MyCity » Ambulanta -> Arhiva Ambulante » problem win32

problem win32

Napisano na dan: 18.10.2009

problem win32

Sledeća strana

Pagination

Odgovori

jockyy1 Poslao: 18 Okt 2009 23:16 Idi na vrh
offline jockyy1 Građanin Pridružio: 21 Maj 2008 Poruke: 154 Gde živiš: Gradiska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ne mogu resiti nikako ovo???? Trazio sam po forumu ali mi nista nije pomoglo...pomagajte!!Evo log dds-a.. DDS (Ver_09-10-13.01) - NTFSx86 Run by XPPRESP3 at 23:05:59,64 on ned 18.10.2009 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_16 Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.2046.1178 [GMT 2:00] ============== Running Processes =============== F:\WINDOWS\system32\Ati2evxx.exe F:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe F:\WINDOWS\system32\Ati2evxx.exe svchost.exe svchost.exe F:\WINDOWS\system32\spoolsv.exe F:\Program Files\Avira\AntiVir Desktop\sched.exe F:\Program Files\Avira\AntiVir Desktop\avguard.exe F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe F:\Program Files\Bonjour\mDNSResponder.exe F:\WINDOWS\system32\CTSVCCDA.EXE F:\Program Files\Java\jre6\bin\jqs.exe f:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe F:\WINDOWS\system32\svchost.exe -k imgsvc F:\WINDOWS\system32\MsPMSPSv.exe F:\WINDOWS\system32\SearchIndexer.exe F:\WINDOWS\Explorer.EXE F:\WINDOWS\PixArt\PAC7302\Monitor.exe F:\WINDOWS\system32\CTHELPER.EXE F:\Program Files\Google\Google Talk\googletalk.exe F:\Program Files\Avira\AntiVir Desktop\avgnt.exe F:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe F:\Program Files\Common Files\Real\Update_OB\realsched.exe F:\WINDOWS\system32\kxmixer.exe F:\Program Files\iTunes\iTunesHelper.exe F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe F:\Program Files\Java\jre6\bin\jusched.exe F:\Program Files\PowerISO\PWRISOVM.EXE F:\Program Files\Skype\Phone\Skype.exe F:\Program Files\Windows Live\Messenger\msnmsgr.exe F:\Program Files\DNA\btdna.exe F:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe F:\WINDOWS\system32\ctfmon.exe F:\Program Files\Windows Desktop Search\WindowsSearch.exe F:\Program Files\iPod\bin\iPodService.exe F:\Program Files\Windows Live\Contacts\wlcomm.exe F:\Program Files\Mozilla Firefox\firefox.exe F:\WINDOWS\System32\svchost.exe -k netsvcs F:\Documents and Settings\XPPRESP3\Desktop\dds.scr ============== Pseudo HJT Report =============== uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = local uInternet Settings,ProxyServer = 127.0.0.1:8081 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - f:\program files\winamp toolbar\winamptb.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - f:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - f:\progra~1\spybot~1\SDHelper.dll {5c255c8a-e604-49b4-9d64-90988571cecb} BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - f:\progra~1\micros~1\office12\GRA8E1~1.DLL BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - f:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: {AE7CD045-E861-484f-8273-0445EE161910} - No File BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - f:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - f:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - f:\program files\winamp toolbar\winamptb.dll uRun: [Skype] "f:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [msnmsgr] "f:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [Google Update] "f:\documents and settings\xppresp3\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [BitTorrent DNA] "f:\program files\dna\btdna.exe" uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "f:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [ctfmon.exe] f:\windows\system32\ctfmon.exe mRun: [PAC7302_Monitor] f:\windows\pixart\pac7302\Monitor.exe mRun: [WINDVDPatch] CTHELPER.EXE mRun: [googletalk] f:\program files\google\google talk\googletalk.exe /autostart mRun: [avgnt] "f:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [NeroFilterCheck] f:\windows\system32\NeroCheck.exe mRun: [QuickTime Task] "f:\program files\k-lite codec pack\quicktime\QTTask.exe" -atboottime mRun: [TkBellExe] "f:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [UpdReg] f:\windows\UpdReg.EXE mRun: [Jet Detection] "f:\program files\creative\sblive\program\ADGJDet.exe" mRun: [CTStartup] f:\program files\creative\splash screen\CTEaxSpl.EXE /run mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u mRun: [Malwarebytes Anti-Malware (reboot)] "f:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [kX Mixer] kxmixer --startup mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe" mRun: [ISUSScheduler] "f:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [GrooveMonitor] "f:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [SunJavaUpdateSched] "f:\program files\java\jre6\bin\jusched.exe" mRun: [PWRISOVM.EXE] f:\program files\poweriso\PWRISOVM.EXE dRun: [CTFMON.EXE] f:\windows\system32\ctfmon.exe StartupFolder: f:\docume~1\xppresp3\startm~1\programs\startup\adobeg~1.lnk - f:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - f:\program files\windows desktop search\WindowsSearch.exe mPolicies-explorer: <NO NAME> = dPolicies-explorer: NoSMHelp = 1 (0x1) IE: &Winamp Search - f:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html IE: Download by VersalSoft Internet Download IE: E&xport to Microsoft Excel - f:\progra~1\micros~1\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - f:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - f:\progra~1\micros~1\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - f:\progra~1\micros~1\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - f:\progra~1\spybot~1\SDHelper.dll DPF: DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - f:\progra~1\micros~1\office12\GR99D3~1.DLL Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - f:\windows\wc98pp.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - f:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - f:\progra~1\micros~1\office12\GRA8E1~1.DLL SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - f:\program files\windows desktop search\MSNLNamespaceMgr.dll ================= FIREFOX =================== FF - ProfilePath - f:\docume~1\xppresp3\applic~1\mozilla\firefox\profiles\n48befew.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2010429&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - google.com FF - component: f:\documents and settings\xppresp3\application data\mozilla\firefox\profiles\n48befew.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: f:\documents and settings\xppresp3\application data\mozilla\firefox\profiles\n48befew.default\extensions\{52f2b999-2724-4693-b1a5-86d167ba79a6}\components\FFExternalAlert.dll FF - component: f:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: f:\documents and settings\xppresp3\application data\mozilla\plugins\npgoogletalk.dll FF - plugin: f:\documents and settings\xppresp3\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: f:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin.dll FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin2.dll FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin3.dll FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin4.dll FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin5.dll FF - plugin: f:\program files\microsoft\office live\npOLW.dll FF - plugin: f:\program files\mozilla firefox\plugins\npbittorrent.dll FF - plugin: f:\program files\picasa2\npPicasa2.dll FF - plugin: f:\program files\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R2 AntiVirSchedulerService;Avira AntiVir Scheduler;f:\program files\avira\antivir desktop\sched.exe [2009-5-22 108289] R2 SVKP;SVKP;f:\windows\system32\SVKP.sys [2009-10-12 2368] R3 kxwdmdrv;kX WDM Driver Service;f:\windows\system32\drivers\kx.sys [2004-2-17 571776] R3 PAC7302;Eye 312;f:\windows\system32\drivers\PAC7302.SYS [2007-4-30 449664] S2 gupdate1c9cc30383a82e8;Google Update Service (gupdate1c9cc30383a82e8-);f:\program files\google\update\GoogleUpdate.exe [2009-5-3 133104] S3 EuDisk;EASEUS Disk Enumerator;f:\windows\system32\drivers\EuDisk.sys [2009-10-13 122504] S3 Nmwdpapfrwwr;Nmwdpapfrwwr;f:\windows\system32\drivers\atmuni.sys [2004-8-4 352256] =============== Created Last 30 ================ 2009-10-18 23:03 <DIR> --d-h--- f:\windows\PIF 2009-10-18 19:26 <DIR> --d----- f:\program files\PowerISO 2009-10-18 17:53 <DIR> --d----- f:\program files\common files\Adobe Systems Shared 2009-10-18 02:11 466,944 -------- f:\windows\system32\PixWorldEdit.dll 2009-10-18 02:11 101,888 -------- f:\windows\system32\VB6STKIT.DLL 2009-10-18 02:11 40,960 -------- f:\windows\system32\PixWorldViewer.ocx 2009-10-18 01:12 236,544 a------- f:\windows\PEV.exe 2009-10-18 01:12 161,792 a------- f:\windows\SWREG.exe 2009-10-18 01:12 98,816 a------- f:\windows\sed.exe 2009-10-18 01:11 <DIR> --d----- F:\ComboFix 2009-10-18 00:03 12,288 a------- f:\windows\system32\AHQCpURes.dll 2009-10-18 00:03 32,768 a------- f:\windows\system32\AudioHQU.cpl 2009-10-17 22:51 28,224 a------- f:\windows\system32\BMXCtrlState-{00000001-00000000-00000005-00001102-00000002-80271102}.rfx 2009-10-17 22:51 28,224 a------- f:\windows\system32\BMXBkpCtrlState-{00000001-00000000-00000005-00001102-00000002-80271102}.rfx 2009-10-17 22:51 16,820 a------- f:\windows\system32\BMXStateBkp-{00000001-00000000-00000005-00001102-00000002-80271102}.rfx 2009-10-17 22:51 16,820 a------- f:\windows\system32\BMXState-{00000001-00000000-00000005-00001102-00000002-80271102}.rfx 2009-10-17 22:51 24 a------- f:\windows\system32\DVCStateBkp-{00000001-00000000-00000005-00001102-00000002-80271102}.dat 2009-10-17 22:51 24 a------- f:\windows\system32\DVCState-{00000001-00000000-00000005-00001102-00000002-80271102}.dat 2009-10-17 22:51 1,732 a------- f:\windows\system32\drivers\nvphy.bin 2009-10-17 22:51 356,352 a------- f:\windows\system32\nvunrm.exe 2009-10-17 22:51 3,903 a------- f:\windows\system32\nvnrm.nvu 2009-10-17 22:50 356,352 a------- f:\windows\system32\nvusmb.exe 2009-10-17 22:50 1,864 a------- f:\windows\system32\nvsmb.nvu 2009-10-17 22:50 356,352 a------- f:\windows\system32\NVUNINST.EXE 2009-10-17 22:49 353,280 a------- f:\windows\system32\idecoiins.dll 2009-10-17 22:49 353,280 a------- f:\windows\system32\idecoi.dll 2009-10-17 22:49 102,400 a------- f:\windows\system32\drivers\nvgts.sys 2009-10-17 22:49 886,912 a------- f:\windows\system32\drivers\nvnrm.sys 2009-10-17 22:49 194,560 a------- f:\windows\system32\fdco1ins.dll 2009-10-17 22:49 194,560 a------- f:\windows\system32\fdco1.dll 2009-10-17 22:49 54,400 a------- f:\windows\system32\drivers\NVENETFD.sys 2009-10-17 22:49 36,864 a------- f:\windows\system32\nvconrm.dll 2009-10-17 22:49 22,016 a------- f:\windows\system32\drivers\nvnetbus.sys 2009-10-17 22:49 9,216 a------- f:\windows\system32\bdco1ins.dll 2009-10-17 22:49 9,216 a------- f:\windows\system32\bdco1.dll 2009-10-17 22:47 36,864 a------- f:\windows\system32\drivers\AmdK8.sys 2009-10-17 22:47 <DIR> --d----- f:\program files\AMD 2009-10-17 22:37 3,374,004 a------- f:\windows\{00000001-00000000-00000005-00001102-00000002-80271102}.BAK 2009-10-17 22:37 3,374,004 a------- f:\windows\{00000001-00000000-00000005-00001102-00000002-80271102}.CDF 2009-10-17 21:09 1,050,713 a------- f:\windows\system32\rss.exe 2009-10-17 19:31 <DIR> --d----- f:\program files\Carambis 2009-10-17 10:49 146,650 a------- f:\windows\system32\BuzzingBee.wav 2009-10-17 10:49 940,794 a------- f:\windows\system32\LoopyMusic.wav 2009-10-17 10:49 <DIR> --d----- f:\windows\system32\Lang 2009-10-17 10:46 <DIR> --d----- f:\windows\system32\RTCOM 2009-10-17 10:46 315,392 a------- f:\windows\HideWin.exe 2009-10-17 10:15 <DIR> --d----- f:\program files\devolo 2009-10-17 09:49 272 a------- f:\windows\_delis32.ini 2009-10-17 01:49 306,688 a------- f:\windows\IsUninst.exe 2009-10-17 01:48 90,112 -------- f:\windows\Updreg.EXE 2009-10-17 01:48 53,552 -------- f:\windows\CTCCW.DLL 2009-10-17 01:48 24,976 -------- f:\windows\CTRES.DLL 2009-10-17 01:48 231 -------- f:\windows\AC3API.INI 2009-10-17 01:48 1,048,576 -------- f:\windows\system32\SFMAN.DAT 2009-10-17 01:48 149,504 -------- f:\windows\system32\MFCANS32.DLL 2009-10-17 01:48 108,032 -------- f:\windows\system32\MFCUIA32.DLL 2009-10-17 01:48 84,992 -------- f:\windows\system32\SFCVRT32.DLL 2009-10-17 01:48 82,432 -------- f:\windows\system32\CTWFLT32.DLL 2009-10-17 01:48 26,768 -------- f:\windows\system32\CTL3D.DLL 2009-10-17 01:48 <DIR> --d----- f:\windows\system32\Defaults 2009-10-17 01:48 1,876 a------- f:\windows\ctrunonce.reg 2009-10-17 01:16 4,174,814 a------- f:\windows\system32\CT4MGM.SF2 2009-10-17 01:16 307 a------- f:\windows\SBWIN.INI 2009-10-17 01:14 55,808 -------- f:\windows\system32\CTMp3.crl 2009-10-17 01:14 <DIR> --d----- F:\Media 2009-10-17 01:14 139,264 -------- f:\windows\system32\Video.skn 2009-10-17 01:14 73,728 -------- f:\windows\system32\CTDrmRes.dll 2009-10-17 01:14 28,672 -------- f:\windows\system32\CTIntRes.dll 2009-10-17 01:14 24,576 -------- f:\windows\system32\CTMERes.DLL 2009-10-17 01:14 364,544 a------- f:\windows\system32\ctmp3.acm 2009-10-17 01:14 331,776 a------- f:\windows\system32\CTMedEng.DLL 2009-10-17 01:14 163,840 a------- f:\windows\system32\CTDRMUI.dll 2009-10-17 01:14 54,784 -------- f:\windows\system32\Inetwh32.dll 2009-10-16 20:18 44,032 a------- f:\windows\system32\CTsvcCDA.EXE 2009-10-16 20:18 25,088 -------- f:\windows\system32\CTsvcCtl.EXE 2009-10-16 20:18 230,912 a------- f:\windows\system32\CTDetect.cpl 2009-10-16 20:18 217,088 -------- f:\windows\system32\CTPlay.CRL 2009-10-16 20:18 62,976 -------- f:\windows\system32\CTDetres.dll 2009-10-16 20:18 17,350 -------- f:\windows\system32\CTDetect.hlp 2009-10-16 20:18 641 -------- f:\windows\system32\CTDetect.cnt 2009-10-16 15:57 <DIR> --d----- f:\program files\EverestPortable 2009-10-16 15:55 <DIR> --d----- f:\program files\Lavalys 2009-10-15 23:07 <DIR> --d----- f:\documents and settings\xppresp3\.sancho 2009-10-13 19:36 20,616 a------- f:\windows\system32\drivers\eufs.sys 2009-10-13 19:36 14,216 a------- f:\windows\system32\drivers\eudskacs.sys 2009-10-13 19:36 122,504 a------- f:\windows\system32\drivers\EuDisk.sys 2009-10-13 19:36 26,120 a------- f:\windows\system32\drivers\eubakup.sys 2009-10-12 21:59 <DIR> --d----- f:\docume~1\xppresp3\applic~1\mIRC 2009-10-12 18:59 362 a------- f:\windows\system32\temp0001.aok 2009-10-12 18:58 200 a------- f:\windows\system32\test.aok 2009-10-12 18:55 2,368 a------- f:\windows\system32\SVKP.sys 2009-10-12 18:49 62 a------- f:\windows\MyProg.ini 2009-10-12 18:49 <DIR> --d----- f:\program files\Easy-Hide-IP 2009-10-12 17:44 <DIR> --d----- f:\program files\Super Internet TV 2009-10-12 06:02 <DIR> --d----- f:\docume~1\alluse~1\applic~1\vsosdk 2009-10-11 20:31 <DIR> --d----- f:\program files\VSO 2009-10-11 19:24 <DIR> --d----- f:\docume~1\alluse~1\applic~1\ashampoo 2009-10-11 19:23 <DIR> --d----- f:\program files\Ashampoo 2009-10-11 15:35 51,712 a------- f:\windows\wc98pp.dll 2009-10-11 15:29 <DIR> --d----- f:\windows\lhsp 2009-10-11 15:29 <DIR> --d----- f:\windows\speech 2009-10-11 15:29 <DIR> --d----- f:\program files\Speaking Notepad 2009-10-11 15:25 <DIR> --d----- f:\docume~1\xppresp3\applic~1\Executor 2009-10-11 02:00 61,440 a------- f:\windows\xspeech.dll 2009-10-01 17:01 <DIR> --d----- f:\program files\Microsoft Office Outlook Connector 2009-09-29 21:58 107,368 a------- f:\windows\system32\GEARAspi.dll 2009-09-29 21:58 26,600 a------- f:\windows\system32\drivers\GEARAspiWDM.sys 2009-09-29 21:57 <DIR> --d----- f:\program files\iPod 2009-09-29 21:57 <DIR> --d----- f:\program files\iTunes 2009-09-29 21:57 <DIR> --d----- f:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-09-29 15:15 <DIR> --d----- f:\docume~1\xppresp3\applic~1\Crystal Player 2009-09-24 22:14 38,224 a------- f:\windows\system32\drivers\mbamswissarmy.sys 2009-09-24 22:14 19,160 a------- f:\windows\system32\drivers\mbam.sys 2009-09-24 22:14 <DIR> --d----- f:\program files\Malwarebytes' Anti-Malware 2009-09-23 22:37 <DIR> --d----- f:\program files\VersalSoft 2009-09-23 22:37 <DIR> --d----- f:\program files\Universal 2009-09-22 00:32 <DIR> --d----- f:\docume~1\xppresp3\applic~1\Windows Search 2009-09-22 00:19 <DIR> --d----- f:\docume~1\xppresp3\applic~1\Windows Desktop Search 2009-09-22 00:19 <DIR> --d----- f:\program files\Windows Desktop Search 2009-09-22 00:18 192,000 -c------ f:\windows\system32\dllcache\offfilt.dll 2009-09-22 00:18 98,304 -c------ f:\windows\system32\dllcache\nlhtml.dll 2009-09-22 00:18 29,696 -c------ f:\windows\system32\dllcache\mimefilt.dll 2009-09-22 00:18 <DIR> --d-h--- f:\windows\$hf_mig$ 2009-09-21 20:50 <DIR> --d----- f:\program files\MultiScreen ==================== Find3M ==================== 2009-10-15 00:39 47,360 a------- f:\docume~1\xppresp3\applic~1\pcouffin.sys 2009-10-11 20:31 47,360 a------- f:\windows\system32\drivers\pcouffin.sys 2009-09-14 19:26 2,516 a--sh--- f:\docume~1\alluse~1\applic~1\KGyGaAvL.sys 2009-09-14 19:26 88 ---shr-- f:\docume~1\alluse~1\applic~1\4353A6A8EB.sys 2009-09-07 21:15 348,160 a------- f:\windows\system32\msvcr71.dll 2009-08-22 12:49 4,212 a---h--- f:\windows\system32\zllictbl.dat 2009-07-31 15:23 411,368 a------- f:\windows\system32\deploytk.dll 2009-07-26 16:44 48,448 a------- f:\windows\system32\sirenacm.dll ============= FINISH: 23:06:31,84 =============== mycity.rs/must-login.png

Profil

diarno Poslao: 19 Okt 2009 10:38 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jel u uputstvu pise da treba da pustas Combofix???? Daj mi njegov log... Takodje u uputstvu pise da je potrebno okaciti gmer logove(alternativa rootrepeal)

Profil

jockyy1 Poslao: 19 Okt 2009 17:26 Idi na vrh
offline jockyy1 Građanin Pridružio: 21 Maj 2008 Poruke: 154 Gde živiš: Gradiska	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 19 Okt 2009 13:52 ComboFix 09-10-16.09 - XPPRESP3 19.10.2009 13:40.6.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.2046.1377 [GMT 2:00] Running from: f:\documents and settings\XPPRESP3\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-09-19 to 2009-10-19 ))))))))))))))))))))))))))))))) . 2009-10-18 21:03 . 2009-10-18 21:03 -------- d--h--w- f:\windows\PIF 2009-10-18 18:13 . 2009-10-18 18:15 -------- d-----w- f:\documents and settings\CryptLoad 2009-10-18 17:30 . 2009-10-18 17:30 -------- d-----w- f:\documents and settings\All Users\Application Data\Adobe Systems 2009-10-18 17:26 . 2009-10-18 17:26 -------- d-----w- f:\program files\PowerISO 2009-10-18 15:53 . 2009-10-18 15:53 -------- d-----w- f:\program files\Common Files\Adobe Systems Shared 2009-10-18 00:11 . 2001-06-17 17:00 466944 ------w- f:\windows\system32\PixWorldEdit.dll 2009-10-18 00:11 . 2001-06-17 17:00 101888 ------w- f:\windows\system32\VB6STKIT.DLL 2009-10-17 22:03 . 2001-05-28 11:47 12288 ----a-w- f:\windows\system32\AHQCpURes.dll 2009-10-17 20:51 . 2009-10-17 23:58 24 ----a-w- f:\windows\system32\DVCStateBkp-{00000001-00000000-00000005-00001102-00000002-80271102}.dat 2009-10-17 20:51 . 2009-10-17 23:58 24 ----a-w- f:\windows\system32\DVCState-{00000001-00000000-00000005-00001102-00000002-80271102}.dat 2009-10-17 20:51 . 2007-05-27 19:57 1732 ----a-w- f:\windows\system32\drivers\nvphy.bin 2009-10-17 20:51 . 2007-09-25 15:08 356352 ----a-w- f:\windows\system32\nvunrm.exe 2009-10-17 20:50 . 2007-09-25 15:08 356352 ----a-w- f:\windows\system32\nvusmb.exe 2009-10-17 20:50 . 2007-09-25 15:08 356352 ----a-w- f:\windows\system32\NVUNINST.EXE 2009-10-17 20:49 . 2007-08-09 09:11 102400 ----a-w- f:\windows\system32\drivers\nvgts.sys 2009-10-17 20:49 . 2007-08-09 09:03 353280 ----a-w- f:\windows\system32\idecoiins.dll 2009-10-17 20:49 . 2007-08-09 09:03 353280 ----a-w- f:\windows\system32\idecoi.dll 2009-10-17 20:49 . 2007-07-30 09:58 886912 ----a-w- f:\windows\system32\drivers\nvnrm.sys 2009-10-17 20:49 . 2007-07-30 09:58 22016 ----a-w- f:\windows\system32\drivers\nvnetbus.sys 2009-10-17 20:49 . 2007-07-30 09:58 54400 ----a-w- f:\windows\system32\drivers\NVENETFD.sys 2009-10-17 20:49 . 2007-07-30 09:58 194560 ----a-w- f:\windows\system32\fdco1ins.dll 2009-10-17 20:49 . 2007-07-30 09:58 194560 ----a-w- f:\windows\system32\fdco1.dll 2009-10-17 20:49 . 2007-07-30 09:58 9216 ----a-w- f:\windows\system32\bdco1ins.dll 2009-10-17 20:49 . 2007-07-30 09:58 9216 ----a-w- f:\windows\system32\bdco1.dll 2009-10-17 20:49 . 2007-07-27 11:41 36864 ----a-w- f:\windows\system32\nvconrm.dll 2009-10-17 20:47 . 2006-07-01 20:39 36864 ----a-w- f:\windows\system32\drivers\AmdK8.sys 2009-10-17 20:47 . 2009-10-17 20:47 -------- d-----w- f:\program files\AMD 2009-10-17 20:09 . 2009-10-17 20:09 152576 ----a-w- f:\documents and settings\XPPRESP3\Application Data\Sun\Java\jre1.6.0_16\lzma.dll 2009-10-17 19:09 . 2009-10-18 00:10 1050713 ----a-w- f:\windows\system32\rss.exe 2009-10-17 17:31 . 2009-10-17 17:57 -------- d-----w- f:\program files\Carambis 2009-10-17 08:49 . 2009-10-17 08:49 -------- d-----w- f:\windows\system32\Lang 2009-10-17 08:46 . 2009-10-18 00:08 -------- d-----w- f:\windows\system32\RTCOM 2009-10-17 08:46 . 2009-10-17 08:46 315392 ----a-w- f:\windows\HideWin.exe 2009-10-17 08:15 . 2009-10-17 08:15 -------- d-----w- f:\program files\devolo 2009-10-17 07:56 . 2009-10-17 07:56 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Creative 2009-10-16 23:49 . 1998-10-29 14:45 306688 ----a-w- f:\windows\IsUninst.exe 2009-10-16 23:48 . 2000-05-10 23:00 90112 ------w- f:\windows\Updreg.EXE 2009-10-16 23:48 . 1996-05-22 18:24 24976 ------w- f:\windows\CTRES.DLL 2009-10-16 23:48 . 1994-12-04 19:11 53552 ------w- f:\windows\CTCCW.DLL 2009-10-16 23:48 . 1998-06-04 18:00 84992 ------w- f:\windows\system32\SFCVRT32.DLL 2009-10-16 23:48 . 1998-01-07 17:00 1048576 ------w- f:\windows\system32\SFMAN.DAT 2009-10-16 23:48 . 1995-08-29 18:02 82432 ------w- f:\windows\system32\CTWFLT32.DLL 2009-10-16 23:48 . 1995-07-12 18:01 26768 ------w- f:\windows\system32\CTL3D.DLL 2009-10-16 23:48 . 1995-01-13 06:10 149504 ------w- f:\windows\system32\MFCANS32.DLL 2009-10-16 23:48 . 1995-01-13 06:10 108032 ------w- f:\windows\system32\MFCUIA32.DLL 2009-10-16 23:48 . 2009-10-17 20:37 -------- d-----w- f:\windows\system32\Defaults 2009-10-16 23:48 . 2009-10-16 23:48 1876 ----a-w- f:\windows\ctrunonce.reg 2009-10-16 23:14 . 2009-10-16 23:14 -------- d-----w- f:\documents and settings\All Users\Application Data\Creative 2009-10-16 23:14 . 2009-10-16 23:14 -------- d-----w- F:\Media 2009-10-16 23:14 . 2001-09-12 23:12 73728 ------w- f:\windows\system32\CTDrmRes.dll 2009-10-16 23:14 . 2001-05-04 08:29 28672 ------w- f:\windows\system32\CTIntRes.dll 2009-10-16 23:14 . 2000-04-19 23:00 24576 ------w- f:\windows\system32\CTMERes.DLL 2009-10-16 23:14 . 2002-02-20 01:00 331776 ----a-w- f:\windows\system32\CTMedEng.DLL 2009-10-16 23:14 . 2002-01-21 23:12 163840 ----a-w- f:\windows\system32\CTDRMUI.dll 2009-10-16 23:14 . 1998-10-20 08:05 54784 ------w- f:\windows\system32\Inetwh32.dll 2009-10-16 18:18 . 1999-12-12 23:01 44032 ----a-w- f:\windows\system32\CTsvcCDA.EXE 2009-10-16 18:18 . 1999-11-17 23:00 25088 ------w- f:\windows\system32\CTsvcCtl.EXE 2009-10-16 18:18 . 2001-03-30 00:00 62976 ------w- f:\windows\system32\CTDetres.dll 2009-10-16 13:57 . 2009-10-16 13:57 -------- d-----w- f:\program files\EverestPortable 2009-10-16 13:55 . 2009-10-17 16:08 -------- d-----w- f:\program files\Lavalys 2009-10-15 21:07 . 2009-10-15 21:07 -------- d-----w- f:\documents and settings\XPPRESP3\.sancho 2009-10-13 17:36 . 2009-07-28 19:31 20616 ----a-w- f:\windows\system32\drivers\eufs.sys 2009-10-13 17:36 . 2009-07-28 19:31 14216 ----a-w- f:\windows\system32\drivers\eudskacs.sys 2009-10-13 17:36 . 2009-07-28 19:31 26120 ----a-w- f:\windows\system32\drivers\eubakup.sys 2009-10-13 17:36 . 2009-07-28 19:31 122504 ----a-w- f:\windows\system32\drivers\EuDisk.sys 2009-10-12 19:59 . 2009-10-12 20:07 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\mIRC 2009-10-12 16:55 . 2009-10-12 16:55 2368 ----a-w- f:\windows\system32\SVKP.sys 2009-10-12 16:49 . 2009-10-14 22:31 -------- d-----w- f:\program files\Easy-Hide-IP 2009-10-12 15:44 . 2009-10-13 17:36 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Super Internet TV 2009-10-12 15:44 . 2009-10-14 22:38 -------- d-----w- f:\program files\Super Internet TV 2009-10-12 04:02 . 2009-10-12 04:02 -------- d-----w- f:\documents and settings\All Users\Application Data\vsosdk 2009-10-11 18:31 . 2009-10-14 22:40 -------- d-----w- f:\program files\VSO 2009-10-11 17:24 . 2009-10-13 09:43 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Ashampoo Movie Shrink & Burn 3 2009-10-11 17:24 . 2009-10-11 17:28 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\ashampoo 2009-10-11 17:24 . 2009-10-11 17:24 -------- d-----w- f:\documents and settings\All Users\Application Data\ashampoo 2009-10-11 17:23 . 2009-10-17 17:38 -------- d-----w- f:\program files\Ashampoo 2009-10-11 13:35 . 2009-10-11 13:35 51712 ----a-w- f:\windows\wc98pp.dll 2009-10-11 13:35 . 2009-10-11 13:35 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Christofer_Persson 2009-10-11 13:29 . 2009-10-11 13:29 -------- d-----w- f:\windows\lhsp 2009-10-11 13:29 . 2009-10-11 13:29 -------- d-----w- f:\windows\speech 2009-10-11 13:29 . 2009-10-17 17:43 -------- d-----w- f:\program files\Speaking Notepad 2009-10-11 13:25 . 2009-10-11 13:26 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Executor 2009-10-11 00:00 . 2009-10-17 00:00 61440 ----a-w- f:\windows\xspeech.dll 2009-10-05 14:28 . 2009-10-13 17:38 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\MaxType PRO 2009-10-01 15:01 . 2009-10-01 15:01 -------- d-----w- f:\program files\Microsoft Office Outlook Connector 2009-09-29 19:58 . 2009-05-18 12:17 26600 ----a-w- f:\windows\system32\drivers\GEARAspiWDM.sys 2009-09-29 19:58 . 2008-04-17 11:12 107368 ----a-w- f:\windows\system32\GEARAspi.dll 2009-09-29 19:57 . 2009-09-29 19:57 -------- d-----w- f:\program files\iPod 2009-09-29 19:57 . 2009-09-29 19:58 -------- d-----w- f:\program files\iTunes 2009-09-29 19:57 . 2009-09-29 19:58 -------- d-----w- f:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-09-29 13:15 . 2009-09-29 13:18 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Crystal Player 2009-09-29 13:06 . 2009-10-17 18:17 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\vlc 2009-09-24 20:14 . 2009-09-10 12:54 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys 2009-09-24 20:14 . 2009-09-24 20:14 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware 2009-09-24 20:14 . 2009-09-10 12:53 19160 ----a-w- f:\windows\system32\drivers\mbam.sys 2009-09-23 20:37 . 2009-09-23 20:37 -------- d-----w- f:\program files\VersalSoft 2009-09-23 20:37 . 2009-09-23 20:37 -------- d-----w- f:\program files\Universal 2009-09-21 22:32 . 2009-09-21 22:32 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Windows Search 2009-09-21 22:19 . 2009-09-21 22:19 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Windows Desktop Search 2009-09-21 22:19 . 2009-09-22 15:36 -------- d-----w- f:\documents and settings\LocalService\Local Settings\Application Data\Adobe 2009-09-21 22:19 . 2009-09-21 22:19 -------- d-----w- f:\program files\Windows Desktop Search 2009-09-21 22:18 . 2008-03-07 16:56 98304 -c----w- f:\windows\system32\dllcache\nlhtml.dll 2009-09-21 22:18 . 2008-03-07 16:56 29696 -c----w- f:\windows\system32\dllcache\mimefilt.dll 2009-09-21 22:18 . 2008-03-07 16:56 192000 -c----w- f:\windows\system32\dllcache\offfilt.dll 2009-09-21 22:18 . 2009-09-21 22:18 -------- d--h--w- f:\windows\$hf_mig$ 2009-09-21 18:50 . 2009-09-21 18:50 -------- d-----w- f:\program files\MultiScreen . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-19 11:41 . 2009-04-21 17:36 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\BitTorrent 2009-10-19 11:35 . 2009-04-18 16:15 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\DNA 2009-10-19 11:24 . 2009-04-14 17:38 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Skype 2009-10-18 20:23 . 2009-04-18 16:15 -------- d-----w- f:\program files\DNA 2009-10-18 17:44 . 2009-04-14 18:44 87560 ----a-w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-18 15:54 . 2009-04-13 14:30 -------- d-----w- f:\program files\Common Files\Adobe 2009-10-18 15:47 . 2009-09-15 21:33 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP 2009-10-18 00:10 . 2009-04-14 12:51 -------- d--h--w- f:\program files\InstallShield Installation Information 2009-10-18 00:09 . 2009-04-14 12:59 -------- d-----w- f:\program files\Creative 2009-10-17 20:10 . 2009-06-02 09:46 -------- d-----w- f:\program files\Java 2009-10-17 17:43 . 2009-06-06 09:46 -------- d-----w- f:\program files\GRETECH 2009-10-17 16:11 . 2009-04-14 12:51 -------- d-----w- f:\program files\TP-LINK 2009-10-15 21:07 . 2009-07-15 14:33 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\BITRAR 2009-10-15 03:38 . 2009-07-06 19:46 -------- d-----w- f:\documents and settings\All Users\Application Data\Microsoft Help 2009-10-14 22:39 . 2009-06-17 21:20 47360 ----a-w- f:\documents and settings\XPPRESP3\Application Data\pcouffin.sys 2009-10-14 22:39 . 2009-06-17 21:20 47360 ----a-w- f:\documents and settings\XPPRESP3\Application Data\pcouffin.sys 2009-10-14 22:39 . 2009-06-17 21:19 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Vso 2009-10-14 22:33 . 2009-08-26 21:09 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Sony 2009-10-14 22:32 . 2009-05-12 11:35 -------- d-----w- f:\documents and settings\All Users\Application Data\Nokia 2009-10-14 22:32 . 2009-04-17 18:21 -------- d-----w- f:\program files\Nokia 2009-10-14 17:24 . 2009-04-14 17:35 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Uniblue 2009-10-11 18:31 . 2009-06-17 21:20 47360 ----a-w- f:\windows\system32\drivers\pcouffin.sys 2009-10-01 15:01 . 2009-04-14 19:18 -------- d-----w- f:\program files\Windows Live 2009-10-01 14:58 . 2009-04-14 19:19 -------- d-----w- f:\program files\Microsoft 2009-09-29 20:00 . 2009-06-03 13:31 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Apple Computer 2009-09-29 19:57 . 2009-06-03 13:30 -------- d-----w- f:\program files\Common Files\Apple 2009-09-29 14:21 . 2009-09-07 20:07 -------- d-----w- f:\program files\Graboid 2009-09-29 12:54 . 2009-05-09 08:54 -------- d-----w- f:\program files\VideoLAN 2009-09-29 11:52 . 2009-06-06 11:28 -------- d-----w- f:\documents and settings\All Users\Application Data\HDD Thermometer 2009-09-21 21:48 . 2009-04-30 20:25 -------- d-----w- f:\program files\Opera 2009-09-17 19:42 . 2009-04-18 15:53 -------- d-----w- f:\program files\Common Files\Real 2009-09-17 19:42 . 2009-09-17 19:42 -------- d-----w- f:\program files\Common Files\xing shared 2009-09-15 10:00 . 2009-04-15 18:57 -------- d-----w- f:\program files\Spybot - Search & Destroy 2009-09-14 19:29 . 2009-04-17 18:21 -------- d-----w- f:\documents and settings\All Users\Application Data\Installations 2009-09-14 19:29 . 2009-04-28 16:38 -------- d-----w- f:\program files\Common Files\Nokia 2009-09-14 17:26 . 2009-07-12 20:23 2516 --sha-w- f:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2009-09-14 17:26 . 2009-07-12 20:23 88 --sh--r- f:\documents and settings\All Users\Application Data\4353A6A8EB.sys 2009-09-14 16:15 . 2009-09-14 16:15 9158 ----a-r- f:\documents and settings\XPPRESP3\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe 2009-09-14 16:15 . 2009-09-14 16:15 -------- d-----w- f:\program files\Common Files\ATI Technologies 2009-09-14 16:15 . 2009-09-14 16:15 -------- d-----w- f:\program files\USB TV 2009-09-13 19:42 . 2009-09-13 19:42 -------- d-----w- f:\documents and settings\All Users\Application Data\ATI 2009-09-13 19:40 . 2009-04-15 02:07 -------- d-----w- f:\program files\ATI Technologies 2009-09-07 20:10 . 2009-09-07 20:10 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\MozillaControl 2009-09-07 20:10 . 2009-09-07 20:10 -------- d-----w- f:\program files\Mozilla ActiveX Control v1.7.12 2009-09-07 19:15 . 2003-02-21 08:42 348160 ----a-w- f:\windows\system32\msvcr71.dll 2009-09-05 18:16 . 2009-04-14 19:20 -------- d-----w- f:\program files\Microsoft Silverlight 2009-09-05 10:15 . 2009-06-22 21:16 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Dev-Cpp 2009-09-05 08:37 . 2009-09-04 15:43 -------- d-----w- f:\program files\DS Clock 2009-08-26 21:13 . 2009-06-06 16:03 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Ahead 2009-08-26 21:09 . 2009-08-26 21:09 -------- d-----w- f:\documents and settings\All Users\Application Data\Sony 2009-08-25 19:25 . 2009-08-25 19:25 152576 ----a-w- f:\documents and settings\XPPRESP3\Application Data\Sun\Java\jre1.6.0_15\lzma.dll 2009-08-22 11:09 . 2009-08-22 11:09 -------- d-----w- f:\documents and settings\All Users\Application Data\ZA_PreservedFiles 2009-08-22 10:49 . 2009-08-22 10:44 4212 ---ha-w- f:\windows\system32\zllictbl.dat 2009-08-21 16:24 . 2009-04-13 16:13 -------- d-----w- f:\program files\K-Lite Codec Pack 2009-08-21 12:12 . 2009-04-13 16:13 -------- d-----w- f:\documents and settings\All Users\Application Data\Apple Computer 2009-08-17 19:09 . 2009-05-31 12:34 10 ----a-w- f:\windows\popcinfo.dat 2009-08-14 15:04 . 2009-08-14 15:04 239088 ----a-w- f:\documents and settings\XPPRESP3\Application Data\Mozilla\plugins\npgoogletalk.dll 2009-08-10 20:26 . 2009-07-25 19:58 2680 ----a-w- f:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-08-08 18:55 . 2009-04-14 17:55 1324 ----a-w- f:\windows\system32\d3d9caps.dat 2009-08-05 10:03 . 2009-04-15 19:14 55656 ----a-w- f:\windows\system32\drivers\avgntflt.sys 2009-07-31 13:23 . 2009-06-01 20:15 411368 ----a-w- f:\windows\system32\deploytk.dll 2009-07-27 02:43 . 2009-07-27 02:43 58908 ----a-w- f:\windows\system32\drivers\scdemu.sys 2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- f:\windows\system32\sirenacm.dll . ------- Sigcheck ------- [-] 2005-07-13 . 0601F83F6784C220EE302F03F702316E . 360448 . . [5.1.2600.2688] . . f:\windows\system32\drivers\tcpip.sys f:\windows\system32\wscntfy.exe ... is missing !! . ((((((((((((((((((((((((((((( SnapShot@2009-10-17_23.16.50 ))))))))))))))))))))))))))))))))))))))))) . + 2001-08-17 06:35 . 2004-02-16 22:19 36864 f:\windows\system32\sfman32.dll - 2001-08-17 06:35 . 2001-08-17 06:35 36864 f:\windows\system32\sfman32.dll + 2009-10-18 00:21 . 2004-02-16 22:19 36864 f:\windows\system32\ReinstallBackups\0011\DriverFiles\sfman32.dll + 2009-10-18 00:21 . 2004-02-16 22:19 25600 f:\windows\system32\ReinstallBackups\0011\DriverFiles\kxsetup.exe + 2009-10-18 00:21 . 2004-02-16 22:19 16384 f:\windows\system32\ReinstallBackups\0011\DriverFiles\kxctrl.exe + 2009-10-18 00:21 . 2004-02-16 22:19 40960 f:\windows\system32\ReinstallBackups\0011\DriverFiles\kxasio.dll + 2009-10-18 00:21 . 2004-02-16 22:19 96768 f:\windows\system32\ReinstallBackups\0011\DriverFiles\kxapi.dll + 2009-10-18 00:21 . 2006-07-06 11:50 23552 f:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\wdmaud.drv + 2009-10-18 00:21 . 2005-11-04 19:55 48768 f:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\stream.sys + 2009-10-18 00:21 . 2004-08-03 21:08 60288 f:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\drmk.sys + 2009-10-17 23:58 . 2001-08-17 06:35 36864 f:\windows\system32\ReinstallBackups\0010\DriverFiles\sfman32.dll + 2009-10-17 23:58 . 2002-07-19 02:48 11068 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctprxy2k.sys + 2009-10-17 23:58 . 2002-07-19 02:56 44055 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctdaught.dat + 2009-10-17 23:58 . 2002-07-19 02:43 65536 f:\windows\system32\ReinstallBackups\0010\DriverFiles\a3d.dll + 2009-04-17 11:19 . 2009-10-18 15:52 53248 f:\windows\system32\pxhpinst.exe + 2009-10-18 15:53 . 2009-10-18 15:53 65536 f:\windows\Installer\{FA17A726-B229-4116-B793-A2AB1A4EAE2E}\NewShortcut8_B44FF44BFF374DC7AB88CA08FBC29240.exe + 2009-10-18 15:53 . 2009-10-18 15:53 65536 f:\windows\Installer\{FA17A726-B229-4116-B793-A2AB1A4EAE2E}\NewShortcut2_FA17A726B2294116B793A2AB1A4EAE2E.exe + 2009-10-18 15:53 . 2009-10-18 15:53 65536 f:\windows\Installer\{FA17A726-B229-4116-B793-A2AB1A4EAE2E}\ARPPRODUCTICON.exe + 2009-10-18 15:54 . 2009-10-18 15:54 61440 f:\windows\Installer\{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}\NewShortcut2_B74D4E10103300000000000000000001.exe + 2009-10-18 15:54 . 2009-10-18 15:54 65536 f:\windows\Installer\{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}\BridgeCommonShortcut_B74D4E101033000000000001_1.exe + 2009-10-18 15:54 . 2009-10-18 15:54 65536 f:\windows\Installer\{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}\AdobeBridge_B74D4E10103300000000000000000001_1.exe + 2009-10-18 15:55 . 2009-10-18 15:55 65536 f:\windows\Installer\{8FFC924C-ED06-44CB-8867-3CA778ECE903}\ProgramMenuShortcut_E9787678103300008E670000000001_1.exe + 2009-10-18 15:55 . 2009-10-18 15:55 65536 f:\windows\Installer\{8FFC924C-ED06-44CB-8867-3CA778ECE903}\NewShortcut1_38345BD7BBBC49CAB430216AC471F461.exe + 2009-10-18 15:55 . 2009-10-18 15:55 65536 f:\windows\Installer\{8FFC924C-ED06-44CB-8867-3CA778ECE903}\AppLanuchShortcut_E9787678103300008E67000000000001_1.exe + 2009-10-18 00:21 . 2004-08-03 22:56 4096 f:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\ksuser.dll + 2002-07-19 02:56 . 2004-02-16 22:19 270336 f:\windows\system32\sfms32.dll - 2002-07-19 02:56 . 2002-07-19 02:56 270336 f:\windows\system32\sfms32.dll + 2009-10-18 00:21 . 2004-02-16 22:19 270336 f:\windows\system32\ReinstallBackups\0011\DriverFiles\sfms32.dll + 2009-10-18 00:21 . 2004-02-16 22:19 438784 f:\windows\system32\ReinstallBackups\0011\DriverFiles\kxmixer.exe + 2009-10-18 00:21 . 2004-02-16 22:19 113152 f:\windows\system32\ReinstallBackups\0011\DriverFiles\kxgui.dll + 2009-10-18 00:21 . 2004-02-16 22:19 571776 f:\windows\system32\ReinstallBackups\0011\DriverFiles\kx.sys + 2009-10-18 00:21 . 2006-01-31 20:31 145920 f:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\portcls.sys + 2009-10-18 00:21 . 2005-12-28 19:29 141056 f:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\ks.sys + 2009-10-18 00:21 . 2004-02-16 22:19 266240 f:\windows\system32\ReinstallBackups\0011\DriverFiles\cmax20.dll + 2009-10-17 23:58 . 2002-07-24 05:52 998004 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ha10kx2k.sys + 2009-10-17 23:58 . 2002-07-19 02:48 156604 f:\windows\system32\ReinstallBackups\0010\DriverFiles\emupia2k.sys + 2009-10-17 23:58 . 2002-07-19 02:59 179669 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctstatic.dat + 2009-10-17 23:58 . 2002-07-19 02:48 213860 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctsfm2k.sys + 2009-10-17 23:58 . 2002-07-19 02:48 195432 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctoss2k.sys + 2009-10-17 23:58 . 2002-07-19 03:07 164044 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctdlang.dat + 2009-10-17 23:58 . 2002-07-19 03:02 113373 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctbasicw.dat + 2009-10-17 23:58 . 2002-07-19 02:47 837548 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctaud2k.sys + 2009-10-17 23:58 . 2002-07-19 02:46 127948 f:\windows\system32\ReinstallBackups\0010\DriverFiles\ctac32k.sys + 2009-10-18 15:54 . 2009-10-18 15:54 618496 f:\windows\Installer\3e0e7.msi + 2009-04-13 15:56 . 2009-10-18 20:22 1633296 f:\windows\system32\FNTCACHE.DAT + 2009-10-18 15:56 . 2009-10-18 15:56 1472000 f:\windows\Installer\3e0f2.msi + 2009-10-18 15:55 . 2009-10-18 15:55 4669952 f:\windows\Installer\3e0ed.msi + 2009-10-18 15:54 . 2009-10-18 15:54 3862016 f:\windows\Installer\3e0db.msi + 2009-10-18 15:54 . 2009-10-18 15:54 1904640 f:\windows\Installer\{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}\ESLaunchShortcut_B74D4E10103300000000000000000001.exe + 2009-10-18 15:53 . 2009-10-18 15:53 12282880 f:\windows\Installer\3e0d6.msi . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="f:\program files\Skype\Phone\Skype.exe" [2009-03-27 24103720] "msnmsgr"="f:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Google Update"="f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-16 133104] "BitTorrent DNA"="f:\program files\DNA\btdna.exe" [2009-10-17 323392] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="f:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-12-16 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="f:\windows\system32\dumprep 0 -u" [X] "kX Mixer"="kxmixer --startup" [X] "PAC7302_Monitor"="f:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488] "googletalk"="f:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "avgnt"="f:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "QuickTime Task"="f:\program files\K-Lite Codec Pack\QuickTime\QTTask.exe" [2009-09-04 417792] "TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-17 198160] "UpdReg"="f:\windows\UpdReg.EXE" [2000-05-10 90112] "Jet Detection"="f:\program files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-28 28672] "CTStartup"="f:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-19 28672] "Malwarebytes Anti-Malware (reboot)"="f:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440] "ISUSScheduler"="f:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920] "GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "SunJavaUpdateSched"="f:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280] "PWRISOVM.EXE"="f:\program files\PowerISO\PWRISOVM.EXE" [2009-07-27 180224] "WINDVDPatch"="CTHELPER.EXE" - f:\windows\system32\CTHELPER.EXE [2002-07-02 24576] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="f:\windows\system32\ctfmon.exe" [2004-08-04 15360] f:\documents and settings\XPPRESP3\Start Menu\Programs\Startup\ Adobe Gamma.lnk - f:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] f:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - f:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "f:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk] path=f:\documents and settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk backup=f:\windows\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=f:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=f:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start Menu^Programs^Startup^BDARemote.lnk] path=f:\documents and settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk backup=f:\windows\pss\BDARemote.lnkCommon Startup [HKLM\~\startupfolder\F:^Documents and Settings^XPPRESP3^Start Menu^Programs^Startup^Folding@home-gpu.lnk] path=f:\documents and settings\XPPRESP3\Start Menu\Programs\Startup\Folding@home-gpu.lnk backup=f:\windows\pss\Folding@home-gpu.lnkStartup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "f:\\Program Files\\Adobe\\Acrobat.com\\Acrobat.com.exe"= "f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\ed2kcontrol.exe"= "f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\ed2k.exe"= "f:\\Program Files\\Bonjour\\mDNSResponder.exe"= "f:\\Program Files\\Mozilla Firefox\\firefox.exe"= "f:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "f:\\Documents and Settings\\XPPRESP3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "f:\\Documents and Settings\\XPPRESP3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "f:\\Program Files\\iTunes\\iTunes.exe"= "f:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"= "f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "f:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "f:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "f:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "f:\\WINDOWS\\system32\\sessmgr.exe"= "f:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "f:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "f:\\Program Files\\DNA\\btdna.exe"= "f:\\Program Files\\BitTorrent\\bittorrent.exe"= "f:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP::Disabled:@xpsp2res.dll,-22009 R2 AntiVirSchedulerService;Avira AntiVir Scheduler;f:\program files\Avira\AntiVir Desktop\sched.exe [22.5.2009 22:34 108289] R2 SVKP;SVKP;f:\windows\system32\SVKP.sys [12.10.2009 18:55 2368] R3 kxwdmdrv;kX WDM Driver Service;f:\windows\system32\drivers\kx.sys [17.2.2004 0:19 571776] R3 PAC7302;Eye 312;f:\windows\system32\drivers\PAC7302.SYS [30.4.2007 13:26 449664] S2 gupdate1c9cc30383a82e8;Google Update Service (gupdate1c9cc30383a82e8-);f:\program files\Google\Update\GoogleUpdate.exe [3.5.2009 22:46 133104] S3 EuDisk;EASEUS Disk Enumerator;f:\windows\system32\drivers\EuDisk.sys [13.10.2009 19:36 122504] S3 Nmwdpapfrwwr;Nmwdpapfrwwr;f:\windows\system32\drivers\atmuni.sys [4.8.2004 18:00 352256] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00 . Contents of the 'Scheduled Tasks' folder 2009-09-16 f:\windows\Tasks\AppleSoftwareUpdate.job - f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-10-18 f:\windows\Tasks\GoogleUpdateTaskMachineCore.job - f:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 20:46] 2009-10-19 f:\windows\Tasks\GoogleUpdateTaskMachineUA.job - f:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 20:46] 2009-10-18 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-583907252-682003330-1001Core.job - f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 06:26] 2009-10-19 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-583907252-682003330-1001UA.job - f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 06:26] . . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = local uInternet Settings,ProxyServer = 127.0.0.1:8081 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Winamp Search - f:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Download by VersalSoft Internet Download IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - f:\windows\wc98pp.dll DPF: DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} FF - ProfilePath - f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2010429&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - google.com FF - component: f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\extensions\{52f2b999-2724-4693-b1a5-86d167ba79a6}\components\FFExternalAlert.dll FF - component: f:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - component: f:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: f:\documents and settings\XPPRESP3\Application Data\Mozilla\plugins\npgoogletalk.dll FF - plugin: f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: f:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: f:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin.dll FF - plugin: f:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin2.dll FF - plugin: f:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin3.dll FF - plugin: f:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin4.dll FF - plugin: f:\program files\K-Lite Codec Pack\QuickTime\Plugins\npqtplugin5.dll FF - plugin: f:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: f:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: f:\program files\Picasa2\npPicasa2.dll FF - plugin: f:\program files\Windows Live\Photo Gallery\NPWLPG.dll . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-10-19 13:45 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTStartup = f:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4???????\'?????w???w????????\???\???????????e??w???w\???\???????H?a??????C@?\???\??????s????\??????s\???@'??A??s@'???C@?x???`\|?w\?????@ scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfPf] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfRd] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ASFWHide] "ImagePath"="\??\f:\docume~1\XPPRESP3\LOCALS~1\Temp\ASFWHide" [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfPf] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfRd] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*] "value"="?\07\03\0f\0e!/?" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(784) f:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2704) f:\program files\Windows Media Player\wmpband.dll f:\program files\Windows Desktop Search\deskbar.dll f:\program files\Windows Desktop Search\en-us\dbres.dll.mui f:\program files\Windows Desktop Search\dbres.dll f:\program files\Windows Desktop Search\wordwheel.dll f:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui f:\program files\Windows Desktop Search\msnlExtRes.dll f:\windows\system32\msi.dll f:\windows\system32\WPDShServiceObj.dll f:\windows\system32\PortableDeviceTypes.dll f:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-10-19 13:47 ComboFix-quarantined-files.txt 2009-10-19 11:47 ComboFix2.txt 2009-10-17 23:18 Pre-Run: 76.990.812.160 bytes free Post-Run: 76.979.548.160 bytes free 425 Dopuna: 19 Okt 2009 17:26 mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png evo i Gmer sa malim zakasnjenjem....soryyy

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem win32

Ko je trenutno na forumu

Ukupno su 1070 korisnika na forumu :: 49 registrovanih, 7 sakrivenih i 1014 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 9k38, _Rade, babaroga, bigfoot, Bojadin Strumski, bojank, bojankrstc, bojcistv, Centauro, dane007, dankisha, Dannyboy, Dimitrise93, djolew, FOX, Goran 0000, goxin, janbo, Karla, Kibice, Krvava Devetka, loon123, Lošmi, Marko Marković, mercedesamg, milenko crazy north, milutin134, mocnijogurt, moldway, mrav pesadinac, Neutral-M, ozzy, Parker, radoznao, randja26, repac, Rogan33, royst33, sasa87, Simon simonović, slonic_tonic, stegonosa, styg, Trpe Grozni, uruk, vathra, wulfy, ZetaMan, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by