MyCity » Ambulanta -> Arhiva Ambulante » Nemogucnost uklanjanja virusa i crash mozile!

Nemogucnost uklanjanja virusa i crash mozile!

Napisano na dan: 5.8.2009

Strana:
1
2
3

Nemogucnost uklanjanja virusa i crash mozile!

Pagination

Prethodna strana

Odgovori

Strana:
1
2
3

brankofr Poslao: 07 Avg 2009 02:27 Idi na vrh
offline brankofr Građanin Pridružio: 12 Mar 2009 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradjeno: ComboFix 09-08-06.01 - partizan 07.08.2009 2:15.7.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1363 [GMT 2:00] Running from: c:\documents and settings\partizan\Desktop\ComboFix.exe AV: ESET Smart Security 4.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} . ((((((((((((((((((((((((( Files Created from 2009-07-07 to 2009-08-07 ))))))))))))))))))))))))))))))) . 2009-08-06 19:47 . 2009-08-06 19:47 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-08-06 19:38 . 2009-08-06 19:38 -------- d-----w- c:\documents and settings\Administrator.BRANKOSC-933E66\Application Data\Malwarebytes 2009-08-06 19:36 . 2009-08-06 19:36 -------- d-sh--w- c:\documents and settings\Administrator.BRANKOSC-933E66\IETldCache 2009-08-06 18:52 . 1999-09-10 10:06 5600 ----a-w- c:\windows\system\WINASPI.DLL 2009-08-06 18:52 . 1999-09-10 10:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE 2009-08-06 18:52 . 1999-09-10 10:06 45056 ----a-w- c:\windows\system32\WNASPI32.DLL 2009-08-06 18:52 . 1999-09-10 10:06 25244 ----a-w- c:\windows\system32\drivers\ASPI32.SYS 2009-08-06 18:01 . 2009-08-06 18:01 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\Innovative Solutions 2009-08-06 18:01 . 2009-08-06 18:01 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Innovative Solutions 2009-08-06 18:00 . 2009-08-06 18:00 -------- d-----w- c:\program files\Innovative Solutions 2009-08-06 12:10 . 2009-08-06 12:10 -------- d-----w- c:\documents and settings\partizan\Application Data\Ashampoo 2009-08-06 12:09 . 2009-08-06 12:09 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\ashampoo 2009-08-06 06:41 . 2009-08-06 06:41 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-08-05 16:02 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-05 16:02 . 2009-08-05 16:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-05 16:02 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-08-05 15:12 . 2009-08-05 15:12 -------- d-----w- c:\documents and settings\partizan\Application Data\Morpheus Software 2009-08-04 01:54 . 2009-08-04 01:54 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\serverlauncher 2009-08-04 01:22 . 2009-08-04 01:22 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\id Software 2009-08-03 10:04 . 2009-08-05 12:51 25 ----a-w- c:\windows\popcinfot.dat 2009-08-03 09:53 . 2009-08-03 09:53 -------- d-----w- c:\program files\Raw Modders Union 2009-08-02 18:43 . 2006-01-01 06:54 31744 ----a-w- c:\windows\system32\DDHELP.EXE 2009-08-02 11:26 . 2009-08-02 11:26 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\InterAction studios 2009-08-02 11:25 . 2009-08-03 02:56 -------- d-----w- C:\games 2009-08-02 10:48 . 2009-08-02 10:48 -------- d-----w- c:\program files\Common Files\PAC207 2009-08-02 10:46 . 2009-08-02 10:46 -------- d-----w- c:\windows\Album 2009-08-02 10:24 . 2009-08-02 10:24 -------- d-----w- c:\documents and settings\partizan\Application Data\InstallShield 2009-08-01 16:59 . 2009-08-01 17:06 -------- d-----w- c:\program files\Flash SWF to GIF AVI Converter 2009-08-01 12:26 . 2009-08-01 12:27 -------- d-----w- c:\program files\CheMax 2009-07-31 14:45 . 2009-07-31 14:45 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo 2009-07-31 14:39 . 2009-07-31 15:36 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\iolo 2009-07-31 14:39 . 2009-07-31 15:36 -------- d-----w- c:\documents and settings\partizan\Application Data\iolo 2009-07-31 09:54 . 2009-07-31 10:24 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Nero 2009-07-31 09:54 . 2009-08-06 20:52 -------- d-----w- c:\program files\Common Files\Nero 2009-07-28 12:34 . 2009-07-28 12:34 -------- d-----w- c:\program files\BukaSoft 2009-07-27 19:50 . 2009-07-27 19:50 -------- d-----w- c:\program files\Idoru 2009-07-27 16:46 . 2009-07-27 16:49 -------- d-----w- c:\program files\WinMPG VideoConvert 2009-07-26 18:49 . 2009-07-26 18:49 -------- d-----w- c:\program files\Devious Codeworks 2009-07-26 15:45 . 2009-07-26 15:45 7168 ----a-w- c:\windows\system32\drivers\ute4ndm1.sys.vir 2009-07-25 23:38 . 2009-07-25 23:38 7077376 ----a-w- C:\Norman_Malware_Cleaner.exe 2009-07-25 15:42 . 2009-08-05 15:09 -------- d-----w- c:\windows\system32\rtfexbit 2009-07-25 15:13 . 2009-07-25 15:13 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\WNR 2009-07-25 15:13 . 2009-07-25 15:13 -------- d-----w- c:\documents and settings\partizan\Application Data\WNR 2009-07-24 17:55 . 2009-07-25 19:24 -------- d-----w- c:\documents and settings\partizan\Application Data\Steganos 2009-07-24 17:46 . 2009-07-31 15:18 -------- d-----w- c:\program files\Steganos Safe 2008 2009-07-24 17:36 . 2009-07-24 17:36 -------- d-----w- c:\documents and settings\partizan\Application Data\BSplayer PRO 2009-07-24 16:17 . 2009-07-24 16:17 -------- d-----w- c:\program files\TZcopyprotection v1.1beta II 2009-07-24 16:17 . 1997-02-19 22:00 99840 ----a-w- c:\windows\system32\CmCtlES.dll 2009-07-24 16:08 . 1997-02-19 22:00 94992 ----a-w- c:\windows\system32\VB5ES.dll 2009-07-24 16:08 . 1997-02-19 22:00 72704 ----a-w- c:\windows\ST5UNST.EXE 2009-07-24 16:08 . 1997-02-19 22:00 29696 ----a-w- c:\windows\system32\VB5StKit.dll 2009-07-24 15:12 . 2009-07-24 15:12 -------- d-----w- c:\documents and settings\partizan\Application Data\LEGO Company 2009-07-24 15:11 . 2009-07-31 22:00 -------- d-----w- c:\program files\LEGO Company 2009-07-24 14:22 . 2009-07-24 14:22 -------- d-----w- c:\program files\honestech 2009-07-24 14:21 . 2009-07-31 15:19 -------- d-----w- c:\program files\honestech Claymation Studio 2.0 2009-07-24 14:21 . 2006-05-16 23:58 24576 ----a-w- C:\dwusplay.dll 2009-07-24 14:21 . 2006-05-16 23:58 196608 ----a-w- C:\dwusplay.exe 2009-07-24 13:29 . 2009-07-24 13:29 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\CSO 2009-07-24 13:24 . 2009-07-27 18:33 -------- d-----w- c:\program files\Gamania 2009-07-24 10:21 . 2009-07-24 10:21 -------- d-----w- c:\program files\SkinCrafter3 2009-07-24 06:38 . 2009-07-24 06:40 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\Temp 2009-07-22 17:50 . 2009-07-22 17:52 -------- d-----w- c:\documents and settings\partizan\Application Data\StarBlaze2 2009-07-22 17:50 . 2009-07-22 17:50 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\StarBlaze2 2009-07-22 17:47 . 2009-07-22 17:47 -------- d-sh--w- c:\documents and settings\partizan\IECompatCache 2009-07-22 17:46 . 2009-07-26 16:04 -------- d-----w- c:\program files\Naevius USB Antivirus 2009-07-21 20:15 . 2009-07-21 20:16 -------- d-----w- c:\documents and settings\partizan\Application Data\PowerRangers 2009-07-21 15:10 . 2009-07-27 18:08 -------- d-----w- c:\program files\vSoft 2009-07-19 22:53 . 2009-07-19 22:53 -------- d-----w- c:\program files\Wondershare 2009-07-19 10:58 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll 2009-07-19 10:58 . 2009-07-19 10:58 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-07-18 01:56 . 2009-07-18 12:53 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\Corel 2009-07-18 01:36 . 2009-07-18 01:38 -------- d-----w- c:\program files\Common Files\Corel 2009-07-17 21:36 . 2009-07-17 21:36 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-07-17 20:33 . 2009-07-17 20:33 -------- d-----w- c:\program files\BlazeVideo 2009-07-16 14:43 . 2002-11-26 12:36 10752 ----a-w- c:\windows\system32\hh.exe 2009-07-16 14:43 . 2009-07-31 22:00 -------- d-----w- c:\program files\Kiran's Typing Tutor 2009-07-16 12:43 . 2009-07-16 12:43 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\HipSoft 2009-07-16 11:13 . 2009-07-16 11:13 -------- d-----w- c:\program files\LucasArts 2009-07-15 01:43 . 2009-07-31 22:27 -------- d-----w- c:\program files\3D Flash Animator 4 Release 5 2009-07-15 01:38 . 2009-07-15 02:00 -------- d-----w- c:\program files\Magic Flare 2009-07-14 18:34 . 2009-07-14 18:35 -------- d-----w- c:\documents and settings\partizan\Application Data\ViGlance 2009-07-14 18:34 . 2009-07-14 18:34 -------- d-----w- c:\program files\ViGlance 2009-07-14 16:52 . 2009-07-14 16:52 -------- d-----w- c:\program files\PopCap Games 2009-07-14 00:10 . 2009-05-12 10:20 173384 ----a-w- c:\windows\system32\AVLibrary.dll 2009-07-14 00:10 . 2009-07-15 01:24 -------- d-----w- c:\program files\Hide The IP 2009-07-12 16:35 . 2009-07-12 16:37 -------- d-----w- c:\program files\Celestia 2009-07-12 16:11 . 2009-07-12 16:11 -------- d-----w- c:\documents and settings\partizan\Application Data\NASA 2009-07-12 16:08 . 2009-07-12 16:08 -------- d-----w- c:\program files\NASA 2009-07-12 15:21 . 2009-07-23 01:58 -------- d-----w- c:\program files\NetScream 2009-07-11 13:51 . 2009-07-11 13:51 -------- d-----w- c:\program files\1C 2009-07-10 09:17 . 2009-07-10 09:18 -------- d-----w- c:\program files\Visual Watermark 2009-07-09 13:40 . 2009-07-09 13:40 -------- d-sh--w- c:\windows\ftpcache 2009-07-09 13:38 . 2009-07-09 13:38 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\WildTangent . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-07 00:11 . 2009-02-23 17:44 -------- d-----w- c:\documents and settings\partizan\Application Data\skypePM 2009-08-07 00:09 . 2009-03-11 20:59 47934176 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-08-07 00:09 . 2009-03-11 20:59 4097978400 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-08-06 23:19 . 2009-02-23 17:41 -------- d-----w- c:\documents and settings\partizan\Application Data\Skype 2009-08-06 20:52 . 2009-05-23 22:05 -------- d-----w- c:\program files\Nero 2009-08-06 17:47 . 2009-02-21 23:30 -------- d-----w- c:\program files\Ashampoo 2009-08-06 12:09 . 2009-02-21 23:30 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Ashampoo 2009-08-05 14:14 . 2009-02-26 22:18 -------- d-----w- c:\documents and settings\partizan\Application Data\Thinstall 2009-08-05 13:02 . 2009-02-21 23:04 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-05 01:52 . 2009-07-07 14:29 -------- d-----w- c:\program files\PerformanceTest 2009-08-03 18:30 . 2009-06-30 00:31 189488 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-03 18:07 . 2009-06-30 00:32 139016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-02 10:46 . 2009-02-22 00:16 -------- d-----w- c:\program files\KYE 2009-08-01 09:38 . 2009-02-21 23:15 74664 ----a-w- c:\documents and settings\partizan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-01 09:33 . 2009-02-24 12:44 -------- d-----w- c:\program files\Microsoft Silverlight 2009-07-31 22:48 . 2009-05-25 19:24 -------- d-----w- c:\program files\AGEIA Technologies 2009-07-31 22:21 . 2009-02-25 21:34 -------- d---a-w- c:\docume~1\ALLUSE~1\APPLIC~1\TEMP 2009-07-31 22:02 . 2009-06-03 21:37 -------- d-----w- c:\program files\Teamspeak2_RC2 2009-07-31 22:02 . 2009-06-23 16:46 -------- d-----w- c:\program files\Sudoku Epic 2009-07-31 15:19 . 2009-03-21 12:37 -------- d-----w- c:\documents and settings\partizan\Application Data\Hoyle 2009-07-31 15:19 . 2009-03-14 22:23 -------- d-----w- c:\documents and settings\partizan\Application Data\BitTorrent 2009-07-31 15:19 . 2009-03-14 22:23 -------- d-----w- c:\documents and settings\partizan\Application Data\DNA 2009-07-31 15:19 . 2009-04-27 14:54 -------- d-----w- c:\program files\Atomic Alarm Clock 2009-07-31 15:19 . 2009-04-03 00:22 -------- d-----w- c:\program files\AV Vcs 6.0 DIAMOND 2009-07-31 15:18 . 2009-06-20 17:11 -------- d-----w- c:\program files\Trojan Remover 2009-07-30 18:10 . 2009-05-13 19:37 -------- d-----w- c:\program files\Banner Maker Pro 6 2009-07-27 00:16 . 2009-02-21 23:47 -------- d-----w- c:\documents and settings\partizan\Application Data\Winamp 2009-07-27 00:14 . 2009-02-21 23:47 -------- d-----w- c:\program files\Winamp 2009-07-26 10:15 . 2009-04-29 22:20 -------- d-----w- c:\documents and settings\partizan\Application Data\DMCache 2009-07-24 18:05 . 2009-02-22 23:27 31 ----a-w- c:\windows\system32\mslck.dat 2009-07-24 17:40 . 2009-07-06 17:44 -------- d-----w- c:\program files\Taxi Racer London 2 2009-07-24 17:38 . 2009-06-30 19:45 -------- d-----w- c:\program files\Sallys Salon 2009-07-24 17:37 . 2009-05-10 15:42 -------- d-----w- c:\program files\DeskSpace 2009-07-21 12:16 . 2009-04-27 09:38 -------- d-----w- c:\program files\Foosball Maniac 2009-07-19 14:58 . 2009-07-05 18:52 -------- d-----w- c:\program files\Resize Pictures Plus 2009-07-19 10:58 . 2009-02-24 21:29 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-07-19 10:58 . 2009-02-24 21:29 604416 ----a-w- c:\windows\system32\TUProgSt.exe 2009-07-18 12:37 . 2009-02-27 18:10 5018 --sha-w- c:\docume~1\ALLUSE~1\APPLIC~1\KGyGaAvL.sys 2009-07-18 01:46 . 2009-07-18 01:46 8 --sh--r- c:\docume~1\ALLUSE~1\APPLIC~1\BED5DF3DDE.sys 2009-07-18 01:44 . 2009-02-27 18:10 -------- d-----w- c:\documents and settings\partizan\Application Data\Corel 2009-07-18 01:36 . 2009-02-27 18:10 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Corel 2009-07-18 01:36 . 2009-02-27 18:09 -------- d-----w- c:\program files\Corel 2009-07-17 21:38 . 2009-04-01 02:03 -------- d-----w- c:\program files\AlienGUIse 2009-07-16 14:07 . 2009-05-17 20:54 -------- d-----w- c:\program files\Lavasoft 2009-07-16 01:00 . 2009-02-21 23:39 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Microsoft Help 2009-07-07 22:50 . 2009-03-10 10:56 -------- d-----w- c:\program files\Nexus Radio 2009-07-06 14:53 . 2009-07-06 03:35 304160 ----a-w- C:\PA207.DAT 2009-07-05 16:03 . 2009-07-05 16:01 -------- d-----w- c:\program files\Saint Paint 2009-07-05 16:01 . 2009-07-05 16:01 216576 ----a-w- c:\windows\system32\SpoonUninstall.exe 2009-07-05 16:01 . 2009-07-05 16:01 1217 ----a-w- c:\windows\system32\SpoonUninstall-Saint Paint Studio.dat 2009-07-04 05:03 . 2009-07-04 05:03 -------- d-----w- c:\program files\SEGA 2009-07-03 17:09 . 2006-01-16 20:39 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-01 16:56 . 2009-07-01 16:56 -------- d-----w- c:\program files\JoWooD 2009-07-01 15:59 . 2009-07-01 15:50 -------- d-----w- c:\program files\Call Of Juarez - Bound In Blood 2009-06-30 18:53 . 2009-03-02 20:12 -------- d-----w- c:\program files\Sony Ericsson 2009-06-30 00:31 . 2009-06-30 00:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-06-29 01:30 . 2009-03-26 00:55 -------- d-----w- c:\program files\URUSoft 2009-06-29 01:29 . 2009-05-23 17:22 -------- d-----w- c:\program files\REAPER 2009-06-29 01:27 . 2009-06-24 15:32 -------- d-----w- c:\program files\Clayside 2009-06-28 19:14 . 2009-04-29 11:34 -------- d-----w- c:\program files\PhotoInstrument 2009-06-28 16:31 . 2009-06-28 16:30 -------- d-----w- c:\program files\CrystalButton2 2009-06-28 16:06 . 2009-06-28 16:06 -------- d-----w- c:\program files\3D Image Commander 2009-06-28 10:29 . 2009-02-21 23:29 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-26 18:33 . 2009-06-26 18:33 -------- d-----w- c:\program files\LeeGTs Games 2009-06-25 00:09 . 2009-06-25 00:05 -------- d-----w- c:\documents and settings\partizan\Application Data\Dream Aquarium 2009-06-25 00:06 . 2009-06-25 00:04 -------- d-----w- c:\program files\Dream Aquarium 2009-06-24 23:46 . 2009-06-24 23:46 -------- d-----w- c:\program files\XP Repair Pro 4.0 2009-06-24 23:44 . 2009-03-21 20:16 -------- d-----w- c:\program files\XP Repair Pro 2007 2009-06-24 23:17 . 2009-06-24 23:16 -------- d-----w- c:\program files\Banner Maker Pro 7 2009-06-24 22:36 . 2009-06-24 22:36 -------- d-----w- c:\documents and settings\partizan\Application Data\Alawar 2009-06-24 15:34 . 2009-06-24 15:34 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\AlawarWrapper 2009-06-24 10:51 . 2009-06-01 03:59 397056 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-06-24 10:01 . 2009-05-17 17:52 -------- d-----w- c:\program files\Team JPN 2009-06-23 16:47 . 2009-06-23 16:47 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Kristanix Games 2009-06-22 16:26 . 2009-06-22 16:26 -------- d-----w- c:\program files\Codemasters 2009-06-22 15:50 . 2009-03-16 18:25 -------- d-----w- c:\documents and settings\partizan\Application Data\iWin 2009-06-20 17:11 . 2009-06-20 17:11 -------- d-----w- c:\documents and settings\partizan\Application Data\Simply Super Software 2009-06-20 17:11 . 2009-06-20 17:11 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Simply Super Software 2009-06-20 16:06 . 2009-06-20 16:06 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Sandlot Games 2009-06-17 11:08 . 2009-06-17 11:08 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-06-17 11:08 . 2009-06-17 11:08 -------- d-----r- c:\program files\Skype 2009-06-17 11:08 . 2009-06-17 11:08 -------- d-----w- c:\program files\Common Files\Skype 2009-06-17 11:08 . 2009-02-23 17:40 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Skype 2009-06-16 14:36 . 2006-01-16 20:39 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-16 14:36 . 2006-01-16 20:39 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-10 19:11 . 2009-06-10 19:11 -------- d-----w- c:\program files\Boilsoft Video Splitter 2009-06-10 16:24 . 2009-05-26 13:41 -------- d-----w- c:\program files\Fishing Craze 2009-06-10 16:12 . 2009-06-10 13:18 -------- d-----w- c:\program files\Allok Video Splitter 2009-06-10 13:20 . 2009-06-10 13:20 -------- d-----w- c:\program files\Allok Video Joiner 2009-06-09 14:02 . 2009-06-09 14:02 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\2DBoy 2009-06-08 22:43 . 2009-06-08 22:43 -------- d-----w- c:\documents and settings\partizan\Application Data\Pegasys Inc 2009-06-08 22:40 . 2009-02-23 17:53 -------- d-----w- c:\program files\IncrediMail 2009-06-08 22:31 . 2009-06-08 22:31 -------- d-----w- c:\program files\Pegasys Inc 2009-06-08 22:31 . 2009-06-08 22:33 59488 ----a-w- c:\windows\system32\GenSvcInst.exe 2009-06-08 22:31 . 2009-06-08 22:33 145504 ----a-w- c:\windows\system32\bgsvcgen.exe 2009-06-08 22:31 . 2009-06-08 22:33 13567 ----a-w- c:\windows\system32\drivers\CDRBSDRV.SYS 2009-06-08 18:13 . 2009-06-08 18:13 -------- d-----w- c:\documents and settings\partizan\Application Data\Gamelab 2009-06-08 00:54 . 2009-06-08 00:54 -------- d-----w- c:\documents and settings\partizan\Application Data\Super-Cow 2009-06-05 20:30 . 2009-06-05 20:30 10 ----a-w- c:\windows\popcinfo.dat 2009-06-03 19:09 . 2006-01-16 20:39 1291264 ----a-w- c:\windows\system32\quartz.dll . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2009-08-07 00:11 . 2009-08-07 00:11 16384 c:\windows\Temp\Perflib_Perfdata_120.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="c:\program files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2009-04-27 1742848] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-05-26 24264488] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-02-02 251264] "DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2009-08-06 7920472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 925696] "DefragTaskBar"="c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-04-18 173408] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" "BlazeServoTool"="c:\program files\BlazeVideo\BlazeDVD\MediaDetector.exe" "Google Update"="c:\documents and settings\partizan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot "Corel File Shell Monitor"=c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe "Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\RadLight Company\\RadLight 4.0\\rlkernel.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Valve\\hl.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"= "c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Corel\\DVD9\\WinDVD.exe"= "c:\\CryptLoad\\RouterClient.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\wLite\\wLite.exe"= "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"= "c:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"= "c:\\Program Files\\JLC's Software\\Internet TV\\Internet TV.exe"= "c:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"= "c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [16.10.2007 10:42 17824] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 15:23 106208] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 15:23 727720] R2 regi;regi;c:\windows\system32\drivers\regi.sys [17.4.2007 21:09 11032] R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [18.5.2009 22:12 2368] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [24.2.2009 23:29 604416] R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?] R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [4.5.2009 20:11 114024] R3 PAC207;Eye 110;c:\windows\system32\drivers\PFC027.SYS [5.12.2006 12:34 507136] R3 tenCapture;tenCapture;c:\windows\system32\drivers\tenCapture.sys [21.4.2007 16:15 9344] S0 Lbd;Lbd; [x] S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [2.3.2009 22:20 83208] S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [2.3.2009 22:27 15112] S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [2.3.2009 22:27 108552] S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [2.3.2009 22:27 100360] S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [2.3.2009 22:27 23176] S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [2.3.2009 22:27 98568] S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [2.3.2009 22:27 98952] S3 SysProtDrv.sys;SysProtDrv.sys;c:\documents and settings\partizan\Desktop\SysProt\SysProt\SysProtDrv.sys [5.8.2009 23:42 44288] S3 ute4ndm1;AVZ Kernel Driver; [x] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyOverride = .local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - [Link mogu videti samo ulogovani korisnici]* FF - ProfilePath - c:\docume~1\partizan\APPLIC~1\Mozilla\Firefox\Profiles\akgxln8y.default\ FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\documents and settings\partizan\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-08-07 02:22 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-2025429265-412668190-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):e9,f3,68,99,3f,a2,6d,69,ac,3b,e9,4c,d7,c4,a2,07,9a,62,a1,e2,d0, 8b,4a,05,43,88,83,b6,d7,17,7c,17,4b,fe,4e,1f,22,33,bc,77,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9ae95d39-2623-48f9-b9a0-03010c30fbcc}] @Denied: (Full) (Everyone) "Model"=dword:000000b8 "Therad"=dword:0000000b "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d, df,1c,2f,3b,8a,0a,32,11,89,01,b5,48,2a,48,57,bd,3d,88,fb,50,e0,56,b7,11,a1,\ [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1432) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2636) c:\windows\system32\WININET.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll c:\program files\Windows Media Player\wmpband.dll c:\program files\Common Files\CyberLink\PowerDVD9\deskband32.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-08-07 2:25 ComboFix-quarantined-files.txt 2009-08-07 00:25 ComboFix4.txt 2009-08-06 11:24 ComboFix5.txt 2009-08-06 23:02 Pre-Run: 13.900.455.936 bytes free Post-Run: 13.835.132.928 bytes free 376 --- E O F --- 2009-08-01 01:00

Profil

Bogdan-Tc Poslao: 07 Avg 2009 02:55 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje? Uploaduj mi sledeći file c:\windows\system32\drivers\ute4ndm1.sys.vir [Link mogu videti samo ulogovani korisnici]

Profil

brankofr Poslao: 07 Avg 2009 03:09 Idi na vrh
offline brankofr Građanin Pridružio: 12 Mar 2009 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pa izgleda da je sve u redu,firefox radi,virusa nema,a i izgleda da ce i nero da radi,nisam probao rezati,ali sad uspjeva da mi prepozna drive. File uploadovan!! I svaka vam cast,imate najbolju ambulantu,i nije prvi put da mi pomazete,svaka vam cast!!!!!I beskrajno hvala na pomoci,malo je falilo da radim sistem nanovo...

Profil

Bogdan-Tc Poslao: 07 Avg 2009 03:40 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Idemo još jednom... Otvoriti Notepad i iskopirati sledeci tekst: `Driver:: ute4ndm1 File:: c:\windows\system32\drivers\ute4ndm1.sys.vir` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

brankofr Poslao: 07 Avg 2009 04:12 Idi na vrh
offline brankofr Građanin Pridružio: 12 Mar 2009 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-08-06.01 - partizan 07.08.2009 3:53.8.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1352 [GMT 2:00] Running from: c:\documents and settings\partizan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\partizan\Desktop\CFScript.txt AV: ESET Smart Security 4.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} FILE :: "c:\windows\system32\drivers\ute4ndm1.sys.vir" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\ute4ndm1.sys.vir . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_UTE4NDM1 -------\Service_ute4ndm1 ((((((((((((((((((((((((( Files Created from 2009-07-07 to 2009-08-07 ))))))))))))))))))))))))))))))) . 2009-08-07 01:17 . 2009-08-07 01:18 -------- d-----w- c:\program files\ATV 2009-08-07 00:57 . 2009-08-07 00:57 -------- d-----w- c:\program files\RAR Recovery Toolbox 2009-08-06 19:47 . 2009-08-06 19:47 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-08-06 19:38 . 2009-08-06 19:38 -------- d-----w- c:\documents and settings\Administrator.BRANKOSC-933E66\Application Data\Malwarebytes 2009-08-06 19:36 . 2009-08-06 19:36 -------- d-sh--w- c:\documents and settings\Administrator.BRANKOSC-933E66\IETldCache 2009-08-06 18:52 . 1999-09-10 10:06 5600 ----a-w- c:\windows\system\WINASPI.DLL 2009-08-06 18:52 . 1999-09-10 10:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE 2009-08-06 18:52 . 1999-09-10 10:06 45056 ----a-w- c:\windows\system32\WNASPI32.DLL 2009-08-06 18:52 . 1999-09-10 10:06 25244 ----a-w- c:\windows\system32\drivers\ASPI32.SYS 2009-08-06 18:01 . 2009-08-06 18:01 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\Innovative Solutions 2009-08-06 18:01 . 2009-08-06 18:01 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Innovative Solutions 2009-08-06 18:00 . 2009-08-06 18:00 -------- d-----w- c:\program files\Innovative Solutions 2009-08-06 12:10 . 2009-08-06 12:10 -------- d-----w- c:\documents and settings\partizan\Application Data\Ashampoo 2009-08-06 12:09 . 2009-08-06 12:09 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\ashampoo 2009-08-06 06:41 . 2009-08-06 06:41 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-08-05 16:02 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-05 16:02 . 2009-08-05 16:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-05 16:02 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-08-05 15:12 . 2009-08-05 15:12 -------- d-----w- c:\documents and settings\partizan\Application Data\Morpheus Software 2009-08-04 01:54 . 2009-08-04 01:54 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\serverlauncher 2009-08-04 01:22 . 2009-08-04 01:22 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\id Software 2009-08-03 10:04 . 2009-08-05 12:51 25 ----a-w- c:\windows\popcinfot.dat 2009-08-03 09:53 . 2009-08-03 09:53 -------- d-----w- c:\program files\Raw Modders Union 2009-08-02 18:43 . 2006-01-01 06:54 31744 ----a-w- c:\windows\system32\DDHELP.EXE 2009-08-02 11:26 . 2009-08-02 11:26 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\InterAction studios 2009-08-02 11:25 . 2009-08-03 02:56 -------- d-----w- C:\games 2009-08-02 10:48 . 2009-08-02 10:48 -------- d-----w- c:\program files\Common Files\PAC207 2009-08-02 10:46 . 2009-08-02 10:46 -------- d-----w- c:\windows\Album 2009-08-02 10:24 . 2009-08-02 10:24 -------- d-----w- c:\documents and settings\partizan\Application Data\InstallShield 2009-08-01 16:59 . 2009-08-01 17:06 -------- d-----w- c:\program files\Flash SWF to GIF AVI Converter 2009-08-01 12:26 . 2009-08-01 12:27 -------- d-----w- c:\program files\CheMax 2009-07-31 14:45 . 2009-07-31 14:45 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo 2009-07-31 14:39 . 2009-07-31 15:36 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\iolo 2009-07-31 14:39 . 2009-07-31 15:36 -------- d-----w- c:\documents and settings\partizan\Application Data\iolo 2009-07-31 09:54 . 2009-07-31 10:24 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Nero 2009-07-31 09:54 . 2009-08-06 20:52 -------- d-----w- c:\program files\Common Files\Nero 2009-07-28 12:34 . 2009-07-28 12:34 -------- d-----w- c:\program files\BukaSoft 2009-07-27 19:50 . 2009-07-27 19:50 -------- d-----w- c:\program files\Idoru 2009-07-27 16:46 . 2009-07-27 16:49 -------- d-----w- c:\program files\WinMPG VideoConvert 2009-07-26 18:49 . 2009-07-26 18:49 -------- d-----w- c:\program files\Devious Codeworks 2009-07-25 23:38 . 2009-07-25 23:38 7077376 ----a-w- C:\Norman_Malware_Cleaner.exe 2009-07-25 15:42 . 2009-08-05 15:09 -------- d-----w- c:\windows\system32\rtfexbit 2009-07-25 15:13 . 2009-07-25 15:13 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\WNR 2009-07-25 15:13 . 2009-07-25 15:13 -------- d-----w- c:\documents and settings\partizan\Application Data\WNR 2009-07-24 17:55 . 2009-07-25 19:24 -------- d-----w- c:\documents and settings\partizan\Application Data\Steganos 2009-07-24 17:46 . 2009-07-31 15:18 -------- d-----w- c:\program files\Steganos Safe 2008 2009-07-24 17:36 . 2009-07-24 17:36 -------- d-----w- c:\documents and settings\partizan\Application Data\BSplayer PRO 2009-07-24 16:17 . 2009-07-24 16:17 -------- d-----w- c:\program files\TZcopyprotection v1.1beta II 2009-07-24 16:17 . 1997-02-19 22:00 99840 ----a-w- c:\windows\system32\CmCtlES.dll 2009-07-24 16:08 . 1997-02-19 22:00 94992 ----a-w- c:\windows\system32\VB5ES.dll 2009-07-24 16:08 . 1997-02-19 22:00 72704 ----a-w- c:\windows\ST5UNST.EXE 2009-07-24 16:08 . 1997-02-19 22:00 29696 ----a-w- c:\windows\system32\VB5StKit.dll 2009-07-24 15:12 . 2009-07-24 15:12 -------- d-----w- c:\documents and settings\partizan\Application Data\LEGO Company 2009-07-24 15:11 . 2009-07-31 22:00 -------- d-----w- c:\program files\LEGO Company 2009-07-24 14:22 . 2009-07-24 14:22 -------- d-----w- c:\program files\honestech 2009-07-24 14:21 . 2009-07-31 15:19 -------- d-----w- c:\program files\honestech Claymation Studio 2.0 2009-07-24 14:21 . 2006-05-16 23:58 24576 ----a-w- C:\dwusplay.dll 2009-07-24 14:21 . 2006-05-16 23:58 196608 ----a-w- C:\dwusplay.exe 2009-07-24 13:29 . 2009-07-24 13:29 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\CSO 2009-07-24 13:24 . 2009-07-27 18:33 -------- d-----w- c:\program files\Gamania 2009-07-24 10:21 . 2009-07-24 10:21 -------- d-----w- c:\program files\SkinCrafter3 2009-07-24 06:38 . 2009-07-24 06:40 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\Temp 2009-07-22 17:50 . 2009-07-22 17:52 -------- d-----w- c:\documents and settings\partizan\Application Data\StarBlaze2 2009-07-22 17:50 . 2009-07-22 17:50 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\StarBlaze2 2009-07-22 17:47 . 2009-07-22 17:47 -------- d-sh--w- c:\documents and settings\partizan\IECompatCache 2009-07-22 17:46 . 2009-07-26 16:04 -------- d-----w- c:\program files\Naevius USB Antivirus 2009-07-21 20:15 . 2009-07-21 20:16 -------- d-----w- c:\documents and settings\partizan\Application Data\PowerRangers 2009-07-21 15:10 . 2009-07-27 18:08 -------- d-----w- c:\program files\vSoft 2009-07-19 22:53 . 2009-07-19 22:53 -------- d-----w- c:\program files\Wondershare 2009-07-19 10:58 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll 2009-07-19 10:58 . 2009-07-19 10:58 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-07-18 01:56 . 2009-07-18 12:53 -------- d-----w- c:\documents and settings\partizan\Local Settings\Application Data\Corel 2009-07-18 01:36 . 2009-07-18 01:38 -------- d-----w- c:\program files\Common Files\Corel 2009-07-17 21:36 . 2009-07-17 21:36 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-07-17 20:33 . 2009-07-17 20:33 -------- d-----w- c:\program files\BlazeVideo 2009-07-16 14:43 . 2002-11-26 12:36 10752 ----a-w- c:\windows\system32\hh.exe 2009-07-16 14:43 . 2009-07-31 22:00 -------- d-----w- c:\program files\Kiran's Typing Tutor 2009-07-16 12:43 . 2009-07-16 12:43 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\HipSoft 2009-07-16 11:13 . 2009-07-16 11:13 -------- d-----w- c:\program files\LucasArts 2009-07-15 01:43 . 2009-07-31 22:27 -------- d-----w- c:\program files\3D Flash Animator 4 Release 5 2009-07-15 01:38 . 2009-07-15 02:00 -------- d-----w- c:\program files\Magic Flare 2009-07-14 18:34 . 2009-07-14 18:35 -------- d-----w- c:\documents and settings\partizan\Application Data\ViGlance 2009-07-14 18:34 . 2009-07-14 18:34 -------- d-----w- c:\program files\ViGlance 2009-07-14 16:52 . 2009-07-14 16:52 -------- d-----w- c:\program files\PopCap Games 2009-07-14 00:10 . 2009-05-12 10:20 173384 ----a-w- c:\windows\system32\AVLibrary.dll 2009-07-14 00:10 . 2009-07-15 01:24 -------- d-----w- c:\program files\Hide The IP 2009-07-12 16:35 . 2009-07-12 16:37 -------- d-----w- c:\program files\Celestia 2009-07-12 16:11 . 2009-07-12 16:11 -------- d-----w- c:\documents and settings\partizan\Application Data\NASA 2009-07-12 16:08 . 2009-07-12 16:08 -------- d-----w- c:\program files\NASA 2009-07-12 15:21 . 2009-07-23 01:58 -------- d-----w- c:\program files\NetScream 2009-07-11 13:51 . 2009-07-11 13:51 -------- d-----w- c:\program files\1C 2009-07-10 09:17 . 2009-07-10 09:18 -------- d-----w- c:\program files\Visual Watermark 2009-07-09 13:40 . 2009-07-09 13:40 -------- d-sh--w- c:\windows\ftpcache 2009-07-09 13:38 . 2009-07-09 13:38 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\WildTangent . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-07 02:01 . 2009-03-11 20:59 47946632 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-08-07 02:01 . 2009-03-11 20:59 4097978400 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-08-07 01:42 . 2009-02-23 17:41 -------- d-----w- c:\documents and settings\partizan\Application Data\Skype 2009-08-07 00:11 . 2009-02-23 17:44 -------- d-----w- c:\documents and settings\partizan\Application Data\skypePM 2009-08-06 20:52 . 2009-05-23 22:05 -------- d-----w- c:\program files\Nero 2009-08-06 17:47 . 2009-02-21 23:30 -------- d-----w- c:\program files\Ashampoo 2009-08-06 12:09 . 2009-02-21 23:30 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Ashampoo 2009-08-05 14:14 . 2009-02-26 22:18 -------- d-----w- c:\documents and settings\partizan\Application Data\Thinstall 2009-08-05 13:02 . 2009-02-21 23:04 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-05 01:52 . 2009-07-07 14:29 -------- d-----w- c:\program files\PerformanceTest 2009-08-03 18:30 . 2009-06-30 00:31 189488 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-03 18:07 . 2009-06-30 00:32 139016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-02 10:46 . 2009-02-22 00:16 -------- d-----w- c:\program files\KYE 2009-08-01 09:38 . 2009-02-21 23:15 74664 ----a-w- c:\documents and settings\partizan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-01 09:33 . 2009-02-24 12:44 -------- d-----w- c:\program files\Microsoft Silverlight 2009-07-31 22:48 . 2009-05-25 19:24 -------- d-----w- c:\program files\AGEIA Technologies 2009-07-31 22:21 . 2009-02-25 21:34 -------- d---a-w- c:\docume~1\ALLUSE~1\APPLIC~1\TEMP 2009-07-31 22:02 . 2009-06-03 21:37 -------- d-----w- c:\program files\Teamspeak2_RC2 2009-07-31 22:02 . 2009-06-23 16:46 -------- d-----w- c:\program files\Sudoku Epic 2009-07-31 15:19 . 2009-03-21 12:37 -------- d-----w- c:\documents and settings\partizan\Application Data\Hoyle 2009-07-31 15:19 . 2009-03-14 22:23 -------- d-----w- c:\documents and settings\partizan\Application Data\BitTorrent 2009-07-31 15:19 . 2009-03-14 22:23 -------- d-----w- c:\documents and settings\partizan\Application Data\DNA 2009-07-31 15:19 . 2009-04-27 14:54 -------- d-----w- c:\program files\Atomic Alarm Clock 2009-07-31 15:19 . 2009-04-03 00:22 -------- d-----w- c:\program files\AV Vcs 6.0 DIAMOND 2009-07-31 15:18 . 2009-06-20 17:11 -------- d-----w- c:\program files\Trojan Remover 2009-07-30 18:10 . 2009-05-13 19:37 -------- d-----w- c:\program files\Banner Maker Pro 6 2009-07-27 00:16 . 2009-02-21 23:47 -------- d-----w- c:\documents and settings\partizan\Application Data\Winamp 2009-07-27 00:14 . 2009-02-21 23:47 -------- d-----w- c:\program files\Winamp 2009-07-26 10:15 . 2009-04-29 22:20 -------- d-----w- c:\documents and settings\partizan\Application Data\DMCache 2009-07-24 18:05 . 2009-02-22 23:27 31 ----a-w- c:\windows\system32\mslck.dat 2009-07-24 17:40 . 2009-07-06 17:44 -------- d-----w- c:\program files\Taxi Racer London 2 2009-07-24 17:38 . 2009-06-30 19:45 -------- d-----w- c:\program files\Sallys Salon 2009-07-24 17:37 . 2009-05-10 15:42 -------- d-----w- c:\program files\DeskSpace 2009-07-21 12:16 . 2009-04-27 09:38 -------- d-----w- c:\program files\Foosball Maniac 2009-07-19 14:58 . 2009-07-05 18:52 -------- d-----w- c:\program files\Resize Pictures Plus 2009-07-19 10:58 . 2009-02-24 21:29 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-07-19 10:58 . 2009-02-24 21:29 604416 ----a-w- c:\windows\system32\TUProgSt.exe 2009-07-18 12:37 . 2009-02-27 18:10 5018 --sha-w- c:\docume~1\ALLUSE~1\APPLIC~1\KGyGaAvL.sys 2009-07-18 01:46 . 2009-07-18 01:46 8 --sh--r- c:\docume~1\ALLUSE~1\APPLIC~1\BED5DF3DDE.sys 2009-07-18 01:44 . 2009-02-27 18:10 -------- d-----w- c:\documents and settings\partizan\Application Data\Corel 2009-07-18 01:36 . 2009-02-27 18:10 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Corel 2009-07-18 01:36 . 2009-02-27 18:09 -------- d-----w- c:\program files\Corel 2009-07-17 21:38 . 2009-04-01 02:03 -------- d-----w- c:\program files\AlienGUIse 2009-07-16 14:07 . 2009-05-17 20:54 -------- d-----w- c:\program files\Lavasoft 2009-07-16 01:00 . 2009-02-21 23:39 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Microsoft Help 2009-07-07 22:50 . 2009-03-10 10:56 -------- d-----w- c:\program files\Nexus Radio 2009-07-06 14:53 . 2009-07-06 03:35 304160 ----a-w- C:\PA207.DAT 2009-07-05 16:03 . 2009-07-05 16:01 -------- d-----w- c:\program files\Saint Paint 2009-07-05 16:01 . 2009-07-05 16:01 216576 ----a-w- c:\windows\system32\SpoonUninstall.exe 2009-07-05 16:01 . 2009-07-05 16:01 1217 ----a-w- c:\windows\system32\SpoonUninstall-Saint Paint Studio.dat 2009-07-04 05:03 . 2009-07-04 05:03 -------- d-----w- c:\program files\SEGA 2009-07-03 17:09 . 2006-01-16 20:39 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-01 16:56 . 2009-07-01 16:56 -------- d-----w- c:\program files\JoWooD 2009-07-01 15:59 . 2009-07-01 15:50 -------- d-----w- c:\program files\Call Of Juarez - Bound In Blood 2009-06-30 18:53 . 2009-03-02 20:12 -------- d-----w- c:\program files\Sony Ericsson 2009-06-30 00:31 . 2009-06-30 00:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-06-29 01:30 . 2009-03-26 00:55 -------- d-----w- c:\program files\URUSoft 2009-06-29 01:29 . 2009-05-23 17:22 -------- d-----w- c:\program files\REAPER 2009-06-29 01:27 . 2009-06-24 15:32 -------- d-----w- c:\program files\Clayside 2009-06-28 19:14 . 2009-04-29 11:34 -------- d-----w- c:\program files\PhotoInstrument 2009-06-28 16:31 . 2009-06-28 16:30 -------- d-----w- c:\program files\CrystalButton2 2009-06-28 16:06 . 2009-06-28 16:06 -------- d-----w- c:\program files\3D Image Commander 2009-06-28 10:29 . 2009-02-21 23:29 -------- d-----w- c:\program files\Common Files\Adobe 2009-06-26 18:33 . 2009-06-26 18:33 -------- d-----w- c:\program files\LeeGTs Games 2009-06-25 00:09 . 2009-06-25 00:05 -------- d-----w- c:\documents and settings\partizan\Application Data\Dream Aquarium 2009-06-25 00:06 . 2009-06-25 00:04 -------- d-----w- c:\program files\Dream Aquarium 2009-06-24 23:46 . 2009-06-24 23:46 -------- d-----w- c:\program files\XP Repair Pro 4.0 2009-06-24 23:44 . 2009-03-21 20:16 -------- d-----w- c:\program files\XP Repair Pro 2007 2009-06-24 23:17 . 2009-06-24 23:16 -------- d-----w- c:\program files\Banner Maker Pro 7 2009-06-24 22:36 . 2009-06-24 22:36 -------- d-----w- c:\documents and settings\partizan\Application Data\Alawar 2009-06-24 15:34 . 2009-06-24 15:34 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\AlawarWrapper 2009-06-24 10:51 . 2009-06-01 03:59 397056 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-06-24 10:01 . 2009-05-17 17:52 -------- d-----w- c:\program files\Team JPN 2009-06-23 16:47 . 2009-06-23 16:47 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Kristanix Games 2009-06-22 16:26 . 2009-06-22 16:26 -------- d-----w- c:\program files\Codemasters 2009-06-22 15:50 . 2009-03-16 18:25 -------- d-----w- c:\documents and settings\partizan\Application Data\iWin 2009-06-20 17:11 . 2009-06-20 17:11 -------- d-----w- c:\documents and settings\partizan\Application Data\Simply Super Software 2009-06-20 17:11 . 2009-06-20 17:11 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Simply Super Software 2009-06-20 16:06 . 2009-06-20 16:06 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Sandlot Games 2009-06-17 11:08 . 2009-06-17 11:08 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-06-17 11:08 . 2009-06-17 11:08 -------- d-----r- c:\program files\Skype 2009-06-17 11:08 . 2009-06-17 11:08 -------- d-----w- c:\program files\Common Files\Skype 2009-06-17 11:08 . 2009-02-23 17:40 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\Skype 2009-06-16 14:36 . 2006-01-16 20:39 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-16 14:36 . 2006-01-16 20:39 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-10 19:11 . 2009-06-10 19:11 -------- d-----w- c:\program files\Boilsoft Video Splitter 2009-06-10 16:24 . 2009-05-26 13:41 -------- d-----w- c:\program files\Fishing Craze 2009-06-10 16:12 . 2009-06-10 13:18 -------- d-----w- c:\program files\Allok Video Splitter 2009-06-10 13:20 . 2009-06-10 13:20 -------- d-----w- c:\program files\Allok Video Joiner 2009-06-09 14:02 . 2009-06-09 14:02 -------- d-----w- c:\docume~1\ALLUSE~1\APPLIC~1\2DBoy 2009-06-08 22:43 . 2009-06-08 22:43 -------- d-----w- c:\documents and settings\partizan\Application Data\Pegasys Inc 2009-06-08 22:40 . 2009-02-23 17:53 -------- d-----w- c:\program files\IncrediMail 2009-06-08 22:31 . 2009-06-08 22:31 -------- d-----w- c:\program files\Pegasys Inc 2009-06-08 22:31 . 2009-06-08 22:33 59488 ----a-w- c:\windows\system32\GenSvcInst.exe 2009-06-08 22:31 . 2009-06-08 22:33 145504 ----a-w- c:\windows\system32\bgsvcgen.exe 2009-06-08 22:31 . 2009-06-08 22:33 13567 ----a-w- c:\windows\system32\drivers\CDRBSDRV.SYS 2009-06-08 18:13 . 2009-06-08 18:13 -------- d-----w- c:\documents and settings\partizan\Application Data\Gamelab 2009-06-05 20:30 . 2009-06-05 20:30 10 ----a-w- c:\windows\popcinfo.dat 2009-06-03 19:09 . 2006-01-16 20:39 1291264 ----a-w- c:\windows\system32\quartz.dll 2009-05-25 19:23 . 2009-03-05 03:30 418480 ----a-w- c:\windows\system32\wrap_oal.dll . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2009-08-07 02:04 . 2009-08-07 02:04 16384 c:\windows\Temp\Perflib_Perfdata_2fc.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="c:\program files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2009-04-27 1742848] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-05-26 24264488] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-02-02 251264] "DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2009-08-06 7920472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 925696] "DefragTaskBar"="c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-04-18 173408] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" "BlazeServoTool"="c:\program files\BlazeVideo\BlazeDVD\MediaDetector.exe" "Google Update"="c:\documents and settings\partizan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot "Corel File Shell Monitor"=c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe "Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\RadLight Company\\RadLight 4.0\\rlkernel.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\Valve\\hl.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"= "c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Corel\\DVD9\\WinDVD.exe"= "c:\\CryptLoad\\RouterClient.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\wLite\\wLite.exe"= "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"= "c:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"= "c:\\Program Files\\JLC's Software\\Internet TV\\Internet TV.exe"= "c:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"= "c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [16.10.2007 10:42 17824] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 15:23 106208] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 15:23 727720] R2 regi;regi;c:\windows\system32\drivers\regi.sys [17.4.2007 21:09 11032] R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [18.5.2009 22:12 2368] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [24.2.2009 23:29 604416] R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?] R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [4.5.2009 20:11 114024] R3 PAC207;Eye 110;c:\windows\system32\drivers\PFC027.SYS [5.12.2006 12:34 507136] R3 tenCapture;tenCapture;c:\windows\system32\drivers\tenCapture.sys [21.4.2007 16:15 9344] S0 Lbd;Lbd; [x] S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [2.3.2009 22:20 83208] S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [2.3.2009 22:27 15112] S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [2.3.2009 22:27 108552] S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [2.3.2009 22:27 100360] S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [2.3.2009 22:27 23176] S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [2.3.2009 22:27 98568] S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [2.3.2009 22:27 98952] S3 SysProtDrv.sys;SysProtDrv.sys;c:\documents and settings\partizan\Desktop\SysProt\SysProt\SysProtDrv.sys [5.8.2009 23:42 44288] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyOverride = .local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - [Link mogu videti samo ulogovani korisnici]* FF - ProfilePath - c:\docume~1\partizan\APPLIC~1\Mozilla\Firefox\Profiles\akgxln8y.default\ FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\documents and settings\partizan\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-08-07 04:04 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-2025429265-412668190-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):e9,f3,68,99,3f,a2,6d,69,ac,3b,e9,4c,d7,c4,a2,07,9a,62,a1,e2,d0, 8b,4a,05,43,88,83,b6,d7,17,7c,17,4b,fe,4e,1f,22,33,bc,77,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9ae95d39-2623-48f9-b9a0-03010c30fbcc}] @Denied: (Full) (Everyone) "Model"=dword:000000b8 "Therad"=dword:0000000b "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d, df,1c,2f,3b,8a,0a,32,11,89,01,b5,48,2a,48,57,bd,3d,88,fb,50,e0,56,b7,11,a1,\ [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1508-) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2836) c:\windows\system32\WININET.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll c:\program files\Windows Media Player\wmpband.dll c:\program files\Common Files\CyberLink\PowerDVD9\deskband32.dll c:\windows\system32\ieframe.dll c:\windows\system32\msi.dll c:\program files\IncrediMail\bin\B4ImApp.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe c:\windows\system32\LckFldService.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\PnkBstrA.exe c:\program files\Common Files\Protexis\License Service\PsiService_2.exe c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe c:\progra~1\SPEEDB~1\VideoAcceleratorEngine.exe c:\program files\IncrediMail\bin\ImApp.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************ . Completion time: 2009-08-07 4:10 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-07 02:10 ComboFix2.txt 2009-08-07 00:25 ComboFix4.txt 2009-08-06 11:24 ComboFix5.txt 2009-08-07 01:53 Pre-Run: 10.722.189.312 bytes free Post-Run: 10.560.909.312 bytes free 402 --- E O F --- 2009-08-01 01:00

Profil

Bogdan-Tc Poslao: 07 Avg 2009 12:53 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! E pa prijatelju ovo je izgleda kraj našeg druženja u Ambulanti. Log je čist i nema više tragova malware_a na tvom sistemu. Još samo isprati uputstvo... Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Pozdrav...

Profil

brankofr Poslao: 07 Avg 2009 13:40 Idi na vrh
offline brankofr Građanin Pridružio: 12 Mar 2009 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala ti puno,spasio si mi monitor (malo je falilo da on nastrada i odleti kroz prozor hahah)!Pozdrav i jos jednom VELIKO HVALA!!!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Nemogucnost uklanjanja virusa i crash mozile!

Ko je trenutno na forumu

Ukupno su 897 korisnika na forumu :: 40 registrovanih, 6 sakrivenih i 851 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: annon, Asteker, bankulen, Bob.Rock, ccoogg123, darkojovxp, Django777, dragoljub11987, due, ElGenius, Gauss56, Ivan Gajic, jalos, kljift, lafa008, Lazarus, lcc, LUDI, Medojed, mushroom, nuke92, oddsock, S94, sabros, sap, scimitar19, sekretar, Shinobi, Sonic, Srki94, Steeeefan, synergia, VJ, Vlad000, Vlada1389, vladanan, vukajlo71, zlaya011, Zmaj Tolak, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by