MyCity » Ambulanta -> Arhiva Ambulante » Mozda problem...

Mozda problem...

Napisano na dan: 28.10.2012

Strana:
1
2

Mozda problem...

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Wayat Erp Poslao: 28 Okt 2012 13:00 Idi na vrh
offline Wayat Erp Građanin Pridružio: 02 Sep 2010 Poruke: 30 Gde živiš: Beograd-Mirijevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sam sistem je instaliran pre neke cetiri godine i od tada je svasta instalirano,deinstalirano,pisano,brisano..itd...Pre godinu dana(mozda i vise)antivirus je nalazio neke viruse koje nije mogao da obrise,obrisao sam ih sa SB Search and destroy,ali je onda sistem mogao da se podigne samu u safe modu.Vratio sam recovery i na svoju ruku upotrebio Combo fix i od tada je sve bilo u redu.Od pre desetak dana mi se sistem podize prilicno sporije(instalirao sam Corel Draw,ako ima veze posto je od sutradan krenuo problem)a i u samom koriscenju osecam da je sporiji.Mislio sam da vi pregladate racunar kao profesionalci,ali eto i tu nastaje problem...Skinuo sam DDS sa sva tri linka koja su postavljena u temi. DDS se pokrene ali mi po zavrsetku skeniranja ne izbaci txt.fajlove(probao i preko search opcije)on zavrsi skeniranje,ali fajlova nema.Problem sigurno imam,samo ne znam jer zbog infekcije ili samog sistema? Sada me bune i ovi DDS fajlovi.... Procitao sam pravila i znam da je nepozeljno otvarati temu bez gore spomenutih fajlova ali jednostavno ih sam program ne izbacuje. Ocekujem dalja uputstva i hvala unapred na pomoci i utrosenom vremenu. Sam sistem je WinXP 32bit,SP2..Koristim Avast free home,Spybot search and destory,commodo firewall. Procesor Athlon 2.70ghz,memorija 2GB ddr2,hd 250gb,graficka integrisana.

Profil

TwinHeadedEagle Poslao: 28 Okt 2012 13:03 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Isprati uputstva iz ove teme --> http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html i u skladu sa tvojim sistemom, dostavi nam DDS.txt, Attach.txt ; Gmer 1, Gmer 2, Gmer 3 izvestaje...

Profil

Wayat Erp Poslao: 28 Okt 2012 13:11 Idi na vrh
offline Wayat Erp Građanin Pridružio: 02 Sep 2010 Poruke: 30 Gde živiš: Beograd-Mirijevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Isprati sam kompletna uputstva za DDS...I jednostavno kada se zavrsi skeniranje sam program iz nekog razloga ne izbaci ttx.fajlove,,Znaci ne mogu da okacim DDS.txt.Attach.tht...Probao sam DDS sa sva tri linka,zavrsi kompletno skeniranja ali nema fajlova. Probacu sada gmer pa cu ih okaciti....

Profil

TwinHeadedEagle Poslao: 28 Okt 2012 13:18 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvestaji bi trebalo biti na Desktop-u... Probaj da iskljucis zastitni softver po ovom uputstvu --> http://www.mycity.rs/Uputstva/Iskljucivanje-zastitnog-softvera.html , a nakon toga ponovo pokreni DDS

Profil

Wayat Erp Poslao: 28 Okt 2012 14:07 Idi na vrh
offline Wayat Erp Građanin Pridružio: 02 Sep 2010 Poruke: 30 Gde živiš: Beograd-Mirijevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 28 Okt 2012 13:45 Iskljucio sam kompletnu zastitu po datom uputstvu: Disable:Avast,za svaki slucaj sam iskljucio icommodo firewall i spy bot,iskljucena kompletna zastita i ponovo ista stvar.DDS zavrsi skeniranje,ali fajlova nema. Probao sam dva puta da pokrenem Gmer i oba puta sam u sekundi posle pritisnutog "run" dobio plavi ekran..Sta dalje? Dopuna: 28 Okt 2012 14:07 Probao sam i RootRepeal po prilozenom uputstvu...Dva puta sam ga pokrenuo i oba puta mi je posle 15 sec skeniranja zaledio potpuno ekran,pa sam morao force restart...Oba puta je stigao do C:\cmdcons\ ako nesto znaci i tu je bio kraj.

Profil

magna86 Poslao: 28 Okt 2012 14:10 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Izvinjavam se sto upadam u temu no da ne bi cekao ... @Wayat Erp Vezano za DDS probaj sledece: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: `%temp%\DDS.txt` a zatim klikni OK (ili pritisni Enter). Ukoliko se otvori notepad sa izvestajem ( DDS.txt ) iskopiraj sadrzaj u temu. Potom ponovi isti postupak no ovaj put kopiraj: `%temp%\Attach.txt` Okaci ili kopiraj sadrzaj Attach.txt loga u temu ********************* Ukoliko ovo gore napisano ne pomogne, probaj sledece: Prezumi DDS+.exe sa ovog linka na desktop http://download.bleepingcomputer.com/sUBs/dds+.exe Privremeno deaktiviraj zastitni softver a potom dvoklikom pokreni DDS+.exe. U novom prozoru (ne menjaj nikakve opcije) klikni na dugme Start. Na Desktopu bi trebala da se pojave dva loga ( DDS.txt i Attach.txt ) Ako su tamo, okaci ih uz poruku.

Profil

Wayat Erp Poslao: 28 Okt 2012 14:21 Idi na vrh
offline Wayat Erp Građanin Pridružio: 02 Sep 2010 Poruke: 30 Gde živiš: Beograd-Mirijevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokusao predlozeno i nema ttx.fajlova..Prvi nacin sa kopiranjem texta u opciji run kaze da windows nemoze da nadje te fajlove i da proverim jel ispravno napisano.Znaci nema ih... Probao sam i sa DDS+,pokrenem run i pojavi se crvena pozadina i otvori se sken prozor sa zelenim slovima o samom programu i vremenu skeniranja a iznad stoji sam napredak skeniranja,zavrsi se sken(kao da se program sam zatvori) i to je to...ttx fajlova nema nigde.Naravno zastita je iskljucena po uputstvu.

Profil

TwinHeadedEagle Poslao: 28 Okt 2012 14:26 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi program OTL sa donjeg linka na Desktop: OTL download Klikni na dati link i u prozoru koji se otvori, klikni na dugme Save; kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati datoteku, odaberi Desktop i klikni na dugme Save. Dvoklikom pokreni OTL; klikni na dugme Run Scan; po završetku skeniranja, izveštaj će se otvoriti u programu Notepad (napomena: izveštaj će automatski biti sačuvan na Desktopu kao OTL.Txt) . Priloži izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl. ========================== Preuzmi Rootkit Unhooker na Desktop. Dvoklikom pokreni program; odaberi Report karticu; klikni Scan i u prozoru koji se otvori štrikliraj stavke: SSDT Shadow SSDT Processes Drivers Stealth Code Files Code Hooks klikni OK i sačekaj završetak skeniranja. Kada skeniranje bude završeno, klikni File > Save Report i sačuvaj izveštaj. Izveštaj programa Rootkit Unhooker priloži uz poruku korišćenjem opcije Prikači fajl.

Profil

Wayat Erp Poslao: 28 Okt 2012 16:04 Idi na vrh
offline Wayat Erp Građanin Pridružio: 02 Sep 2010 Poruke: 30 Gde živiš: Beograd-Mirijevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 28 Okt 2012 14:34 Evo OTL je zavrsio sken i kreirao je fajl: mycity.rs/must-login.png OTL logfile created on: 10/28/2012 14:27:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Bora&Maja\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 1.94 Gb Total Physical Memory \| 0.98 Gb Available Physical Memory \| 50.41% Memory free 3.79 Gb Paging File \| 2.77 Gb Available in Paging File \| 73.22% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 117.19 Gb Total Space \| 48.78 Gb Free Space \| 41.63% Space Free \| Partition Type: NTFS Drive D: \| 115.69 Gb Total Space \| 31.21 Gb Free Space \| 26.98% Space Free \| Partition Type: NTFS Drive H: \| 1.33 Gb Total Space \| 0.00 Gb Free Space \| 0.00% Space Free \| Partition Type: CDFS Computer Name: STR-C3CA317A443 \| User Name: Bora&Maja \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/10/28 14:26:49 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Bora&Maja\Desktop\OTL.exe PRC - [2012/10/10 11:06:17 \| 001,239,064 \| ---- \| M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012/09/24 22:12:59 \| 000,161,768 \| ---- \| M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012/08/21 10:12:26 \| 004,282,728 \| ---- \| M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2012/08/21 10:12:25 \| 000,044,808 \| ---- \| M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2012/03/11 22:13:21 \| 001,983,232 \| ---- \| M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2012/03/11 22:13:00 \| 006,749,512 \| ---- \| M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe PRC - [2011/09/20 15:52:58 \| 000,245,608 \| ---- \| M] (Wondershare) -- C:\Program Files\Wondershare\MobileGo\MobileGoService.exe PRC - [2011/02/20 15:18:32 \| 000,072,704 \| ---- \| M] (Autodata Limited) -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe PRC - [2010/07/04 18:13:56 \| 000,095,576 \| ---- \| M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2010/07/04 18:07:40 \| 000,238,952 \| ---- \| M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2010/03/10 13:26:48 \| 000,189,728 \| ---- \| M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009/02/23 19:43:12 \| 000,576,000 \| ---- \| M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe PRC - [2008/03/19 01:31:20 \| 004,742,184 \| ---- \| M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe PRC - [2007/07/06 09:53:08 \| 000,455,344 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\lxdmmon.exe PRC - [2007/06/08 02:05:51 \| 000,598,960 \| ---- \| M] ( ) -- C:\WINDOWS\system32\lxdmcoms.exe PRC - [2007/06/01 13:06:09 \| 000,020,480 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\lxdmamon.exe PRC - [2004/08/03 23:56:50 \| 001,032,192 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2012/10/28 07:54:20 \| 001,824,768 \| ---- \| M] () -- C:\Program Files\Alwil Software\Avast5\defs\12102800\algo.dll MOD - [2012/10/10 11:06:15 \| 000,460,312 \| ---- \| M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll MOD - [2012/10/10 11:06:13 \| 012,435,992 \| ---- \| M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll MOD - [2012/10/10 11:06:12 \| 004,005,912 \| ---- \| M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll MOD - [2012/10/10 11:04:44 \| 000,156,712 \| ---- \| M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avutil-51.dll MOD - [2012/10/10 11:04:43 \| 000,275,496 \| ---- \| M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avformat-54.dll MOD - [2012/10/10 11:04:42 \| 002,168,360 \| ---- \| M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll MOD - [2011/06/02 15:28:04 \| 000,904,704 \| ---- \| M] () -- C:\Program Files\Wondershare\MobileGo\System.Data.SQLite.dll MOD - [2010/01/13 14:16:42 \| 000,627,200 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll MOD - [2010/01/13 14:16:23 \| 000,627,712 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll MOD - [2010/01/13 14:09:52 \| 000,971,264 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll MOD - [2010/01/13 14:05:36 \| 005,450,752 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll MOD - [2010/01/13 14:05:32 \| 012,430,848 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll MOD - [2010/01/13 14:05:21 \| 001,587,200 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll MOD - [2010/01/13 14:05:08 \| 006,616,576 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll MOD - [2010/01/13 14:04:05 \| 007,868,416 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll MOD - [2010/01/13 14:03:48 \| 011,486,720 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll MOD - [2010/01/13 02:14:54 \| 002,933,248 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/01/13 02:14:49 \| 000,261,632 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2008/03/19 01:21:48 \| 000,094,208 \| ---- \| M] () -- C:\Program Files\Yahoo!\Widgets\jsd.dll MOD - [2008/03/19 01:21:20 \| 000,512,000 \| ---- \| M] () -- C:\Program Files\Yahoo!\Widgets\js32.dll MOD - [2008/02/25 05:29:00 \| 000,466,944 \| ---- \| M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2008/01/08 23:50:10 \| 000,349,147 \| ---- \| M] () -- C:\Program Files\Yahoo!\Widgets\sqlite3.dll MOD - [2007/09/20 17:34:58 \| 000,129,024 \| ---- \| M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2007/07/06 09:53:08 \| 000,455,344 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\lxdmmon.exe MOD - [2007/07/05 06:02:57 \| 000,036,864 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\app4r.monitor.core.dll MOD - [2007/07/05 06:02:57 \| 000,028,672 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\app4r.monitor.common.dll MOD - [2007/07/05 06:02:11 \| 000,057,344 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\app4r.devmons.mcmdevmon.dll MOD - [2007/06/07 06:38:03 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\system32\LXDMPMON.DLL MOD - [2007/06/07 06:35:02 \| 000,032,768 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\ipcmt.dll MOD - [2007/06/01 13:06:28 \| 000,011,776 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\app4r.devmons.mcmdevmon.autoplayutil.dll MOD - [2007/06/01 13:06:09 \| 000,020,480 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\lxdmamon.exe MOD - [2007/05/22 23:57:22 \| 000,278,528 \| ---- \| M] () -- C:\Program Files\Lexmark 5000 Series\lxdmscw.dll MOD - [2007/05/03 16:39:31 \| 000,589,824 \| ---- \| M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmdatr.dll MOD - [2007/05/03 04:38:35 \| 000,113,664 \| ---- \| M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdmdrpp.dll MOD - [2007/04/09 15:59:29 \| 000,069,632 \| ---- \| M] () -- C:\WINDOWS\system32\lxdmoem.dll MOD - [2006/12/28 16:47:42 \| 000,073,728 \| ---- \| M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmcats.dll MOD - [2004/08/03 23:56:44 \| 000,059,904 \| ---- \| M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2004/08/03 23:56:44 \| 000,014,336 \| ---- \| M] () -- C:\WINDOWS\system32\msdmo.dll ========== Services (SafeList) ========== SRV - File not found [Disabled \| Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012/10/28 00:20:10 \| 000,115,168 \| ---- \| M] (Mozilla Foundation) [On_Demand \| Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/10/09 20:23:12 \| 000,250,808 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/09/24 22:12:59 \| 000,161,768 \| ---- \| M] (Oracle Corporation) [Auto \| Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/08/21 10:12:25 \| 000,044,808 \| ---- \| M] (AVAST Software) [Auto \| Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2012/03/11 22:13:21 \| 001,983,232 \| ---- \| M] (COMODO) [Auto \| Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2011/02/20 15:18:32 \| 000,072,704 \| ---- \| M] (Autodata Limited) [Auto \| Running] -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service) SRV - [2010/07/04 18:07:40 \| 000,238,952 \| ---- \| M] (Teruten) [Auto \| Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010/03/10 13:26:48 \| 000,189,728 \| ---- \| M] (Protexis Inc.) [Auto \| Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010/02/19 13:37:14 \| 000,517,096 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2008/11/11 08:38:06 \| 000,620,544 \| ---- \| M] (Nokia.) [On_Demand \| Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007/06/08 02:05:51 \| 000,598,960 \| ---- \| M] ( ) [Auto \| Running] -- C:\WINDOWS\system32\lxdmcoms.exe -- (lxdm_device) SRV - [2007/06/08 02:05:43 \| 000,099,248 \| ---- \| M] () [Auto \| Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdmserv.exe -- (lxdmCATSCustConnectService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (WDICA) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\rootrepeal.sys -- (rootrepeal) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRELI) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDCOMP) DRV - File not found [Kernel \| System \| Stopped] -- -- (PCIDump) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507) DRV - File not found [Kernel \| System \| Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel \| System \| Stopped] -- -- (i2omgmt) DRV - File not found [Kernel \| On_Demand \| Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel \| System \| Stopped] -- -- (Changer) DRV - File not found [Kernel \| On_Demand \| Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - [2012/08/21 10:13:15 \| 000,729,752 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012/08/21 10:13:15 \| 000,355,632 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012/08/21 10:13:15 \| 000,054,232 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012/08/21 10:13:14 \| 000,097,608 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012/08/21 10:13:14 \| 000,035,928 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2012/08/21 10:13:13 \| 000,025,256 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012/08/21 10:13:13 \| 000,021,256 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012/03/11 22:13:46 \| 000,097,760 \| ---- \| M] (COMODO) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect) DRV - [2012/03/11 22:13:45 \| 000,031,704 \| ---- \| M] (COMODO) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2012/03/11 22:13:44 \| 000,494,968 \| ---- \| M] (COMODO) [File_System \| System \| Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2011/08/17 09:56:32 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011/08/17 09:56:30 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011/08/17 09:56:26 \| 000,023,168 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011/08/17 09:56:22 \| 000,018,176 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/06/14 08:32:54 \| 000,036,608 \| ---- \| M] () [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010/05/12 11:14:58 \| 000,121,576 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2010/05/12 11:14:58 \| 000,098,152 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) DRV - [2010/05/12 11:14:56 \| 000,096,488 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) DRV - [2010/05/12 11:14:56 \| 000,012,776 \| ---- \| M] (MCCI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2010/05/12 11:14:54 \| 000,030,312 \| ---- \| M] (Google Inc) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb) DRV - [2009/11/12 21:49:16 \| 000,083,344 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex) DRV - [2009/11/12 21:49:15 \| 000,094,064 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm) DRV - [2009/11/12 21:49:15 \| 000,085,408 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt) DRV - [2009/11/12 21:49:15 \| 000,058,288 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) DRV - [2009/11/12 21:49:15 \| 000,008,336 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl) DRV - [2009/11/11 17:31:23 \| 000,271,360 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009/11/11 17:31:22 \| 000,018,048 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009/07/10 13:01:06 \| 000,025,856 \| ---- \| M] (Motorola) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\motoandroid.sys -- (motandroidusb) DRV - [2009/07/01 17:43:06 \| 000,762,112 \| ---- \| M] (none) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\adatadrv.sys -- (adatadrv) DRV - [2009/02/24 18:42:14 \| 000,116,736 \| ---- \| M] (MagicISO, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus) DRV - [2008/08/26 08:26:12 \| 000,018,816 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008/07/11 07:05:00 \| 000,037,088 \| ---- \| M] (SafeNet, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (SNTNLUSB) DRV - [2008/04/17 09:33:26 \| 004,707,328 \| R--- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008/02/15 08:15:26 \| 000,014,336 \| R--- \| M] (NVIDIA Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2008/01/29 05:37:48 \| 000,022,016 \| R--- \| M] (NVIDIA Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008/01/29 05:37:46 \| 000,054,016 \| R--- \| M] (NVIDIA Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008/01/25 13:01:06 \| 000,132,096 \| R--- \| M] (NVIDIA Corporation) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2007/04/16 15:46:34 \| 000,033,792 \| ---- \| M] (Advanced Micro Devices) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2006/11/02 07:00:08 \| 000,039,368 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "RealoreStudios Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2412158&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2412158&SearchSource=13" FF - prefs.js..extensions.enabledAddons: {03fee850-0101-4e9e-b6d4-6fc74d3db360}:3.15.1.0 FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10 FF - prefs.js..extensions.enabledAddons: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.15.1.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2412158&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/08/26 17:59:47 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/28 00:20:14 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/28 00:19:53 \| 000,000,000 \| ---D \| M] [2009/10/05 18:37:30 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Extensions [2012/10/23 00:45:03 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Firefox\Profiles\9z3ng4ro.default\extensions [2012/08/21 19:00:15 \| 000,000,000 \| ---D \| M] (RealoreStudios Community Toolbar) -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Firefox\Profiles\9z3ng4ro.default\extensions\{03fee850-0101-4e9e-b6d4-6fc74d3db360} [2012/09/02 14:34:09 \| 000,000,000 \| ---D \| M] (Zynga Community Toolbar) -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Firefox\Profiles\9z3ng4ro.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2012/07/31 12:59:18 \| 000,221,380 \| ---- \| M] () (No name found) -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Firefox\Profiles\9z3ng4ro.default\extensions\gophoto@gophoto.it.xpi [2012/02/03 18:40:23 \| 000,020,591 \| ---- \| M] () (No name found) -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Firefox\Profiles\9z3ng4ro.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2011/10/30 11:49:03 \| 000,434,392 \| ---- \| M] () (No name found) -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Firefox\Profiles\9z3ng4ro.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2012/07/21 01:06:28 \| 000,702,524 \| ---- \| M] () (No name found) -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Firefox\Profiles\9z3ng4ro.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011/03/21 16:07:52 \| 000,000,931 \| ---- \| M] () -- C:\Documents and Settings\Bora&Maja\Application Data\Mozilla\Firefox\Profiles\9z3ng4ro.default\searchplugins\conduit.xml [2012/10/28 00:19:51 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/10/28 00:20:13 \| 000,261,600 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010/12/09 11:47:06 \| 000,012,800 \| ---- \| M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2007/03/10 00:16:44 \| 000,189,496 \| ---- \| M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll [2012/10/28 00:20:04 \| 000,002,465 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/10/28 00:20:04 \| 000,002,058 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\ CHR - Extension: GoPhoto.it = C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\ CHR - Extension: Gmail = C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011/03/24 23:56:19 \| 000,000,923 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 adobe.activate.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 125.252.224.90 O1 - Hosts: 127.0.0.1 125.252.224.91 O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [Lexmark 5000 Series Fax Server] C:\Program Files\Lexmark 5000 Series\fm3032.exe () O4 - HKLM..\Run: [lxdmamon] C:\Program Files\Lexmark 5000 Series\lxdmamon.exe () O4 - HKLM..\Run: [lxdmmon.exe] C:\Program Files\Lexmark 5000 Series\lxdmmon.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe (AVAST Software) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MobileGo Service.lnk = C:\Program Files\Wondershare\MobileGo\MobileGoService.exe (Wondershare) O4 - Startup: C:\Documents and Settings\Bora&Maja\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.) O4 - Startup: C:\Documents and Settings\Bora&Maja\Start Menu\Programs\Startup\Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CC7E1D7-4DAA-43CC-AFB2-38032E808898}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CC7E1D7-4DAA-43CC-AFB2-38032E808898}: NameServer = 8.26.56.26,156.154.70.22 O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2011/12/06 12:16:01 \| 000,000,050 \| R--- \| M] () - H:\Autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk ) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/10/28 14:26:45 \| 000,602,112 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Bora&Maja\Desktop\OTL.exe [2012/10/28 14:15:57 \| 000,706,698 \| R--- \| C] (Swearware) -- C:\Documents and Settings\Bora&Maja\Desktop\dds+.exe [2012/10/28 12:19:12 \| 000,000,000 \| R--D \| C] -- D:\My Documents\My Videos [2012/10/28 12:13:58 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MCShield [2012/10/28 12:13:58 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Bora&Maja\Start Menu\Programs\MCShield [2012/10/28 00:19:49 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox [2012/10/20 16:51:22 \| 000,174,056 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012/10/20 16:51:22 \| 000,093,672 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012/10/20 16:51:21 \| 000,174,056 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012/10/16 13:08:29 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Bora&Maja\Recent [2012/10/15 20:13:36 \| 000,000,000 \| ---D \| C] -- D:\My Documents\My Palettes [2012/10/15 19:36:02 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Gophoto.it [2012/10/15 19:35:56 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Bora&Maja\Start Menu\Programs\OnlineHD.TV [2012/10/15 18:49:57 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Bora&Maja\Application Data\Corel [2012/10/15 18:49:56 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Protexis [2012/10/15 18:44:17 \| 000,000,000 \| ---D \| C] -- D:\My Documents\Corel [2012/10/15 18:43:58 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Microsoft Help [2012/10/15 18:42:35 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft SDKs [2012/10/15 18:42:32 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Visual Studio 9.0 [2012/10/15 18:42:31 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2012/10/15 18:41:47 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Corel [2012/10/15 18:41:17 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Protexis [2012/10/15 18:41:12 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Corel [2012/10/15 18:38:53 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Documents\Corel [2012/10/15 18:37:20 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CorelDRAW Graphics Suite X6 [2012/10/15 18:36:28 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Corel [2012/10/15 18:25:26 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\CorelDRAW Graphics Suite X6 [2012/10/08 21:26:51 \| 257,291,214 \| ---- \| C] (Valve ) -- C:\Documents and Settings\Bora&Maja\Desktop\CS1.6 FULL v44 - Protocol 48 Clean.exe [2012/10/07 16:51:18 \| 000,000,000 \| ---D \| C] -- C:\games [2012/10/07 16:05:36 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Bora&Maja\Application Data\Apple Computer [2012/10/07 15:53:50 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime [2012/10/07 15:53:35 \| 000,000,000 \| ---D \| C] -- C:\Program Files\QuickTime [2012/10/07 15:53:33 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2012/10/07 15:51:30 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Apple Software Update [2012/10/07 15:44:41 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Sun [2012/10/07 15:43:43 \| 000,696,760 \| ---- \| C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012/10/07 15:32:00 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Sun [2012/10/07 15:31:59 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Java [2012/10/07 15:31:50 \| 000,821,736 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012/10/07 15:31:50 \| 000,746,984 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012/09/30 16:06:04 \| 000,733,443 \| ---- \| C] (Marc Richarme) -- C:\Documents and Settings\Bora&Maja\Desktop\hltagconverter.exe [2009/10/15 19:08:39 \| 000,047,360 \| ---- \| C] (VSO Software) -- C:\Documents and Settings\Bora&Maja\Application Data\pcouffin.sys [4 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/10/28 14:26:49 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Bora&Maja\Desktop\OTL.exe [2012/10/28 14:22:15 \| 000,000,830 \| ---- \| M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/10/28 14:16:02 \| 000,706,698 \| R--- \| M] (Swearware) -- C:\Documents and Settings\Bora&Maja\Desktop\dds+.exe [2012/10/28 14:03:15 \| 000,000,318 \| -H-- \| M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2012/10/28 14:02:53 \| 000,000,260 \| ---- \| M] () -- C:\WINDOWS\tasks\WGASetup.job [2012/10/28 14:02:47 \| 000,000,888 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/10/28 14:02:41 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2012/10/28 12:38:00 \| 000,000,892 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/10/28 12:00:04 \| 000,489,672 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2012/10/28 12:00:04 \| 000,082,210 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2012/10/28 02:34:00 \| 000,001,014 \| ---- \| M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1085031214-1935655697-839522115-1003UA.job [2012/10/28 01:25:50 \| 003,590,448 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/10/28 01:21:40 \| 000,001,734 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk [2012/10/27 22:34:00 \| 000,000,992 \| ---- \| M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1085031214-1935655697-839522115-1003Core.job [2012/10/27 22:09:07 \| 000,002,535 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\CorelDRAW X6.lnk [2012/10/26 17:45:28 \| 000,002,206 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2012/10/15 18:41:36 \| 000,002,002 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Bitstream Font Navigator.lnk [2012/10/15 18:39:36 \| 000,002,048 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Corel CONNECT X6.lnk [2012/10/15 18:39:27 \| 000,001,966 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Corel CAPTURE X6.lnk [2012/10/15 18:39:22 \| 000,001,974 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Corel PHOTO-PAINT X6.lnk [2012/10/11 16:41:38 \| 000,001,813 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2012/10/09 20:23:11 \| 000,696,760 \| ---- \| M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012/10/09 20:23:11 \| 000,073,656 \| ---- \| M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012/10/08 22:12:55 \| 000,001,500 \| ---- \| M] () -- C:\Documents and Settings\Bora&Maja\Desktop\CS 1.6 v44.lnk [2012/10/08 21:54:13 \| 257,291,214 \| ---- \| M] (Valve ) -- C:\Documents and Settings\Bora&Maja\Desktop\CS1.6 FULL v44 - Protocol 48 Clean.exe [2012/10/07 15:53:50 \| 000,001,604 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2012/10/07 15:51:32 \| 000,000,284 \| ---- \| M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012/10/07 15:31:30 \| 000,821,736 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012/10/07 15:31:30 \| 000,746,984 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012/09/30 15:59:54 \| 000,733,443 \| ---- \| M] (Marc Richarme) -- C:\Documents and Settings\Bora&Maja\Desktop\hltagconverter.exe [4 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] ========== Files Created - No Company Name ========== [2012/10/28 01:21:40 \| 000,001,804 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk [2012/10/28 01:21:40 \| 000,001,734 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk [2012/10/15 18:46:53 \| 000,002,048 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Corel CONNECT X6.lnk [2012/10/15 18:46:53 \| 000,002,002 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Bitstream Font Navigator.lnk [2012/10/15 18:46:53 \| 000,001,966 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Corel CAPTURE X6.lnk [2012/10/15 18:46:52 \| 000,002,535 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\CorelDRAW X6.lnk [2012/10/15 18:46:52 \| 000,001,974 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Corel PHOTO-PAINT X6.lnk [2012/10/08 22:12:42 \| 000,001,500 \| ---- \| C] () -- C:\Documents and Settings\Bora&Maja\Desktop\CS 1.6 v44.lnk [2012/10/07 15:53:50 \| 000,001,604 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [2012/10/07 15:43:44 \| 000,000,830 \| ---- \| C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2011/05/29 14:07:35 \| 005,406,642 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-1935655697-839522115-1003-0.dat [2011/05/29 14:07:34 \| 000,335,274 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2011/05/25 15:32:49 \| 000,110,592 \| ---- \| C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2011/05/25 15:32:49 \| 000,036,608 \| ---- \| C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2011/05/25 15:32:39 \| 000,002,528 \| ---- \| C] () -- C:\Documents and Settings\Bora&Maja\Application Data\$_hpcst$.hpc [2011/03/25 19:10:12 \| 000,001,456 \| ---- \| C] () -- C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs [2011/02/20 19:53:04 \| 000,436,736 \| ---- \| C] () -- C:\WINDOWS\System32\Autoserv.exe [2011/01/19 22:27:00 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\mngui.INI [2010/01/21 13:49:09 \| 000,013,353 \| ---- \| C] () -- C:\Documents and Settings\All Users\lxdm [2009/10/21 19:32:45 \| 000,000,125 \| -HS- \| C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib [2009/10/15 19:10:25 \| 000,001,176 \| ---- \| C] () -- C:\Documents and Settings\Bora&Maja\Application Data\vso_ts_preview.xml [2009/10/15 19:08:39 \| 000,007,887 \| ---- \| C] () -- C:\Documents and Settings\Bora&Maja\Application Data\pcouffin.cat [2009/10/15 19:08:39 \| 000,001,144 \| ---- \| C] () -- C:\Documents and Settings\Bora&Maja\Application Data\pcouffin.inf [2009/10/05 22:40:45 \| 000,146,432 \| ---- \| C] () -- C:\Documents and Settings\Bora&Maja\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2009/10/05 22:49:39 \| 000,000,227 \| RHS- \| M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009/10/29 06:48:04 \| 001,506,304 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:20:33 \| 000,473,088 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/03 23:56:48 \| 000,273,920 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > A za drugi program nije dobar link za downlaod. Dopuna: 28 Okt 2012 14:37 Otl je izbacio jos i ovo... mycity.rs/must-login.png Dopuna: 28 Okt 2012 16:04 Zamolio bih za link koji radi za Rootkit Unhooker da bih mogao da vam dostavim trazene fajlove.OTL je zavrsio trazene fajlove i njih sam okacio iznad. I da imam 32 bit Win a DDS nije mogao da uradi sken,a OTL jeste i ako je on u uputsvu alat za 64bit windows,da ne pomislite da sam samo bupnuo ovde i da trosim vase vreme bzvz.

Profil

TwinHeadedEagle Poslao: 28 Okt 2012 16:33 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi TDSSKiller sa sljedeće adrese na Desktop: TDSSKiller Kad preuzimanje bude završeno: Preimenuj TDSSKiller.exe u MyCity.exe Pokreni MyCity.exe i klikni na Change parametres. U dijelu Additional options štrikliraj opcije Verify driver signatures i Detect TDLFS file system, a zatim klikni na OK. Klikni na Start scan. Kad završi prikazaće ti rezultate skeniranja. Za sve ponađene objekte odaberi akciju Skip. Klikni na Continue. Prikači uz poruku izvještaj koji se nalazi na sljedećoj lokaciji: C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt (DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vrijeme kada je log napravljen)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Mozda problem...

Ko je trenutno na forumu

Ukupno su 840 korisnika na forumu :: 10 registrovanih, 2 sakrivenih i 828 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: avijacija, cenejac111, DonRumataEstorski, Japidson, kybonacci, milenko crazy north, pacika, Viktor Petrenko, VJ, wolf431

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by