MyCity » Ambulanta -> Arhiva Ambulante » Blokira mi kompijuter

Blokira mi kompijuter

Napisano na dan: 6.12.2009

Strana:
1
2

Blokira mi kompijuter

Sledeća strana

Pagination

Odgovori

Strana:
1
2

vuksel Poslao: 06 Dec 2009 15:33 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 06 Dec 2009 15:31 koristim AVG anti virus program i pri svakom skiniranju iskopa po nesto.Problem je taj sto kompijuter posle izvesnog vremena jednostavno zakuca (bez obzira da li skidam nesto,igram igricu) tako da jedino mogu da ga restartujem na kucistu.Problem se pojavio pre tri dana,skenirao sam ga i brisao to sto detektuje,sinoc sam ga vratio na datum od pre par dana kada je sve bilo OK.Inace povezan sam preko kablovskog interneta 1.5kb DDS (Ver_09-12-01.01) - NTFSx86 Run by Ivan at 15:25:34.54 on Sun 12/06/2009 Internet Explorer: 6.0.2900.5512 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1434 [GMT 1:00] AV: AVG Internet Security On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall enabled {8decf618-9569-4340-b34a-d78d28969b66} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe svchost.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgfws9.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgam.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Ivan\Desktop\dds.scr ============== Pseudo HJT Report =============== uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll uURLSearchHooks: H - No File BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.7.16.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [av_md] c:\windows\temp\~TM11.tmp mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [WinampAgent] c:\program files\winamp\winampa.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Regedit32] c:\windows\system32\regedit.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~2.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.7.16.dll/206 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\ivan\applic~1\mozilla\firefox\profiles\00x37hrj.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= FF - component: c:\documents and settings\ivan\application data\mozilla\firefox\profiles\00x37hrj.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtension.dll FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2009-12-6 160640] R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2009-12-6 5248] R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2009-12-2 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-12-2 161800] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-2 333192] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-2 28424] R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-2 360584] R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2009-11-28 13696] R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [2009-11-28 17024] R2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2009-12-2 1858144] R2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-12-2 906520] R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-12-2 285392] R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2009-12-2 2304192] R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2009-12-2 5832712] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-12-2 30104] R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2009-12-2 122376] R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2009-12-2 30216] R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2009-12-2 25736] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-28 1684736] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-12-2 30104] =============== Created Last 30 ================ 2009-12-06 11:32:16 0 d-----w- c:\docume~1\alluse~1\applic~1\POP3Profiles 2009-12-06 11:00:40 0 d-----w- c:\docume~1\alluse~1\applic~1\POPWWPROFILES 2009-12-06 09:06:17 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat 2009-12-06 09:06:12 4 ----a-w- c:\docume~1\ivan\applic~1\avdrn.dat 2009-12-06 08:48:08 5248 ----a-w- c:\windows\system32\drivers\a347scsi.sys 2009-12-06 08:48:08 160640 ----a-w- c:\windows\system32\drivers\a347bus.sys 2009-12-06 08:48:02 0 d-----w- c:\program files\Alcohol Soft 2009-12-06 02:05:10 0 d-----w- c:\windows\system32\XPSViewer 2009-12-06 02:04:17 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-12-06 02:04:17 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-12-06 02:04:17 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-12-06 02:04:17 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-12-06 02:04:17 117760 ------w- c:\windows\system32\prntvpt.dll 2009-12-06 02:04:16 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-12-06 02:04:16 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-12-06 01:31:20 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} 2009-12-06 01:19:56 0 d--h--r- C:\AHCache 2009-12-06 01:13:09 0 d-----w- c:\program files\Uniblue 2009-12-06 01:12:50 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{D5ABFFAD-D592-4F98-B02B-587125B4801F} 2009-12-06 01:07:08 0 d-----w- c:\docume~1\ivan\applic~1\Uniblue 2009-12-06 01:07:08 0 d-----w- c:\docume~1\alluse~1\applic~1\DriverScanner 2009-12-04 21:11:24 73728 ----a-w- c:\windows\system32\RTNUninst32.dll 2009-12-04 19:17:24 0 d-----w- c:\program files\ATI 2009-12-04 19:15:12 0 d-----w- C:\ATI 2009-12-03 15:40:23 104 ----a-w- c:\documents and settings\ivan\default.pls 2009-12-03 14:09:10 2560 ------w- c:\windows\system32\xpsp4res.dll 2009-12-03 14:08:57 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-12-03 14:08:57 272128 ------w- c:\windows\system32\drivers\bthport.sys 2009-12-03 14:02:58 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-12-03 14:00:46 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-03 14:00:45 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-03 14:00:45 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-03 13:57:41 0 d-----w- c:\program files\Windows Media Connect 2 2009-12-03 13:56:42 0 d-----w- c:\windows\system32\LogFiles 2009-12-03 13:14:43 0 d-----w- c:\windows\system32\PreInstall 2009-12-03 13:14:42 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2009-12-03 13:14:41 0 d--h--w- c:\windows\$hf_mig$ 2009-12-02 21:19:37 0 d-----w- c:\program files\a-squared Free 2009-12-02 20:23:01 0 d-----w- c:\windows\system32\SoftwareDistribution 2009-12-02 17:08:28 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX 2009-12-02 17:08:28 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX 2009-12-02 17:08:27 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2009-12-02 17:08:25 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2009-12-02 15:35:52 0 d--h--w- C:\$AVG 2009-12-02 15:35:40 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-12-02 15:35:39 0 d-----w- c:\windows\system32\drivers\Avg 2009-12-02 15:35:38 0 d-----w- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar 2009-12-02 15:35:34 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys 2009-12-02 15:35:34 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2009-12-02 15:35:33 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-12-02 15:35:33 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-12-02 15:35:25 50968 ----a-w- c:\windows\system32\avgfwdx.dll 2009-12-02 15:35:25 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys 2009-12-02 15:35:25 0 d-----w- c:\program files\AVG 2009-12-02 15:35:24 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9 2009-12-02 14:51:16 0 d-----w- C:\Downloads 2009-12-02 14:51:01 0 d-----w- c:\program files\BitComet 2009-12-02 14:08:23 1174 ----a-w- c:\windows\mozver.dat 2009-11-29 22:13:09 116 ----a-w- c:\windows\NeroDigital.ini 2009-11-29 15:46:14 0 d-----w- c:\docume~1\ivan\applic~1\Activision 2009-11-29 15:15:43 152248 ----a-w- c:\windows\Osveta Besnog Pileta Uninstaller.exe 2009-11-28 16:38:17 251672 ----a-w- c:\windows\system32\xactengine2_5.dll 2009-11-28 16:38:16 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2009-11-28 16:38:16 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2009-11-28 16:38:16 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2009-11-28 16:38:16 237848 ----a-w- c:\windows\system32\xactengine2_4.dll 2009-11-28 16:38:16 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll 2009-11-28 16:37:39 0 d-----w- c:\program files\Blast! Entertainment Ltd 2009-11-28 16:21:58 376 ----a-w- c:\windows\ODBC.INI 2009-11-28 16:21:54 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-11-28 16:21:29 0 d-----w- c:\program files\Microsoft ActiveSync 2009-11-28 16:21:20 0 d-----w- c:\windows\SHELLNEW 2009-11-28 16:05:13 0 d-----w- c:\windows\Logs 2009-11-28 14:23:29 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-11-28 12:12:37 0 d-----w- c:\windows\RegisteredPackages 2009-11-28 12:12:01 0 d-----w- c:\program files\MUSICMATCH 2009-11-28 12:11:38 118784 ------r- c:\windows\bwUnin-7.2.0.137-8876480SL.exe 2009-11-28 12:11:07 68864 ----a-w- c:\windows\system32\drivers\LMOUKE.sys 2009-11-28 12:11:07 55040 ----a-w- c:\windows\system32\drivers\L8042MOU.SYS 2009-11-28 12:10:46 258352 ----a-w- c:\windows\system32\unicows.dll 2009-11-28 12:10:45 1060864 ----a-w- c:\windows\system32\MFC71.dll 2009-11-28 12:10:45 1047552 ----a-w- c:\windows\system32\MFC71u.dll 2009-11-28 12:10:44 0 d-----w- c:\program files\common files\Logitech 2009-11-28 12:10:40 13440 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys 2009-11-28 11:55:36 49668 ------w- c:\windows\UNNMP.cfg 2009-11-28 11:55:34 2670592 ------w- c:\windows\UNNMP.exe 2009-11-28 11:53:39 155648 ----a-w- c:\windows\system32\NeroCheck.exe 2009-11-28 11:51:54 211802 ------w- c:\windows\UNNeroVision.cfg 2009-11-28 11:51:53 2682880 ------w- c:\windows\UNNeroVision.exe 2009-11-28 11:51:15 471040 ------w- c:\windows\system32\ImagXRA7.dll 2009-11-28 11:51:15 364544 ------w- c:\windows\system32\TwnLib4.dll 2009-11-28 11:51:14 476320 ------w- c:\windows\system32\ImagXpr7.dll 2009-11-28 11:51:14 262144 ------w- c:\windows\system32\ImagXR7.dll 2009-11-28 11:51:14 1568768 ------w- c:\windows\system32\ImagX7.dll 2009-11-28 11:51:13 38912 ------w- c:\windows\system32\picn20.dll 2009-11-28 11:51:13 106496 ----a-w- c:\windows\system32\TwnLib20.dll 2009-11-28 10:15:23 0 d-----w- c:\program files\PDFCreator 2009-11-28 10:13:17 0 d-----w- c:\program files\TimeAdjuster 2009-11-28 10:11:56 24064 ------w- c:\windows\system32\msxml3a.dll 2009-11-28 10:08:51 0 d-----w- c:\program files\PeerWeb DC++ 2009-11-28 10:06:53 0 d-----w- c:\program files\Mv2Player 2009-11-28 10:04:21 20576 ------w- c:\windows\system32\drivers\pxhelp20.sys 2009-11-28 10:04:12 192 ----a-w- c:\windows\winamp.ini 2009-11-28 09:46:24 545 ----a-w- c:\windows\UC.PIF 2009-11-28 09:46:24 545 ----a-w- c:\windows\RAR.PIF 2009-11-28 09:46:24 545 ----a-w- c:\windows\PKZIP.PIF 2009-11-28 09:46:24 545 ----a-w- c:\windows\PKUNZIP.PIF 2009-11-28 09:46:24 545 ----a-w- c:\windows\NOCLOSE.PIF 2009-11-28 09:46:24 545 ----a-w- c:\windows\LHA.PIF 2009-11-28 09:46:24 545 ----a-w- c:\windows\ARJ.PIF 2009-11-28 09:46:24 306 ----a-w- c:\windows\wincmd.ini 2009-11-28 09:46:24 0 d-----w- c:\program files\totalcmd 2009-11-28 09:45:38 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2009-11-28 09:23:00 0 d-----w- c:\windows\system32\appmgmt 2009-11-28 09:21:18 17024 ----a-w- c:\windows\system32\drivers\BS_I2cIo.sys 2009-11-28 09:19:40 940794 ----a-w- c:\windows\system32\LoopyMusic.wav 2009-11-28 09:19:40 146650 ----a-w- c:\windows\system32\BuzzingBee.wav 2009-11-28 09:19:38 0 d-----w- c:\windows\system32\Lang 2009-11-28 09:17:24 0 d-----w- c:\program files\HW Monitor 2009-11-28 09:17:05 0 d-----w- c:\program files\Tseries BIOS Update 2009-11-28 09:15:54 0 d-----w- c:\program files\Driver 2009-11-28 09:14:50 73728 ----a-w- c:\windows\system32\RtNicProp32.dll 2009-11-28 09:14:50 176768 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys 2009-11-28 09:14:41 0 d-----w- c:\windows\OPTIONS 2009-11-28 09:14:41 0 d-----w- c:\program files\Realtek 2009-11-28 09:10:33 0 d-----w- c:\program files\ATI Technologies 2009-11-28 09:09:34 0 d-----w- c:\windows\system32\ReinstallBackups 2009-11-28 09:09:31 33792 ----a-w- c:\windows\system32\drivers\AmdPPM.sys 2009-11-28 09:09:22 0 d-----w- c:\program files\AMD 2009-11-28 09:07:25 13696 ----a-r- c:\windows\system32\drivers\BIOS.sys 2009-11-28 09:05:45 12288 ----a-r- c:\windows\system32\drivers\EIO_XP.sys 2009-11-28 09:04:14 0 d-----w- c:\program files\ASUS 2009-11-28 09:01:20 0 d-----w- c:\windows\system32\AGEIA 2009-11-28 09:01:14 0 d-----w- c:\program files\common files\Wise Installation Wizard 2009-11-28 09:01:00 210919 ----a-w- c:\windows\system32\nvapps.xml 2009-11-28 09:00:30 0 d-----w- c:\program files\My Company Name 2009-11-27 22:23:58 4444 ----a-w- c:\windows\system32\pid.PNF 2009-11-27 21:48:10 0 d-----w- c:\program files\common files\ODBC 2009-11-27 21:48:07 0 d-----w- c:\program files\common files\SpeechEngines 2009-11-27 21:47:49 0 d-----r- c:\documents and settings\all users\Documents 2009-11-27 21:28:46 0 d-sh--w- c:\documents and settings\all users\DRM 2009-11-27 21:28:33 0 d--h--w- c:\program files\WindowsUpdate 2009-11-27 21:28:02 0 d-----w- c:\program files\common files\MSSoap 2009-11-27 21:26:49 0 d-----w- c:\program files\Online Services 2009-11-27 21:26:44 0 d-----w- c:\program files\Messenger 2009-11-27 21:26:41 0 d-----w- c:\program files\MSN Gaming Zone 2009-11-27 21:26:10 0 d-----w- c:\program files\Windows NT ==================== Find3M ==================== 2009-11-27 21:27:07 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-17 19:27:14 84512 ----a-w- c:\windows\SOUNDMAN.EXE 2009-11-17 19:27:14 358944 ----a-w- c:\windows\vncutil.exe 2009-11-17 19:27:14 1833504 ----a-w- c:\windows\SkyTel.exe 2009-11-17 19:27:08 9721888 ----a-w- c:\windows\RTLCPL.EXE 2009-11-17 19:27:08 1489440 ----a-w- c:\windows\RtlUpd.exe 2009-11-17 19:27:02 48672 ----a-w- c:\windows\system32\RtkCoInstXP.dll 2009-11-17 19:27:02 18789408 ----a-w- c:\windows\RTHDCPL.EXE 2009-11-17 19:27:02 129568 ----a-w- c:\windows\RtkAudioService.exe 2009-11-17 19:26:56 2177568 ----a-w- c:\windows\MicCal.exe 2009-11-17 19:26:50 64032 ----a-w- c:\windows\ALCMTR.EXE 2009-11-17 19:26:50 2815520 ----a-w- c:\windows\ALCWZRD.EXE 2009-11-17 18:51:38 5956608 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys 2009-11-02 12:48:02 831488 ----a-w- c:\windows\RtlExUpd.dll 2009-09-25 05:37:11 667136 ----a-w- c:\windows\system32\wininet.dll 2009-09-25 05:37:09 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll ============= FINISH: 15:25:47.21 =============== Dopuna: 06 Dec 2009 15:33 UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 5/7/2005 5:24:05 PM System Uptime: 12/6/2009 3:05:00 PM (0 hours ago) Motherboard: BIOSTAR Group \| \| TA770E Processor: AMD Phenom(tm) II X4 920 Processor \| CPU 1 \| 1595/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 98 GiB total, 74.059 GiB free. D: is FIXED (NTFS) - 176 GiB total, 130.403 GiB free. E: is FIXED (NTFS) - 192 GiB total, 23.667 GiB free. F: is CDROM () G: is FIXED (NTFS) - 98 GiB total, 42.751 GiB free. H: is FIXED (NTFS) - 200 GiB total, 13.923 GiB free. I: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP16: 11/28/2009 3:17:47 PM - Installed GTA San Andreas RP17: 11/28/2009 5:05:32 PM - Installed Microsoft Visual C++ 2005 Redistributable RP18: 11/28/2009 5:08:06 PM - Installed Microsoft Visual C++ 2005 Redistributable RP19: 11/28/2009 5:20:32 PM - Installed Microsoft Office Professional Edition 2003 RP20: 11/28/2009 5:37:39 PM - Installed Mr Bean. RP21: 11/28/2009 7:55:27 PM - Installed Ice Age Dawn of the Dinosaurs(TM) RP22: 11/29/2009 11:33:39 PM - System Checkpoint RP23: 12/1/2009 12:14:58 AM - System Checkpoint RP24: 12/1/2009 6:11:47 PM - Installed GUN (TM) RP25: 12/1/2009 7:05:59 PM - Removed GUN (TM) RP26: 12/2/2009 4:35:24 PM - Installed AVG 9.0 RP27: 12/2/2009 4:48:10 PM - Avg8 Update RP28: 12/2/2009 8:17:28 PM - Avg8 Update RP29: 12/2/2009 9:37:54 PM - Avg8 Update RP30: 12/2/2009 9:58:17 PM - Avg8 Update RP31: 12/3/2009 12:16:07 AM - Avg8 Update RP32: 12/3/2009 11:24:34 AM - Removed GTA San Andreas RP33: 12/3/2009 2:14:39 PM - Software Distribution Service 3.0 RP34: 12/3/2009 2:56:16 PM - Installed Windows Media Player 11 RP35: 12/3/2009 2:56:39 PM - Installed Windows XP Wudf01000. RP36: 12/3/2009 2:58:00 PM - Installed Windows XP MSCompPackV1. RP37: 12/4/2009 3:00:15 AM - Software Distribution Service 3.0 RP38: 12/4/2009 8:42:36 AM - Configured ASUS Smart Doctor RP39: 12/4/2009 8:43:18 AM - Removed ASUS Gamer OSD RP40: 12/4/2009 11:18:56 AM - Installed Uniblue DriverScanner v1.0 RP41: 12/4/2009 11:48:51 AM - DriverScanner install: BenQ FP92G+ RP42: 12/4/2009 8:16:32 PM - Installed Realtek High Definition Audio Driver RP43: 12/4/2009 10:10:52 PM - Installed REALTEK GbE & FE Ethernet PCI-E NIC Driver RP44: 12/4/2009 10:14:44 PM - Installed Realtek High Definition Audio Driver RP45: 12/5/2009 12:16:46 AM - Avg8 Update RP46: 12/5/2009 3:00:13 AM - Software Distribution Service 3.0 RP47: 12/5/2009 9:26:37 AM - Avg8 Update RP48: 12/5/2009 2:15:19 PM - Software Distribution Service 3.0 RP49: 12/6/2009 2:10:45 AM - Restore Operation RP50: 12/6/2009 2:12:50 AM - Installed Uniblue DriverScanner v1.0 RP51: 12/6/2009 3:04:25 AM - Installed Windows KB954550-v5. RP52: 12/6/2009 3:04:35 AM - Printer Driver Microsoft XPS Document Writer Installed RP53: 12/6/2009 3:04:44 AM - Printer Driver Microsoft XPS Document Writer Installed RP54: 12/6/2009 9:48:02 AM - Installed Alcohol 120% RP55: 12/6/2009 12:00:13 PM - Installed Prince of Persia Warrior Within RP56: 12/6/2009 12:00:40 PM - Installed Prince of Persia Warrior Within RP57: 12/6/2009 12:29:25 PM - Installed Prince of Persia The Two Thrones RP58: 12/6/2009 12:32:16 PM - Installed Prince of Persia The Two Thrones ==== Installed Programs ====================== a-squared Free 4.0 Activision(R) Adobe Reader 7.0 AMD Processor Driver ASUS nVidia Driver ASUS Utilities ASUS VideoSecurity Online ATI - Software Uninstall Utility ATI Catalyst Install Manager AVG 9.0 BitComet 1.16 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976098-v2) HW Monitor Ice Age Dawn of the Dinosaurs(TM) Logitech Desktop Messenger Logitech SetPoint Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (3.5.5) Mr Bean MV2Player (remove only) Nero Suite NVIDIA Drivers NVIDIA PhysX Osveta Besnog Pileta PDFCreator PeerWeb DC++ 0.41 PowerDVD Prince of Persia T2T Prince of Persia The Two Thrones Prince of Persia Warrior Within REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648-) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748-) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238-) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974455) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Time Adjuster STANDARD 3.1 Total Commander (Remove or Repair) Uniblue DriverScanner 2009 Update for Windows XP (KB898461) Update for Windows XP (KB951978-) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update for Windows XP (KB976749) WebFldrs XP Winamp (remove only) Windows Media Format 11 runtime Windows Media Player 11 WinRAR archiver WinZip XviD MPEG-4 Video Codec ==== Event Viewer Messages From Past Week ======== 12/6/2009 10:15:59 AM, warning: Windows File Protection [64008] - The protected system file c:\program files\internet explorer\iexplore.exe could not be verified as valid because Windows File Protection is terminating. Use the SFC utility to verify the integrity of the file at a later time. 12/6/2009 10:15:57 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\internet explorer\iexplore.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 6.0.2900.5512. 12/6/2009 10:15:45 AM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). 12/5/2009 2:30:00 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP. 12/2/2009 2:37:05 PM, error: Dhcp [1002] - The IP address lease 192.168.100.10 for the Network Card with network address 0030671F90B0 has been denied by the DHCP server 89.216.1.18 (The DHCP Server sent a DHCPNACK message). 12/2/2009 2:34:23 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 12/2/2009 2:34:18 PM, error: Dhcp [1002] - The IP address lease 172.25.190.9 for the Network Card with network address 0030671F90B0 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). ==== End Of File ===========================

Profil

Bogdan-Tc Poslao: 06 Dec 2009 15:58 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav. Ponovo pročitaj uputstvo Kako otvoriti temu u Ambulanti i isprati uputstvo vezano za Gmer (korak 3)

Profil

vuksel Poslao: 06 Dec 2009 18:04 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ROOTREPEAL (c) AD, 2007-2009 ================================================== Scan Start Time: 2009/12/06 18:00 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: Image Path: Address: 0xB9EE3000 Size: 98304 File Visible: No Signed: - Status: - Name: Image Path: Address: 0x00000000 Size: 0 File Visible: No Signed: - Status: - Name: axloqpoc.sys Image Path: C:\DOCUME~1\Ivan\LOCALS~1\Temp\axloqpoc.sys Address: 0xB1265000 Size: 91904 File Visible: No Signed: - Status: - Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xB2AB2000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xBA618000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB18D6000 Size: 49152 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: c:\windows\temp\964409fc-53f0-41a0-9c32-ff5bf160f346.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\555a4b28-7414-4718-a731-a40b85382ae6.tmp Status: Allocation size mismatch (API: 8192, Raw: 0) Path: c:\windows\temp\0b3a3eee-55aa-402c-8b77-4802fd81c9e8.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\0da1aaf6-cb4f-4efb-887a-05adcc5c5232.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\dba5c8cc-acb3-482f-8564-d3559104e585.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\bfcdc5a4-26f0-41e1-8a34-7d3c9d4db73a.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\11a4896f-ac1e-49c1-8f20-b0a682a35186.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\a82de2ed-7e25-40dc-806f-fc74e57ca93a.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\f4f90ce0-e836-4a87-9589-0480f2dc89b2.tmp Status: Allocation size mismatch (API: 65536, Raw: 0) Path: c:\windows\temp\f541709b-26cf-4988-93b1-8a90f9bf1be9.tmp Status: Allocation size mismatch (API: 65536, Raw: 0) Path: c:\windows\temp\ccf6dc29-b083-4405-a25d-66cf72a4b2cb.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\e5f6c449-1dea-4787-8026-74f562be75da.tmp Status: Allocation size mismatch (API: 32768, Raw: 0) Path: c:\windows\temp\2c6cdc6d-ca75-496f-97d4-33452fff11c6.tmp Status: Allocation size mismatch (API: 8192, Raw: 0) Path: c:\windows\temp\d27ac83f-2444-4a99-95b7-01438f23f020.tmp Status: Allocation size mismatch (API: 65536, Raw: 0) Path: c:\windows\temp\67acb019-afee-4c04-a896-2a8755ad0f98.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\67c6432e-badf-440e-b2ef-ee3ed23c834d.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\39619c85-ed80-416c-a6cc-8baa29469176.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\3b1017a1-92c0-455f-a660-b2aa6ae33925.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\3b599746-73f1-44c7-8827-159a92c2d9ce.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\7710f859-599b-4084-9387-f8abeec06945.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\7c002ab9-5753-4c46-961d-199e11674730.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\1710b8b5-d271-4314-9ca2-a19abe56f39d.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\8df7d7d0-4c11-429f-aa59-4a29a16c269a.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\85163706-f92d-49af-8d01-ea11e8afe93e.tmp Status: Allocation size mismatch (API: 49152, Raw: 0) Path: c:\windows\temp\0721818b-5ccc-4243-84a5-093517efdddd.tmp Status: Allocation size mismatch (API: 16384, Raw: 0) Path: c:\windows\temp\c52e18df-2bd1-4c61-a620-c6c32c44b52a.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\eac2751b-99c0-47a0-8ca5-f2b22b835c9f.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\42ba7b65-1103-4e88-a880-3c6e96181154.tmp Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\45fa73ac-c424-46db-8c07-9eb68aaaa029.tmp Status: Allocation size mismatch (API: 131072, Raw: 0) Path: c:\documents and settings\ivan\application data\mozilla\firefox\profiles\00x37hrj.default\sessionstore.js Status: Size mismatch (API: 4117, Raw: 4355) SSDT ------------------- #: 025 Function Name: NtClose Status: Hooked by "a347bus.sys" at address 0xb9f8d028 #: 041 Function Name: NtCreateKey Status: Hooked by "a347bus.sys" at address 0xb9f8cfe0 #: 045 Function Name: NtCreatePagingFile Status: Hooked by "a347bus.sys" at address 0xb9f80b00 #: 071 Function Name: NtEnumerateKey Status: Hooked by "a347bus.sys" at address 0xb9f815dc #: 073 Function Name: NtEnumerateValueKey Status: Hooked by "a347bus.sys" at address 0xb9f8d120 #: 116 Function Name: NtOpenFile Status: Hooked by "a347bus.sys" at address 0xb9f80b40 #: 119 Function Name: NtOpenKey Status: Hooked by "a347bus.sys" at address 0xb9f8cfa4 #: 122 Function Name: NtOpenProcess Status: Hooked by "C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys" at address 0xba4b1470 #: 160 Function Name: NtQueryKey Status: Hooked by "a347bus.sys" at address 0xb9f815fc #: 177 Function Name: NtQueryValueKey Status: Hooked by "a347bus.sys" at address 0xb9f8d076 #: 241 Function Name: NtSetSystemPowerState Status: Hooked by "a347bus.sys" at address 0xb9f8c550 #: 257 Function Name: NtTerminateProcess Status: Hooked by "C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys" at address 0xba4b1520 #: 258 Function Name: NtTerminateThread Status: Hooked by "C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys" at address 0xba4b15c0 #: 277 Function Name: NtWriteVirtualMemory Status: Hooked by "C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys" at address 0xba4b1660 Stealth Objects ------------------- Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ] Process: System Address: 0x89d04270 Size: 11 Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_CLOSE] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_READ] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_WRITE] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_SET_INFORMATION] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_EA] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_SET_EA] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_SHUTDOWN] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_CLEANUP] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_SET_SECURITY] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_POWER] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_SET_QUOTA] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: atapi, IRP_MJ_PNP] Process: System Address: 0x89b4f008 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_CREATE] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_CLOSE] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_READ] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_WRITE] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_INFORMATION] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_EA] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_EA] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_SHUTDOWN] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_CLEANUP] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_SECURITY] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_POWER] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_SET_QUOTA] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: a347scsi, IRP_MJ_PNP] Process: System Address: 0x89b0bd98 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_INFORMATION] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_EA] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_EA] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLEANUP] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_SECURITY] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_QUOTA] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP] Process: System Address: 0x89c38678 Size: 99 Object: Hidden Code [Driver: Rdbss, IRP_MJ_READ] Process: System Address: 0x89e4cd08 Size: 11 Object: Hidden Code [Driver: Srv, IRP_MJ_READ] Process: System Address: 0x88f59a20 Size: 11 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ] Process: System Address: 0x89cc9af0 Size: 11 Object: Hidden Code [Driver: Npfsࠅఐ卆浩, IRP_MJ_READ] Process: System Address: 0x89cffcd8 Size: 11 Object: Hidden Code [Driver: Msfs؅ఇ癁⩧, IRP_MJ_READ] Process: System Address: 0x89d03cd0 Size: 11 Object: Hidden Code [Driver: Fs_Rec, IRP_MJ_READ] Process: System Address: 0x89c9c370 Size: 11 Object: Hidden Code [Driver: CdfsЅః杇獬þ, IRP_MJ_READ] Process: System Address: 0x89483fb0 Size: 11 ==EOF==

Profil

Bogdan-Tc Poslao: 06 Dec 2009 18:37 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ukoliko te ComboFix upita da li da instalira Recovery Console, dozvoli mu. Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

vuksel Poslao: 06 Dec 2009 22:20 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png ComboFix 09-12-06.06 - Ivan 12/06/2009 20:36.1.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1466 [GMT 1:00] Running from: c:\documents and settings\Ivan\Desktop\ComboFix.exe AV: AVG Internet Security On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall enabled {8decf618-9569-4340-b34a-d78d28969b66} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\driver c:\windows\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd . ((((((((((((((((((((((((( Files Created from 2009-11-06 to 2009-12-06 ))))))))))))))))))))))))))))))) . 2009-12-06 16:04 . 2009-12-06 16:04 -------- d-----w- c:\documents and settings\All Users\Application Data\THQ 2009-12-06 16:00 . 2009-12-06 16:00 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\Activision 2009-12-06 11:32 . 2009-12-06 11:32 -------- d-----w- c:\documents and settings\All Users\Application Data\POP3Profiles 2009-12-06 11:00 . 2009-12-06 11:11 -------- d-----w- c:\documents and settings\All Users\Application Data\POPWWPROFILES 2009-12-06 09:06 . 2009-12-06 09:06 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat 2009-12-06 08:48 . 2004-04-30 08:37 160640 ----a-w- c:\windows\system32\drivers\a347bus.sys 2009-12-06 08:48 . 2004-04-30 08:33 5248 ----a-w- c:\windows\system32\drivers\a347scsi.sys 2009-12-06 08:48 . 2009-12-06 08:48 -------- d-----w- c:\program files\Alcohol Soft 2009-12-06 02:05 . 2009-12-06 02:05 75664 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-12-06 02:05 . 2009-12-06 02:05 -------- d-----w- c:\windows\system32\XPSViewer 2009-12-06 02:05 . 2009-12-06 02:05 -------- d-----w- c:\program files\MSBuild 2009-12-06 02:04 . 2009-12-06 02:04 -------- d-----w- c:\program files\Reference Assemblies 2009-12-06 02:04 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2009-12-06 02:04 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-12-06 02:04 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-12-06 02:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-12-06 02:04 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-12-06 02:04 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-12-06 02:04 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2009-12-06 02:04 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-12-06 02:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-12-06 01:31 . 2009-12-06 01:31 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} 2009-12-06 01:19 . 2009-12-06 01:19 -------- d-----r- C:\AHCache 2009-12-06 01:13 . 2008-10-26 04:48 2651951 -c--a-w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe 2009-12-06 01:13 . 2009-12-06 01:13 -------- d-----w- c:\program files\Uniblue 2009-12-06 01:07 . 2009-12-06 01:14 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-12-06 01:07 . 2009-12-06 01:13 -------- d-----w- c:\documents and settings\Ivan\Application Data\Uniblue 2009-12-05 08:26 . 2009-12-02 15:35 304408 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgaspmx.dll 2009-12-04 21:11 . 2009-05-26 18:30 73728 ----a-w- c:\windows\system32\RTNUninst32.dll 2009-12-04 19:17 . 2009-12-04 19:17 -------- d-----w- c:\program files\ATI 2009-12-04 19:15 . 2009-12-04 19:15 -------- d-----w- C:\ATI 2009-12-03 15:40 . 2009-12-03 15:40 -------- d-----w- c:\documents and settings\Ivan\Application Data\Ahead 2009-12-03 14:09 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll 2009-12-03 14:08 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-12-03 14:08 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys 2009-12-03 14:02 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-12-03 14:00 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-03 14:00 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-03 14:00 . 2009-08-04 14:20 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-03 13:58 . 2008-04-14 19:42 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2009-12-03 13:57 . 2009-12-03 13:57 -------- d-----w- c:\program files\Windows Media Connect 2 2009-12-03 13:56 . 2009-12-03 13:57 -------- d-----w- c:\windows\system32\drivers\UMDF 2009-12-03 13:56 . 2009-12-03 13:56 -------- d-----w- c:\windows\system32\LogFiles 2009-12-03 13:14 . 2007-11-30 11:18 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2009-12-03 13:14 . 2009-12-04 10:34 -------- d--h--w- c:\windows\$hf_mig$ 2009-12-02 21:23 . 2009-10-16 11:13 1115392 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll 2009-12-02 21:19 . 2009-12-06 19:23 -------- d-----w- c:\program files\a-squared Free 2009-12-02 20:58 . 2009-12-02 15:35 360584 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys 2009-12-02 20:37 . 2009-12-02 15:35 877848 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe 2009-12-02 20:37 . 2009-12-02 15:35 610072 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgiproxy.exe 2009-12-02 20:37 . 2009-12-02 15:35 1657112 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll 2009-12-02 17:08 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2009-12-02 17:08 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2009-12-02 15:56 . 2009-12-02 15:56 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\AVG Security Toolbar 2009-12-02 14:51 . 2009-12-06 16:48 -------- d-----w- C:\Downloads 2009-12-02 14:51 . 2009-12-02 14:51 1032192 ----a-w- c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\00x37hrj.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll 2009-12-02 14:51 . 2009-12-06 19:31 -------- d-----w- c:\program files\BitComet 2009-12-02 14:08 . 2009-12-02 14:08 1174 ----a-w- c:\windows\mozver.dat 2009-12-02 13:34 . 2009-12-02 13:34 -------- d-----w- c:\documents and settings\Ivan\Application Data\Talkback 2009-12-02 13:34 . 2009-12-02 13:34 0 ----a-w- c:\windows\nsreg.dat 2009-12-02 13:34 . 2009-12-02 13:34 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\Mozilla 2009-12-01 17:16 . 2004-07-09 03:26 354816 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll 2009-12-01 17:16 . 2004-07-09 03:26 354816 ----a-w- c:\windows\system32\psisdecd.dll 2009-12-01 17:16 . 2004-07-09 03:26 52096 -c--a-w- c:\windows\system32\dllcache\msdv.sys 2009-12-01 17:16 . 2004-07-09 03:26 52096 ----a-w- c:\windows\system32\drivers\msdv.sys 2009-12-01 17:16 . 2004-07-09 03:26 15104 -c--a-w- c:\windows\system32\dllcache\mpe.sys 2009-12-01 17:16 . 2004-07-09 03:26 15104 ----a-w- c:\windows\system32\drivers\mpe.sys 2009-12-01 17:16 . 2004-07-09 03:26 11392 -c--a-w- c:\windows\system32\dllcache\bdasup.sys 2009-12-01 17:16 . 2004-07-09 03:26 11392 ----a-w- c:\windows\system32\drivers\bdasup.sys 2009-12-01 17:16 . 2002-12-11 23:14 46592 ----a-w- c:\windows\system32\dxdllreg.exe 2009-12-01 17:16 . 2002-08-29 02:41 31744 -c--a-w- c:\windows\system32\dllcache\pid.dll 2009-11-29 18:28 . 2009-11-29 18:28 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\Identities 2009-11-29 15:46 . 2009-11-29 15:46 -------- d-----w- c:\documents and settings\Ivan\Application Data\Activision 2009-11-29 15:15 . 2009-11-29 15:15 152248 ----a-w- c:\windows\Osveta Besnog Pileta Uninstaller.exe 2009-11-28 16:38 . 2006-12-08 11:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll 2009-11-28 16:38 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2009-11-28 16:38 . 2007-03-05 11:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll 2009-11-28 16:38 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2009-11-28 16:38 . 2006-09-28 15:05 237848 ----a-w- c:\windows\system32\xactengine2_4.dll 2009-11-28 16:38 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2009-11-28 16:37 . 2009-11-28 16:37 -------- d-----w- c:\program files\Blast! Entertainment Ltd 2009-11-28 16:21 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll 2009-11-28 16:21 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-11-28 16:21 . 2009-11-28 16:21 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-11-28 16:21 . 2009-11-28 16:21 -------- d-----w- c:\windows\SHELLNEW 2009-11-28 16:20 . 2009-11-28 16:20 -------- d-----w- c:\program files\Microsoft.NET 2009-11-28 16:05 . 2009-11-28 16:05 -------- d-----w- c:\windows\Logs 2009-11-28 14:23 . 2009-11-28 14:23 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-11-28 14:11 . 2009-11-28 14:11 -------- d-----w- c:\documents and settings\Ivan\Application Data\Logitech 2009-11-28 12:12 . 2009-11-28 12:12 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\Musicmatch 2009-11-28 12:12 . 2009-12-04 07:44 -------- d-----w- c:\program files\MUSICMATCH 2009-11-28 12:11 . 2009-11-28 12:11 118784 ------r- c:\windows\bwUnin-7.2.0.137-8876480SL.exe 2009-11-28 12:11 . 2005-07-22 22:41 68864 ----a-w- c:\windows\system32\drivers\LMOUKE.sys 2009-11-28 12:11 . 2005-07-22 22:41 55040 ----a-w- c:\windows\system32\drivers\L8042MOU.SYS 2009-11-28 12:10 . 2005-08-04 01:42 258352 ----a-w- c:\windows\system32\unicows.dll 2009-11-28 12:10 . 2005-08-04 01:42 1060864 ----a-w- c:\windows\system32\MFC71.dll 2009-11-28 12:10 . 2005-08-04 01:42 1047552 ----a-w- c:\windows\system32\MFC71u.dll 2009-11-28 12:10 . 2009-11-28 12:10 -------- d-----w- c:\program files\Common Files\Logitech 2009-11-28 12:10 . 2009-11-28 12:11 -------- d-----w- c:\program files\Logitech 2009-11-28 12:10 . 2005-07-22 22:40 13440 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys 2009-11-28 11:55 . 2005-02-08 11:12 2670592 ------w- c:\windows\UNNMP.exe 2009-11-28 11:53 . 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe 2009-11-28 11:53 . 2009-11-28 11:53 -------- d-----w- c:\program files\Common Files\Nero 2009-11-28 11:51 . 2005-02-17 10:21 2682880 ------w- c:\windows\UNNeroVision.exe 2009-11-28 11:51 . 2009-11-28 11:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead 2009-11-28 11:51 . 2004-07-26 16:16 471040 ------w- c:\windows\system32\ImagXRA7.dll 2009-11-28 11:51 . 2004-07-09 08:43 364544 ------w- c:\windows\system32\TwnLib4.dll 2009-11-28 11:51 . 2004-07-26 16:16 476320 ------w- c:\windows\system32\ImagXpr7.dll 2009-11-28 11:51 . 2004-07-26 16:16 262144 ------w- c:\windows\system32\ImagXR7.dll 2009-11-28 11:51 . 2004-07-26 16:16 1568768 ------w- c:\windows\system32\ImagX7.dll 2009-11-28 11:51 . 2001-06-26 07:15 38912 ------w- c:\windows\system32\picn20.dll 2009-11-28 11:51 . 2000-06-26 10:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll 2009-11-28 11:51 . 2009-11-28 11:51 -------- d-----w- c:\program files\Common Files\Ahead 2009-11-28 11:51 . 2009-11-28 11:55 -------- d-----w- c:\program files\Ahead 2009-11-28 10:15 . 2009-12-02 17:08 -------- d-----w- c:\program files\PDFCreator 2009-11-28 10:13 . 2009-11-28 10:13 -------- d-----w- c:\program files\TimeAdjuster 2009-11-28 10:12 . 2009-11-28 10:12 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink 2009-11-28 10:11 . 2001-03-08 18:30 24064 ------w- c:\windows\system32\msxml3a.dll 2009-11-28 10:11 . 2009-11-28 10:12 -------- d-----w- c:\program files\CyberLink 2009-11-28 10:08 . 2009-12-06 18:45 -------- d-----w- c:\program files\PeerWeb DC++ 2009-11-28 10:06 . 2009-11-29 22:13 -------- d-----w- c:\program files\Mv2Player 2009-11-28 10:04 . 2005-07-19 09:05 20576 ------w- c:\windows\system32\drivers\pxhelp20.sys 2009-11-28 10:04 . 2009-11-28 10:05 -------- d-----w- c:\program files\Winamp 2009-11-28 09:47 . 2009-11-28 09:47 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\GHISLER 2009-11-28 09:46 . 2009-11-28 09:46 -------- d-----w- c:\program files\totalcmd . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-06 11:29 . 2009-11-28 09:00 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-06 09:06 . 2009-12-06 09:06 16 ----a-w- c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat 2009-12-06 09:06 . 2009-12-06 09:06 4 ----a-w- c:\documents and settings\Ivan\Application Data\avdrn.dat 2009-12-06 01:13 . 2009-12-06 01:12 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F} 2009-12-04 09:35 . 2009-11-28 09:04 -------- d-----w- c:\program files\ASUS 2009-12-02 21:23 . 2009-12-02 15:35 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-12-02 20:58 . 2009-12-02 15:35 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-12-02 15:35 . 2009-12-02 15:35 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-12-02 15:35 . 2009-12-02 15:35 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys 2009-12-02 15:35 . 2009-12-02 15:35 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2009-12-02 15:35 . 2009-12-02 15:35 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-12-02 15:35 . 2009-12-02 15:35 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-12-02 15:35 . 2009-12-02 15:35 50968 ----a-w- c:\windows\system32\avgfwdx.dll 2009-12-02 15:35 . 2009-12-02 15:35 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys 2009-12-02 15:35 . 2009-12-02 15:35 -------- d-----w- c:\program files\AVG 2009-12-02 15:35 . 2009-12-02 15:35 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2009-11-28 09:04 . 2009-11-28 09:04 0 ----a-w- c:\windows\system32\SET79.tmp 2009-11-28 09:00 . 2009-11-28 09:00 -------- d-----w- c:\program files\My Company Name 2009-11-27 22:04 . 2009-11-27 21:28 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-11-27 21:29 . 2009-11-27 21:29 -------- d-----w- c:\program files\microsoft frontpage 2009-11-27 21:27 . 2009-11-27 21:27 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-17 19:27 . 2009-11-28 09:15 84512 ----a-w- c:\windows\SOUNDMAN.EXE 2009-11-17 19:27 . 2009-11-28 09:15 358944 ----a-w- c:\windows\vncutil.exe 2009-11-17 19:27 . 2009-11-28 09:15 1833504 ----a-w- c:\windows\SkyTel.exe 2009-11-17 19:27 . 2009-11-28 09:15 1489440 ----a-w- c:\windows\RtlUpd.exe 2009-11-17 19:27 . 2009-11-28 09:15 9721888 ----a-w- c:\windows\RTLCPL.EXE 2009-11-17 19:27 . 2009-11-28 09:15 48672 ----a-w- c:\windows\system32\RtkCoInstXP.dll 2009-11-17 19:27 . 2009-11-28 09:15 129568 ----a-w- c:\windows\RtkAudioService.exe 2009-11-17 19:27 . 2009-11-28 09:15 18789408 ----a-w- c:\windows\RTHDCPL.EXE 2009-11-17 19:26 . 2009-11-28 09:15 2177568 ----a-w- c:\windows\MicCal.exe 2009-11-17 19:26 . 2009-11-28 09:15 64032 ----a-w- c:\windows\ALCMTR.EXE 2009-11-17 19:26 . 2009-11-28 09:15 2815520 ----a-w- c:\windows\ALCWZRD.EXE 2009-11-17 18:51 . 2009-11-28 09:15 5956608 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys 2009-11-02 12:48 . 2009-11-28 09:15 831488 ----a-w- c:\windows\RtlExUpd.dll 2009-09-25 05:37 . 2008-04-14 19:42 667136 ----a-w- c:\windows\system32\wininet.dll 2009-09-25 05:37 . 2008-04-14 19:41 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-09-11 14:18 . 2008-04-14 19:42 136192 ----a-w- c:\windows\system32\msv1_0.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1115392] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-10-16 11:13 1115392 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1115392] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1115392] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-11-28 32768] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640] "nwiz"="nwiz.exe" [2009-02-09 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2004-12-20 33792] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-02 2020120] "RTHDCPL"="RTHDCPL.EXE" [2009-11-17 18789408] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-11-28 450560] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-11-28 528384] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-12-02 15:35 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\PeerWeb DC++\\PeerWeb DC++.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\Program Files\\AVG\\AVG9\\avgam.exe"= "c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "16529:TCP"= 16529:TCP:BitComet 16529 TCP "16529:UDP"= 16529:UDP:BitComet 16529 UDP R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [12/6/2009 9:48 AM 5248] R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [12/2/2009 4:35 PM 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [12/2/2009 4:35 PM 161800] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/2/2009 4:35 PM 333192] R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12/2/2009 4:35 PM 360584] R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [11/28/2009 10:07 AM 13696] R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [11/28/2009 10:21 AM 17024] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [12/2/2009 10:19 PM 1858144] R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [12/2/2009 4:35 PM 906520] R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [12/2/2009 4:35 PM 285392] R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [12/2/2009 9:58 PM 2304192] R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [12/2/2009 4:35 PM 5832712] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/2/2009 4:35 PM 30104] R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [12/2/2009 4:35 PM 122376] R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [12/2/2009 4:35 PM 30216] R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [12/2/2009 4:35 PM 25736] S0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [12/6/2009 9:48 AM 160640] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11/28/2009 10:15 AM 1684736] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/2/2009 4:35 PM 30104] . ------- Supplementary Scan ------- . IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll FF - ProfilePath - c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\00x37hrj.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= FF - component: c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\00x37hrj.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . - - - - ORPHANS REMOVED - - - - AddRemove-NVIDIA Drivers - c:\windows\system32\nvuninst.exe UninstallGUI AddRemove-Uniblue DriverScanner 2009 - c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe REMOVE=TRUE MODIFY=FALSE ************************************************************************ scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: ************************************************************************ . Completion time: 2009-12-06 20:42 ComboFix-quarantined-files.txt 2009-12-06 19:41 Pre-Run: 81,664,368,640 bytes free Post-Run: 81,643,589,632 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - DFA164628DC69964D196E4B99C289C9A

Profil

Bogdan-Tc Poslao: 07 Dec 2009 22:50 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\fjhdyfhsn.bat c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat c:\documents and settings\Ivan\Application Data\avdrn.dat` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

vuksel Poslao: 08 Dec 2009 13:59 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png ComboFix 09-12-07.07 - Ivan 12/08/2009 13:52.2.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1595 [GMT 1:00] Running from: c:\documents and settings\Ivan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Ivan\Desktop\CFScript.txt AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\documents and settings\Ivan\Application Data\avdrn.dat" "c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat" "c:\windows\system32\fjhdyfhsn.bat" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Ivan\Application Data\avdrn.dat c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat c:\windows\system32\fjhdyfhsn.bat . ((((((((((((((((((((((((( Files Created from 2009-11-08 to 2009-12-08 ))))))))))))))))))))))))))))))) . 2009-12-07 11:21 . 2009-12-08 11:25 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-12-07 11:21 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-12-07 11:21 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-12-07 11:21 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-12-07 11:21 . 2009-12-07 11:21 -------- d-----w- c:\program files\Avira 2009-12-07 11:21 . 2009-12-07 11:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-12-07 00:20 . 2009-12-07 00:20 -------- d-----w- c:\documents and settings\Ivan\Application Data\Skinux 2009-12-07 00:14 . 2009-12-07 00:14 -------- d-----w- c:\program files\The Skins Factory 2009-12-06 16:04 . 2009-12-06 16:04 -------- d-----w- c:\documents and settings\All Users\Application Data\THQ 2009-12-06 16:00 . 2009-12-06 16:00 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\Activision 2009-12-06 11:32 . 2009-12-06 11:32 -------- d-----w- c:\documents and settings\All Users\Application Data\POP3Profiles 2009-12-06 11:00 . 2009-12-08 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\POPWWPROFILES 2009-12-06 08:48 . 2004-04-30 08:37 160640 ----a-w- c:\windows\system32\drivers\a347bus.sys 2009-12-06 08:48 . 2004-04-30 08:33 5248 ----a-w- c:\windows\system32\drivers\a347scsi.sys 2009-12-06 08:48 . 2009-12-06 08:48 -------- d-----w- c:\program files\Alcohol Soft 2009-12-06 02:05 . 2009-12-06 02:05 75664 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-12-06 02:05 . 2009-12-06 02:05 -------- d-----w- c:\windows\system32\XPSViewer 2009-12-06 02:05 . 2009-12-06 02:05 -------- d-----w- c:\program files\MSBuild 2009-12-06 02:04 . 2009-12-06 02:04 -------- d-----w- c:\program files\Reference Assemblies 2009-12-06 02:04 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2009-12-06 02:04 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-12-06 02:04 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-12-06 02:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-12-06 02:04 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-12-06 02:04 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-12-06 02:04 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2009-12-06 02:04 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-12-06 02:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-12-06 01:31 . 2009-12-06 01:31 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} 2009-12-06 01:13 . 2008-10-26 04:48 2651951 -c--a-w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe 2009-12-06 01:13 . 2009-12-06 01:13 -------- d-----w- c:\program files\Uniblue 2009-12-06 01:07 . 2009-12-06 01:14 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-12-06 01:07 . 2009-12-06 01:13 -------- d-----w- c:\documents and settings\Ivan\Application Data\Uniblue 2009-12-04 21:11 . 2009-05-26 18:30 73728 ----a-w- c:\windows\system32\RTNUninst32.dll 2009-12-04 19:17 . 2009-12-04 19:17 -------- d-----w- c:\program files\ATI 2009-12-04 19:15 . 2009-12-04 19:15 -------- d-----w- C:\ATI 2009-12-03 15:40 . 2009-12-03 15:40 -------- d-----w- c:\documents and settings\Ivan\Application Data\Ahead 2009-12-03 14:09 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll 2009-12-03 14:08 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-12-03 14:08 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys 2009-12-03 14:02 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-12-03 14:00 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-03 14:00 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-03 14:00 . 2009-08-04 14:20 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-03 13:58 . 2008-04-14 19:42 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2009-12-03 13:57 . 2009-12-03 13:57 -------- d-----w- c:\program files\Windows Media Connect 2 2009-12-03 13:56 . 2009-12-03 13:57 -------- d-----w- c:\windows\system32\drivers\UMDF 2009-12-03 13:56 . 2009-12-03 13:56 -------- d-----w- c:\windows\system32\LogFiles 2009-12-03 13:14 . 2007-11-30 11:18 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2009-12-03 13:14 . 2009-12-04 10:34 -------- d--h--w- c:\windows\$hf_mig$ 2009-12-02 21:19 . 2009-12-06 19:23 -------- d-----w- c:\program files\a-squared Free 2009-12-02 17:08 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2009-12-02 17:08 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2009-12-02 15:35 . 2009-12-02 15:35 -------- d-----w- c:\program files\AVG 2009-12-02 15:35 . 2009-12-07 11:12 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2009-12-02 14:51 . 2009-12-08 12:38 -------- d-----w- C:\Downloads 2009-12-02 14:51 . 2009-12-02 14:51 1032192 ----a-w- c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\00x37hrj.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll 2009-12-02 14:51 . 2009-12-08 12:44 -------- d-----w- c:\program files\BitComet 2009-12-02 14:08 . 2009-12-02 14:08 1174 ----a-w- c:\windows\mozver.dat 2009-12-02 13:34 . 2009-12-02 13:34 -------- d-----w- c:\documents and settings\Ivan\Application Data\Talkback 2009-12-02 13:34 . 2009-12-02 13:34 0 ----a-w- c:\windows\nsreg.dat 2009-12-02 13:34 . 2009-12-02 13:34 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\Mozilla 2009-12-01 17:16 . 2004-07-09 03:26 354816 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll 2009-12-01 17:16 . 2004-07-09 03:26 354816 ----a-w- c:\windows\system32\psisdecd.dll 2009-12-01 17:16 . 2004-07-09 03:26 52096 -c--a-w- c:\windows\system32\dllcache\msdv.sys 2009-12-01 17:16 . 2004-07-09 03:26 52096 ----a-w- c:\windows\system32\drivers\msdv.sys 2009-12-01 17:16 . 2004-07-09 03:26 15104 -c--a-w- c:\windows\system32\dllcache\mpe.sys 2009-12-01 17:16 . 2004-07-09 03:26 15104 ----a-w- c:\windows\system32\drivers\mpe.sys 2009-12-01 17:16 . 2004-07-09 03:26 11392 -c--a-w- c:\windows\system32\dllcache\bdasup.sys 2009-12-01 17:16 . 2004-07-09 03:26 11392 ----a-w- c:\windows\system32\drivers\bdasup.sys 2009-12-01 17:16 . 2002-12-11 23:14 46592 ----a-w- c:\windows\system32\dxdllreg.exe 2009-12-01 17:16 . 2002-08-29 02:41 31744 -c--a-w- c:\windows\system32\dllcache\pid.dll 2009-11-29 18:28 . 2009-11-29 18:28 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\Identities 2009-11-29 15:46 . 2009-11-29 15:46 -------- d-----w- c:\documents and settings\Ivan\Application Data\Activision 2009-11-29 15:15 . 2009-11-29 15:15 152248 ----a-w- c:\windows\Osveta Besnog Pileta Uninstaller.exe 2009-11-28 16:38 . 2006-12-08 11:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll 2009-11-28 16:38 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll 2009-11-28 16:38 . 2007-03-05 11:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll 2009-11-28 16:38 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2009-11-28 16:38 . 2006-09-28 15:05 237848 ----a-w- c:\windows\system32\xactengine2_4.dll 2009-11-28 16:38 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2009-11-28 16:37 . 2009-11-28 16:37 -------- d-----w- c:\program files\Blast! Entertainment Ltd 2009-11-28 16:21 . 2003-06-18 16:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll 2009-11-28 16:21 . 2003-06-18 16:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-11-28 16:21 . 2009-11-28 16:21 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-11-28 16:21 . 2009-11-28 16:21 -------- d-----w- c:\windows\SHELLNEW 2009-11-28 16:20 . 2009-11-28 16:20 -------- d-----w- c:\program files\Microsoft.NET 2009-11-28 16:05 . 2009-11-28 16:05 -------- d-----w- c:\windows\Logs 2009-11-28 14:23 . 2009-11-28 14:23 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-11-28 12:12 . 2009-11-28 12:12 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\Musicmatch 2009-11-28 12:12 . 2009-12-04 07:44 -------- d-----w- c:\program files\MUSICMATCH 2009-11-28 12:10 . 2009-12-07 15:25 -------- d-----w- c:\program files\Logitech 2009-11-28 12:10 . 2005-07-22 22:40 13440 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys 2009-11-28 11:55 . 2005-02-08 11:12 2670592 ------w- c:\windows\UNNMP.exe 2009-11-28 11:53 . 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe 2009-11-28 11:53 . 2009-11-28 11:53 -------- d-----w- c:\program files\Common Files\Nero 2009-11-28 11:51 . 2005-02-17 10:21 2682880 ------w- c:\windows\UNNeroVision.exe 2009-11-28 11:51 . 2009-11-28 11:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead 2009-11-28 11:51 . 2004-07-26 16:16 471040 ------w- c:\windows\system32\ImagXRA7.dll 2009-11-28 11:51 . 2004-07-09 08:43 364544 ------w- c:\windows\system32\TwnLib4.dll 2009-11-28 11:51 . 2004-07-26 16:16 476320 ------w- c:\windows\system32\ImagXpr7.dll 2009-11-28 11:51 . 2004-07-26 16:16 262144 ------w- c:\windows\system32\ImagXR7.dll 2009-11-28 11:51 . 2004-07-26 16:16 1568768 ------w- c:\windows\system32\ImagX7.dll 2009-11-28 11:51 . 2001-06-26 07:15 38912 ------w- c:\windows\system32\picn20.dll 2009-11-28 11:51 . 2000-06-26 10:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll 2009-11-28 11:51 . 2009-11-28 11:51 -------- d-----w- c:\program files\Common Files\Ahead 2009-11-28 11:51 . 2009-11-28 11:55 -------- d-----w- c:\program files\Ahead 2009-11-28 10:15 . 2009-12-02 17:08 -------- d-----w- c:\program files\PDFCreator 2009-11-28 10:13 . 2009-11-28 10:13 -------- d-----w- c:\program files\TimeAdjuster 2009-11-28 10:12 . 2009-11-28 10:12 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink 2009-11-28 10:11 . 2001-03-08 18:30 24064 ------w- c:\windows\system32\msxml3a.dll 2009-11-28 10:11 . 2009-11-28 10:12 -------- d-----w- c:\program files\CyberLink 2009-11-28 10:08 . 2009-12-08 12:37 -------- d-----w- c:\program files\PeerWeb DC++ 2009-11-28 10:06 . 2009-11-29 22:13 -------- d-----w- c:\program files\Mv2Player 2009-11-28 10:04 . 2005-07-19 09:05 20576 ------w- c:\windows\system32\drivers\pxhelp20.sys 2009-11-28 10:04 . 2009-11-28 10:05 -------- d-----w- c:\program files\Winamp 2009-11-28 09:47 . 2009-11-28 09:47 -------- d-----w- c:\documents and settings\Ivan\Local Settings\Application Data\GHISLER 2009-11-28 09:46 . 2009-11-28 09:46 -------- d-----w- c:\program files\totalcmd 2009-11-28 09:46 . 2005-05-31 05:53 545 ----a-w- c:\windows\UC.PIF 2009-11-28 09:46 . 2005-05-31 05:53 545 ----a-w- c:\windows\RAR.PIF 2009-11-28 09:46 . 2005-05-31 05:53 545 ----a-w- c:\windows\PKZIP.PIF 2009-11-28 09:46 . 2005-05-31 05:53 545 ----a-w- c:\windows\PKUNZIP.PIF 2009-11-28 09:46 . 2005-05-31 05:53 545 ----a-w- c:\windows\NOCLOSE.PIF 2009-11-28 09:46 . 2005-05-31 05:53 545 ----a-w- c:\windows\LHA.PIF 2009-11-28 09:46 . 2005-05-31 05:53 545 ----a-w- c:\windows\ARJ.PIF . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-06 11:29 . 2009-11-28 09:00 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-06 01:13 . 2009-12-06 01:12 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F} 2009-12-04 09:35 . 2009-11-28 09:04 -------- d-----w- c:\program files\ASUS 2009-11-28 09:04 . 2009-11-28 09:04 0 ----a-w- c:\windows\system32\SET79.tmp 2009-11-28 09:00 . 2009-11-28 09:00 -------- d-----w- c:\program files\My Company Name 2009-11-27 22:04 . 2009-11-27 21:28 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-11-27 21:29 . 2009-11-27 21:29 -------- d-----w- c:\program files\microsoft frontpage 2009-11-27 21:27 . 2009-11-27 21:27 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-17 19:27 . 2009-11-28 09:15 84512 ----a-w- c:\windows\SOUNDMAN.EXE 2009-11-17 19:27 . 2009-11-28 09:15 358944 ----a-w- c:\windows\vncutil.exe 2009-11-17 19:27 . 2009-11-28 09:15 1833504 ----a-w- c:\windows\SkyTel.exe 2009-11-17 19:27 . 2009-11-28 09:15 1489440 ----a-w- c:\windows\RtlUpd.exe 2009-11-17 19:27 . 2009-11-28 09:15 9721888 ----a-w- c:\windows\RTLCPL.EXE 2009-11-17 19:27 . 2009-11-28 09:15 48672 ----a-w- c:\windows\system32\RtkCoInstXP.dll 2009-11-17 19:27 . 2009-11-28 09:15 129568 ----a-w- c:\windows\RtkAudioService.exe 2009-11-17 19:27 . 2009-11-28 09:15 18789408 ----a-w- c:\windows\RTHDCPL.EXE 2009-11-17 19:26 . 2009-11-28 09:15 2177568 ----a-w- c:\windows\MicCal.exe 2009-11-17 19:26 . 2009-11-28 09:15 64032 ----a-w- c:\windows\ALCMTR.EXE 2009-11-17 19:26 . 2009-11-28 09:15 2815520 ----a-w- c:\windows\ALCWZRD.EXE 2009-11-17 18:51 . 2009-11-28 09:15 5956608 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys 2009-11-02 12:48 . 2009-11-28 09:15 831488 ----a-w- c:\windows\RtlExUpd.dll 2009-09-25 05:37 . 2008-04-14 19:42 667136 ------w- c:\windows\system32\wininet.dll 2009-09-25 05:37 . 2008-04-14 19:41 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-09-11 14:18 . 2008-04-14 19:42 136192 ----a-w- c:\windows\system32\msv1_0.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640] "nwiz"="nwiz.exe" [2009-02-09 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2004-12-20 33792] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RTHDCPL"="RTHDCPL.EXE" [2009-11-17 18789408] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\PeerWeb DC++\\PeerWeb DC++.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "16529:TCP"= 16529:TCP:BitComet 16529 TCP "16529:UDP"= 16529:UDP:BitComet 16529 UDP R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [12/6/2009 9:48 AM 5248] R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [11/28/2009 10:07 AM 13696] R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [11/28/2009 10:21 AM 17024] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [12/2/2009 10:19 PM 1858144] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12/7/2009 12:21 PM 108289] R2 HdThemeEnabler;Hyperdesk Theme Enabler;c:\program files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe [7/23/2008 8:27 PM 106496] R3 NTProcDrv;Process creation detector for NT.;\??\c:\windows\TEMP\drv1.tmp --> c:\windows\TEMP\drv1.tmp [?] S0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [12/6/2009 9:48 AM 160640] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11/28/2009 10:15 AM 1684736] . ------- Supplementary Scan ------- . IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\00x37hrj.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= FF - component: c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\00x37hrj.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . - - - - ORPHANS REMOVED - - - - Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-12-08 13:55 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NTProcDrv] "ImagePath"="\??\c:\windows\TEMP\drv1.tmp" . Completion time: 2009-12-08 13:56 ComboFix-quarantined-files.txt 2009-12-08 12:56 Pre-Run: 83,048,017,920 bytes free Post-Run: 83,053,826,048 bytes free - - End Of File - - 003C6AB9CF28AECFE7FF5DF7CE22A3F7

Profil

Bogdan-Tc Poslao: 08 Dec 2009 23:08 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li si igrao neke igrice pre pokretanja ComboFix_a?

Profil

vuksel Poslao: 09 Dec 2009 11:24 Idi na vrh
offline vuksel Građanin Pridružio: 18 Apr 2009 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pre samog pokretanja ne,u toku dana da

Profil

Bogdan-Tc Poslao: 09 Dec 2009 23:11 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Onda je sve ok. Isprati još sledeće... Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Blokira mi kompijuter

Ko je trenutno na forumu

Ukupno su 909 korisnika na forumu :: 17 registrovanih, 4 sakrivenih i 888 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: comi_pfc, dankisha, DPera, DragoslavS, galerija, Georgius, Kibice, Koca Popovic, ladro, Lieutenant, Litostroton, M1los, MiroslavD, Romibrat, Suva planina, vathra, Vlada1389

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by