MyCity » Ambulanta -> Arhiva Ambulante » Provjera loga

Provjera loga

Napisano na dan: 23.4.2009

Provjera loga

Sledeća strana

Pagination

Odgovori

The Philosopher Poslao: 23 Apr 2009 20:00 Idi na vrh
offline The Philosopher Građanin Pridružio: 05 Mar 2009 Poruke: 35	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! E, ovako...zanima me da li je log cist jer mi je non-stop dosadjivao virus: TR/Keylogger.DA.1...kad sam vidio da je keylogger nije mi bilo nista jasno jer ne moguce da sam ga ja instalirao, e onda mi je brat rekao da je on nesto cackao i valjda nije dobro obrisao keylogger koji je sam instalirao! Na svu srecu Avira je dobro odradila svoj posao, ali i dalje mi internet nesto usporava..pa zelim biti siguran da li ima jos nesto? Hvala unaprijed! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:43:59, on 23.4.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Avira\AntiVir Desktop\avmailc.exe C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Winamp\winamp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = search.live.com/sphome.aspx R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = search.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = search.live.com/sphome.aspx R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [Nitro PDF Printer Monitor] "C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O8 - Extra context menu item: I&zvoz u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{54EF60C2-EC04-4016-B055-23A00F39E946}: NameServer = 212.39.98.161,212.39.98.162 O17 - HKLM\System\CS1\Services\Tcpip\..\{54EF60C2-EC04-4016-B055-23A00F39E946}: NameServer = 212.39.98.161,212.39.98.162 O17 - HKLM\System\CS2\Services\Tcpip\..\{54EF60C2-EC04-4016-B055-23A00F39E946}: NameServer = 212.39.98.161,212.39.98.162 O17 - HKLM\System\CS3\Services\Tcpip\..\{54EF60C2-EC04-4016-B055-23A00F39E946}: NameServer = 212.39.98.161,212.39.98.162 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Common Files\BCL Technologies\NitroPDF5\bepldr.exe O23 - Service: Google Update Service (gupdate1c9b4a530cd28c8-) (gupdate1c9b4a530cd28c8-) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 11429 bytes

Profil

dr_Bora Poslao: 23 Apr 2009 20:44 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Klikni desnim tasterom na Avira ikonicu ( ) u donjem, desnom uglu ekrana i deštikliraj AntiVir Guard Enable. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

The Philosopher Poslao: 24 Apr 2009 11:25 Idi na vrh
offline The Philosopher Građanin Pridružio: 05 Mar 2009 Poruke: 35	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-04-24.01 - WS 24.04.2009 11:19.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.385.1033.18.2047.1222 [GMT 2:00] Running from: c:\documents and settings\WS\Desktop\ComboFix.exe AV: AntiVir Desktop On-access scanning disabled (Updated) FW: Avira Firewall disabled * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-05-24 to 2009-4-24 ))))))))))))))))))))))))))))))) . 2009-04-21 18:13 . 2009-04-21 18:13 -------- d---a-w c:\documents and settings\All Users\Application Data\rkfree 2009-04-20 21:13 . 2009-04-20 21:13 -------- d-sh--w c:\documents and settings\LocalService\PrivacIE 2009-04-20 21:13 . 2009-04-20 21:13 -------- d-sh--w c:\documents and settings\LocalService\IECompatCache 2009-04-19 14:49 . 2009-04-19 14:51 -------- d-----w c:\documents and settings\WS\Application Data\BonkEnc 2009-04-19 14:49 . 2009-04-19 14:49 160604 ----a-w c:\windows\Free Audio Converter CS Uninstaller.exe 2009-04-18 17:24 . 2009-04-18 17:24 -------- d-----w c:\documents and settings\WS\Local Settings\Application Data\Stardock 2009-04-18 17:24 . 2009-04-18 17:24 3932214 ----a-w c:\windows\Think Green 1280x1024.bmp 2009-04-16 11:46 . 2009-03-06 14:22 284160 -c----w c:\windows\system32\dllcache\pdh.dll 2009-04-16 11:46 . 2009-02-09 12:10 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll 2009-04-16 11:46 . 2009-02-09 12:10 473600 -c----w c:\windows\system32\dllcache\fastprox.dll 2009-04-16 11:46 . 2009-02-09 12:10 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll 2009-04-16 11:46 . 2009-02-09 12:10 401408 -c----w c:\windows\system32\dllcache\rpcss.dll 2009-04-16 11:46 . 2009-02-06 11:11 110592 -c----w c:\windows\system32\dllcache\services.exe 2009-04-16 11:46 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe 2009-04-16 11:46 . 2009-02-09 12:10 714752 -c----w c:\windows\system32\dllcache\ntdll.dll 2009-04-16 11:46 . 2009-02-09 12:10 617472 -c----w c:\windows\system32\dllcache\advapi32.dll 2009-04-16 11:45 . 2009-03-27 06:58 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb 2009-04-16 11:45 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll 2009-04-16 11:45 . 2008-04-21 12:08 215552 -c----w c:\windows\system32\dllcache\wordpad.exe 2009-04-15 18:41 . 2009-04-15 18:41 -------- d-sh--w c:\windows\system32\config\systemprofile\IETldCache 2009-04-15 18:35 . 2009-04-15 18:35 -------- d-----w c:\windows\system32\scripting 2009-04-15 18:35 . 2009-04-15 18:35 -------- d-----w c:\windows\system32\en 2009-04-15 18:35 . 2009-04-15 18:35 -------- d-----w c:\windows\l2schemas 2009-04-15 18:35 . 2009-04-15 18:35 -------- d-----w c:\windows\system32\bits 2009-04-15 18:33 . 2009-04-15 18:35 -------- d-----w c:\windows\ServicePackFiles 2009-04-13 21:55 . 2009-04-13 21:55 -------- d-sh--w c:\documents and settings\WS\IECompatCache 2009-04-13 21:53 . 2009-04-13 21:53 -------- d-sh--w c:\documents and settings\WS\PrivacIE 2009-04-13 21:53 . 2009-04-13 21:53 -------- d-sh--w c:\documents and settings\LocalService\IETldCache 2009-04-13 21:52 . 2009-04-13 21:52 -------- d-sh--w c:\documents and settings\WS\IETldCache 2009-04-13 21:51 . 2009-04-13 21:51 -------- d-----w c:\windows\ie8updates 2009-04-13 21:50 . 2009-04-13 21:51 -------- dc-h--w c:\windows\ie8 2009-04-13 21:39 . 2009-02-28 04:55 105984 -c----w c:\windows\system32\dllcache\iecompat.dll 2009-04-13 18:59 . 2009-04-13 18:59 -------- d-----w C:\dsp_sps 2009-04-10 20:30 . 2008-10-10 02:52 4379984 ----a-w c:\windows\system32\D3DX9_40.dll 2009-04-10 20:30 . 2008-10-27 08:04 514384 ----a-w c:\windows\system32\XAudio2_3.dll 2009-04-10 20:30 . 2008-10-27 08:04 23376 ----a-w c:\windows\system32\X3DAudio1_5.dll 2009-04-10 20:30 . 2008-10-27 08:04 70992 ----a-w c:\windows\system32\XAPOFX1_2.dll 2009-04-10 20:30 . 2008-07-30 04:20 68616 ----a-w c:\windows\system32\XAPOFX1_1.dll 2009-04-10 20:30 . 2008-07-30 04:20 509448 ----a-w c:\windows\system32\XAudio2_2.dll 2009-04-10 20:30 . 2008-07-10 09:00 3851784 ----a-w c:\windows\system32\D3DX9_39.dll 2009-04-06 17:31 . 2009-04-06 17:31 -------- d-----w c:\documents and settings\WS\Application Data\Uniblue 2009-04-04 09:31 . 2009-04-04 09:31 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2009-04-03 21:43 . 2009-04-20 21:13 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google 2009-03-31 19:14 . 2009-03-31 19:14 -------- d-----w C:\rsit 2009-03-31 17:58 . 2009-03-31 17:58 -------- d-----w C:\C-F 2009-03-26 20:57 . 2009-03-26 20:57 603904 ----a-w c:\windows\system32\TUProgSt.exe 2009-03-26 20:57 . 2008-12-11 12:31 27904 ----a-w c:\windows\system32\uxtuneup.dll 2009-03-26 20:57 . 2009-03-26 20:57 360192 ----a-w c:\windows\system32\TuneUpDefragService.exe 2009-03-26 20:57 . 2009-03-26 20:57 -------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software 2009-03-26 20:57 . 2009-03-26 20:57 -------- d-sh--w c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-23 19:12 . 2009-04-19 14:49 -------- d-----w c:\program files\Free Audio Converter CS 2009-04-23 18:17 . 2008-12-06 13:55 -------- d-----w c:\documents and settings\WS\Application Data\uTorrent 2009-04-23 17:43 . 2009-04-23 17:43 -------- d-----w c:\program files\Trend Micro 2009-04-19 17:24 . 2009-04-07 18:49 -------- d-----w c:\program files\XRECODE 2009-04-18 17:24 . 2009-04-18 17:11 -------- d-----w c:\program files\Stardock 2009-04-18 17:11 . 2009-04-18 17:11 -------- d-----w c:\program files\Common Files\Stardock 2009-04-17 21:19 . 2008-11-25 10:00 68944 ----a-w c:\documents and settings\WS\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-17 19:52 . 2008-11-25 10:15 -------- d-----w c:\program files\Common Files\Adobe 2009-04-15 18:36 . 2008-11-25 09:52 89783 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-04-15 18:32 . 2004-08-03 20:59 250048 --sha-r C:\ntldr 2009-04-11 12:50 . 2008-12-06 14:25 138184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-04-11 12:50 . 2008-12-06 14:24 183112 ----a-w c:\windows\system32\PnkBstrB.exe 2009-04-10 21:00 . 2009-04-10 19:34 -------- d-----w c:\program files\F.E.A.R. 2 2009-04-06 18:00 . 2009-03-26 20:57 -------- d-----w c:\program files\TuneUp Utilities 2009 2009-04-03 21:57 . 2009-01-29 22:00 -------- d-----w c:\program files\Google 2009-04-03 15:43 . 2009-01-05 17:09 -------- d-----w c:\program files\Java 2009-04-02 12:32 . 2009-02-02 17:05 -------- d-----w c:\program files\Counter-Strike 1.6 2009-03-25 10:03 . 2009-03-12 17:04 -------- d-----w c:\program files\Microsoft Silverlight 2009-03-25 00:05 . 2008-11-25 10:12 -------- d-----w c:\program files\Microsoft Works 2009-03-24 19:13 . 2009-03-24 19:13 -------- d-----w c:\documents and settings\WS\Application Data\Avira 2009-03-24 19:06 . 2009-03-24 19:06 -------- d-----w c:\documents and settings\All Users\Application Data\Avira 2009-03-24 19:06 . 2009-03-24 19:06 -------- d-----w c:\program files\Avira 2009-03-24 19:03 . 2009-03-24 19:06 97096 ----a-w c:\windows\system32\drivers\avfwot.sys 2009-03-24 19:03 . 2009-03-24 19:06 69632 ----a-w c:\windows\system32\drivers\avfwim.sys 2009-03-24 19:03 . 2009-03-24 19:06 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys 2009-03-24 18:55 . 2009-03-10 18:13 -------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-03-17 00:38 . 2009-03-16 23:23 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-03-15 16:51 . 2009-03-15 16:51 -------- d--h--r c:\documents and settings\WS\Application Data\SecuROM 2009-03-15 16:41 . 2009-03-15 16:41 -------- d-----w c:\program files\Sierra Entertainment 2009-03-15 16:41 . 2008-11-25 10:03 -------- d--h--w c:\program files\InstallShield Installation Information 2009-03-15 16:22 . 2009-03-15 16:20 -------- d-----w c:\program files\GameShadow 2009-03-15 16:07 . 2009-03-15 16:07 -------- d-----w c:\documents and settings\All Users\Application Data\Eidos 2009-03-15 16:07 . 2009-03-15 16:07 -------- d-----w c:\program files\Eidos 2009-03-15 16:07 . 2009-03-15 16:07 413696 ----a-w c:\windows\system32\wrap_oal.dll 2009-03-15 16:07 . 2009-03-15 16:07 110592 ----a-w c:\windows\system32\OpenAL32.dll 2009-03-15 16:07 . 2009-03-15 16:07 -------- d-----w c:\program files\OpenAL 2009-03-14 17:27 . 2009-03-14 17:27 -------- d-----w c:\documents and settings\All Users\Application Data\Electronic Arts 2009-03-14 17:16 . 2009-03-14 16:43 -------- d-----w c:\program files\Electronic Arts 2009-03-14 17:16 . 2009-03-14 17:16 4126 ----a-w c:\windows\system32\ealregsnapshot1.reg 2009-03-13 18:05 . 2009-03-13 17:38 -------- d-----w c:\program files\Left 4 Dead 2009-03-12 17:12 . 2009-03-12 17:01 -------- d-----w c:\program files\Windows Live 2009-03-12 17:04 . 2009-03-12 17:02 -------- d-----w c:\program files\Microsoft 2009-03-12 17:04 . 2009-03-12 17:04 -------- d-----w c:\program files\Microsoft Office Outlook Connector 2009-03-12 17:03 . 2009-03-12 17:03 -------- d-----w c:\program files\Microsoft Sync Framework 2009-03-12 17:02 . 2009-03-12 17:02 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-03-12 17:01 . 2009-03-12 17:01 -------- d-----w c:\program files\Windows Live SkyDrive 2009-03-12 16:29 . 2009-03-12 16:29 -------- d-----w c:\documents and settings\WS\Application Data\MSNInstaller 2009-03-12 16:23 . 2008-12-06 13:55 -------- d-----w c:\program files\Windows Live Toolbar 2009-03-12 16:08 . 2008-12-13 17:42 -------- d-----w c:\program files\SweetIM 2009-03-12 02:38 . 2009-03-12 02:38 -------- d-----w c:\program files\Common Files\Windows Live 2009-03-10 18:14 . 2009-03-10 18:14 -------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations 2009-03-09 03:19 . 2009-01-05 17:09 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-09 00:29 . 2009-03-08 18:33 -------- d-----w c:\program files\FLV Player 2009-03-08 02:34 . 2004-08-03 22:56 914944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 02:34 . 2004-08-03 22:56 43008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 02:33 . 2004-08-03 22:56 18944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 02:33 . 2004-08-03 22:56 420352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 02:32 . 2004-08-03 22:56 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 02:32 . 2004-08-03 22:56 71680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 02:31 . 2004-08-03 22:56 34816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 02:31 . 2004-08-03 22:56 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 02:31 . 2004-08-03 22:56 45568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 02:22 . 2001-08-23 12:00 156160 ----a-w c:\windows\system32\msls31.dll 2009-03-07 17:42 . 2009-03-07 17:41 -------- d-----w c:\documents and settings\WS\Application Data\DAEMON Tools Lite 2009-03-07 17:42 . 2009-03-07 17:42 -------- d-----w c:\documents and settings\WS\Application Data\DAEMON Tools 2009-03-07 17:42 . 2009-03-07 17:33 -------- d-----w c:\documents and settings\WS\Application Data\DAEMON Tools Pro 2009-03-07 17:41 . 2009-03-07 17:41 -------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite 2009-03-07 17:41 . 2009-03-07 17:41 -------- d-----w c:\program files\DAEMON Tools Toolbar 2009-03-07 17:41 . 2009-03-07 17:41 -------- d-----w c:\program files\DAEMON Tools Lite 2009-03-07 17:39 . 2009-03-07 17:35 -------- d-----w c:\program files\DAEMON Tools Pro 2009-03-07 17:35 . 2009-03-07 17:35 -------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Pro 2009-03-07 17:33 . 2009-03-07 17:33 717296 ----a-w c:\windows\system32\drivers\sptd.sys 2009-03-07 16:55 . 2009-03-07 16:55 -------- d-----w c:\program files\Common Files\DigiDesign 2009-03-07 16:55 . 2009-03-07 16:38 -------- d-----w c:\program files\VstPlugins 2009-03-07 16:46 . 2009-03-07 16:46 -------- d-----w c:\program files\Toontrack 2009-03-07 16:39 . 2009-03-07 16:37 -------- d-----w c:\program files\Image-Line 2009-03-07 16:38 . 2009-03-07 16:38 -------- d-----w c:\program files\ASIO4ALL v2 2009-03-07 16:34 . 2009-03-07 16:34 -------- d-----w c:\program files\Common Files\Adobe Systems Shared 2009-03-07 16:34 . 2009-03-07 16:34 -------- d-----w c:\program files\Guitar Pro 5 2009-03-06 14:22 . 2004-08-03 22:56 284160 ----a-w c:\windows\system32\pdh.dll 2009-03-04 20:58 . 2009-03-04 20:39 -------- d-----w c:\program files\Opera 2009-03-03 20:12 . 2008-12-06 13:54 -------- d-----w c:\program files\BearShare Applications 2009-03-03 20:11 . 2008-12-06 13:53 -------- d-----w c:\program files\Common Files\Wise Installation Wizard 2009-02-25 14:44 . 2009-02-25 14:44 -------- d-----w c:\documents and settings\LocalService\Application Data\GameTracker 2009-02-09 12:10 . 2004-08-03 22:56 729088 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 12:10 . 2004-08-03 22:56 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-09 12:10 . 2004-08-03 22:56 617472 ----a-w c:\windows\system32\advapi32.dll 2009-02-09 12:10 . 2004-08-03 22:56 714752 ----a-w c:\windows\system32\ntdll.dll 2009-02-09 11:13 . 2004-08-03 21:17 1846784 ----a-w c:\windows\system32\win32k.sys 2009-02-06 18:03 . 2009-02-06 18:03 307576 ----a-w c:\windows\WLXPGSS.SCR 2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2009-02-06 11:11 . 2004-08-03 22:56 110592 ----a-w c:\windows\system32\services.exe 2009-02-06 11:06 . 2004-08-03 21:18 2145280 ----a-w c:\windows\system32\ntoskrnl.exe 2009-02-06 10:39 . 2001-08-23 12:00 35328 ----a-w c:\windows\system32\sc.exe 2009-02-06 10:32 . 2004-08-03 22:59 2023936 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-02-03 19:59 . 2004-08-03 22:56 56832 ----a-w c:\windows\system32\secur32.dll 2009-01-27 18:13 . 2008-12-08 16:52 107888 ----a-w c:\windows\system32\CmdLineExt.dll 2009-01-26 19:15 . 2008-12-07 22:30 268 ---ha-w C:\sqmdata02.sqm 2009-01-26 19:15 . 2008-12-07 22:30 244 ---ha-w C:\sqmnoopt02.sqm 2009-01-25 22:33 . 2008-12-07 16:24 268 ---ha-w C:\sqmdata01.sqm . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-09-29 16:24 325000 ----a-w c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2008-09-02 14:05 398776 ----a-w c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-10-08 11:22 1172792 ----a-w c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-08 68856] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-02-06 3325952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "Nitro PDF Printer Monitor"="c:\program files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe" [2008-02-01 210208] "SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-02-15 111928] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-24 209153] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-27 16844800] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-08-03 1826816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\WS\Start Menu\Programs\Startup\ Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2009-1-14 376832] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Counter-Strike 1.6\\hl.exe"= "c:\\Program Files\\Counter-Strike 1.6\\hlds.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"= "c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_online.exe"= "c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"= "c:\\Program Files\\Electronic Arts\\Dead Space\\Dead Space.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R2 gupdate1c9b4a530cd28c8;Google Update Service (gupdate1c9b4a530cd28c8-);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-03 133104] R3 bepldr;BCL easyPDF SDK 5 Loader;c:\program files\Common Files\BCL Technologies\NitroPDF5\bepldr.exe [2007-11-15 151552] R3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2009-03-24 97096] S2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [2009-03-24 383745] S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2009-03-24 186625] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-03-24 108289] S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-03-24 432897] S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-03-26 603904] S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2009-03-24 69632] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-04-24 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36] 2009-04-24 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-03 21:43] 2009-04-24 c:\windows\Tasks\User_Feed_Synchronization-{D6E99532-1275-4D81-A6EB-03679195DDAF}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: I&zvoz u Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll TCP: {54EF60C2-EC04-4016-B055-23A00F39E946} = 212.39.98.161,212.39.98.162 Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll FF - ProfilePath - c:\documents and settings\WS\Application Data\Mozilla\Firefox\Profiles\dyfo66ot.default\ FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICIES ---- pref(dom.disable_open_during_load, true); FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-04-24 11:21 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1004336348-1454471165-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_USERS\S-1-5-21-1004336348-1454471165-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) [HKEY_USERS\S-1-5-21-1004336348-1454471165-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY] "??"=hex:5a,31,14,39,81,aa,1f,95,9f,95,ed,34,1d,8a,8d,3e,55,36,6d,6b,1e,ec,ee, 49,6e,4b,65,0d,60,cf,37,7d,dc,87,b5,60,0d,ac,ca,a4,15,41,f8,89,49,57,25,cd,\ "??"=hex:bf,53,9d,db,3d,76,9e,de,64,b4,0e,52,ff,38,bb,d9 [HKEY_USERS\S-1-5-21-1004336348-1454471165-839522115-1003\Software\SecuROM\License information] "datasecu"=hex:e4,01,58,3d,48,fe,f2,81,86,d4,76,9f,9f,7c,4c,65,04,a6,b3,27,01, 6d,d8,21,8e,36,ae,92,9d,bf,e6,33,52,34,d9,e9,fb,23,d4,b8,8a,18,eb,38,ed,cb,\ "rkeysecu"=hex:e8,55,5c,8f,8e,79,ed,23,40,60,8a,a1,0a,72,43,e5 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ř•€\|˙˙˙˙•€\|ů•A~] "AB141C35E9F4BF344B9FC010BB17F68A"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\\Registered" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1192) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(1248-) c:\program files\Avira\AntiVir Desktop\avsda.dll - - - - - - - > 'explorer.exe'(3912) c:\windows\system32\ieframe.dll c:\windows\system32\OneX.DLL c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-04-24 11:23 ComboFix-quarantined-files.txt 2009-04-24 09:23 Pre-Run: 17.571.790.848 bytes free Post-Run: 17.581.318.144 bytes free 329 --- E O F --- 2009-04-16 15:36

Profil

dr_Bora Poslao: 24 Apr 2009 13:43 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovde nema aktivnog malware-a. Uradi sledeće: Klikni START a zatim RUN. U liniju za unos teksta ukucaj (iskopiraj) sledeće: Combofix /u a zatim klikni OK. Sačekaj da se proces deinstalacije završi. To je sve.

Profil

The Philosopher Poslao: 24 Apr 2009 17:57 Idi na vrh
offline The Philosopher Građanin Pridružio: 05 Mar 2009 Poruke: 35	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok, hvala puno! Deinstalirat cu CF, samo i dalje mi firefox usporen,neke stranice nece da se skroz otvore i sl.(inace imam firefox najnoviju verziju 3.0.9) ne znam sta je,a opera mi odlicno radi... Ako imas kakvih prijedloga u vezi toga?

Profil

dr_Bora Poslao: 24 Apr 2009 17:59 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Probaj da obrišeš cache u Firefox-u. Ako ne pomogne, raspitaj se u forumu Internet klijenti / Web browseri.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera loga

Ko je trenutno na forumu

Ukupno su 959 korisnika na forumu :: 23 registrovanih, 3 sakrivenih i 933 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bane1910, bojankrstc, brundo65, cenejac111, DPera, Frunze, Griffon vulture, Japidson, Koridor, kybonacci, Litostroton, mane123, MiGac, mikki jons, milenko crazy north, Nikolaa11, radionica1, SR-3m, vaso1, VladaKG1980, VojvodaMisic, wolverined4, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by