MyCity » Ambulanta -> Arhiva Ambulante » problem

problem

Napisano na dan: 28.11.2008

Strana:
1
2

problem

Pagination

Prethodna strana

Odgovori

Strana:
1
2

veljko-94 Poslao: 28 Nov 2008 22:27 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Izvoli https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png Kad sledeci put avast nesto detektuje zapisacu to!

Profil

dr_Bora Poslao: 28 Nov 2008 23:05 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mogao bi da odradiš Boot time skeniranje avast!-om (desni klik u prozor programa i izaberi opciju Schedule Boot-Time scan...). Log skeniranja će biti sačuvan kao: C:\Program Files\Alwil Software\Avast4\Data\Report\ashboot.txt Priloži taj log uz poruku. Nakon toga, dvoklikom pokreni ComboFix i postavi svež logfile koji dobiješ na kraju postupka.

Profil

veljko-94 Poslao: 29 Nov 2008 10:56 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo loga ovog puta avast nista nije detektovao! Da li je obavezno da uradim log sa avastom?Krenuo sam i za pola sata je jedva presao 20% pa to bi moglo da potraje. ComboFix 08-11-28.03 - FlAmE of HeLl 2008-11-29 10:37:20.9 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1541 [GMT 1:00] Running from: D:\C-F.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\tel.xls.exe c:\windows\system32\algsrv.exe c:\windows\ufdata2000.log D:\Autorun.inf G:\tel.xls.exe I:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-29 ))))))))))))))))))))))))))))))) . 2008-11-29 01:30 . 2008-11-29 01:27 3,055,459 --a------ C:\ComboFix.exe 2008-11-28 21:40 . 2008-11-28 21:40 54,156 --ah----- c:\windows\QTFont.qfn 2008-11-28 21:40 . 2008-11-28 21:40 1,409 --a------ c:\windows\QTFont.for 2008-11-28 21:34 . 2008-11-28 21:41 <DIR> d-------- C:\GTA San Andreas 2008-11-28 20:42 . 2008-11-28 20:42 26 --a------ c:\windows\ExplorerXP.INI 2008-11-28 20:27 . 2008-11-28 20:27 <DIR> d-------- c:\program files\mozilla.org 2008-11-28 20:27 . 2008-11-28 20:27 118,784 --a------ c:\windows\SeaMonkeyUninstall.exe 2008-11-28 20:27 . 2008-11-28 20:27 118,784 --a------ c:\windows\GREUninstall.exe 2008-11-28 20:27 . 2008-11-28 20:27 8,653 --a------ c:\windows\mozver.dat 2008-11-28 20:22 . 2008-11-28 20:27 <DIR> d-------- c:\program files\ExplorerXP 2008-11-28 20:12 . 2007-09-05 23:22 289,144 --a------ c:\windows\system32\VCCLSID.exe 2008-11-28 20:12 . 2006-04-27 16:49 288,417 --a------ c:\windows\system32\SrchSTS.exe 2008-11-28 20:12 . 2008-10-01 14:51 87,552 --a------ c:\windows\system32\VACFix.exe 2008-11-28 20:12 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\o4Patch.exe 2008-11-28 20:12 . 2008-05-18 20:40 82,944 --a------ c:\windows\system32\IEDFix.exe 2008-11-28 20:12 . 2008-10-10 07:58 82,944 --a------ c:\windows\system32\IEDFix.C.exe 2008-11-28 20:12 . 2008-08-18 11:19 82,432 --a------ c:\windows\system32\404Fix.exe 2008-11-28 20:12 . 2003-06-05 20:13 53,248 --a------ c:\windows\system32\Process.exe 2008-11-28 20:12 . 2004-07-31 17:50 51,200 --a------ c:\windows\system32\dumphive.exe 2008-11-28 20:12 . 2007-10-03 23:36 25,600 --a------ c:\windows\system32\WS2Fix.exe 2008-11-28 20:12 . 2008-11-28 20:12 1,402 --a------ c:\windows\system32\tmp.reg 2008-11-28 20:02 . 2008-11-28 20:03 <DIR> d-------- C:\totalcmd 2008-11-28 19:19 . 2008-11-28 19:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\Blizzard 2008-11-28 11:40 . 2008-10-28 23:08 723,504 --a------ c:\windows\system32\vnetlib.dll 2008-11-28 11:40 . 2008-10-28 23:07 399,920 --a------ c:\windows\system32\vmnat.exe 2008-11-28 11:40 . 2008-10-28 23:08 326,192 --a------ c:\windows\system32\vmnetdhcp.exe 2008-11-28 11:40 . 2008-10-28 17:03 55,856 -ra------ c:\windows\system32\vnetinst.dll 2008-11-28 11:40 . 2008-10-28 17:03 50,736 -ra------ c:\windows\system32\vmnetbridge.dll 2008-11-28 11:40 . 2008-10-28 17:03 31,280 -ra------ c:\windows\system32\drivers\vmnetbridge.sys 2008-11-28 11:40 . 2008-10-28 23:08 26,288 --a------ c:\windows\system32\drivers\vmnetuserif.sys 2008-11-28 11:40 . 2008-10-28 17:03 18,736 -ra------ c:\windows\system32\drivers\vmnet.sys 2008-11-28 11:40 . 2008-10-28 17:03 16,560 -ra------ c:\windows\system32\drivers\vmnetadapter.sys 2008-11-28 11:39 . 2008-10-28 23:08 23,216 --a------ c:\windows\system32\drivers\VMkbd.sys 2008-11-28 11:39 . 2008-11-28 11:39 1,024 --a------ C:\.rnd 2008-11-28 11:38 . 2008-11-28 11:38 <DIR> d-------- c:\program files\VMware 2008-11-28 10:42 . 2008-11-28 10:42 <DIR> d-------- c:\program files\Color_Cop 2008-11-28 10:42 . 2008-11-28 10:42 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\ColorCop 2008-11-28 10:41 . 2008-11-28 10:41 <DIR> d-------- c:\program files\Actual Transparent Window 2008-11-28 10:41 . 2008-11-28 10:41 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Actual Tools 2008-11-28 10:40 . 2008-11-28 10:40 <DIR> d-------- c:\program files\Anders Kjersem 2008-11-27 22:21 . 2008-11-28 22:13 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\CoreFTP 2008-11-27 22:20 . 2008-11-27 22:20 <DIR> d-------- c:\program files\CoreFTP 2008-11-26 21:56 . 2008-11-26 21:56 447,958 --a------ C:\AnalysisLog.sr0 2008-11-26 11:23 . 2008-11-26 11:23 8,192 --ahs---- c:\windows\Thumbs.db 2008-11-26 10:12 . 2008-08-14 11:09 2,145,280 --a------ c:\windows\system32\ntoskrnl.exe.FlyakiteOSX 2008-11-26 10:12 . 2008-08-14 10:33 2,023,936 --a------ c:\windows\system32\ntkrnlpa.exe.FlyakiteOSX 2008-11-26 10:12 . 2008-04-14 05:42 514,560 --a------ c:\windows\system32\logonui.exe.FlyakiteOSX 2008-11-26 10:12 . 2008-04-14 05:42 220,672 --a------ c:\windows\system32\logon.scr.FlyakiteOSX 2008-11-25 20:03 . 2008-11-26 10:24 <DIR> d-------- c:\program files\Safari 2008-11-25 20:03 . 2008-11-25 20:03 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Apple Computer 2008-11-25 11:21 . 2008-11-26 20:46 <DIR> d-------- C:\tmp 2008-11-24 20:56 . 2008-11-24 20:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\SimCity Societies 2008-11-24 12:34 . 2008-11-24 12:34 <DIR> d-------- c:\program files\RivaTuner v2.20 2008-11-24 09:39 . 2008-11-28 11:55 <DIR> d-------- c:\program files\Minefield 2008-11-24 08:38 . 2008-11-24 08:38 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Media Player Classic 2008-11-24 08:37 . 2008-11-24 08:37 <DIR> d-------- c:\program files\Real Alternative 2008-11-24 08:09 . 2008-11-24 08:09 <DIR> d-------- c:\program files\MediaInfo 2008-11-23 21:34 . 2008-11-23 21:34 <DIR> d-------- c:\program files\Sun 2008-11-20 20:06 . 2008-11-20 20:06 <DIR> d-------- C:\DVDVideoSoft 2008-11-18 20:51 . 2008-11-18 20:51 <DIR> d-------- c:\program files\PowerISO 2008-11-18 20:23 . 2008-11-18 20:23 <DIR> d-------- c:\program files\VirtualDJ 2008-11-18 20:04 . 2008-11-18 20:04 <DIR> d-------- c:\program files\Cadsoft 2008-11-18 20:04 . 2008-11-18 20:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\Cadsoft 2008-11-17 21:09 . 2008-11-17 21:54 280 --a------ c:\windows\{21D15DED-F125-46C8-8017-CB9F1CEB5B4D}_WiseFW.ini 2008-11-17 21:04 . 2008-11-17 21:04 2,306,113 --a------ c:\windows\system32\GPhotos.scr 2008-11-17 20:44 . 2008-11-17 20:44 <DIR> d-------- c:\program files\DVDVideoSoft 2008-11-17 20:44 . 2008-11-17 20:44 <DIR> d-------- c:\program files\Common Files\DVDVideoSoft 2008-11-17 14:33 . 2008-11-17 14:33 <DIR> d-------- c:\program files\Monte Cristo 2008-11-16 19:22 . 2008-11-16 19:23 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Sports Interactive 2008-11-16 19:22 . 2008-11-16 22:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sports Interactive 2008-11-15 15:13 . 2008-11-15 15:13 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Skinux 2008-11-15 15:11 . 2008-11-15 15:11 <DIR> d-------- c:\program files\The Skins Factory 2008-11-15 12:16 . 2008-11-15 12:16 <DIR> d-------- c:\program files\Sony Ericsson 2008-11-15 08:25 . 2008-11-15 08:31 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Digsby 2008-11-15 08:22 . 2008-11-15 08:25 <DIR> d-------- c:\program files\Digsby 2008-11-14 13:33 . 2008-11-14 13:33 <DIR> d-------- c:\program files\TGTSoft 2008-11-14 08:18 . 2008-11-14 08:18 <DIR> d-------- c:\program files\TeamViewer3 2008-11-14 08:18 . 2008-11-14 08:18 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\temp 2008-11-14 08:18 . 2008-11-14 08:18 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\TeamViewer 2008-11-14 08:14 . 2008-11-14 08:14 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-11-14 08:14 . 2008-11-14 08:14 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Malwarebytes 2008-11-14 08:14 . 2008-11-14 08:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-11-14 08:14 . 2008-10-22 16:27 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-11-14 08:14 . 2008-10-22 16:27 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-11-12 21:39 . 2008-11-12 21:39 <DIR> d-------- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP 2008-11-12 20:39 . 2008-11-12 20:39 <DIR> d-------- c:\program files\YouTube Downloader 2008-11-12 11:13 . 2008-11-12 11:13 <DIR> d-------- c:\program files\Microsoft Silverlight 2008-11-11 22:22 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll 2008-11-11 22:22 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll 2008-11-11 22:22 . 2008-10-27 10:04 514,384 --a------ c:\windows\system32\XAudio2_3.dll 2008-11-11 22:22 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll 2008-11-11 22:22 . 2008-10-27 10:04 235,856 --a------ c:\windows\system32\xactengine3_3.dll 2008-11-11 22:22 . 2008-10-27 10:04 70,992 --a------ c:\windows\system32\XAPOFX1_2.dll 2008-11-11 22:22 . 2008-10-27 10:04 23,376 --a------ c:\windows\system32\X3DAudio1_5.dll 2008-11-11 22:21 . 2008-11-11 22:21 <DIR> d-------- C:\dx 2008-11-11 22:03 . 2008-11-11 22:03 <DIR> d-------- c:\program files\Audacity 2008-11-11 22:00 . 2008-11-11 22:00 <DIR> d-------- c:\windows\system32\IOSUBSYS 2008-11-11 21:59 . 2008-11-11 21:59 <DIR> d-------- c:\program files\IObit 2008-11-10 13:14 . 2008-11-10 13:14 2,915,944 --a------ c:\windows\system32\drivers\appdrv01.sys 2008-11-10 13:14 . 2008-11-10 13:14 304,528 --a------ c:\windows\system32\appdrvrem01.exe 2008-11-10 12:47 . 2008-11-10 13:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\FLEXnet 2008-11-10 12:44 . 2008-11-10 12:44 <DIR> d-------- c:\program files\Adobe Media Player 2008-11-10 12:41 . 2008-11-10 12:41 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2008-11-09 11:21 . 2008-11-09 11:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Fallout3 2008-11-09 11:09 . 2008-11-09 11:12 <DIR> d-------- C:\HLserver 2008-11-08 21:54 . 2008-11-09 09:36 <DIR> d-------- c:\program files\Valvee 2008-11-08 21:53 . 2008-11-08 21:53 <DIR> d-------- c:\program files\Valvebre 2008-11-08 21:48 . 2008-11-08 21:48 <DIR> d-------- c:\program files\MSN Messenger 2008-11-06 14:27 . 2008-11-06 14:27 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\OpenOffice.org 2008-11-06 13:25 . 2008-11-06 13:25 <DIR> d-------- c:\program files\Readon Technology 2008-11-06 13:21 . 2008-11-06 13:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\dtv 2008-11-06 13:17 . 2008-11-06 13:18 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\SoftMaker 2008-11-06 13:16 . 2008-11-06 13:22 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Ashampoo 2008-11-06 13:16 . 2008-11-06 13:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\ashampoo 2008-11-06 13:15 . 2008-11-06 13:22 <DIR> d-------- c:\program files\Ashampoo 2008-11-05 22:36 . 2008-11-05 22:36 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Thinstall 2008-11-05 22:27 . 2008-11-29 10:28 <DIR> d-------- c:\program files\Gordian Knot v0.35.0 Portable 2008-11-05 15:26 . 2008-11-05 15:26 <DIR> d-------- c:\program files\BS.Player ControlBar 2008-11-05 15:26 . 2008-11-05 18:09 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\BSplayer 2008-11-05 15:23 . 2008-11-05 15:23 <DIR> d-------- c:\program files\OpenOffice.org 3 2008-11-05 14:42 . 2008-11-05 14:42 <DIR> d-------- c:\program files\Pidgin 2008-11-05 14:42 . 2008-11-05 14:42 <DIR> d-------- c:\program files\Common Files\GTK 2008-11-05 14:42 . 2008-11-10 11:12 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\.purple 2008-11-05 14:40 . 2008-11-05 14:40 <DIR> d-------- c:\program files\AskBarDis 2008-11-05 14:40 . 2008-11-23 19:06 <DIR> d-------- c:\documents and settings\FlAmE of HeLl\Application Data\Azureus . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-28 20:15 --------- d-----w c:\program files\Garena 2008-11-28 17:44 14,336 ----a-w c:\windows\system32\svchost.exe 2008-11-28 08:08 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\BitTorrent 2008-11-27 18:37 66,872 ----a-w c:\windows\system32\PnkBstrA.exe 2008-11-26 09:26 --------- d-----w c:\program files\Bonjour 2008-11-26 09:24 --------- d-----w c:\program files\WinRarce 2008-11-24 19:51 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-11-24 19:51 22,328 ----a-w c:\documents and settings\FlAmE of HeLl\Application Data\PnkBstrK.sys 2008-11-24 19:51 2,250,024 ----a-w c:\windows\system32\pbsvc.exe 2008-11-24 19:51 107,832 ----a-w c:\windows\system32\PnkBstrB.exe 2008-11-24 19:47 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-24 07:36 --------- d-----w c:\program files\Common Files\Real 2008-11-23 19:45 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\BearShare 2008-11-23 11:56 --------- d-----w c:\program files\Valve 2008-11-22 20:18 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-11-22 20:13 --------- d-----w c:\program files\Flock 2008-11-21 14:12 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Hamachi 2008-11-21 12:10 --------- d-----w c:\program files\nLite 2008-11-18 19:45 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Activision 2008-11-18 19:45 --------- d-----w c:\documents and settings\All Users\Application Data\Activision 2008-11-17 21:07 --------- d-----w c:\program files\Google 2008-11-17 21:06 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Skype 2008-11-17 20:09 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-11-15 17:37 --------- d-----w c:\program files\Songbird 2008-11-15 10:42 --------- d-----w c:\program files\Common Files\Adobe 2008-11-15 10:40 --------- d-----w c:\program files\Opera 2008-11-12 10:13 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-11-12 10:12 --------- d-----w c:\program files\Microsoft Visual Studio 9.0 2008-11-11 18:18 --------- d-----w c:\program files\Stardock 2008-11-11 18:18 --------- d-----w c:\program files\Common Files\Stardock 2008-11-08 20:44 --------- d-----w c:\program files\Windows Live 2008-11-06 13:04 --------- d-----w c:\program files\SpeedFan 2008-11-06 12:23 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\FrostWire 2008-11-05 14:26 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion 2008-11-05 14:23 --------- d-----w c:\program files\OpenOffice.org 2.4 2008-11-05 13:46 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\OpenOffice.org2 2008-11-05 13:44 --------- d-----w c:\program files\Recuva 2008-11-05 13:10 71,268 ----a-w c:\windows\BricoPackUninst.cmd 2008-11-05 12:22 --------- d-----w c:\program files\LimeWire 2008-11-04 07:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-11-03 13:52 --------- d-----w c:\program files\AlienGUIse 2008-11-03 11:55 --------- d-----w c:\documents and settings\All Users\Application Data\Codemasters 2008-11-03 11:52 444,952 ----a-w c:\windows\system32\wrap_oal.dll 2008-11-03 11:52 109,080 ----a-w c:\windows\system32\OpenAL32.dll 2008-10-28 22:08 857,392 ----a-w c:\windows\system32\drivers\vmx86.sys 2008-10-28 22:08 54,960 ----a-w c:\windows\system32\drivers\vmci.sys 2008-10-28 22:08 32,304 ----a-w c:\windows\system32\drivers\hcmon.sys 2008-10-28 22:08 14,896 ----a-w c:\windows\system32\drivers\vmparport.sys 2008-10-28 17:45 248,368 ----a-w c:\windows\system32\vmnc.dll 2008-10-28 07:49 --------- d-----w c:\program files\AIMP2 2008-10-28 07:46 --------- d-----w c:\program files\Miranda IM 2008-10-28 06:46 --------- d-----w c:\program files\File Scavenger 3.2 2008-10-28 06:39 --------- d-----w c:\program files\Runtime Software 2008-10-28 06:35 --------- d-----w c:\program files\GetData 2008-10-26 18:57 --------- d-----w c:\program files\MacSearch_v.1.4.3 2008-10-26 18:41 --------- d-----w c:\program files\CursorXP 2008-10-26 16:57 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\FindeXer 2008-10-26 16:05 --------- d-----w c:\program files\Windows Media Connect 2 2008-10-26 12:55 --------- d-----w c:\program files\Blender Foundation 2008-10-26 12:55 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Blender Foundation 2008-10-25 19:37 --------- d-----w c:\program files\Invisible IP Map 2008-10-23 21:39 96,016 ----a-w c:\windows\system32\drivers\VBoxDrv.sys 2008-10-23 21:39 41,744 ----a-w c:\windows\system32\drivers\VBoxUSBMon.sys 2008-10-20 17:19 --------- d-----w c:\program files\Launchy 2008-10-20 17:17 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Launchy 2008-10-19 17:18 --------- d-----w c:\program files\MSXML 4.0 2008-10-19 13:11 --------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2008-10-18 17:59 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\MxBoost 2008-10-18 12:50 --------- d--h--w c:\program files\InstallJammer Registry 2008-10-18 08:10 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Dev-Cpp 2008-10-17 10:36 43,520 ----a-w c:\windows\system32\CmdLineExt03.dll 2008-10-17 10:00 --------- d-----w c:\program files\AGEIA Technologies 2008-10-17 06:32 --------- d-----w c:\program files\GIMP-2.0 2008-10-16 18:42 --------- d-----w c:\documents and settings\All Users\Application Data\Avg8 2008-10-16 18:37 --------- d-----w c:\program files\Pivot Stickfigure Animator 2008-10-16 18:32 --------- d-----w c:\program files\ESET 2008-10-16 18:30 --------- d-----w c:\documents and settings\All Users\Application Data\Avira 2008-10-16 06:33 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Miranda 2008-10-13 20:06 --------- d-----w c:\program files\LocalCooling 2008-10-13 06:53 --------- d-----w c:\program files\PhotoFiltre 2008-10-12 15:32 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\AIMP 2008-10-11 07:30 --------- d-----w c:\program files\SecondLife 2008-10-11 07:23 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\SecondLife 2008-10-10 16:10 --------- d-----w c:\program files\Game_Maker7 2008-10-09 16:46 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys 2008-10-09 16:46 47,360 ----a-w c:\documents and settings\FlAmE of HeLl\Application Data\pcouffin.sys 2008-10-09 16:46 --------- d-----w c:\program files\DVDFab 5 2008-10-09 16:46 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Vso 2008-10-09 16:44 --------- d-----w c:\program files\7-Zip 2008-10-05 19:30 --------- d-----w c:\program files\Windows Journal Viewer 2008-10-05 06:31 --------- d-----w c:\program files\KGB Archiver 2 2008-10-04 15:44 --------- d-----w c:\program files\Common Files\Blizzard Entertainment 2008-10-04 08:23 --------- d-----w c:\documents and settings\All Users\Application Data\Test Drive Unlimited 2008-10-03 09:54 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Nero 2008-10-03 09:51 --------- d-----w c:\program files\Common Files\Nero 2008-10-03 09:42 --------- d-----w c:\program files\Windows Sidebar 2008-10-03 09:38 --------- d-----w c:\documents and settings\All Users\Application Data\Nero 2008-10-02 20:28 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Disney Interactive Studios 2008-10-02 20:08 --------- d-----w c:\documents and settings\FlAmE of HeLl\Application Data\Leadertech 2008-10-02 17:26 64,960 ----a-w c:\windows\system32\drivers\stcp2v30.sys . ((((((((((((((((((((((((((((( snapshot@2008-11-28_18.53.55.14 ))))))))))))))))))))))))))))))))))))))))) . + 2008-11-28 21:13:11 884,736 ----a-w c:\windows\gmer.dll + 2008-04-17 20:13:02 811,008 ----a-w c:\windows\gmer.exe + 2008-11-28 21:13:11 85,969 ----a-w c:\windows\system32\drivers\gmer.sys - 2008-11-28 07:48:50 1,664,376 ----a-w c:\windows\system32\FNTCACHE.DAT + 2008-11-28 21:02:36 1,664,376 ----a-w c:\windows\system32\FNTCACHE.DAT + 2008-11-29 09:29:02 16,384 ----atw c:\windows\temp\Perflib_Perfdata_41c.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-10-02 16:44 325000 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-02 325000] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-02 325000] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-18 81000] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegedit"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoPopUpsOnBoot"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient] 2005-01-31 15:13 49152 c:\progra~1\COMMON~1\Stardock\MCPStub.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2001-12-20 23:34 24576 c:\program files\AlienGUIse\fastload.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk] backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Launchy.lnk] backup=c:\windows\pss\Launchy.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^hamachi.lnk] backup=c:\windows\pss\hamachi.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^LimeWire On Startup.lnk] path=c:\documents and settings\FlAmE of HeLl\Start Menu\Programs\Startup\LimeWire On Startup.lnk backup=c:\windows\pss\LimeWire On Startup.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^MacSearch.lnk] backup=c:\windows\pss\MacSearch.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk] backup=c:\windows\pss\OpenOffice.org 2.4.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk] path=c:\documents and settings\FlAmE of HeLl\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^Pure Registration.lnk] backup=c:\windows\pss\Pure Registration.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^RK Launcher.lnk] backup=c:\windows\pss\RK Launcher.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^RocketDock.lnk] backup=c:\windows\pss\RocketDock.lnkStartup path=c:\documents and settings\FlAmE of HeLl\Start Menu\Programs\Startup\RocketDock.lnk [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^Stardock ObjectDock.lnk] backup=c:\windows\pss\Stardock ObjectDock.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^tclock2.lnk] backup=c:\windows\pss\tclock2.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^TransBar.lnk] backup=c:\windows\pss\TransBar.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^TrueTransparency.lnk] backup=c:\windows\pss\TrueTransparency.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^UberIcon.lnk] backup=c:\windows\pss\UberIcon.lnkStartup path=c:\documents and settings\FlAmE of HeLl\Start Menu\Programs\Startup\UberIcon.lnk [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^Y'z Shadow.lnk] path=c:\documents and settings\FlAmE of HeLl\Start Menu\Programs\Startup\Y'z Shadow.lnk backup=c:\windows\pss\Y'z Shadow.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^FlAmE of HeLl^Start Menu^Programs^Startup^Yahoo! Widgets.lnk] backup=c:\windows\pss\Yahoo! Widgets.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\36X Raid Configurer] -ra------ 2007-08-29 09:55 1966080 c:\windows\system32\xRaidSetup.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Actual Transparent Window] --a------ 2008-10-14 05:02 937984 c:\program files\Actual Transparent Window\ActualTransparentWindowCenter.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 01:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] --a------ 2008-08-14 07:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2008-04-14 05:42 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorXP] --a------ 2005-01-19 16:34 128000 c:\program files\CursorXP\CursorXP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] --a------ 2007-08-29 16:09 171464 c:\program files\DAEMON Tools\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] --a------ 2008-09-28 17:56 30192 c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] --a----t- 2008-08-31 13:38 133104 c:\documents and settings\FlAmE of HeLl\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk] --a------ 2007-01-01 22:22 3739648 c:\program files\Google\Google Talk\googletalk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2004-09-13 14:49 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InvisibleIPMap] --a------ 2007-09-18 21:21 2475520 c:\program files\Invisible IP Map\InvisibleIP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup] -r------- 2007-03-20 07:36 36864 c:\windows\RaidTool\xInsIDE.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] --------- 2007-02-07 15:21 54832 c:\program files\CyberLink\PowerDVD\Language\Language.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LocalCooling] --a------ 2006-12-01 17:09 2056875 c:\program files\LocalCooling\localcooling.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-10-18 02:34 5724184 c:\windows live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2008-10-07 12:33 13574144 c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2008-10-07 12:33 86016 c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] --a------ 2008-11-02 09:38 167936 c:\program files\PowerISO\PWRISOVM.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-10-19 19:16 286720 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean] --a------ 2008-10-29 07:22 8475880 c:\program files\RegClean\RegClean.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic] --a------ 2008-07-08 16:41 2828184 c:\program files\Registry Mechanic\RegMech.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --------- 2007-03-14 20:01 71216 c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] --a------ 2007-09-02 12:58 495616 c:\program files\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2008-07-23 13:11 21738792 c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient] --a------ 2002-12-16 15:51 36864 c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup] --a------ 2003-03-31 18:28 155648 c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive] --a------ 2008-06-29 23:01 52168 c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VistaStartMenu] --a------ 2008-09-19 18:16 2145280 c:\program files\Vista Start Menu\VistaStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray] --a------ 2008-10-28 23:07 96816 c:\program files\VMware\VMware Workstation\vmware-tray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule] --a------ 2007-11-15 14:55 2850816 c:\program files\WinFast\WFDTV\WFWIZ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV] --a------ 2007-11-16 15:13 90112 c:\program files\WinFast\WFDTV\DTVSchdl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] --a------ 2005-05-03 17:43 69632 c:\windows\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2008-10-07 12:33 1630208 c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] --a------ 2008-05-07 14:39 16862208 c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "TuneUp.Defrag"=3 (0x3) "usnjsvc"=3 (0x3) "UleadBurningHelper"=2 (0x2) "Pml Driver HPZ12"=3 (0x3) "ose"=3 (0x3) "IDriverT"=3 (0x3) "MONyog"=2 (0x2) "gupdate1c90b651dea8622"=2 (0x2) "UserAccess7"=2 (0x2) "NMSAccessU"=2 (0x2) "gusvc"=3 (0x3) "PnkBstrA"=2 (0x2) "Bonjour Service"=2 (0x2) "FLEXnet Licensing Service"=3 (0x3) "WMPNetworkSvc"=3 (0x3) "idsvc"=3 (0x3) "Adobe LM Service"=3 (0x3) "odserv"=3 (0x3) "GoogleDesktopManager-090808-172447"=3 (0x3) "Nero BackItUp Scheduler 4.0"=2 (0x2) "AVP"=2 (0x2) "VMware NAT Service"=2 (0x2) "VMnetDHCP"=2 (0x2) "VMAuthdService"=2 (0x2) "ufad-ws60"=3 (0x3) "NVSvc"=2 (0x2) "ASKService"=2 (0x2) "appdrvrem01"=2 (0x2) "StyleXPService"=2 (0x2) "PnkBstrB"=2 (0x2) "HdThemeEnabler"=2 (0x2) "bevtsvce"=2 (0x2) "bevtservice"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"= "d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"= "d:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"= "d:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"= "c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "d:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"= "d:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"= "c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\FrostWire\\FrostWire.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\WINDOWS\\system32\\dxdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "d:\\Program Files\\Activision Value\\Soldier of Fortune Payback\\sof3.exe"= "d:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"= "d:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"= "d:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"= "c:\\Windows Live\\Messenger\\msnmsgr.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "d:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"= "d:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"= "d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "d:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"= "d:\\Program Files\\Codemasters\\GRID\\GRID.exe"= "d:\\Program Files\\Mass Effect\\Binaries\\MassEffect.exe"= "d:\\Program Files\\Mass Effect\\MassEffectLauncher.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "d:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\sacred2.exe"= "d:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\s2gs.exe"= "c:\\Program Files\\Shareaza\\Shareaza.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "d:\\Program Files\\Activision\\Quantum of Solace(TM)\\JB_LiveEngine_s.exe"= "d:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"= "d:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"= "d:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"= "d:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\VMware\\VMware Workstation\\vmware-authd.exe"= "c:\\WINDOWS\\system32\\winver.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP::Disabled:Adobe CSI CS4 R1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [2008-11-10 2915944] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-10-16 110160] R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2008-10-07 96016] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2008-10-07 41744] R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};\??\c:\program files\CyberLink\PowerDVD\000.fcl [2006-11-02 15:51:58 13560] R2 adfs;adfs;c:\windows\system32\drivers\adfs.sys [2008-08-14 74720] R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-10-16 20560] R2 vmci;VMware vmci;\??\c:\windows\system32\Drivers\vmci.sys [2008-10-28 54960] S2 EsetNod32Fix;Nod32 AV;c:\windows\Regedit.exe /s c:\windows\Fix.reg [2004-08-03 146432] S3 NTProcDrv;Process creation detector for NT.;\??\c:\windows\TEMP\drv1.tmp [] S3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2008-10-07 31824] S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFDTV\WFIOCTL.SYS [2008-08-06 9446] S3 WFLR6654;WinFast TV2000 XP Global/Global TV (Video);c:\windows\system32\drivers\wfeaglxt.sys [2008-08-06 405632] S4 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc [] S4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2008-11-05 460168] S4 GoogleDesktopManager-090808-172447;Google Desktop Manager 5.8.809.8522;"c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-28 30192] S4 gupdate1c90b651dea8622;Google Update Service (gupdate1c90b651dea8622);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-08-31 133104] S4 HdThemeEnabler;Hyperdesk Theme Enabler;"c:\program files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe" -service [2008-07-21 106496] S4 MONyog;MONyog;c:\program files\MONyog\bin\MONyog.exe -s [] S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2008-11-21 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 14:17] 2008-11-04 c:\windows\Tasks\RegClean Scheduled Scan.job - c:\program files\RegClean\RegClean.exe [2008-10-29 07:22] 2008-11-04 c:\windows\Tasks\RegClean Scheduled Scan.job - c:\program files\RegClean [2008-11-03 20:15] 2008-11-29 c:\windows\Tasks\RegCure Program Check.job - c:\program files\RegCure\RegCure.exe [2008-04-21 22:21] 2008-10-31 c:\windows\Tasks\RegCure.job - c:\program files\RegCure\RegCure.exe [2008-04-21 22:21] . . ------- Supplementary Scan ------- . FireFox -: Profile - c:\documents and settings\FlAmE of HeLl\Application Data\Mozilla\Firefox\Profiles\bpgka871.default\ FF -: plugin - c:\documents and settings\FlAmE of HeLl\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF -: plugin - c:\program files\Google\Lively\nplively.dll FF -: plugin - c:\program files\Google\Picasa3\npPicasa3.dll FF -: plugin - c:\program files\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll FF -: plugin - c:\program files\Opera\program\plugins\NPOFF12.DLL FF -: plugin - c:\program files\Opera\program\plugins\nppl3260.dll FF -: plugin - c:\program files\Opera\program\plugins\nprpjplug.dll FF -: plugin - c:\program files\Real\RhapsodyPlayerEngine\nprhapengine.dll FF -: plugin - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-29 10:38:52 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NTProcDrv] "ImagePath"="\??\c:\windows\TEMP\drv1.tmp" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1080) c:\progra~1\COMMON~1\Stardock\mcpstub.dll c:\program files\AlienGUIse\fastload.dll . Completion time: 2008-11-29 10:39:26 ComboFix-quarantined-files.txt 2008-11-29 09:39:20 ComboFix2.txt 2008-11-28 20:17:12 ComboFix3.txt 2008-11-28 17:54:19 Pre-Run: 8,137,027,584 bytes free Post-Run: 8,120,397,824 bytes free 571 --- E O F --- 2008-10-25 19:59:58

Profil

dr_Bora Poslao: 29 Nov 2008 20:37 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imaš neki usb flash drive? Ako imaš, isprati sledeće uputstvo: Skini sledeci program - http://amf.mycity.rs/personal/bobby/USB_blocker/usb_blocker.exe - startuj ga i odaberi opciju Auto block - ubaci USB stick u komp i sacekaj koji sekund (recimo 5-10 sekundi) - program je sada uradio analizu sticka (vidi se u donjem delu programa, u logu) - gore levo klikni duplo na slovo koje oznacava particiju, tj. tvoj USB stick - dole kraj sata ce se pojaviti poruka da smes da izvadis USB stick iz kompa - ne gasi program, vec ubaci sledeci USB stick i za njega isto sacekaj par sekundi, i tako redom za sve stickove, MP3 plejere, mobilni - zapamti kojim redom su ubacivani stickovi Kada sve to zavrsis, log u donjem delu programa ce sadrzati sve podatke koji su meni potrebni da bih video koji stick je zarazen. Klikni desnim dugmetom misa na log/izvestaj i odaberi Save log. Automatski ce se otvoriti Notepad i u njemu izvestaj. Iskopiraj mi taj izvestaj ovde na forum. Takođe, reci mi i kakvo je sada stanje.

Profil

veljko-94 Poslao: 29 Nov 2008 22:07 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Stanje je odlicno avast nista ne priljavljuje!Kad sam stavio drugi usb prijavio je autorun.inf(nisam siguran da li se tako zove).Drugih probelma nema USB_blocker by bobby Started at 11/29/2008 9:54:31 PM Scanning for connected USB Mass storage... ======================================== ======================================== Scanning for other storage... ======================================== G: e10f6d9c-a58a-11dd-86ea-806d6172696f I: e10f6d9d-a58a-11dd-86ea-806d6172696f C: f74c1f50-63ac-11dd-aec4-806d6172696f D: f74c1f51-63ac-11dd-aec4-806d6172696f ======================================== Scanning fixed storage for autorun.inf files... ======================================== ======================================== New device connected at 11/29/2008 9:54:58 PM Scanning for connected USB Mass storage... ======================================== J: d0958acc-ad78-11dd-870e-005056c00008 ======================================== Scanning USB mass storage for autorun.inf and desktop.ini files... ======================================== autorun.inf found on J: File J:\autorun.inf renamed successfully Sanitizing Shell Menu... No key for GUID: d0958acc-ad78-11dd-870e-005056c00008 ======================================== New device connected at 11/29/2008 9:56:24 PM Scanning for connected USB Mass storage... ======================================== J: 9396ec48-6601-11dd-a93a-001d7dd11df6 ======================================== Scanning USB mass storage for autorun.inf and desktop.ini files... ======================================== autorun.inf found on J: File J:\autorun.inf renamed successfully Sanitizing Shell Menu... No key for GUID: 9396ec48-6601-11dd-a93a-001d7dd11df6 ======================================== Dopuna: 29 Nov 2008 22:07 Uh zaborvih da li se u ovo racunaju prenosni hard diskovi?

Profil

dr_Bora Poslao: 29 Nov 2008 22:13 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! USB diskovi? Da.

Profil

veljko-94 Poslao: 29 Nov 2008 22:19 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kad sam gaprikacio pokazao je ovo.Ali pokazao je taj drajv l ne u removable vec u other drives USB_blocker by bobby Started at 11/29/2008 10:13:10 PM Scanning for connected USB Mass storage... ======================================== ======================================== Scanning for other storage... ======================================== G: e10f6d9c-a58a-11dd-86ea-806d6172696f I: e10f6d9d-a58a-11dd-86ea-806d6172696f C: f74c1f50-63ac-11dd-aec4-806d6172696f D: f74c1f51-63ac-11dd-aec4-806d6172696f ======================================== Scanning fixed storage for autorun.inf files... ======================================== ======================================== New device connected at 11/29/2008 10:13:24 PM Scanning for connected USB Mass storage... ======================================== ======================================== Scanning USB mass storage for autorun.inf and desktop.ini files... ======================================== Sanitizing Shell Menu... ========================================

Profil

dr_Bora Poslao: 29 Nov 2008 22:25 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK. Ovo bi sada trebalo biti čisto. Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore I to bi bilo sve.

Profil

veljko-94 Poslao: 29 Nov 2008 22:27 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! @dr bora Jedno veliko HVALA!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem

Ko je trenutno na forumu

Ukupno su 1070 korisnika na forumu :: 46 registrovanih, 9 sakrivenih i 1015 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., amaterSRB, Apok, bokisha253, botta, BSD, bufanje, cavatina, dekan.m, Denaya, drimer, flash12, FOX, Georgius, HrcAk47, Još malo pa deda, Karla, Kubovac, kubura91, kunktator, kybonacci, ladro, ljuba, Mi lao shu, MiG-29M2, milenko crazy north, mocnijogurt, moldway, MrNo, Ne doznajem se u oružje, nuke92, Oscar, Parker, pein, powSrb, prle122, raptorsi, RJ, Sirius, slonic_tonic, Smajser, Srle993, tubular, vladulns, W123

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by