Volume Information
2011-02-03 05:39:02 ----D---- C:\Program Files\Common Files
2011-02-03 05:12:17 ----D---- C:\WINDOWS\system32\config
2011-02-03 05:05:59 ----RD---- C:\WINDOWS\Offline Web Pages
2011-02-03 04:52:22 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-02-03 01:58:10 ----D---- C:\Program Files\Common Files\Adobe
2011-02-02 05:37:16 ----HD---- C:\WINDOWS\inf
2011-02-02 05:37:12 ----D---- C:\WINDOWS\repair
2011-02-02 04:22:36 ----D---- C:\WINDOWS\WinSxS
2011-02-01 10:56:26 ----SD---- C:\WINDOWS\Tasks
2011-02-01 10:54:12 ----A---- C:\WINDOWS\system.ini
2011-02-01 10:52:40 ----D---- C:\WINDOWS\system32\drivers\etc
2011-02-01 10:49:35 ----D---- C:\WINDOWS\AppPatch
2011-02-01 10:16:44 ----D---- C:\WINDOWS\Prefetch
2011-02-01 09:00:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-01 08:45:59 ----D---- C:\Program Files\Mozilla Firefox
2011-02-01 08:45:58 ----D---- C:\WINDOWS\Help
2011-02-01 08:45:58 ----D---- C:\Documents and Settings
2011-02-01 08:35:18 ----D---- C:\WINDOWS\system32\Restore
2011-02-01 04:48:14 ----SD---- C:\Documents and Settings\Pc\Application Data\Microsoft
2011-02-01 04:48:14 ----D---- C:\WINDOWS\system32\en
2011-01-31 13:01:29 ----RASH---- C:\boot.ini
2011-01-31 13:01:29 ----A---- C:\WINDOWS\win.ini
2011-01-31 12:18:02 ----A---- C:\WINDOWS\wincmd.ini
2011-01-29 06:08:52 ----D---- C:\WINDOWS\Debug
2011-01-29 03:37:26 ----RSD---- C:\WINDOWS\assembly
2011-01-29 03:37:26 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-29 00:06:55 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2011-01-28 03:07:45 ----D---- C:\WINDOWS\system32\en-US
2011-01-28 03:07:16 ----D---- C:\Program Files\Microsoft.NET
2011-01-28 03:07:15 ----D---- C:\WINDOWS\system32\mui
2011-01-28 02:35:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-01-27 07:49:56 ----D---- C:\Program Files\Internet Explorer
2011-01-27 07:46:29 ----D---- C:\WINDOWS\Media
2011-01-27 03:02:52 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-26 12:34:17 ----D---- C:\WINDOWS\system32\wbem
2011-01-26 12:33:14 ----D---- C:\Program Files\Messenger
2011-01-25 22:33:21 ----D---- C:\Program Files\Outlook Express
2011-01-25 22:32:56 ----D---- C:\Program Files\Movie Maker
2011-01-25 12:08:19 ----D---- C:\Program Files\Online Services
2011-01-25 07:07:09 ----D---- C:\WINDOWS\SoftwareDistribution
2011-01-25 07:07:00 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-24 20:37:29 ----D---- C:\Documents and Settings\Pc\Application Data\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-01-10 135096]
R1 IDMTDI;IDMTDI; C:\WINDOWS\system32\DRIVERS\idmtdi.sys [2010-12-23 96600]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-01-10 61960]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-11-01 36864]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-09-28 2456064]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-29 5870080]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-06 1684736]
S3 catchme;catchme; \??\C:\DOCUME~1\Pc\LOCALS~1\Temp\catchme.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-05 1389056]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-01-10 267944]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-09-28 483328]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 PuranDefrag;PuranDefrag; C:\WINDOWS\system32\PuranDefragS.exe [2010-05-17 229376]

-----------------EOF-----------------

Dopuna: 04 Feb 2011 1:06

mycity.rs/must-login.png

Dopuna: 04 Feb 2011 1:40

pokrenuo sam dds ali nece sa desktopa nego iz programs,evo i okaio sam attach.
DDS (Ver_10-12-12.02) - NTFSx86
Run by Pc at 13:36:30.59 on Thu 02/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.895.384 [GMT -8:00]

AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
D:\link crecovan za internet download manager\Internet Download Manager v6.04.2\(zabranjeno)\IEMonitor.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
svchost.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Pc\My Documents\Downloads\Programs\dds.scr

============== Pseudo HJT Report ===============

BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - d:\link crecovan za internet download manager\internet download manager v6.04.2\(zabranjeno)\IDMIECC.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.1.0.37\IPSBHO.DLL
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
uRun: [IDMan] d:\link crecovan za internet download manager\internet download manager v6.04.2\(zabranjeno)\IDMan.exe /onboot
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
IE: Download all links with IDM - d:\link crecovan za internet download manager\internet download manager v6.04.2\(zabranjeno)\IEGetAll.htm
IE: Download FLV video content with IDM - d:\link crecovan za internet download manager\internet download manager v6.04.2\(zabranjeno)\IEGetVL.htm
IE: Download with IDM - d:\link crecovan za internet download manager\internet download manager v6.04.2\(zabranjeno)\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: {8BEAF52F-8468-4193-B32A-F0264EB3567B} = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\pc\applic~1\mozilla\firefox\profiles\6spk96t7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2928104&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.rs
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\documents and settings\pc\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\6spk96t7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\6spk96t7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\6spk96t7.default\extensions\{3d8ff719-f23c-4130-bde1-61ed2cc017b0}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\6spk96t7.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\pc\application data\mozilla\firefox\profiles\6spk96t7.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: AlertStopper: alertstopper@dorian.meric - %profile%\extensions\alertstopper@dorian.meric
FF - Ext: Bflix1 Community Toolbar: {3d8ff719-f23c-4130-bde1-61ed2cc017b0} - %profile%\extensions\{3d8ff719-f23c-4130-bde1-61ed2cc017b0}
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\documents and settings\pc\application data\idm\idmmzcc3
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coFFPlgn

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-2-1 14776]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1201000.025\SymDS.sys [2011-2-3 339504]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1201000.025\SymEFA.sys [2011-2-3 666672]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20100810.004\BHDrvx86.sys [2011-2-3 692272]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2010-12-21 96600]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1201000.025\Ironx86.sys [2011-2-3 134704]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\18.1.0.37\ccSvcHst.exe [2011-2-3 126904]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [2010-10-1 36864]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20100706.002\IDSxpx86.sys [2011-2-3 331640]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\virusdefs\20100813.009\NAVENG.SYS [2011-2-3 85424]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\virusdefs\20100813.009\NAVEX15.SYS [2011-2-3 1362608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-10-1 1684736]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2011-1-24 229376]

=============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2011-02-03 21:29:35 -------- d-----w- c:\program files\NortonInstaller
2011-02-03 21:02:13 -------- d-----w- c:\program files\trend micro
2011-02-03 17:40:53 -------- d-----w- c:\docume~1\alluse~1\applic~1\Comodo
2011-02-03 12:52:22 511328 ----a-w- c:\program files\common files\microsoft shared\capicom\CAPICOM.DLL
2011-02-03 12:51:01 74703 ----a-w- c:\windows\system32\mfc45.dll
2011-02-03 12:25:30 -------- d-----w- c:\docume~1\pc\applic~1\iolo
2011-02-03 12:25:30 -------- d-----w- c:\docume~1\alluse~1\applic~1\iolo
2011-02-02 18:53:44 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\WMTools Downloaded Files
2011-02-02 12:23:06 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\FilmOn.com
2011-02-02 12:22:56 -------- d-----w- c:\docume~1\pc\applic~1\111 Pix Ltd
2011-02-02 12:22:07 -------- d-----w- c:\program files\FilmOn HDi Player
2011-02-02 11:59:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 11:59:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 11:59:46 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-02-01 17:03:48 -------- d-----w- c:\docume~1\pc\applic~1\IObit
2011-02-01 16:38:45 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-02-01 16:38:45 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-02-01 16:37:34 -------- d-----w- c:\docume~1\alluse~1\applic~1\IObit
2011-02-01 16:34:42 -------- d-----w- c:\program files\IObit
2011-02-01 16:01:51 -------- d-----w- c:\program files\tixati
2011-02-01 12:28:46 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2011-02-01 12:28:46 544768 ----a-w- c:\windows\system32\wbocx.ocx
2011-02-01 12:28:46 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2011-02-01 12:28:46 33968 ----a-w- c:\windows\system32\anim.dll
2011-02-01 12:28:46 258352 ----a-w- c:\windows\system32\unicows.dll
2011-02-01 12:28:46 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2011-02-01 12:28:46 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-01 12:28:46 -------- d-----w- c:\program files\WinUtilities
2011-02-01 10:50:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-01 10:50:46 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-30 20:58:09 -------- d-----w- c:\program files\MSSOAP
2011-01-30 20:57:42 -------- d-----w- c:\program files\Webroot
2011-01-30 13:37:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\Soluto
2011-01-30 13:32:53 -------- d-sh--w- c:\documents and settings\pc\PrivacIE
2011-01-30 11:42:25 -------- d-----w- C:\!KillBox
2011-01-29 15:19:24 -------- d-----w- c:\docume~1\pc\applic~1\IDM
2011-01-29 15:19:21 -------- d-----w- c:\program files\Internet Download Manager
2011-01-29 13:43:26 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\ESET
2011-01-28 17:00:54 -------- d-----w- c:\docume~1\pc\applic~1\YouTube Downloader
2011-01-28 15:33:35 -------- d-----w- c:\docume~1\pc\applic~1\Search Settings
2011-01-28 15:33:31 -------- d-----w- c:\program files\Application Updater
2011-01-28 15:33:30 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-01-28 15:33:30 -------- d-----w- c:\program files\common files\Spigot
2011-01-28 15:32:38 -------- d-----w- c:\program files\YouTube Downloader
2011-01-28 10:35:47 -------- d-----w- c:\windows\system32\NtmsData
2011-01-28 10:26:54 -------- d-----w- C:\New Folder
2011-01-27 20:08:14 81920 ----a-w- c:\windows\system32\Startup.cpl
2011-01-27 19:51:18 -------- d-----w- c:\program files\MSXML 4.0
2011-01-27 15:50:22 -------- d-sh--w- c:\documents and settings\pc\IETldCache
2011-01-27 15:48:11 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-01-27 15:47:25 -------- d-----w- c:\windows\ie8updates
2011-01-27 15:46:58 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-01-27 15:46:57 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-01-27 15:46:57 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-01-27 15:46:56 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-01-27 15:46:56 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-01-27 15:46:56 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-01-27 15:46:56 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-01-27 15:45:30 -------- dc-h--w- c:\windows\ie8
2011-01-27 11:20:22 -------- d-sha-r- C:\cmdcons
2011-01-27 11:16:14 98816 ----a-w- c:\windows\sed.exe
2011-01-27 11:16:14 89088 ----a-w- c:\windows\MBR.exe
2011-01-27 11:16:14 256512 ----a-w- c:\windows\PEV.exe
2011-01-27 11:16:14 161792 ----a-w- c:\windows\SWREG.exe
2011-01-26 19:34:58 -------- d-----w- c:\docume~1\pc\applic~1\Samsung
2011-01-26 19:34:26 174592 ----a-w- c:\windows\system32\framedyn.dll
2011-01-26 19:33:59 9256 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2011-01-26 19:33:59 9256 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2011-01-26 19:33:59 9256 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2011-01-26 19:33:59 9256 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2011-01-26 19:33:59 80552 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2011-01-26 19:33:59 11944 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2011-01-26 19:33:59 106792 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2011-01-26 19:33:53 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2011-01-26 19:33:29 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2011-01-26 19:33:13 -------- d-----w- c:\program files\Samsung
2011-01-26 19:00:13 -------- d--h--w- c:\windows\system32\GroupPolicy
2011-01-26 18:51:15 -------- d-----w- c:\program files\cFosSpeed
2011-01-26 15:43:37 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
2011-01-26 15:43:34 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
2011-01-26 08:42:40 -------- d-----w- c:\docume~1\pc\applic~1\uTorrent
2011-01-26 08:40:08 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\uTorrentBar
2011-01-26 08:35:10 -------- d-----w- c:\program files\uTorrent
2011-01-25 20:19:33 -------- d-s---w- c:\documents and settings\pc\UserData
2011-01-25 15:57:18 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-01-25 15:57:18 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-01-25 15:53:02 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-01-25 15:51:09 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-01-25 15:51:07 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-01-25 15:51:06 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-01-25 15:51:04 2066816 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-01-25 15:33:51 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-01-25 15:31:53 -------- d-----w- c:\windows\system32\PreInstall
2011-01-25 15:31:52 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2011-01-25 15:31:51 -------- d--h--w- c:\windows\$hf_mig$
2011-01-25 15:07:01 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-01-25 14:46:35 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\NPE
2011-01-25 14:38:02 4208264 ----a-w- c:\docume~1\pc\applic~1\SuPeRGeNiUs_IDM.6.04.2.exe
2011-01-25 14:30:54 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\Help
2011-01-25 13:31:48 -------- d-----w- c:\docume~1\pc\applic~1\URSoft
2011-01-25 13:31:25 -------- d-----w- c:\program files\Your Uninstaller 2010
2011-01-25 13:30:25 81920 ---ha-w- c:\windows\system32\v3shrtkgn.dll
2011-01-25 13:19:25 -------- d-----r- c:\program files\Skype
2011-01-25 12:50:26 -------- d-----w- c:\docume~1\pc\applic~1\SUPERAntiSpyware.com
2011-01-25 12:50:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-01-25 12:50:16 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-01-25 09:41:02 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-01-25 09:41:00 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-01-25 09:40:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2011-01-25 09:36:59 -------- d-----w- c:\docume~1\pc\applic~1\Malwarebytes
2011-01-25 09:36:54 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-25 09:36:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-24 23:30:18 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\Temp
2011-01-24 22:43:03 229376 ----a-w- c:\windows\system32\PuranDefragS.exe
2011-01-24 22:43:03 221184 ----a-w- c:\windows\system32\PuranDC.exe
2011-01-24 22:43:03 212992 ----a-w- c:\windows\system32\PuranDefrag.dll
2011-01-24 22:43:03 107008 ----a-w- c:\windows\system32\PuranDefragBT.exe
2011-01-24 22:43:02 1110016 ----a-w- c:\windows\system32\PuranFD.exe
2011-01-24 22:43:02 -------- d-----w- c:\program files\Puran Defrag
2011-01-24 22:00:10 -------- d-----w- c:\program files\VITSOFT
2011-01-24 21:46:50 -------- d-----w- c:\program files\VideoLAN
2011-01-24 21:37:37 -------- d-----w- c:\program files\GRETECH
2011-01-24 21:29:17 -------- d-----w- c:\windows\system32\appmgmt
2011-01-24 21:09:04 -------- d-----w- c:\docume~1\pc\applic~1\Tific
2011-01-24 21:09:03 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\Symantec
2011-01-24 21:02:40 -------- d-----w- c:\docume~1\pc\locals~1\applic~1\Google
2011-01-24 20:58:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
2011-01-24 20:58:07 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller

==================== Find3M ====================

2011-02-03 21:30:41 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl

============= FINISH: 13:37:06.10 ===============

mycity.rs/must-login.png

Dopuna: 04 Feb 2011 13:22

Zar bas nikokog!!!! nema ko moze da mi pomogne i da svoje strucno misljenje.

Dopuna: 04 Feb 2011 13:31

Zar bas nikog nema iz tima da pogleda i pomogne mi osim gorana9888.Ne mogu da verujem.

Poslao: 04 Feb 2011 18:33
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Prvo cu morati da ti napisem sledece:

- moras biti strpljiv;
- mi iz AMF Tima sve ovo radimo dobrotvorno tako da bi nase odvojeno vreme i ulozen trud za slucaj trebalo da se postuje;
- u Ambulanti ces uvek dobiti odgovor, ne mozes nas ti pozurivati.


Takodje, bilo bi lepo da procitas Pravnik ovog dela foruma: LINK




Arrow


Prilikom postavljanja prve poruke imas instaliranu Aviru na racunaru, a u drugoj poruci imas instaliran Norton Internet Security. Bilo bi pametno da se odlucis za jedno security resenje i njega koristis. NIS nije besplatno security resenje tako da se nadam da si instalirao trial varijantu ili da imas uredno kupljenu/nabavljenu licencu za NIS.



Reci mi, konkretno, u cemu je problem sa tvojim racunarom?


Koristio si ComboFix. Da li znas za sta sluzi taj alat i da njegovo bespotrebno pokretanje moze unistiti operativni sistem?
Taj mocni alat se koristi samo i samo ako ti neko strucan, ko zna da rukuje tim alatom, kao npr mi iz AMF Tima, zatrazi njegovo pokretanje.


Postavi mi ComboFix log koji ti se nalazi u root-u C particije. Lokacija log-a je: C:\ComboFix.txt








goran9888 (AMF Tim)

Poslao: 04 Feb 2011 22:37
Idi na vrh
offline
  • Pridružio: 03 Feb 2011
  • Poruke: 54

Napisano: 04 Feb 2011 22:22

mycity.rs/must-login.png

Dopuna: 04 Feb 2011 22:37

da znam da je combo fix mocan alat, i nisam ga koristio sam vec mi je pomogao Basa Mrkalj na forumu svet kompjutera,i odlucio sam se za norton internet security 2011 zato kao sto znas nisam mogao da instaliram aviru suite, a avira personal antivir mi je za samo 2,5sata koriscenja pustila 8gamadi, i konacno je moj izbor NIS 2011 kojeg imam besplatno na 6 meseci.A sto se tice combo fix u jednom trenutku na forumu svet kompjutera Basa Mrkalj mi je preporucio da odem na jedan sajt da pogledam nesto i rekao mi da uradim sve kako stoji na tom sajtu, i sta se desava, na tom sajtu je bio i combo fix, a ja ne znajuci tada sta je i za sta sluzi combo fix, uradim sve kako je tamo pisalo, cak i na desktopu prevucem skriptu koja nije bila za mene u combo fix sve to ne znajuci sta je combo fix, a Basa je hteo da uradim defragmentaciju diska kao sto je bilo na tom sajtu,srecom nista se nije desilo ali posle kada mi je on poslao za mene log da prevucem u combo odjedanput mi se restartovao racunar i zablokirao pa sam u servis nosio,i po njemu ja sam imao AKTIVNE ostatke od kasperskog i zato mi se desilo to sto se desilo,e od tada meni racunar pomalo usporeno radi i povremeno se mozila firefox dize i do 320mb,i ponekad kada sam na nekom sajtu pored strelice mi se pojavi pescani sat kao da ucitava nesto a ja ne radim nista.i plasi me zasto mi je sve sifrovano kada hocu d pokrenem dds sa desktopa, a iz programs radi.

Poslao: 05 Feb 2011 01:00
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Eh Vivaldi82 ...


Odakle da pocnem! Razz




Arrow


Tvoj racunar je trenutno cist sto se malware-a tice.





Arrow


Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.




Arrow


Resetuj (iskljuci pa ponovo ukljuci) System Restore. Isprati Uputstvo sa ovog linka: http://www.mycity.rs/Uputstva/Kako-iskljuciti-uklj.....Vista.html




Arrow


Preuzmi program ATF Cleaner i sačuvaj ga na Desktop.

Štikliraj Select All i nakon toga klikni na Empty Selected.
Kada se pojavi poruka Done Cleaning, zatvori program.




Arrow


Deinstaliraj Adobe Acrobat 5.0 i instaliraj najnoviju verziju ovog programa, s'obzirom da su stare verzije kriticne; ili jednostavno predji na neku, takodje besplatnu, alternativu.
Download link: http://get.adobe.com/uk/reader/




Arrow



Update-uj Javu. Stare verzije su kriticne.
http://www.java.com/en/download/help/java_update.xml




Arrow


Ukoliko ne koristis doticne programe/toolbar-ove deinstaliraj ih (Start -> Control Panel -> Add or Remove Programs): Hitman Pro 3.5, Skype Toolbars, SUPERAntiSpyware, YouTube Downloader Toolbar v4.1.



Arrow


Taj krekovani Download Manager je takodje pozeljno da deinstaliras.



Arrow


- Toplo ti preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/

Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html




Arrow


Svrati u Windows deo foruma (otvori novu temu) ukoliko zelis dobiti jos neku preporuku za sredjivanje Windows XP-a: http://www.mycity.rs/Windows/



--------------------------------------------------

Poslao: 05 Feb 2011 13:09
Idi na vrh
offline
  • Pridružio: 03 Feb 2011
  • Poruke: 54

Napisano: 05 Feb 2011 13:05

Uradio sam sve kako si mi rekao osim deinstalacije internet download manager, zato sto kada instaliram legalan ne mogu da ga otvorim izbacuje mi poruku da je instaliran sa pograsnim serial brojem, i nema sanse da instaliram legalan, a naucio sam na njega, u kom delu foruma da ti postavim sliku da vidis sta mi izbacuje za IDM, a evo i nece da mi deinstaliara download toolbar.HVALA


Dopuna: 05 Feb 2011 13:09

Da li system restore treba da bude stikliran ili destikliran koristim windiws xp profesional.Buni me ono sto si napisao ukljuci pa iskljuci, kako treba da budestiklirano ili destiklirano.

Poslao: 05 Feb 2011 13:45
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Za System Restore sam napisao pravilno, iskljuci pa ponovo ukljuci, sto u prevodu znaci, preporucljivo je da bude stiklirano.



O nelegalnom IDM-u necemo uopste da diskutujemo. Ovaj forum se ne bavi takvim stvarima. Procitaj Pravilnik foruma: LINK




Sva ostala pitanja vezana za tvoj operativni sistem i probleme koje imas prilikom deinstalacije programa itd, pisi u ovoj temi koju si otvorio: http://www.mycity.rs/Windows/Da-li-neko-od-strunih.....akvom.html







Pozdrav,
goran9888 (AMF Tim)

Poslao: 05 Feb 2011 19:04
Idi na vrh
offline
  • Pridružio: 03 Feb 2011
  • Poruke: 54

Ok, hvala na pomoci Gorane 9888, i nisi me dobro razumeo za nelegalan idm, ja nisam pristalica datog ali ne mogu instalirati legalan i okacicu screen shot u temi u windowsu koju sam otvorio, pa ako mozes pogledaj.Hvala mnogo na ovoj pomoci.

MyCity » Ambulanta -> Arhiva Ambulante » pomoc sve je sifrovano sa dds-om

Ko je trenutno na forumu
 

Ukupno su 983 korisnika na forumu :: 48 registrovanih, 10 sakrivenih i 925 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., amaterSRB, Atomski čoban, Bane san, bankulen, cavatina, ccoogg123, cinoeye, dane007, Dannyboy, Dimitrise93, djboj, Djokkinen, doklevise, FileFinder, GORDI, Istman, Ivica1102, Kubovac, kunktator, laganini123, MB120mm, mile23, Milometer, mkukoleca, mrav pesadinac, pein, radionica1, randja26, Ripanjac, sevenino, Shinobi, Sićko, slonic_tonic, Srle993, Stija zmija, Tores, virked, Vlad000, Vlajman1957, voja64, VP6919, wolf431, zastavnik, zeo, Zerajic, 125