Možda tražite i:
mbam i sas nasli viruse dali su to stvarno virusi?
virus,virusi ili....
virusi

MyCity » Ambulanta -> Arhiva Ambulante » Virusi...

Virusi...

Napisano na dan: 29.12.2009

Strana:
1
2

Virusi...

Sledeća strana

Pagination

Odgovori

Strana:
1
2

slavko11 Poslao: 29 Dec 2009 15:13 Idi na vrh
offline slavko11 Građanin Pridružio: 27 Mar 2009 Poruke: 202 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam gomilu virusa ili barem ja tako mislim.Prvo na sta sumnjam je kada upalim racunar pojavi mi se neka konekcija da se konektujem na net,a nema je u procesima.Pokrenuto mi je gomila procesa za koje nikad cuo. evo vam slika pa pogledajte da li je sve u redu sa procesima

Profil

helen1 Poslao: 29 Dec 2009 15:27 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

slavko11 Poslao: 29 Dec 2009 15:45 Idi na vrh
offline slavko11 Građanin Pridružio: 27 Mar 2009 Poruke: 202 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Moj sistem je 32bit DDS (Ver_09-12-01.01) - NTFSx86 Run by slavko at 15:30:00,53 on uto 29.12.2009 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.2047.1170 [GMT 1:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\msb.exe C:\Windows\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\ctfmon.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\DllHost.exe C:\Program Files\Opera\opera.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Users\slavko\Desktop\dds.scr C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.rs/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [NWEReboot] mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab TCP: {C8A8FF30-B230-498E-94BD-0458174F0551} = 93.186.64.12 93.186.65.12 Hosts: 91.121.221.171 GhepiraEa:.org Hosts: 91.121.221.171 GhepiraEa:.org Hosts: 91.121.221.171 GhepiraEa:.org ================= FIREFOX =================== FF - ProfilePath - c:\users\slavko\appdata\roaming\mozilla\firefox\profiles\3gbqj5fb.default\ FF - prefs.js: browser.startup.homepage - www.google.com FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\np32asw.dll FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll ============= SERVICES / DRIVERS =============== R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128] R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-2-6 727720] R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-2-6 38240] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-11-5 230912] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2009-12-29 16456] S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2009-12-29 11088] =============== Created Last 30 ================ 2009-12-29 13:49:45 0 d-----w- c:\users\slavko\appdata\roaming\ESET 2009-12-29 13:45:04 0 d-----w- c:\windows\pss 2009-12-29 13:43:18 0 d-----w- c:\program files\ESET 2009-12-29 13:41:08 182784 ----a-w- c:\windows\msb.exe 2009-12-29 12:38:15 182784 ----a-w- c:\windows\msa.exe 2009-12-29 12:38:00 229888 ----a-w- c:\windows\system32\sshnas.dll 2009-12-29 12:11:22 0 d-----w- c:\programdata\ESET 2009-12-29 10:24:45 850 ----a-w- c:\windows\pwcmdlist.bak 2009-12-29 10:09:42 461368 ----a-w- c:\windows\system32\pwNative.exe 2009-12-29 10:09:42 16456 ----a-w- c:\windows\system32\pwdrvio.sys 2009-12-29 10:09:34 11088 ----a-w- c:\windows\system32\pwdspio.sys 2009-12-29 10:09:29 0 d-----w- c:\program files\Partition Wizard Home Edition 4.2.2 2009-12-29 09:07:30 0 ---ha-w- c:\windows\SwSys2.bmp 2009-12-29 09:07:30 0 ---ha-w- c:\windows\SwSys1.bmp 2009-12-29 09:05:43 0 d-----w- c:\program files\Game_Maker8 2009-12-29 06:40:25 0 d-----w- c:\program files\MSECache 2009-12-26 07:30:31 0 d-----w- c:\windows\OPTIONS 2009-12-26 07:30:31 0 d-----w- c:\program files\Realtek 2009-12-25 19:28:43 0 d-----w- c:\users\slavko\appdata\roaming\AIMP 2009-12-25 19:28:25 0 d-----w- c:\program files\AIMP2 2009-12-24 20:56:40 65536 ------w- c:\windows\system32\Ikeext.etl 2009-12-23 19:36:44 0 d-----w- c:\programdata\Kaspersky Lab 2009-12-23 19:11:06 0 d-----w- c:\programdata\Kaspersky Lab Setup Files 2009-12-23 18:29:11 0 d-----w- c:\windows\system32\appmgmt 2009-12-22 11:01:53 69 ----a-w- c:\windows\NeroDigital.ini 2009-12-22 09:25:33 257024 ----a-w- c:\windows\system32\msv1_0.dll 2009-12-22 09:23:39 0 d-----w- c:\windows\sr-Latn-CS 2009-12-22 09:23:34 0 d-----w- c:\windows\system32\drivers\sr-Latn-CS 2009-12-22 09:23:33 0 d-----w- c:\windows\system32\wbem\sr-Latn-CS 2009-12-22 09:20:26 2048 ----a-w- c:\windows\system32\tzres.dll 2009-12-22 09:12:08 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-12-22 09:12:08 71168 ----a-w- c:\windows\system32\fontsub.dll 2009-12-22 09:12:08 507568 ----a-w- c:\windows\system32\winload.exe 2009-12-22 09:12:08 442920 ----a-w- c:\windows\system32\winresume.exe 2009-12-22 09:12:08 293888 ----a-w- c:\windows\system32\atmfd.dll 2009-12-22 09:12:08 2613248 ----a-w- c:\windows\explorer.exe 2009-12-22 09:12:08 1320960 ----a-w- c:\windows\system32\CertEnroll.dll 2009-12-22 09:12:08 108544 ----a-w- c:\windows\system32\t2embed.dll 2009-12-22 09:12:07 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2009-12-22 09:11:07 34816 ----a-w- c:\windows\system32\msasn1.dll 2009-12-22 07:52:54 0 d-----w- c:\windows\sr-Cyrl-CS 2009-12-22 07:52:50 0 d-----w- c:\windows\system32\sr-Cyrl-CS 2009-12-22 07:52:49 0 d-----w- c:\windows\system32\wbem\sr-Cyrl-CS 2009-12-22 06:13:31 0 d-----w- c:\program files\PowerISO 2009-12-22 06:01:30 0 d-----w- c:\users\slavko\appdata\roaming\DAEMON Tools Lite 2009-12-22 06:01:28 0 d-----w- c:\programdata\DAEMON Tools Lite 2009-12-22 05:49:22 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-22 04:51:41 67704 ----a-w- c:\windows\War3Unin.dat 2009-12-22 04:51:41 2829 ----a-w- c:\windows\War3Unin.pif 2009-12-22 04:51:40 139264 ----a-w- c:\windows\War3Unin.exe 2009-12-22 03:46:08 0 d-----w- C:\NRadioBoxData 2009-12-22 03:45:54 0 d-----w- c:\program files\NRadioBox 1.2 2009-12-22 02:38:24 0 d-----w- c:\windows\system32\IOSUBSYS 2009-12-22 02:38:23 0 d-----w- c:\program files\Nero 2009-12-22 02:18:56 0 d-----w- c:\program files\Webteh 2009-12-22 01:33:24 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-22 01:08:59 0 d-----w- c:\programdata\CyberLink 2009-12-22 01:06:38 0 d-----w- c:\program files\WinRAR 3.51 2009-12-22 01:05:51 0 d-----w- c:\windows\system32\directx 2009-12-22 01:04:47 0 d-----w- c:\program files\K-Lite Codec Pack 2009-12-22 01:01:24 0 d-----w- c:\programdata\Adobe 2009-12-22 00:58:31 0 d-----w- c:\program files\FormatFactory 2009-12-21 23:46:00 0 ----a-w- c:\windows\ativpsrm.bin 2009-12-21 23:43:16 0 d-----w- c:\windows\Panther 2009-12-21 23:43:04 8192 --sha-r- C:\BOOTSECT.BAK 2009-12-21 23:43:02 383562 --sha-r- C:\bootmgr 2009-12-21 23:43:01 0 d-sh--w- C:\Boot 2009-12-21 16:13:54 0 d-----w- c:\users\slavko\appdata\roaming\ACD Systems 2009-12-21 16:13:06 0 d-----w- c:\programdata\ACD Systems 2009-12-21 16:13:02 0 d-----w- c:\program files\common files\ACD Systems 2009-12-21 16:13:02 0 d-----w- c:\program files\ACD Systems 2009-12-21 16:03:56 0 d-----w- c:\windows\PCHEALTH 2009-12-21 16:02:47 0 d-----w- c:\program files\Microsoft Visual Studio 8 2009-12-21 16:02:20 0 d-----w- c:\programdata\Microsoft Help 2009-12-21 15:47:44 0 d-----w- c:\program files\common files\PX Storage Engine 2009-12-21 15:46:13 0 d-----w- c:\program files\uTorrent 2009-12-21 15:45:35 0 d-----w- c:\users\slavko\appdata\roaming\uTorrent 2009-12-21 15:42:57 0 d-----w- c:\program files\totalcmd 2009-12-21 15:40:14 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-12-21 15:37:46 0 d-sh--w- c:\windows\Installer 2009-12-21 15:22:24 713888 ----a-w- c:\windows\system32\PerfStringBackup.INI 2009-12-21 15:22:03 0 d-----w- c:\windows\system32\wbem\Performance 2009-12-21 15:17:59 524288 --sha-w- c:\users\slavko\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms 2009-12-21 15:16:40 171136 --sha-r- C:\grldr 2009-12-21 15:15:52 0 d-sh--w- C:\Recovery ==================== Find3M ==================== 2009-12-11 18:00:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-11-09 03:21:18 59388 ----a-w- c:\windows\system32\drivers\scdemu.sys 2009-11-05 13:14:56 230912 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-05-19 19:47:40 232030 ----a-w- c:\program files\All_CPU_Meter.gadget 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 15:30:14,53 =============== https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

helen1 Poslao: 29 Dec 2009 21:07 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

slavko11 Poslao: 29 Dec 2009 21:23 Idi na vrh
offline slavko11 Građanin Pridružio: 27 Mar 2009 Poruke: 202 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-12-29.03 - slavko 29.12.2009 21:12:26.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.2047.1432 [GMT 1:00] Running from: c:\users\slavko\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\msa.exe c:\windows\system32\sshnas.dll c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job . ((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-29 ))))))))))))))))))))))))))))))) . 2009-12-29 20:11 . 2009-12-29 20:11 -------- d-----w- C:\32788R22FWJFW 2009-12-29 19:04 . 2009-12-29 19:06 -------- d-----w- c:\program files\Game_Maker7 2009-12-29 13:43 . 2009-12-29 13:43 -------- d-----w- c:\program files\ESET 2009-12-29 12:38 . 2009-12-29 19:04 -------- d-----w- c:\users\slavko\AppData\Local\ESET 2009-12-29 10:09 . 2009-12-21 19:39 461368 ----a-w- c:\windows\system32\pwNative.exe 2009-12-29 10:09 . 2009-12-21 19:39 16456 ----a-w- c:\windows\system32\pwdrvio.sys 2009-12-29 10:09 . 2009-12-21 19:39 11088 ----a-w- c:\windows\system32\pwdspio.sys 2009-12-29 10:09 . 2009-12-29 10:09 -------- d-----w- c:\program files\Partition Wizard Home Edition 4.2.2 2009-12-29 09:05 . 2009-12-29 09:19 -------- d-----w- c:\program files\Game_Maker8 2009-12-29 07:42 . 2009-12-29 07:42 -------- d-----w- c:\program files\Microsoft Silverlight 2009-12-29 07:00 . 2009-12-29 07:00 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2009-12-29 06:40 . 2009-12-29 06:40 -------- d-----w- c:\program files\MSECache 2009-12-26 21:25 . 2009-12-29 10:30 -------- d-----w- c:\users\slavko\AppData\Local\Google 2009-12-26 07:30 . 2009-12-26 07:30 -------- d-----w- c:\windows\OPTIONS 2009-12-26 07:30 . 2009-12-26 07:30 -------- d-----w- c:\program files\Realtek 2009-12-26 07:30 . 2009-12-26 07:30 -------- d-----w- c:\users\slavko\AppData\Roaming\InstallShield 2009-12-26 00:17 . 2009-12-26 00:17 -------- d-----w- c:\users\slavko\AppData\Local\Mozilla 2009-12-26 00:15 . 2009-05-01 15:17 77824 ----a-w- c:\users\slavko\AppData\Roaming\Mozilla\Firefox\Profiles\3gbqj5fb.default\extensions\lazarus@interclue.com\platform\WINNT_x86-msvc\components\WeaveCrypto.dll 2009-12-26 00:05 . 2009-12-27 17:37 -------- d-----w- c:\users\slavko\AppData\Roaming\Winamp 2009-12-25 19:28 . 2009-12-27 18:28 -------- d-----w- c:\users\slavko\AppData\Roaming\AIMP 2009-12-25 19:28 . 2009-12-29 10:45 -------- d-----w- c:\program files\AIMP2 2009-12-25 09:53 . 2009-12-25 09:53 -------- d-----w- c:\users\slavko\AppData\Local\Adobe 2009-12-23 19:36 . 2009-12-29 12:03 -------- d-----w- c:\programdata\Kaspersky Lab 2009-12-23 19:11 . 2009-12-29 12:03 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files 2009-12-22 17:27 . 2009-12-22 17:27 -------- d-----w- c:\users\slavko\AppData\Local\Microsoft_Corporation 2009-12-22 09:25 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll 2009-12-22 09:23 . 2009-12-22 09:23 -------- d-----w- c:\windows\sr-Latn-CS 2009-12-22 09:23 . 2009-12-22 09:23 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS 2009-12-22 09:23 . 2009-12-22 09:23 -------- d-----w- c:\windows\system32\wbem\sr-Latn-CS 2009-12-22 09:20 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll 2009-12-22 09:12 . 2009-10-02 04:06 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-12-22 09:12 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll 2009-12-22 09:12 . 2009-08-19 07:20 442920 ----a-w- c:\windows\system32\winresume.exe 2009-12-22 09:12 . 2009-08-19 07:20 507568 ----a-w- c:\windows\system32\winload.exe 2009-12-22 09:12 . 2009-08-03 05:35 2613248 ----a-w- c:\windows\explorer.exe 2009-12-22 09:12 . 2009-07-30 16:29 108544 ----a-w- c:\windows\system32\t2embed.dll 2009-12-22 09:12 . 2009-07-30 16:27 71168 ----a-w- c:\windows\system32\fontsub.dll 2009-12-22 09:12 . 2009-07-30 04:44 293888 ----a-w- c:\windows\system32\atmfd.dll 2009-12-22 09:12 . 2009-08-29 06:54 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2009-12-22 09:11 . 2009-08-29 06:57 34816 ----a-w- c:\windows\system32\msasn1.dll 2009-12-22 07:59 . 2009-12-29 19:40 -------- d-----w- c:\users\slavko\AppData\Local\ElevatedDiagnostics 2009-12-22 07:52 . 2009-12-22 07:52 -------- d-----w- c:\windows\sr-Cyrl-CS 2009-12-22 07:52 . 2009-12-22 07:52 -------- d-----w- c:\windows\system32\sr-Cyrl-CS 2009-12-22 07:52 . 2009-12-22 07:52 -------- d-----w- c:\windows\system32\wbem\sr-Cyrl-CS 2009-12-22 06:13 . 2009-12-22 06:13 -------- d-----w- c:\program files\PowerISO 2009-12-22 06:01 . 2009-12-22 06:01 -------- d-----w- c:\users\slavko\AppData\Roaming\DAEMON Tools Lite 2009-12-22 06:01 . 2009-12-22 06:01 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-12-22 05:49 . 2009-12-22 06:09 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-22 05:49 . 2009-12-22 05:49 -------- d-----w- c:\users\slavko\AppData\Roaming\DAEMON Tools 2009-12-22 04:51 . 2009-12-22 04:59 67704 ----a-w- c:\windows\War3Unin.dat 2009-12-22 04:51 . 2009-12-22 04:57 2829 ----a-w- c:\windows\War3Unin.pif 2009-12-22 04:51 . 2009-12-22 04:57 139264 ----a-w- c:\windows\War3Unin.exe 2009-12-22 04:05 . 2009-12-22 04:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2009-12-22 03:46 . 2009-12-22 03:46 -------- d-----w- C:\NRadioBoxData 2009-12-22 03:45 . 2009-12-22 03:45 -------- d-----w- c:\program files\NRadioBox 1.2 2009-12-22 02:40 . 2009-12-22 02:41 -------- d-----w- c:\users\slavko\AppData\Local\Ahead 2009-12-22 02:40 . 2009-12-22 02:40 -------- d-----w- c:\users\slavko\AppData\Roaming\Ahead 2009-12-22 02:38 . 2009-12-22 02:39 -------- d-----w- c:\windows\system32\IOSUBSYS 2009-12-22 02:38 . 2009-12-22 02:38 -------- d-----w- c:\program files\Common Files\Ahead 2009-12-22 02:38 . 2009-12-22 02:38 -------- d-----w- c:\program files\Nero 2009-12-22 02:18 . 2009-12-22 02:18 -------- d-----w- c:\program files\Webteh 2009-12-22 01:33 . 2009-12-22 01:33 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-22 01:08 . 2009-12-22 01:08 -------- d-----w- c:\programdata\CyberLink 2009-12-22 01:08 . 2009-12-26 07:30 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-22 01:08 . 2009-12-22 01:08 -------- d-----w- c:\program files\CyberLink 2009-12-22 01:08 . 2009-12-22 01:08 -------- d-----w- c:\program files\Common Files\InstallShield 2009-12-22 01:06 . 2009-12-22 01:06 -------- d-----w- c:\program files\WinRAR 3.51 2009-12-22 01:03 . 2009-12-22 01:03 -------- d-----w- c:\program files\Common Files\Adobe AIR 2009-12-22 01:01 . 2009-12-25 10:29 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-22 00:58 . 2009-12-22 00:58 -------- d-----w- c:\program files\FormatFactory 2009-12-21 23:46 . 2009-12-21 23:46 0 ----a-w- c:\windows\ativpsrm.bin 2009-12-21 23:43 . 2009-12-21 15:16 -------- d-----w- c:\windows\Panther 2009-12-21 23:43 . 2009-12-21 23:43 -------- d-----w- C:\Boot 2009-12-21 16:13 . 2009-12-29 06:05 -------- d-----w- c:\users\slavko\AppData\Local\ACD Systems 2009-12-21 16:13 . 2009-12-21 16:13 -------- d-----w- c:\users\slavko\AppData\Roaming\ACD Systems 2009-12-21 16:13 . 2009-12-21 16:13 -------- d-----w- c:\programdata\ACD Systems 2009-12-21 16:13 . 2009-12-21 16:13 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-12-21 16:13 . 2009-12-21 16:13 -------- d-----w- c:\program files\ACD Systems 2009-12-21 16:06 . 2009-12-21 16:06 -------- d-----w- c:\users\slavko\AppData\Local\Downloaded Installations 2009-12-21 16:04 . 2009-12-29 08:38 -------- d-----w- c:\program files\Microsoft Works 2009-12-21 16:03 . 2009-12-21 16:03 -------- d-----w- c:\windows\PCHEALTH 2009-12-21 16:03 . 2009-12-21 16:03 -------- d-----w- c:\program files\Microsoft.NET 2009-12-21 16:02 . 2009-12-21 16:02 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2009-12-21 16:02 . 2009-12-21 16:02 -------- d-----w- c:\users\slavko\AppData\Local\Microsoft Help 2009-12-21 16:02 . 2009-12-29 08:38 -------- d-----w- c:\programdata\Microsoft Help 2009-12-21 16:01 . 2009-12-21 16:01 -------- d-----r- C:\MSOCache 2009-12-21 15:54 . 2009-12-22 01:33 -------- d-----w- c:\program files\Java 2009-12-21 15:54 . 2009-12-21 15:54 -------- d-----w- c:\program files\Common Files\Java 2009-12-21 15:47 . 2009-12-21 15:47 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-12-21 15:47 . 2009-12-26 00:05 -------- d-----w- c:\program files\Winamp 2009-12-21 15:46 . 2009-12-21 15:46 -------- d-----w- c:\program files\uTorrent 2009-12-21 15:45 . 2009-12-29 20:09 -------- d-----w- c:\users\slavko\AppData\Roaming\uTorrent 2009-12-21 15:45 . 2009-12-21 15:45 -------- d-----w- c:\windows\system32\Macromed 2009-12-21 15:42 . 2009-12-21 15:42 -------- d-----w- c:\program files\totalcmd 2009-12-21 15:40 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-12-21 15:38 . 2009-12-21 15:38 -------- d-----w- c:\users\slavko\AppData\Local\Opera 2009-12-21 15:38 . 2009-12-26 00:34 -------- d-----w- c:\program files\Opera 2009-12-21 15:37 . 2009-12-29 13:47 -------- d-sh--w- c:\windows\Installer 2009-12-21 15:22 . 2009-12-29 19:57 -------- d-----w- c:\windows\system32\wbem\Performance 2009-12-21 15:19 . 2009-12-22 04:44 -------- d-----w- c:\users\slavko\AppData\Local\Microsoft Games 2009-12-21 15:19 . 2009-12-21 21:36 108824 ----a-w- c:\users\slavko\AppData\Local\GDIPFONTCACHEV1.DAT 2009-12-21 15:15 . 2009-12-21 15:15 -------- d-----w- C:\Recovery . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-22 09:23 . 2009-07-14 07:50 -------- d-----w- c:\program files\Windows Journal 2009-12-22 09:23 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Sidebar 2009-12-22 09:23 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Photo Viewer 2009-12-22 09:23 . 2009-07-14 04:52 -------- d-----w- c:\program files\DVD Maker 2009-12-22 09:23 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail 2009-12-22 09:23 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Defender 2009-12-22 01:05 . 2009-12-22 01:04 -------- d-----w- c:\program files\K-Lite Codec Pack 2009-12-21 16:04 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild 2009-12-11 18:00 . 2009-12-22 01:04 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-11-09 03:21 . 2009-11-09 03:21 59388 ----a-w- c:\windows\system32\drivers\scdemu.sys 2009-11-05 13:14 . 2009-11-05 13:14 230912 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2009-05-19 19:47 . 2009-12-22 17:15 232030 ----a-w- c:\program files\All_CPU_Meter.gadget 2009-04-29 05:29 . 2009-12-26 00:15 202168 ----a-w- c:\program files\mozilla firefox\plugins\SwDir.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-29 289584] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-22 149280] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RK Launcher.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\RK Launcher.lnk backup=c:\windows\pss\RK Launcher.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^slavko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^9956126.lnk] path=c:\users\slavko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9956126.lnk backup=c:\windows\pss\9956126.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector] DevDetect.exe -autorun [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2005-09-03 14:18 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 10:50 155648 ----a-w- c:\windows\System32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6.2.2009 14:23 106208] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [18.8.2009 2:36 176128] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 14:23 727720] R2 epfwwfp;epfwwfp;c:\windows\System32\drivers\epfwwfp.sys [6.2.2009 14:24 38240] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\System32\drivers\Rt86win7.sys [5.11.2009 14:14 230912] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [22.12.2009 6:49 717296] S3 pwdrvio;pwdrvio;c:\windows\System32\pwdrvio.sys [29.12.2009 11:09 16456] S3 pwdspio;pwdspio;c:\windows\System32\pwdspio.sys [29.12.2009 11:09 11088] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.rs/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {C8A8FF30-B230-498E-94BD-0458174F0551} = 93.186.64.12 93.186.65.12 FF - ProfilePath - c:\users\slavko\AppData\Roaming\Mozilla\Firefox\Profiles\3gbqj5fb.default\ FF - prefs.js: browser.startup.homepage - www.google.com FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np32asw.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll . - - - - ORPHANS REMOVED - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-NWEReboot - (no file) MSConfigStartUp-InCD - c:\program files\Nero\Nero 7\InCD\InCD.exe MSConfigStartUp-LosAlamos - c:\windows\system32\sshnas.dll MSConfigStartUp-PUT2VIDQLG - c:\users\slavko\AppData\Local\Temp\c.exe . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.032" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.abr" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ani" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.arw" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.bay" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.bmp" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.bw" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.cr2" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.crw" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.cs1" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.cur" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dcr" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dcx" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dib" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.djv" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.djvu" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.dng" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.emf" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.eps" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.erf" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.fff" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.fpx" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.gif" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.hdr" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.icl" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.icn" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (S-1-5-21-4015746478-2644547727-3848709624-1000) @Denied: (2) (LocalSystem) "Progid"="Winamp.File.iff" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ilbm" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.int" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.inta" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.iw4" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.j2c" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.j2k" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jbr" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jfif" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jif" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jp2" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpc" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpe" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpeg" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpg" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpk" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.jpx" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.kdc" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.lbm" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.mef" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.mos" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.mrw" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.nef" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.orf" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pbm" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pbr" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pcd" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pct" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pcx" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pef" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pgm" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pic" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pict" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pix" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.png" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ppm" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.psd" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.psp" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pspbrush" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.pspimage" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.raf" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ras" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (S-1-5-21-4015746478-2644547727-3848709624-1000) @Denied: (2) (LocalSystem) "Progid"="Winamp.File.raw" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rgb" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rgba" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rle" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.rsb" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.sgi" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.sr2" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.srf" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.tga" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.thm" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.tif" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.tiff" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ttc" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.ttf" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25po\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.v25po" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25pp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.v25pp" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25ppf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.v25ppf" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.wbm" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.wbmp" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.wmf" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.xbm" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.xif" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.xmp" [HKEY_USERS\S-1-5-21-4015746478-2644547727-3848709624-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Pro 2.5.xpm" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2009-12-29 21:18:28 ComboFix-quarantined-files.txt 2009-12-29 20:18 Pre-Run: 10.327.093.248 bytes free Post-Run: 11.938.009.088 bytes free - - End Of File - - 20FE71103CA22ED7B857F2A620D8FD70

Profil

helen1 Poslao: 30 Dec 2009 19:58 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Cisto. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

slavko11 Poslao: 30 Dec 2009 20:05 Idi na vrh
offline slavko11 Građanin Pridružio: 27 Mar 2009 Poruke: 202 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izbaci mi sledeci tekst kada pokusam da uninstalujem program.

Profil

helen1 Poslao: 30 Dec 2009 20:07 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nadam se da si dobro ukucao slova u prozor?

Profil

slavko11 Poslao: 30 Dec 2009 20:12 Idi na vrh
offline slavko11 Građanin Pridružio: 27 Mar 2009 Poruke: 202 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo pa se sam uveri posle usledi ekran iz prethodne poruke...

Profil

helen1 Poslao: 30 Dec 2009 22:19 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Obriši sve korišćene programe i sledeće foldere: C:\qoobox C:\ComboFix Isključi i zatim ponovo uključi System Restore: 1. Click Start 2. Right click Computer > Properties > Choose Advanced System Settings option in left menu listing. 3. Click System Protection tab 4. Then highlight the drive you wish to turn off System Restore and click Configure 5. Then choose Turn off system protection 6. Click Apply > OK To re-enable follow steps 1 - 4 and then choose Restore system settings and previous versions of files > Apply and OK Slikoviti prikaz: http://forums.majorgeeks.com/showthread.php?t=31668

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Virusi...

Ko je trenutno na forumu

Ukupno su 925 korisnika na forumu :: 12 registrovanih, 2 sakrivenih i 911 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: coaaco, draganl, Hans Gajger, havoc995, koom0001, kybonacci, MiroslavD, moldway, Panter, Srky Boy, VJ, Žrnov

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by