MyCity » Ambulanta -> Arhiva Ambulante » Usporen net i racunar

Usporen net i racunar

Napisano na dan: 14.1.2009

Strana:
1
2
3

Usporen net i racunar

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

olesja Poslao: 14 Jan 2009 19:15 Idi na vrh
offline olesja Novi MyCity građanin Pridružio: 04 Jul 2008 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Moze li neko da mi pomogne, racunar mi u zadnje vreme zajedno sa netom radi usporeno. Verovatno sam zakacila neki virus pa molim da mi pomognete!!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:04:15, on 14.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\System32\rs32net.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\rs32net.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Korisnik\Desktop\DUDUDDUDU\TR3.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = home.sweetim.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! ¤u¨a¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live pomagac za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: Yahoo! ¤u¨a¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Amok web bash obj] C:\Documents and Settings\All Users\Application Data\seek film amok web\Second Third.exe O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [01 That] C:\DOCUME~1\Korisnik\APPLIC~1\COAL4C~1\defyaxis.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: I&zvezi u program Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Objavi ovo u blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Objavi ovo u blogu u okviru usluge Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Detective Stories - Hollywood\Images\stg_drm.ocx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - systemrequirementslab.com/sysreqlab2.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Fashion Boutique\Images\armhelper.ocx O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 9576 bytes 724/64

Profil

bobby Poslao: 14 Jan 2009 19:18 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati. ============================ Preuzmi Lop S&D na Desktop. Dvoklikom pokreni LopSD.exe Na prvom ekranu odaberi jezik kucajući E i Enter a zatim klikni OK Odaberi opciju 1 - Search kucajući 1 i Enter Sačekaj nekoliko minuta da program završi skeniranje Na kraju procesa, log C:\LopR.txt će se otvoriti u Notepad-u Iskopiraj dobijeni log u temu na forumu.

Profil

olesja Poslao: 14 Jan 2009 19:31 Idi na vrh
offline olesja Novi MyCity građanin Pridružio: 04 Jul 2008 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ne mogu da pokrenem ComboFix posto koci ga nod. Da iskljucim nod ili...

Profil

bobby Poslao: 14 Jan 2009 19:33 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Iskljuci NOD prema sledecem uputstvu: * Otvori Nod32 Control Center (Klik na njegovu tray ikonicu ( ) u donjem desnom uglu ekrana). * Izaberi AMON iz Threat Protection grupe opcija. * Na desnom panelu deštikliraj opciju File system monitor (AMON) enabled. * Gašenje ove opcije pokazaće se kroz promenu boje Control Center-a iz zelene u crvenu. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja.

Profil

olesja Poslao: 14 Jan 2009 19:46 Idi na vrh
offline olesja Novi MyCity građanin Pridružio: 04 Jul 2008 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo izvestaj za ComboFix a sada cu poslati i za Lop S&d ComboFix 09-01-13.04 - Korisnik 2009-01-14 19:33:34.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.614 [GMT 1:00] Running from: c:\documents and settings\Korisnik\Desktop\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Updated) FW: ActiveArmor Firewall disabled * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Korisnik\Application Data\.# c:\documents and settings\Korisnik\Favorites\Download programs.url c:\documents and settings\Korisnik\Favorites\Translator.url c:\documents and settings\Korisnik\My Documents\Download programs.url c:\documents and settings\Korisnik\My Documents\Translator.url c:\windows\IE4 Error Log.txt c:\windows\jestertb.dll c:\windows\system32\rs32net.exe c:\windows\system32\WgaLogon.dll . ((((((((((((((((((((((((( Files Created from 2008-12-14 to 2009-01-14 ))))))))))))))))))))))))))))))) . 2009-01-13 22:12 . 2009-01-13 22:54 <DIR> d-------- c:\program files\Mr Biscuits - The Case of the Ocean Pearl 2009-01-13 21:29 . 2009-01-13 21:39 <DIR> d-------- c:\program files\Art Detective 2009-01-12 17:43 . 2009-01-12 17:43 <DIR> d-------- c:\program files\Fairy Island 2009-01-11 21:24 . 2009-01-11 21:25 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\FirstColony 2009-01-09 18:14 . 2009-01-09 18:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\DivoGames 2009-01-06 17:02 . 2009-01-06 17:02 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Home Sweet Home Christmas 2009-01-05 21:29 . 2009-01-05 21:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\SpecialBit 2009-01-05 21:28 . 2009-01-05 21:28 <DIR> d-------- c:\windows\Logs 2009-01-04 21:44 . 2009-01-05 22:58 <DIR> d-------- c:\program files\Westward II Heroes Of The Frontier 2009-01-03 17:28 . 2009-01-03 19:29 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Bigfish Ashtons Family Resort 2009-01-03 17:28 . 2009-01-03 17:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Bigfish Ashtons Family Resort 2009-01-02 21:06 . 2009-01-02 21:06 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\eGames 2009-01-02 21:06 . 2009-01-02 21:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\eGames 2008-12-29 17:04 . 2008-12-29 17:04 <DIR> d-------- c:\documents and settings\Korisnik\Freeze Tag - Dream Machine 2008-12-28 21:56 . 2008-12-28 21:56 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Suspects and Clues Prefs 2008-12-28 21:56 . 2008-12-28 21:56 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Suspects and Clues Players 2008-12-28 21:56 . 2008-12-28 21:56 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Spinapse 2008-12-28 21:56 . 2008-12-28 21:56 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\IOMediaSupport6SZZ001s 2008-12-26 18:16 . 2008-12-26 18:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\AdventureChronicles1 2008-12-26 17:25 . 2008-12-26 17:25 <DIR> d-------- c:\program files\AOL Games 2008-12-22 00:14 . 2008-12-22 00:14 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Playfirst Ashtons Family Resort 2008-12-22 00:14 . 2008-12-22 00:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Playfirst Ashtons Family Resort 2008-12-21 18:44 . 2008-12-21 18:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\PlayPond 2008-12-18 18:31 . 2008-12-18 18:31 <DIR> d-------- c:\program files\Common Files\SWF Studio 2008-12-17 17:58 . 2008-12-17 17:58 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\Yahoo! 2008-12-15 23:55 . 2008-12-16 23:00 <DIR> d-------- c:\program files\Detective Stories Hollywood 2008-12-15 19:59 . 2008-12-15 20:00 <DIR> d-------- c:\program files\Farm Craft . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-13 20:57 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-01-13 20:57 --------- d-----w c:\documents and settings\All Users\Application Data\BigFishGamesCache 2009-01-13 10:34 --------- d-----w c:\documents and settings\Korisnik\Application Data\Coal4copy 2009-01-11 14:27 --------- d-----w c:\program files\Shockwave.com 2009-01-08 21:24 --------- d-----w c:\documents and settings\All Users\Application Data\AlawarWrapper 2009-01-07 20:04 --------- d-----w c:\documents and settings\Korisnik\Application Data\Friday's games 2009-01-07 20:02 --------- d-----w c:\program files\Alawar 2009-01-06 19:13 --------- d-----w c:\program files\iWin.com 2009-01-05 21:38 --------- d-----w c:\documents and settings\All Users\Application Data\Sandlot Games 2009-01-01 20:03 --------- d-----w c:\documents and settings\Korisnik\Application Data\blg 2009-01-01 20:03 --------- d-----w c:\documents and settings\All Users\Application Data\blg 2009-01-01 17:29 --------- d-----w c:\program files\Google 2008-12-28 16:05 --------- d-----w c:\documents and settings\Korisnik\Application Data\Games 2008-12-24 22:43 --------- d-----w c:\program files\JoWooD 2008-12-21 23:14 --------- d-----w c:\documents and settings\Korisnik\Application Data\PlayFirst 2008-12-21 23:13 --------- d-----w c:\program files\PlayFirst 2008-12-16 22:00 --------- d-----w c:\program files\Farm Mania 2008-12-15 19:58 --------- d-----w c:\documents and settings\All Users\Application Data\iWin Games 2008-12-12 21:50 --------- d-----w c:\program files\DAEMON Tools 2008-12-10 22:30 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-12-08 21:08 --------- d-----w c:\program files\RealArcade 2008-12-03 17:59 --------- d-----w c:\documents and settings\All Users\Application Data\seek film amok web 2008-12-01 20:41 --------- d-----w c:\documents and settings\All Users\Application Data\NeptunesAdve 2008-11-30 18:22 --------- d-----w c:\documents and settings\All Users\Application Data\NevoSoft Games 2008-11-26 20:12 --------- d-----w c:\documents and settings\Korisnik\Application Data\GameInvest 2008-11-25 20:13 --------- d-----w c:\documents and settings\All Users\Application Data\Alawar Stargaze 2008-11-24 18:10 --------- d-----w c:\program files\PopCap Games 2008-11-22 20:55 --------- d-----w c:\program files\GameHouse 2008-11-22 20:55 --------- d-----w c:\documents and settings\Korisnik\Application Data\GameHouse 2008-11-22 18:04 --------- d-----w c:\documents and settings\Korisnik\Application Data\OmegaT 2008-11-22 17:46 --------- d-----w c:\program files\OmegaT 2008-11-19 20:16 --------- d-----w c:\program files\Magical Forest 2008-11-18 19:05 --------- d-----w c:\documents and settings\Korisnik\Application Data\MysteryStudio 2008-11-17 19:08 --------- d-----w c:\documents and settings\Korisnik\Application Data\uTorrent 2008-11-16 21:45 --------- d-----w c:\program files\Arcade Lab 2008-11-16 14:54 --------- d-----w c:\documents and settings\Korisnik\Application Data\cerasus.media 2008-11-15 16:15 --------- d-----w c:\documents and settings\Korisnik\Application Data\Gogii Games 2008-11-15 16:15 --------- d-----w c:\documents and settings\All Users\Application Data\Gogii Games 2008-11-15 13:13 --------- d-----w c:\program files\Book of Legends 2008-11-14 18:11 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst 2008-11-14 16:17 --------- d-----w c:\documents and settings\Korisnik\Application Data\Valusoft 2008-11-14 16:17 --------- d-----w c:\documents and settings\All Users\Application Data\Valusoft 2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-10-16 10:37 659,456 ----a-w c:\windows\system32\wininet.dll 2008-04-04 19:35 0 ----a-w c:\program files\temp01 . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136] "Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "01 That"="c:\docume~1\Korisnik\APPLIC~1\COAL4C~1\defyaxis.exe" [2008-08-14 477696] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-25 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-12-18 949376] "BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2007-11-16 91432] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-10-28 72736] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-11-08 128920] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-31 385024] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-02-19 267048] "Amok web bash obj"="c:\documents and settings\All Users\Application Data\seek film amok web\Second Third.exe" [2009-01-14 1269760] "RTHDCPL"="RTHDCPL.EXE" [2007-02-26 c:\windows\RTHDCPL.exe] "nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-18 113664] Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i263_32.drv "vidc.3iv2"= 3ivxVfWCodec.dll "msacm.divxa32"= divxa32.acm "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll "vidc.ffds"= c:\progra~1\ffdshow\ffdshow.ax [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0bhxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0djxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0lrxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0msxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0qwxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0ubxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0wdxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0xexx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0yfxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1bhxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1gmxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1hnxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1ouxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1rxxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1ubxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1vcxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1yfxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2bhxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2cixx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2djxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2gmxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2kqxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2lrxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2msxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2ouxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2rxxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2syxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati2ubxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3gmxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3lrxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3ntxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3pvxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3rxxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3syxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3ubxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati4cixx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati4djxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati4ouxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati4rxxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati4taxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati4ubxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5bhxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5flxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5kqxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5lrxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5ouxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5pvxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5rxxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5syxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5wdxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5xexx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6djxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6jpxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6lrxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6msxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6vcxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7agxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7djxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7ekxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7gmxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7ipxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7qwxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7rxxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7syxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati7yfxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8cixx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8flxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8gmxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8kqxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8lrxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8ntxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8ouxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8rxxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8ubxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati8vcxx.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2007-12-18 13696] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-18 15424] R3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;c:\program files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] R4 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [2007-11-03 00:12:32 41456] S0 ati0bhxx;ati0bhxx;c:\windows\system32\Drivers\ati0bhxx.sys --> c:\windows\system32\Drivers\ati0bhxx.sys [?] S0 ati0djxx;ati0djxx;c:\windows\system32\Drivers\ati0djxx.sys --> c:\windows\system32\Drivers\ati0djxx.sys [?] S0 ati0lrxx;ati0lrxx;c:\windows\system32\Drivers\ati0lrxx.sys --> c:\windows\system32\Drivers\ati0lrxx.sys [?] S0 ati0msxx;ati0msxx;c:\windows\system32\Drivers\ati0msxx.sys --> c:\windows\system32\Drivers\ati0msxx.sys [?] S0 ati0qwxx;ati0qwxx;c:\windows\system32\Drivers\ati0qwxx.sys --> c:\windows\system32\Drivers\ati0qwxx.sys [?] S0 ati0ubxx;ati0ubxx;c:\windows\system32\Drivers\ati0ubxx.sys --> c:\windows\system32\Drivers\ati0ubxx.sys [?] S0 ati0wdxx;ati0wdxx;c:\windows\system32\Drivers\ati0wdxx.sys --> c:\windows\system32\Drivers\ati0wdxx.sys [?] S0 ati0xexx;ati0xexx;c:\windows\system32\Drivers\ati0xexx.sys --> c:\windows\system32\Drivers\ati0xexx.sys [?] S0 ati0yfxx;ati0yfxx;c:\windows\system32\Drivers\ati0yfxx.sys --> c:\windows\system32\Drivers\ati0yfxx.sys [?] S0 ati1bhxx;ati1bhxx;c:\windows\system32\Drivers\ati1bhxx.sys --> c:\windows\system32\Drivers\ati1bhxx.sys [?] S0 ati1gmxx;ati1gmxx;c:\windows\system32\Drivers\ati1gmxx.sys --> c:\windows\system32\Drivers\ati1gmxx.sys [?] S0 ati1hnxx;ati1hnxx;c:\windows\system32\Drivers\ati1hnxx.sys --> c:\windows\system32\Drivers\ati1hnxx.sys [?] S0 ati1ouxx;ati1ouxx;c:\windows\system32\Drivers\ati1ouxx.sys --> c:\windows\system32\Drivers\ati1ouxx.sys [?] S0 ati1rxxx;ati1rxxx;c:\windows\system32\Drivers\ati1rxxx.sys --> c:\windows\system32\Drivers\ati1rxxx.sys [?] S0 ati1ubxx;ati1ubxx;c:\windows\system32\Drivers\ati1ubxx.sys --> c:\windows\system32\Drivers\ati1ubxx.sys [?] S0 ati1vcxx;ati1vcxx;c:\windows\system32\Drivers\ati1vcxx.sys --> c:\windows\system32\Drivers\ati1vcxx.sys [?] S0 ati1yfxx;ati1yfxx;c:\windows\system32\Drivers\ati1yfxx.sys --> c:\windows\system32\Drivers\ati1yfxx.sys [?] S0 ati2bhxx;ati2bhxx;c:\windows\system32\Drivers\ati2bhxx.sys --> c:\windows\system32\Drivers\ati2bhxx.sys [?] S0 ati2cixx;ati2cixx;c:\windows\system32\Drivers\ati2cixx.sys --> c:\windows\system32\Drivers\ati2cixx.sys [?] S0 ati2djxx;ati2djxx;c:\windows\system32\Drivers\ati2djxx.sys --> c:\windows\system32\Drivers\ati2djxx.sys [?] S0 ati2gmxx;ati2gmxx;c:\windows\system32\Drivers\ati2gmxx.sys --> c:\windows\system32\Drivers\ati2gmxx.sys [?] S0 ati2kqxx;ati2kqxx;c:\windows\system32\Drivers\ati2kqxx.sys --> c:\windows\system32\Drivers\ati2kqxx.sys [?] S0 ati2lrxx;ati2lrxx;c:\windows\system32\Drivers\ati2lrxx.sys --> c:\windows\system32\Drivers\ati2lrxx.sys [?] S0 ati2msxx;ati2msxx;c:\windows\system32\Drivers\ati2msxx.sys --> c:\windows\system32\Drivers\ati2msxx.sys [?] S0 ati2ouxx;ati2ouxx;c:\windows\system32\Drivers\ati2ouxx.sys --> c:\windows\system32\Drivers\ati2ouxx.sys [?] S0 ati2rxxx;ati2rxxx;c:\windows\system32\Drivers\ati2rxxx.sys --> c:\windows\system32\Drivers\ati2rxxx.sys [?] S0 ati2syxx;ati2syxx;c:\windows\system32\Drivers\ati2syxx.sys --> c:\windows\system32\Drivers\ati2syxx.sys [?] S0 ati2ubxx;ati2ubxx;c:\windows\system32\Drivers\ati2ubxx.sys --> c:\windows\system32\Drivers\ati2ubxx.sys [?] S0 ati3gmxx;ati3gmxx;c:\windows\system32\Drivers\ati3gmxx.sys --> c:\windows\system32\Drivers\ati3gmxx.sys [?] S0 ati3lrxx;ati3lrxx;c:\windows\system32\Drivers\ati3lrxx.sys --> c:\windows\system32\Drivers\ati3lrxx.sys [?] S0 ati3ntxx;ati3ntxx;c:\windows\system32\Drivers\ati3ntxx.sys --> c:\windows\system32\Drivers\ati3ntxx.sys [?] S0 ati3pvxx;ati3pvxx;c:\windows\system32\Drivers\ati3pvxx.sys --> c:\windows\system32\Drivers\ati3pvxx.sys [?] S0 ati3rxxx;ati3rxxx;c:\windows\system32\Drivers\ati3rxxx.sys --> c:\windows\system32\Drivers\ati3rxxx.sys [?] S0 ati3syxx;ati3syxx;c:\windows\system32\Drivers\ati3syxx.sys --> c:\windows\system32\Drivers\ati3syxx.sys [?] S0 ati3ubxx;ati3ubxx;c:\windows\system32\Drivers\ati3ubxx.sys --> c:\windows\system32\Drivers\ati3ubxx.sys [?] S0 ati4cixx;ati4cixx;c:\windows\system32\Drivers\ati4cixx.sys --> c:\windows\system32\Drivers\ati4cixx.sys [?] S0 ati4djxx;ati4djxx;c:\windows\system32\Drivers\ati4djxx.sys --> c:\windows\system32\Drivers\ati4djxx.sys [?] S0 ati4ouxx;ati4ouxx;c:\windows\system32\Drivers\ati4ouxx.sys --> c:\windows\system32\Drivers\ati4ouxx.sys [?] S0 ati4rxxx;ati4rxxx;c:\windows\system32\Drivers\ati4rxxx.sys --> c:\windows\system32\Drivers\ati4rxxx.sys [?] S0 ati4taxx;ati4taxx;c:\windows\system32\Drivers\ati4taxx.sys --> c:\windows\system32\Drivers\ati4taxx.sys [?] S0 ati4ubxx;ati4ubxx;c:\windows\system32\Drivers\ati4ubxx.sys --> c:\windows\system32\Drivers\ati4ubxx.sys [?] S0 ati5bhxx;ati5bhxx;c:\windows\system32\Drivers\ati5bhxx.sys --> c:\windows\system32\Drivers\ati5bhxx.sys [?] S0 ati5flxx;ati5flxx;c:\windows\system32\Drivers\ati5flxx.sys --> c:\windows\system32\Drivers\ati5flxx.sys [?] S0 ati5kqxx;ati5kqxx;c:\windows\system32\Drivers\ati5kqxx.sys --> c:\windows\system32\Drivers\ati5kqxx.sys [?] S0 ati5lrxx;ati5lrxx;c:\windows\system32\Drivers\ati5lrxx.sys --> c:\windows\system32\Drivers\ati5lrxx.sys [?] S0 ati5ouxx;ati5ouxx;c:\windows\system32\Drivers\ati5ouxx.sys --> c:\windows\system32\Drivers\ati5ouxx.sys [?] S0 ati5pvxx;ati5pvxx;c:\windows\system32\Drivers\ati5pvxx.sys --> c:\windows\system32\Drivers\ati5pvxx.sys [?] S0 ati5rxxx;ati5rxxx;c:\windows\system32\Drivers\ati5rxxx.sys --> c:\windows\system32\Drivers\ati5rxxx.sys [?] S0 ati5syxx;ati5syxx;c:\windows\system32\Drivers\ati5syxx.sys --> c:\windows\system32\Drivers\ati5syxx.sys [?] S0 ati5wdxx;ati5wdxx;c:\windows\system32\Drivers\ati5wdxx.sys --> c:\windows\system32\Drivers\ati5wdxx.sys [?] S0 ati5xexx;ati5xexx;c:\windows\system32\Drivers\ati5xexx.sys --> c:\windows\system32\Drivers\ati5xexx.sys [?] S0 ati6djxx;ati6djxx;c:\windows\system32\Drivers\ati6djxx.sys --> c:\windows\system32\Drivers\ati6djxx.sys [?] S0 ati6jpxx;ati6jpxx;c:\windows\system32\Drivers\ati6jpxx.sys --> c:\windows\system32\Drivers\ati6jpxx.sys [?] S0 ati6lrxx;ati6lrxx;c:\windows\system32\Drivers\ati6lrxx.sys --> c:\windows\system32\Drivers\ati6lrxx.sys [?] S0 ati6msxx;ati6msxx;c:\windows\system32\Drivers\ati6msxx.sys --> c:\windows\system32\Drivers\ati6msxx.sys [?] S0 ati6vcxx;ati6vcxx;c:\windows\system32\Drivers\ati6vcxx.sys --> c:\windows\system32\Drivers\ati6vcxx.sys [?] S0 ati7agxx;ati7agxx;c:\windows\system32\Drivers\ati7agxx.sys --> c:\windows\system32\Drivers\ati7agxx.sys [?] S0 ati7djxx;ati7djxx;c:\windows\system32\Drivers\ati7djxx.sys --> c:\windows\system32\Drivers\ati7djxx.sys [?] S0 ati7ekxx;ati7ekxx;c:\windows\system32\Drivers\ati7ekxx.sys --> c:\windows\system32\Drivers\ati7ekxx.sys [?] S0 ati7gmxx;ati7gmxx;c:\windows\system32\Drivers\ati7gmxx.sys --> c:\windows\system32\Drivers\ati7gmxx.sys [?] S0 ati7ipxx;ati7ipxx;c:\windows\system32\Drivers\ati7ipxx.sys --> c:\windows\system32\Drivers\ati7ipxx.sys [?] S0 ati7qwxx;ati7qwxx;c:\windows\system32\Drivers\ati7qwxx.sys --> c:\windows\system32\Drivers\ati7qwxx.sys [?] S0 ati7rxxx;ati7rxxx;c:\windows\system32\Drivers\ati7rxxx.sys --> c:\windows\system32\Drivers\ati7rxxx.sys [?] S0 ati7syxx;ati7syxx;c:\windows\system32\Drivers\ati7syxx.sys --> c:\windows\system32\Drivers\ati7syxx.sys [?] S0 ati7yfxx;ati7yfxx;c:\windows\system32\Drivers\ati7yfxx.sys --> c:\windows\system32\Drivers\ati7yfxx.sys [?] S0 ati8cixx;ati8cixx;c:\windows\system32\Drivers\ati8cixx.sys --> c:\windows\system32\Drivers\ati8cixx.sys [?] S0 ati8flxx;ati8flxx;c:\windows\system32\Drivers\ati8flxx.sys --> c:\windows\system32\Drivers\ati8flxx.sys [?] S0 ati8gmxx;ati8gmxx;c:\windows\system32\Drivers\ati8gmxx.sys --> c:\windows\system32\Drivers\ati8gmxx.sys [?] S0 ati8kqxx;ati8kqxx;c:\windows\system32\Drivers\ati8kqxx.sys --> c:\windows\system32\Drivers\ati8kqxx.sys [?] S0 ati8lrxx;ati8lrxx;c:\windows\system32\Drivers\ati8lrxx.sys --> c:\windows\system32\Drivers\ati8lrxx.sys [?] S0 ati8ntxx;ati8ntxx;c:\windows\system32\Drivers\ati8ntxx.sys --> c:\windows\system32\Drivers\ati8ntxx.sys [?] S0 ati8ouxx;ati8ouxx;c:\windows\system32\Drivers\ati8ouxx.sys --> c:\windows\system32\Drivers\ati8ouxx.sys [?] S0 ati8rxxx;ati8rxxx;c:\windows\system32\Drivers\ati8rxxx.sys --> c:\windows\system32\Drivers\ati8rxxx.sys [?] S0 ati8ubxx;ati8ubxx;c:\windows\system32\Drivers\ati8ubxx.sys --> c:\windows\system32\Drivers\ati8ubxx.sys [?] S0 ati8vcxx;ati8vcxx;c:\windows\system32\Drivers\ati8vcxx.sys --> c:\windows\system32\Drivers\ati8vcxx.sys [?] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [2007-12-20 58288] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [2007-12-20 8336] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [2007-12-20 94064] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [2007-12-20 85408] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [2007-12-20 83344] S3 Pcisusrv;Pcisusrv; [x] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5b915c4-b197-11dc-b530-00e04d4d7838}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5b915c7-b197-11dc-b530-00e04d4d7838}] \Shell\AutoRun\command - G:\autorun.exe . Contents of the 'Scheduled Tasks' folder 2009-01-14 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] 2009-01-14 c:\windows\Tasks\B0F1FBD9906A6C9D.job - c:\docume~1\korisnik\applic~1\coal4c~1\Style itch soap.exe [2008-08-14 17:50] . - - - - ORPHANS REMOVED - - - - WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) HKCU-Run-rs32net - c:\windows\System32\rs32net.exe SafeBoot-ati0flxx.sys SafeBoot-ati0ouxx.sys SafeBoot-ati1agxx.sys SafeBoot-ati1djxx.sys SafeBoot-ati1ioxx.sys SafeBoot-ati2ntxx.sys SafeBoot-ati2taxx.sys SafeBoot-ati3agxx.sys SafeBoot-ati3ouxx.sys SafeBoot-ati3yfxx.sys SafeBoot-ati4bhxx.sys SafeBoot-ati4hnxx.sys SafeBoot-ati4jpxx.sys SafeBoot-ati4msxx.sys SafeBoot-ati4vcxx.sys SafeBoot-ati5cixx.sys SafeBoot-ati5ioxx.sys SafeBoot-ati5msxx.sys SafeBoot-ati5taxx.sys SafeBoot-ati6ioxx.sys SafeBoot-ati6syxx.sys SafeBoot-ati7wdxx.sys SafeBoot-ati8hnxx.sys SafeBoot-ati8taxx.sys . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = .local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: I&zvezi u program Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Trusted Zone: online.bancaintesabeograd.com O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd FC-45022AB2B6C9} - file://c:\program files\Detective Stories - Hollywood\Images\stg_drm.ocx c:\windows\Downloaded Program Files\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://c:\program files\Fashion Boutique\Images\armhelper.ocx FF - ProfilePath - c:\documents and settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\8ci0663s.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-shkwav&p= FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-shkwav&p= FF - component: c:\documents and settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\8ci0663s.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-14 19:35:44 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(752) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(808-) c:\windows\system32\imon.dll . Completion time: 2009-01-14 19:37:49 ComboFix-quarantined-files.txt 2009-01-14 18:37:07 Pre-Run: 6.031.605.760 bytes free Post-Run: 6,635,720,704 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe 486 --- E O F --- 2008-12-19 00:50:15

Profil

olesja Poslao: 14 Jan 2009 19:51 Idi na vrh
offline olesja Novi MyCity građanin Pridružio: 04 Jul 2008 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo i drugi izvestaj --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor LE-1100 ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : Korisnik ( Administrator ) BOOT : Normal boot Antivirus : ESET NOD32 antivirus system 2.70 2.70 (Not Activated) Firewall : ActiveArmor Firewall 1.0 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:29 Go (Free:6 Go) D:\ (Local Disk) - NTFS - Total:119 Go (Free:83 Go) E:\ (CD or DVD) F:\ (CD or DVD) G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) "C:\Lop SD" ( MAJ : 19-12-2008\|23:40 ) Option : [1] ( sre 14.01.2009\|19:43 ) --------------------\\ Listing folders in APPLIC~1 [18.12.2007\|11:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [09.11.2008\|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3 Blokes Studios [18.12.2007\|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems [06.11.2008\|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [26.12.2008\|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AdventureChronicles1 [25.11.2008\|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alawar Stargaze [08.01.2009\|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AlawarWrapper [11.03.2008\|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [11.03.2008\|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [04.09.2008\|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFish [03.01.2009\|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bigfish Ashtons Family Resort [13.01.2009\|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache [01.01.2009\|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\blg [22.12.2007\|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [22.12.2007\|23:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro [09.01.2009\|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DivoGames [02.01.2009\|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames [08.08.2008\|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Egoset [09.11.2008\|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ERS G-Studio [16.08.2008\|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EscapeTheMuseum [29.08.2008\|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2 [28.06.2008\|23:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fitn17 [24.10.2008\|09:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games [05.09.2008\|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames [29.06.2008\|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames [24.04.2008\|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games [08.04.2008\|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo [09.10.2008\|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse [09.03.2008\|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet [14.08.2008\|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii [15.11.2008\|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii Games [21.07.2008\|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gold Casual Games [01.01.2009\|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [05.05.2008\|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft [27.05.2008\|21:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hot Lava Games [25.10.2008\|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Iwin [15.12.2008\|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin Games [27.04.2008\|15:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear [18.12.2007\|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [10.12.2008\|00:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [10.12.2008\|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [08.10.2008\|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [13.09.2008\|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MysteryChronicles [20.09.2008\|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople [02.05.2008\|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9 [01.12.2008\|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NeptunesAdve [30.11.2008\|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NevoSoft Games [09.10.2008\|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games [15.09.2008\|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PBGsavesDirectory [14.11.2008\|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [22.12.2008\|00:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Playfirst Ashtons Family Resort [21.12.2008\|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayPond [18.12.2007\|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [01.11.2008\|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Redrum [05.01.2009\|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [03.12.2008\|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web [05.05.2008\|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shockwave [15.10.2008\|11:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Slapdash Games [05.01.2009\|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpecialBit [08.08.2008\|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games [10.07.2008\|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM [13.01.2009\|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [09.08.2008\|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TheRace_dev [25.03.2008\|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [14.11.2008\|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft [05.06.2008\|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm [10.03.2008\|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [20.03.2008\|00:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [09.03.2008\|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! [09.03.2008\|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [05.04.2008\|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [18.12.2007\|11:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [10.05.2008\|16:42] C:\DOCUME~1\Korisnik\APPLIC~1\Abra Academy2 [18.12.2007\|11:50] C:\DOCUME~1\Korisnik\APPLIC~1\ACD Systems [06.11.2008\|22:11] C:\DOCUME~1\Korisnik\APPLIC~1\Adobe [21.01.2008\|23:41] C:\DOCUME~1\Korisnik\APPLIC~1\AdobeUM [08.07.2008\|18:23] C:\DOCUME~1\Korisnik\APPLIC~1\Alawar [21.10.2008\|22:23] C:\DOCUME~1\Korisnik\APPLIC~1\AlterLab [21.07.2008\|16:26] C:\DOCUME~1\Korisnik\APPLIC~1\Amaranth Games [12.03.2008\|17:10] C:\DOCUME~1\Korisnik\APPLIC~1\Apple Computer [12.11.2008\|10:54] C:\DOCUME~1\Korisnik\APPLIC~1\Artogon [10.09.2008\|17:50] C:\DOCUME~1\Korisnik\APPLIC~1\BeachPartyCraze [04.09.2008\|23:27] C:\DOCUME~1\Korisnik\APPLIC~1\Big Fish Games [04.09.2008\|15:22] C:\DOCUME~1\Korisnik\APPLIC~1\BigFish [03.01.2009\|19:29] C:\DOCUME~1\Korisnik\APPLIC~1\Bigfish Ashtons Family Resort [01.01.2009\|21:03] C:\DOCUME~1\Korisnik\APPLIC~1\blg [12.06.2008\|22:01] C:\DOCUME~1\Korisnik\APPLIC~1\BloodTies [16.11.2008\|15:54] C:\DOCUME~1\Korisnik\APPLIC~1\cerasus.media [13.01.2009\|11:34] C:\DOCUME~1\Korisnik\APPLIC~1\Coal4copy [22.12.2007\|18:08] C:\DOCUME~1\Korisnik\APPLIC~1\CyberLink [22.12.2007\|18:16] C:\DOCUME~1\Korisnik\APPLIC~1\DAEMON Tools Pro [20.10.2008\|20:06] C:\DOCUME~1\Korisnik\APPLIC~1\Dragon Altar Games [02.01.2009\|21:06] C:\DOCUME~1\Korisnik\APPLIC~1\eGames [02.10.2008\|16:32] C:\DOCUME~1\Korisnik\APPLIC~1\EleFun Games [16.07.2008\|20:39] C:\DOCUME~1\Korisnik\APPLIC~1\FarmerJane [11.01.2009\|21:25] C:\DOCUME~1\Korisnik\APPLIC~1\FirstColony [24.10.2008\|09:16] C:\DOCUME~1\Korisnik\APPLIC~1\Flood Light Games [05.09.2008\|12:05] C:\DOCUME~1\Korisnik\APPLIC~1\FloodLightGames [15.08.2008\|16:20] C:\DOCUME~1\Korisnik\APPLIC~1\ForgottenRiddles2 [07.01.2009\|21:04] C:\DOCUME~1\Korisnik\APPLIC~1\Friday's games [02.06.2008\|18:21] C:\DOCUME~1\Korisnik\APPLIC~1\Gaijin Ent [22.11.2008\|21:55] C:\DOCUME~1\Korisnik\APPLIC~1\GameHouse [26.11.2008\|21:12] C:\DOCUME~1\Korisnik\APPLIC~1\GameInvest [12.11.2008\|19:11] C:\DOCUME~1\Korisnik\APPLIC~1\Gamelab [28.12.2008\|17:05] C:\DOCUME~1\Korisnik\APPLIC~1\Games [15.11.2008\|17:15] C:\DOCUME~1\Korisnik\APPLIC~1\Gogii Games [16.08.2008\|22:45] C:\DOCUME~1\Korisnik\APPLIC~1\Go-Go Gourmet Chef of the Year [21.07.2008\|17:40] C:\DOCUME~1\Korisnik\APPLIC~1\Gold Casual Games [11.03.2008\|02:11] C:\DOCUME~1\Korisnik\APPLIC~1\Google [21.01.2008\|23:37] C:\DOCUME~1\Korisnik\APPLIC~1\Help [11.03.2008\|20:43] C:\DOCUME~1\Korisnik\APPLIC~1\Home Sweet Home [10.09.2008\|20:37] C:\DOCUME~1\Korisnik\APPLIC~1\Home Sweet Home 2 [06.01.2009\|17:02] C:\DOCUME~1\Korisnik\APPLIC~1\Home Sweet Home Christmas [18.12.2007\|11:15] C:\DOCUME~1\Korisnik\APPLIC~1\Identities [28.12.2008\|21:56] C:\DOCUME~1\Korisnik\APPLIC~1\IOMediaSupport6SZZ001s [12.09.2008\|10:16] C:\DOCUME~1\Korisnik\APPLIC~1\ITTNord [25.10.2008\|21:01] C:\DOCUME~1\Korisnik\APPLIC~1\iWin [02.09.2008\|21:04] C:\DOCUME~1\Korisnik\APPLIC~1\iWin_DressUpRush [23.08.2008\|20:45] C:\DOCUME~1\Korisnik\APPLIC~1\IWin_Janes_Realty [10.03.2008\|23:13] C:\DOCUME~1\Korisnik\APPLIC~1\iWinArcade [10.03.2008\|16:26] C:\DOCUME~1\Korisnik\APPLIC~1\Jane s Hotel [02.04.2008\|21:37] C:\DOCUME~1\Korisnik\APPLIC~1\Jane s Hotel Family Hero [05.10.2008\|11:51] C:\DOCUME~1\Korisnik\APPLIC~1\JoyBits [19.06.2008\|12:20] C:\DOCUME~1\Korisnik\APPLIC~1\Macromedia [08.06.2008\|14:11] C:\DOCUME~1\Korisnik\APPLIC~1\Magic Academy [12.06.2008\|20:18] C:\DOCUME~1\Korisnik\APPLIC~1\Magic Stones [07.07.2008\|21:45] C:\DOCUME~1\Korisnik\APPLIC~1\Meridian93 [27.03.2008\|20:34] C:\DOCUME~1\Korisnik\APPLIC~1\Microsoft [03.01.2009\|19:25] C:\DOCUME~1\Korisnik\APPLIC~1\Mozilla [29.03.2008\|16:49] C:\DOCUME~1\Korisnik\APPLIC~1\MSNInstaller [22.10.2008\|12:46] C:\DOCUME~1\Korisnik\APPLIC~1\Mushroom Age [26.05.2008\|21:53] C:\DOCUME~1\Korisnik\APPLIC~1\My Games [18.11.2008\|20:05] C:\DOCUME~1\Korisnik\APPLIC~1\MysteryStudio [09.10.2008\|20:41] C:\DOCUME~1\Korisnik\APPLIC~1\Oberon Games [22.11.2008\|19:04] C:\DOCUME~1\Korisnik\APPLIC~1\OmegaT [27.09.2008\|19:26] C:\DOCUME~1\Korisnik\APPLIC~1\panoramik [23.10.2008\|18:16] C:\DOCUME~1\Korisnik\APPLIC~1\PetShowCraze [22.12.2008\|00:14] C:\DOCUME~1\Korisnik\APPLIC~1\PlayFirst [22.12.2008\|00:14] C:\DOCUME~1\Korisnik\APPLIC~1\Playfirst Ashtons Family Resort [03.08.2008\|00:26] C:\DOCUME~1\Korisnik\APPLIC~1\Playrix Entertainment [15.03.2008\|20:51] C:\DOCUME~1\Korisnik\APPLIC~1\Real [30.08.2008\|23:50] C:\DOCUME~1\Korisnik\APPLIC~1\Realore_DressUpRush [03.08.2008\|19:07] C:\DOCUME~1\Korisnik\APPLIC~1\Restorer [26.08.2008\|22:30] C:\DOCUME~1\Korisnik\APPLIC~1\Righteous Kill [17.08.2008\|21:38] C:\DOCUME~1\Korisnik\APPLIC~1\Sandlot Games [12.07.2008\|22:35] C:\DOCUME~1\Korisnik\APPLIC~1\SecondLife [25.10.2008\|21:12] C:\DOCUME~1\Korisnik\APPLIC~1\SecretIslandEng [28.12.2008\|21:56] C:\DOCUME~1\Korisnik\APPLIC~1\Spinapse [07.03.2008\|19:45] C:\DOCUME~1\Korisnik\APPLIC~1\SpinTop [13.11.2008\|15:36] C:\DOCUME~1\Korisnik\APPLIC~1\SpinTop Games [15.08.2008\|11:44] C:\DOCUME~1\Korisnik\APPLIC~1\SprillBermudeEng [29.05.2008\|21:31] C:\DOCUME~1\Korisnik\APPLIC~1\Sudden Games [15.08.2008\|14:42] C:\DOCUME~1\Korisnik\APPLIC~1\SultansLabyrinth [08.07.2008\|22:13] C:\DOCUME~1\Korisnik\APPLIC~1\SulusGames [28.12.2008\|21:56] C:\DOCUME~1\Korisnik\APPLIC~1\Suspects and Clues Players [28.12.2008\|21:56] C:\DOCUME~1\Korisnik\APPLIC~1\Suspects and Clues Prefs [02.05.2008\|19:44] C:\DOCUME~1\Korisnik\APPLIC~1\Talkback [20.12.2007\|14:12] C:\DOCUME~1\Korisnik\APPLIC~1\Teleca [12.05.2008\|19:32] C:\DOCUME~1\Korisnik\APPLIC~1\TheScruffs [27.08.2008\|09:44] C:\DOCUME~1\Korisnik\APPLIC~1\TMInc [06.03.2008\|18:54] C:\DOCUME~1\Korisnik\APPLIC~1\Total Eclipse [17.11.2008\|20:08] C:\DOCUME~1\Korisnik\APPLIC~1\uTorrent [14.11.2008\|17:17] C:\DOCUME~1\Korisnik\APPLIC~1\Valusoft [12.06.2008\|22:20] C:\DOCUME~1\Korisnik\APPLIC~1\ViquaSoft [04.08.2008\|21:09] C:\DOCUME~1\Korisnik\APPLIC~1\Winamp [09.03.2008\|18:27] C:\DOCUME~1\Korisnik\APPLIC~1\Yahoo! [18.12.2007\|11:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [07.05.2008\|20:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google [18.12.2007\|11:09] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [07.05.2008\|20:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\Yahoo! --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [14.01.2009 19:00][--ah-----] C:\WINDOWS\tasks\B0F1FBD9906A6C9D.job [14.01.2009 17:56][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [14.01.2009 19:37][--ah-----] C:\WINDOWS\tasks\SA.DAT [04.08.2004 02:07][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( B0F1FBD9906A6C9D.job )=( c:\docume~1\korisnik\applic~1\coal4c~1\Styleitchsoap.exe ) --------------------\\ Listing Folders in C:\Program Files [18.12.2007\|11:42] C:\Program Files\ACD Systems [18.12.2007\|11:45] C:\Program Files\Adobe [18.12.2007\|11:39] C:\Program Files\Ahead [07.01.2009\|21:02] C:\Program Files\Alawar [08.08.2008\|18:55] C:\Program Files\Alawar.ru [26.12.2008\|17:25] C:\Program Files\AOL Games [11.03.2008\|18:36] C:\Program Files\Apple Software Update [16.11.2008\|22:45] C:\Program Files\Arcade Lab [13.01.2009\|21:39] C:\Program Files\Art Detective [10.07.2008\|23:41] C:\Program Files\AskSBar [19.12.2007\|17:07] C:\Program Files\ATI Technologies [04.11.2008\|17:47] C:\Program Files\bfgclient [11.03.2008\|18:37] C:\Program Files\Bonjour [15.11.2008\|14:13] C:\Program Files\Book of Legends [07.07.2008\|23:01] C:\Program Files\CCleaner [14.08.2008\|17:49] C:\Program Files\Coal4copy [14.01.2009\|19:34] C:\Program Files\Common Files [18.12.2007\|11:07] C:\Program Files\ComPlus Applications [18.12.2007\|11:37] C:\Program Files\CONEXANT [22.12.2007\|18:04] C:\Program Files\CyberLink [12.12.2008\|22:50] C:\Program Files\DAEMON Tools [22.12.2007\|18:15] C:\Program Files\DAEMON Tools Pro [16.12.2008\|23:00] C:\Program Files\Detective Stories Hollywood [18.12.2007\|11:47] C:\Program Files\DivX [07.10.2008\|18:44] C:\Program Files\Dream Chronicles 2 [05.07.2008\|21:50] C:\Program Files\EA GAMES [03.05.2008\|14:03] C:\Program Files\ESET [12.01.2009\|17:43] C:\Program Files\Fairy Island [15.12.2008\|20:00] C:\Program Files\Farm Craft [16.12.2008\|23:00] C:\Program Files\Farm Mania [12.09.2008\|20:13] C:\Program Files\Fenomen Games Downloader [18.12.2007\|11:47] C:\Program Files\ffdshow [08.08.2008\|19:46] C:\Program Files\Five Card Deluxe [22.11.2008\|21:55] C:\Program Files\GameHouse [04.05.2008\|19:40] C:\Program Files\GameSpy Arcade [01.01.2009\|18:29] C:\Program Files\Google [05.07.2008\|22:11] C:\Program Files\Holiday Express [26.07.2008\|15:47] C:\Program Files\InstallShield Installation Information [10.12.2008\|00:29] C:\Program Files\Internet Explorer [11.03.2008\|18:37] C:\Program Files\iPod [11.03.2008\|18:37] C:\Program Files\iTunes [06.01.2009\|20:13] C:\Program Files\iWin.com [24.12.2008\|23:43] C:\Program Files\JoWooD [18.12.2007\|11:46] C:\Program Files\K-Lite Codec Pack [20.12.2007\|15:52] C:\Program Files\Konami [20.06.2008\|19:48] C:\Program Files\Lucy Q Deluxe [23.06.2008\|19:10] C:\Program Files\Luxor 2 [19.11.2008\|21:16] C:\Program Files\Magical Forest [12.06.2008\|18:56] C:\Program Files\Mahjong Escape [24.06.2008\|16:56] C:\Program Files\Mahjong Towers II [17.07.2008\|23:08] C:\Program Files\Mega Flexicon [14.08.2008\|23:25] C:\Program Files\Messenger [12.04.2008\|16:46] C:\Program Files\Microsoft ActiveSync [18.12.2007\|11:10] C:\Program Files\microsoft frontpage [12.04.2008\|16:46] C:\Program Files\Microsoft Office [20.03.2008\|00:43] C:\Program Files\Microsoft SQL Server Compact Edition [02.01.2008\|17:50] C:\Program Files\Microsoft Visual Studio [16.03.2008\|20:58] C:\Program Files\Microsoft VM [02.01.2008\|17:50] C:\Program Files\Microsoft Works [18.12.2007\|11:44] C:\Program Files\Microsoft.NET [18.12.2007\|11:07] C:\Program Files\Movie Maker [14.01.2009\|19:38] C:\Program Files\Mozilla Firefox [13.01.2009\|22:54] C:\Program Files\Mr Biscuits - The Case of the Ocean Pearl [02.01.2008\|17:45] C:\Program Files\MSECache [16.12.2008\|23:01] C:\Program Files\MSN [04.08.2008\|21:19] C:\Program Files\MSN Games [18.12.2007\|11:06] C:\Program Files\MSN Gaming Zone [08.06.2008\|16:21] C:\Program Files\Musikapa [20.12.2007\|01:19] C:\Program Files\Mv2Player [20.06.2008\|19:48] C:\Program Files\Mysteries Of Horus [14.09.2008\|20:43] C:\Program Files\Mysteryville [18.12.2007\|11:08] C:\Program Files\NetMeeting [18.12.2007\|11:24] C:\Program Files\NVIDIA Corporation [22.11.2008\|18:46] C:\Program Files\OmegaT [18.12.2007\|11:06] C:\Program Files\Online Services [10.03.2008\|03:40] C:\Program Files\Outlook Express [22.12.2008\|00:13] C:\Program Files\PlayFirst [24.11.2008\|19:10] C:\Program Files\PopCap Games [18.12.2007\|11:53] C:\Program Files\PowerQuest [20.05.2008\|16:18] C:\Program Files\Qni [11.03.2008\|18:37] C:\Program Files\QuickTime [24.12.2007\|19:39] C:\Program Files\Radical Games [26.06.2008\|19:49] C:\Program Files\RazgRuss [08.12.2008\|22:08] C:\Program Files\RealArcade [18.12.2007\|11:27] C:\Program Files\Realtek [07.04.2008\|00:25] C:\Program Files\ReflexiveArcade [11.01.2009\|15:27] C:\Program Files\Shockwave.com [01.06.2008\|13:17] C:\Program Files\Solitaire 2 [04.05.2008\|19:23] C:\Program Files\SystemRequirementsLab [20.06.2008\|19:49] C:\Program Files\Testovi srpski [01.06.2008\|13:21] C:\Program Files\Top 10 Solitaire [28.12.2007\|23:51] C:\Program Files\TotalCmd [18.12.2007\|11:15] C:\Program Files\Uninstall Information [26.07.2008\|16:13] C:\Program Files\Valve [05.01.2009\|22:58] C:\Program Files\Westward II Heroes Of The Frontier [04.08.2008\|21:09] C:\Program Files\Winamp [22.03.2008\|00:41] C:\Program Files\Windows Live [12.03.2008\|17:25] C:\Program Files\Windows Media Connect 2 [12.03.2008\|17:25] C:\Program Files\Windows Media Player [18.12.2007\|11:06] C:\Program Files\Windows NT [18.12.2007\|11:08] C:\Program Files\WindowsUpdate [08.08.2008\|19:47] C:\Program Files\Wonderland [24.06.2008\|17:03] C:\Program Files\Word Wizard Deluxe [18.12.2007\|11:10] C:\Program Files\xerox [18.12.2007\|11:47] C:\Program Files\XviD [09.03.2008\|18:16] C:\Program Files\Yahoo! --------------------\\ Listing Folders in C:\Program Files\Common Files [18.12.2007\|11:42] C:\Program Files\Common Files\ACD Systems [18.12.2007\|11:41] C:\Program Files\Common Files\Adobe [18.12.2007\|11:41] C:\Program Files\Common Files\Adobe Systems Shared [18.12.2007\|11:39] C:\Program Files\Common Files\Ahead [11.03.2008\|18:36] C:\Program Files\Common Files\Apple [18.12.2007\|11:44] C:\Program Files\Common Files\DESIGNER [18.12.2007\|11:47] C:\Program Files\Common Files\InstallShield [08.08.2008\|12:36] C:\Program Files\Common Files\Microsoft Shared [18.12.2007\|11:08] C:\Program Files\Common Files\MSSoap [08.04.2008\|20:08] C:\Program Files\Common Files\NSV [18.12.2007\|12:01] C:\Program Files\Common Files\ODBC [18.12.2007\|11:08] C:\Program Files\Common Files\Services [18.12.2007\|12:01] C:\Program Files\Common Files\SpeechEngines [18.12.2008\|18:31] C:\Program Files\Common Files\SWF Studio [13.07.2008\|11:43] C:\Program Files\Common Files\Symantec Shared [12.04.2008\|16:46] C:\Program Files\Common Files\System [14.01.2008\|15:07] C:\Program Files\Common Files\Teleca Shared [20.03.2008\|00:24] C:\Program Files\Common Files\WindowsLiveInstaller --------------------\\ Process ( 34 Processes ) ... OK ! --------------------\\ Searching with S_Lop No Lop folder found ! --------------------\\ Searching for Lop Files - Folders C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web\Second Third.exe C:\DOCUME~1\Korisnik\APPLIC~1\coal4c~1 C:\DOCUME~1\Korisnik\APPLIC~1\coal4c~1\defyaxis.exe C:\DOCUME~1\Korisnik\APPLIC~1\coal4c~1\owns16balluser.exe C:\DOCUME~1\Korisnik\APPLIC~1\coal4c~1\snjapkbn.exe C:\DOCUME~1\Korisnik\APPLIC~1\coal4c~1\Style itch soap.exe C:\Program Files\coal4c~1 C:\DOCUME~1\Korisnik\Cookies\korisnik@imagevenue.advertserve[2].txt C:\DOCUME~1\Korisnik\Cookies\korisnik@adopt.euroclick[1].txt C:\DOCUME~1\Korisnik\Cookies\korisnik@www.lop[1].txt C:\WINDOWS\Tasks\B0F1FBD9906A6C9D.job --------------------\\ Searching within the Registry [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "01 That"="C:\\DOCUME~1\\Korisnik\\APPLIC~1\\COAL4C~1\\defyaxis.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Amok web bash obj"="C:\\Documents and Settings\\All Users\\Application Data\\seek film amok web\\Second Third.exe" --------------------\\ Checking the Hosts file Hosts file MODIFIED 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 72 [ 70 ## added by CiD ] --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-14 19:44:09 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 12 --------------------\\ Searching for other infections --------------------\\ (zabranjeno)s & Keygens .. C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\Demos\(zabranjeno) C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\Demos\(zabranjeno)\game.exe C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\readme\(zabranjeno) C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\readme\(zabranjeno)\game.exe C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\readme\data\(zabranjeno) C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\readme\data\(zabranjeno)\game.exe C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\setup\ProgramF\(zabranjeno) C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\setup\ProgramF\(zabranjeno)\game.exe C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\setup\ProgramF\JoWooD\(zabranjeno) C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\setup\ProgramF\JoWooD\(zabranjeno)\game.exe C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\setup\ProgramF\JoWooD\NEIGHB~1\(zabranjeno) C:\DOCUME~1\Korisnik\Local Settings\Application Data\Microsoft\CD Burning\setup\ProgramF\JoWooD\NEIGHB~1\(zabranjeno)\game.exe C:\DOCUME~1\ALLUSE~1\Application Data\SpecialBit\Haunted Hotel 2\cached\sounds\nearBoiler\WOOD (zabranjeno)ING 1.wav [F:1][D:1]-> C:\DOCUME~1\Korisnik\LOCALS~1\Temp [F:458][D:0]-> C:\DOCUME~1\Korisnik\Cookies [F:2][D:0]-> C:\DOCUME~1\Korisnik\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - sre 14.01.2009\|19:44 - Option : [1] --------------------\\ Scan completed at 19:44:52

Profil

bobby Poslao: 14 Jan 2009 20:09 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: C:\WINDOWS\Tasks\B0F1FBD9906A6C9D.job Folder:: C:\DOCUME~1\Korisnik\APPLIC~1\Coal4copy C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web C:\Program Files\Coal4copy Driver:: ati0bhxx ati0djxx ati0lrxx ati0msxx ati0qwxx ati0ubxx ati0wdxx ati0xexx ati0yfxx ati1bhxx ati1gmxx ati1hnxx ati1ouxx ati1rxxx ati1ubxx ati1vcxx ati1yfxx ati2bhxx ati2cixx ati2djxx ati2gmxx ati2kqxx ati2lrxx ati2msxx ati2ouxx ati2rxxx ati2syxx ati2ubxx ati3gmxx ati3lrxx ati3ntxx ati3pvxx ati3rxxx ati3syxx ati3ubxx ati4cixx ati4djxx ati4ouxx ati4rxxx ati4taxx ati4ubxx ati5bhxx ati5flxx ati5kqxx ati5lrxx ati5ouxx ati5pvxx ati5rxxx ati5syxx ati5wdxx ati5xexx ati6djxx ati6jpxx ati6lrxx ati6msxx ati6vcxx ati7agxx ati7djxx ati7ekxx ati7gmxx ati7ipxx ati7qwxx ati7rxxx ati7syxx ati7yfxx ati8cixx ati8flxx ati8gmxx ati8kqxx ati8lrxx ati8ntxx ati8ouxx ati8rxxx ati8ubxx ati8vcxx Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "01 That"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Amok web bash obj"=- Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

olesja Poslao: 14 Jan 2009 20:28 Idi na vrh
offline olesja Novi MyCity građanin Pridružio: 04 Jul 2008 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! uradila sam i restartovao mi je komp i posle nastavio automatski! ComboFix 09-01-13.04 - Korisnik 2009-01-14 20:11:02.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.490 [GMT 1:00] Running from: c:\documents and settings\Korisnik\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Korisnik\Desktop\CFScript.txt AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Updated) FW: ActiveArmor Firewall disabled * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: c:\windows\Tasks\B0F1FBD9906A6C9D.job . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\ALLUSE~1\APPLIC~1\seek film amok web c:\docume~1\ALLUSE~1\APPLIC~1\seek film amok web\Second Third.exe c:\docume~1\Korisnik\APPLIC~1\Coal4copy c:\docume~1\Korisnik\APPLIC~1\Coal4copy\0 c:\docume~1\Korisnik\APPLIC~1\Coal4copy\defyaxis.exe c:\docume~1\Korisnik\APPLIC~1\Coal4copy\owns16balluser.exe c:\docume~1\Korisnik\APPLIC~1\Coal4copy\snjapkbn.exe c:\docume~1\Korisnik\APPLIC~1\Coal4copy\Style itch soap.exe c:\program files\Coal4copy c:\windows\Tasks\B0F1FBD9906A6C9D.job . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ATI1RXXX -------\Legacy_ATI5RXXX -------\Legacy_ATI5SYXX -------\Service_ati0bhxx -------\Service_ati0djxx -------\Service_ati0lrxx -------\Service_ati0msxx -------\Service_ati0qwxx -------\Service_ati0ubxx -------\Service_ati0wdxx -------\Service_ati0xexx -------\Service_ati0yfxx -------\Service_ati1bhxx -------\Service_ati1gmxx -------\Service_ati1hnxx -------\Service_ati1ouxx -------\Service_ati1rxxx -------\Service_ati1ubxx -------\Service_ati1vcxx -------\Service_ati1yfxx -------\Service_ati2bhxx -------\Service_ati2cixx -------\Service_ati2djxx -------\Service_ati2gmxx -------\Service_ati2kqxx -------\Service_ati2lrxx -------\Service_ati2msxx -------\Service_ati2ouxx -------\Service_ati2rxxx -------\Service_ati2syxx -------\Service_ati2ubxx -------\Service_ati3gmxx -------\Service_ati3lrxx -------\Service_ati3ntxx -------\Service_ati3pvxx -------\Service_ati3rxxx -------\Service_ati3syxx -------\Service_ati3ubxx -------\Service_ati4cixx -------\Service_ati4djxx -------\Service_ati4ouxx -------\Service_ati4rxxx -------\Service_ati4taxx -------\Service_ati4ubxx -------\Service_ati5bhxx -------\Service_ati5flxx -------\Service_ati5kqxx -------\Service_ati5lrxx -------\Service_ati5ouxx -------\Service_ati5pvxx -------\Service_ati5rxxx -------\Service_ati5syxx -------\Service_ati5wdxx -------\Service_ati5xexx -------\Service_ati6djxx -------\Service_ati6jpxx -------\Service_ati6lrxx -------\Service_ati6msxx -------\Service_ati6vcxx -------\Service_ati7agxx -------\Service_ati7djxx -------\Service_ati7ekxx -------\Service_ati7gmxx -------\Service_ati7ipxx -------\Service_ati7qwxx -------\Service_ati7rxxx -------\Service_ati7syxx -------\Service_ati7yfxx -------\Service_ati8cixx -------\Service_ati8flxx -------\Service_ati8gmxx -------\Service_ati8kqxx -------\Service_ati8lrxx -------\Service_ati8ntxx -------\Service_ati8ouxx -------\Service_ati8rxxx -------\Service_ati8ubxx -------\Service_ati8vcxx ((((((((((((((((((((((((( Files Created from 2008-12-14 to 2009-01-14 ))))))))))))))))))))))))))))))) . 2009-01-14 19:41 . 2009-01-14 19:44 <DIR> d-------- C:\Lop SD 2009-01-13 22:12 . 2009-01-13 22:54 <DIR> d-------- c:\program files\Mr Biscuits - The Case of the Ocean Pearl 2009-01-13 21:29 . 2009-01-13 21:39 <DIR> d-------- c:\program files\Art Detective 2009-01-12 17:43 . 2009-01-12 17:43 <DIR> d-------- c:\program files\Fairy Island 2009-01-11 21:24 . 2009-01-11 21:25 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\FirstColony 2009-01-09 18:14 . 2009-01-09 18:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\DivoGames 2009-01-06 17:02 . 2009-01-06 17:02 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Home Sweet Home Christmas 2009-01-05 21:29 . 2009-01-05 21:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\SpecialBit 2009-01-05 21:28 . 2009-01-05 21:28 <DIR> d-------- c:\windows\Logs 2009-01-04 21:44 . 2009-01-05 22:58 <DIR> d-------- c:\program files\Westward II Heroes Of The Frontier 2009-01-03 17:28 . 2009-01-03 19:29 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Bigfish Ashtons Family Resort 2009-01-03 17:28 . 2009-01-03 17:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Bigfish Ashtons Family Resort 2009-01-02 21:06 . 2009-01-02 21:06 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\eGames 2009-01-02 21:06 . 2009-01-02 21:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\eGames 2008-12-29 17:04 . 2008-12-29 17:04 <DIR> d-------- c:\documents and settings\Korisnik\Freeze Tag - Dream Machine 2008-12-28 21:56 . 2008-12-28 21:56 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Suspects and Clues Prefs 2008-12-28 21:56 . 2008-12-28 21:56 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Suspects and Clues Players 2008-12-28 21:56 . 2008-12-28 21:56 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Spinapse 2008-12-28 21:56 . 2008-12-28 21:56 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\IOMediaSupport6SZZ001s 2008-12-26 18:16 . 2008-12-26 18:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\AdventureChronicles1 2008-12-26 17:25 . 2008-12-26 17:25 <DIR> d-------- c:\program files\AOL Games 2008-12-22 00:14 . 2008-12-22 00:14 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Playfirst Ashtons Family Resort 2008-12-22 00:14 . 2008-12-22 00:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Playfirst Ashtons Family Resort 2008-12-21 18:44 . 2008-12-21 18:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\PlayPond 2008-12-18 18:31 . 2008-12-18 18:31 <DIR> d-------- c:\program files\Common Files\SWF Studio 2008-12-17 17:58 . 2008-12-17 17:58 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\Yahoo! 2008-12-15 23:55 . 2008-12-16 23:00 <DIR> d-------- c:\program files\Detective Stories Hollywood 2008-12-15 19:59 . 2008-12-15 20:00 <DIR> d-------- c:\program files\Farm Craft . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-13 20:57 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-01-13 20:57 --------- d-----w c:\documents and settings\All Users\Application Data\BigFishGamesCache 2009-01-11 14:27 --------- d-----w c:\program files\Shockwave.com 2009-01-08 21:24 --------- d-----w c:\documents and settings\All Users\Application Data\AlawarWrapper 2009-01-07 20:04 --------- d-----w c:\documents and settings\Korisnik\Application Data\Friday's games 2009-01-07 20:02 --------- d-----w c:\program files\Alawar 2009-01-06 19:13 --------- d-----w c:\program files\iWin.com 2009-01-05 21:38 --------- d-----w c:\documents and settings\All Users\Application Data\Sandlot Games 2009-01-01 20:03 --------- d-----w c:\documents and settings\Korisnik\Application Data\blg 2009-01-01 20:03 --------- d-----w c:\documents and settings\All Users\Application Data\blg 2009-01-01 17:29 --------- d-----w c:\program files\Google 2008-12-28 16:05 --------- d-----w c:\documents and settings\Korisnik\Application Data\Games 2008-12-24 22:43 --------- d-----w c:\program files\JoWooD 2008-12-21 23:14 --------- d-----w c:\documents and settings\Korisnik\Application Data\PlayFirst 2008-12-21 23:13 --------- d-----w c:\program files\PlayFirst 2008-12-16 22:00 --------- d-----w c:\program files\Farm Mania 2008-12-15 19:58 --------- d-----w c:\documents and settings\All Users\Application Data\iWin Games 2008-12-12 21:50 --------- d-----w c:\program files\DAEMON Tools 2008-12-10 22:30 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-12-08 21:08 --------- d-----w c:\program files\RealArcade 2008-12-01 20:41 --------- d-----w c:\documents and settings\All Users\Application Data\NeptunesAdve 2008-11-30 18:22 --------- d-----w c:\documents and settings\All Users\Application Data\NevoSoft Games 2008-11-26 20:12 --------- d-----w c:\documents and settings\Korisnik\Application Data\GameInvest 2008-11-25 20:13 --------- d-----w c:\documents and settings\All Users\Application Data\Alawar Stargaze 2008-11-24 18:10 --------- d-----w c:\program files\PopCap Games 2008-11-22 20:55 --------- d-----w c:\program files\GameHouse 2008-11-22 20:55 --------- d-----w c:\documents and settings\Korisnik\Application Data\GameHouse 2008-11-22 18:04 --------- d-----w c:\documents and settings\Korisnik\Application Data\OmegaT 2008-11-22 17:46 --------- d-----w c:\program files\OmegaT 2008-11-19 20:16 --------- d-----w c:\program files\Magical Forest 2008-11-18 19:05 --------- d-----w c:\documents and settings\Korisnik\Application Data\MysteryStudio 2008-11-17 19:08 --------- d-----w c:\documents and settings\Korisnik\Application Data\uTorrent 2008-11-16 21:45 --------- d-----w c:\program files\Arcade Lab 2008-11-16 14:54 --------- d-----w c:\documents and settings\Korisnik\Application Data\cerasus.media 2008-11-15 16:15 --------- d-----w c:\documents and settings\Korisnik\Application Data\Gogii Games 2008-11-15 16:15 --------- d-----w c:\documents and settings\All Users\Application Data\Gogii Games 2008-11-15 13:13 --------- d-----w c:\program files\Book of Legends 2008-11-14 18:11 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst 2008-11-14 16:17 --------- d-----w c:\documents and settings\Korisnik\Application Data\Valusoft 2008-11-14 16:17 --------- d-----w c:\documents and settings\All Users\Application Data\Valusoft 2008-04-04 19:35 0 ----a-w c:\program files\temp01 . ((((((((((((((((((((((((((((( snapshot@2009-01-14_19.36.23,53 ))))))))))))))))))))))))))))))))))))))))) . + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136] "Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-25 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-12-18 949376] "BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2007-11-16 91432] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-10-28 72736] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-11-08 128920] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-31 385024] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-02-19 267048] "RTHDCPL"="RTHDCPL.EXE" [2007-02-26 c:\windows\RTHDCPL.exe] "nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-18 113664] Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i263_32.drv "vidc.3iv2"= 3ivxVfWCodec.dll "msacm.divxa32"= divxa32.acm "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll "vidc.ffds"= c:\progra~1\ffdshow\ffdshow.ax [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2007-12-18 13696] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-18 15424] R4 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [2007-11-03 00:12:32 41456] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [2007-12-20 58288] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [2007-12-20 8336] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [2007-12-20 94064] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [2007-12-20 85408] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [2007-12-20 83344] S3 Pcisusrv;Pcisusrv; [x] S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;c:\program files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5b915c4-b197-11dc-b530-00e04d4d7838}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5b915c7-b197-11dc-b530-00e04d4d7838}] \Shell\AutoRun\command - G:\autorun.exe . Contents of the 'Scheduled Tasks' folder 2009-01-14 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57] . - - - - ORPHANS REMOVED - - - - SafeBoot-ati0bhxx.sys SafeBoot-ati0djxx.sys SafeBoot-ati0lrxx.sys SafeBoot-ati0msxx.sys SafeBoot-ati0qwxx.sys SafeBoot-ati0ubxx.sys SafeBoot-ati0wdxx.sys SafeBoot-ati0xexx.sys SafeBoot-ati0yfxx.sys SafeBoot-ati1bhxx.sys SafeBoot-ati1gmxx.sys SafeBoot-ati1hnxx.sys SafeBoot-ati1ouxx.sys SafeBoot-ati1rxxx.sys SafeBoot-ati1ubxx.sys SafeBoot-ati1vcxx.sys SafeBoot-ati1yfxx.sys SafeBoot-ati2bhxx.sys SafeBoot-ati2cixx.sys SafeBoot-ati2djxx.sys SafeBoot-ati2gmxx.sys SafeBoot-ati2kqxx.sys SafeBoot-ati2lrxx.sys SafeBoot-ati2msxx.sys SafeBoot-ati2ouxx.sys SafeBoot-ati2rxxx.sys SafeBoot-ati2syxx.sys SafeBoot-ati2ubxx.sys SafeBoot-ati3gmxx.sys SafeBoot-ati3lrxx.sys SafeBoot-ati3ntxx.sys SafeBoot-ati3pvxx.sys SafeBoot-ati3rxxx.sys SafeBoot-ati3syxx.sys SafeBoot-ati3ubxx.sys SafeBoot-ati4cixx.sys SafeBoot-ati4djxx.sys SafeBoot-ati4ouxx.sys SafeBoot-ati4rxxx.sys SafeBoot-ati4taxx.sys SafeBoot-ati4ubxx.sys SafeBoot-ati5bhxx.sys SafeBoot-ati5flxx.sys SafeBoot-ati5kqxx.sys SafeBoot-ati5lrxx.sys SafeBoot-ati5ouxx.sys SafeBoot-ati5pvxx.sys SafeBoot-ati5rxxx.sys SafeBoot-ati5syxx.sys SafeBoot-ati5wdxx.sys SafeBoot-ati5xexx.sys SafeBoot-ati6djxx.sys SafeBoot-ati6jpxx.sys SafeBoot-ati6lrxx.sys SafeBoot-ati6msxx.sys SafeBoot-ati6vcxx.sys SafeBoot-ati7agxx.sys SafeBoot-ati7djxx.sys SafeBoot-ati7ekxx.sys SafeBoot-ati7gmxx.sys SafeBoot-ati7ipxx.sys SafeBoot-ati7qwxx.sys SafeBoot-ati7rxxx.sys SafeBoot-ati7syxx.sys SafeBoot-ati7yfxx.sys SafeBoot-ati8cixx.sys SafeBoot-ati8flxx.sys SafeBoot-ati8gmxx.sys SafeBoot-ati8kqxx.sys SafeBoot-ati8lrxx.sys SafeBoot-ati8ntxx.sys SafeBoot-ati8ouxx.sys SafeBoot-ati8rxxx.sys SafeBoot-ati8ubxx.sys SafeBoot-ati8vcxx.sys . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = .local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: I&zvezi u program Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Trusted Zone: online.bancaintesabeograd.com O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd FC-45022AB2B6C9} - file://c:\program files\Detective Stories - Hollywood\Images\stg_drm.ocx c:\windows\Downloaded Program Files\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://c:\program files\Fashion Boutique\Images\armhelper.ocx FF - ProfilePath - c:\documents and settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\8ci0663s.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-shkwav&p= FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-shkwav&p= FF - component: c:\documents and settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\8ci0663s.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-14 20:15:02 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(752) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(808-) c:\windows\system32\imon.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\program files\ESET\nod32krn.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2009-01-14 20:19:27 - machine was rebooted ComboFix-quarantined-files.txt 2009-01-14 19:19:01 ComboFix2.txt 2009-01-14 18:37:50 Pre-Run: 6.591.500.288 bytes free Post-Run: 6,528,020,480 bytes free 400 --- E O F --- 2008-12-19 00:50:15

Profil

bobby Poslao: 14 Jan 2009 20:43 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! - Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - sacekaj 10-15 sekundi - klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. ========================== Kazi mi kako se sada ponasa racunar. Ima li jos nekih vidljivih simptoma?

Profil

olesja Poslao: 14 Jan 2009 20:51 Idi na vrh
offline olesja Novi MyCity građanin Pridružio: 04 Jul 2008 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne znam sada nisam sigurna mislim da mi je normalniji ali videcu! USBNoRisk by bobby Started at 14.1.2009 20:43:19 Scanning for connected USB Mass storage... ---------------------------------------- ======================================== Scanning for other storage... ---------------------------------------- C: {a80da9e2-ad57-11dc-88fb-806d6172696f} D: {a80da9e3-ad57-11dc-88fb-806d6172696f} ======================================== Scanning fixed storage for autorun.inf files... ---------------------------------------- Autorun.inf on C: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for C: No key found for a80da9e2-ad57-11dc-88fb-806d6172696f ======================================== Autorun.inf on D: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for D: No key found for a80da9e3-ad57-11dc-88fb-806d6172696f ======================================== ========================================

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Usporen net i racunar

Ko je trenutno na forumu

Ukupno su 896 korisnika na forumu :: 24 registrovanih, 6 sakrivenih i 866 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: -[CoA]-, A.R.Chafee.Jr., Atomski čoban, Boris90, Brana01, cavatina, cvrle312, Faki-Valjevo, flash12, galijot, HrcAk47, Karla, Krusarac, loon123, Metanoja, Mirage 2000N, pein, time, uros, Vlada78, vladaa012, W123, ZetaMan, zicko.spacek

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by