Koči mi računar

1

Koči mi računar

offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 445
  • Gde živiš: Landau and der Pfalz

Poštovani !

Već duže vreme mi nešta koči računar,teško otvara ili pokreće skajp,teško otvara pretraživače google chrom,mocilu,operu itd.hteo sam da instaliram aviru antivirus ali mi sistem ne prihvata niti avast neznam šta se sa sistemom dešava,rušio sam ga u augustu mesecu i podigao,radio je jedno izvesno vreme normalno,juce sam osvezavao drajvere ali neprimecujem poboljsanje,skenirao sam ga sa antivirusom ali nito ne pomaze,koristio sam tune up 2012,cc cleaner,perfekt disk 10,anti malver,hitman pro,o$o Defrag.
Koristim ADSL internet flat 4096/384 standard
Ako vam je potrbno jos dodatnih informacija ja cu postaviti.

Unapred Vam hvala na pomoći !



DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.2.0
Run by Administrator at 17:40:15 on 2012-01-08
Microsoft Windows XP Professional 5.1.2600.3.1251.381.1033.18.1023.55 [GMT 1:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\VMSnap3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\My Documents\Ïðè¼åìè\dds.scr
C:\WINDOWS\system32\msfeedssync.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.bearshare.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = about:blank
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.2.0.10\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.2.0.10\ips\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.2.0.10\coIEPlg.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [VMSnap3] c:\windows\VMSnap3.exe
mRun: [OODefragTray] c:\program files\oo software\defrag\oodtray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\logite~1.lnk - c:\program files\common files\logishrd\ereg\setpoint\eReg.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1317104157750
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
TCP: Interfaces\{3318030E-D9FE-4743-86EB-1FC99D49B8CB} : NameServer = 194.247.192.33,194.247.192.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
AppInit_DLLs:
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\5bzqvh71.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&q=
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\5bzqvh71.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\components\WinampPlayer.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\administrator\application data\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1302000.00a\symds.sys [2012-1-7 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1302000.00a\symefa.sys [2012-1-7 897656]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20111221.003\BHDrvx86.sys [2011-12-21 819320]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1302000.00a\ccsetx86.sys [2012-1-7 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1302000.00a\ironx86.sys [2012-1-7 149624]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\firebird\firebird_2_5\bin\fbguard.exe [2011-12-27 98304]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2012-1-7 12184]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.2.0.10\ccsvchst.exe [2012-1-7 138760]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\oo software\defrag\oodag.exe [2011-11-17 2489680]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2012-1-8 23456]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-1-7 106104]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\firebird\firebird_2_5\bin\fbserver.exe [2011-12-27 3735552]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120106.002\IDSXpx86.sys [2012-1-6 356280]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120107.009\NAVENG.SYS [2012-1-8 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120107.009\NAVEX15.SYS [2012-1-8 1576312]
R3 vvftav303;vvftav303;c:\windows\system32\drivers\vvftav303.sys [2011-8-28 480128]
R3 ZSMC0303;A4 TECH PC Camera H;c:\windows\system32\drivers\usbVM303.sys [2011-8-28 1472768]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-1-2 38224]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-29 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-8-28 1691480]
S3 DualCoreCenter;DualCoreCenter;c:\program files\msi\dualcorecenter\NTGLM7X.sys [2011-8-28 36152]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-29 136176]
S3 RushTopDevice2;RushTopDevice2;c:\program files\msi\dualcorecenter\RushTop.sys [2011-8-28 55296]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\program files\tuneup utilities 2012\tuneuputilitiesdriver32.sys --> c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [?]
.
=============== Created Last 30 ================
.
2012-01-08 16:20:04 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-01-08 16:20:04 -------- d-----w- c:\documents and settings\administrator\local settings\application data\eSupport.com
2012-01-08 08:57:55 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Sun
2012-01-07 23:12:22 221184 ----a-w- c:\windows\system32\wmpns.dll
2012-01-07 23:03:52 -------- d-----w- c:\windows\ie8updates
2012-01-07 17:21:29 897656 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symefa.sys
2012-01-07 17:21:29 566904 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\srtsp.sys
2012-01-07 17:21:29 387192 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symtdi.sys
2012-01-07 17:21:29 344184 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symtdiv.sys
2012-01-07 17:21:29 340088 ----a-r- c:\windows\system32\drivers\nis\1302000.00a\symds.sys
2012-01-07 17:21:29 31864 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\srtspx.sys
2012-01-07 17:21:29 314488 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symnets.sys
2012-01-07 17:21:28 149624 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\ironx86.sys
2012-01-07 17:21:28 132744 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\ccsetx86.sys
2012-01-07 17:21:16 -------- d-----w- c:\windows\system32\drivers\nis\1302000.00A
2012-01-07 17:14:22 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-01-07 17:14:22 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-07 17:14:22 -------- d-----w- c:\program files\Symantec
2012-01-07 17:14:22 -------- d-----w- c:\program files\common files\Symantec Shared
2012-01-07 17:13:40 -------- d-----w- c:\windows\system32\drivers\NIS
2012-01-07 17:13:38 -------- d-----w- c:\program files\Norton Internet Security
2012-01-07 17:13:37 -------- d-----w- c:\documents and settings\all users\application data\Norton
2012-01-07 17:12:25 -------- d-----w- c:\program files\NortonInstaller
2012-01-07 17:12:25 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2012-01-07 17:06:11 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2012-01-07 17:05:39 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2012-01-07 17:05:29 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2012-01-07 17:04:20 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-01-07 17:02:54 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2012-01-07 17:02:34 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2012-01-07 17:02:02 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2012-01-07 17:02:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2012-01-07 17:01:30 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2012-01-07 17:01:29 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2012-01-07 17:01:29 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2012-01-07 17:01:29 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2012-01-07 17:01:29 110592 -c----w- c:\windows\system32\dllcache\services.exe
2012-01-07 17:01:28 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2012-01-07 17:01:27 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2012-01-07 17:00:12 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2012-01-07 16:59:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-01-07 16:58:01 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-01-07 16:57:41 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2012-01-07 16:57:21 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2012-01-07 16:49:26 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2012-01-07 16:49:10 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2012-01-07 16:43:43 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2012-01-07 16:43:09 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2012-01-07 16:42:48 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2012-01-07 16:42:30 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2012-01-07 16:42:30 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2012-01-07 16:42:29 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2012-01-07 16:42:28 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2012-01-07 16:42:28 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2012-01-07 16:42:27 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll
2012-01-07 16:42:21 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2012-01-07 16:41:08 53248 ----a-r- c:\documents and settings\administrator\application data\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
2012-01-07 16:40:26 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-01-07 16:40:19 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-01-07 16:39:41 12184 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2012-01-07 16:38:17 -------- d-----w- c:\documents and settings\administrator\application data\Logishrd
2012-01-07 16:36:41 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2012-01-07 16:36:02 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2012-01-07 16:35:13 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2012-01-07 16:34:38 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2012-01-07 16:34:28 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-01-07 16:33:57 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2012-01-07 16:33:56 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2012-01-07 16:33:56 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2012-01-07 15:58:14 -------- d-----w- c:\documents and settings\administrator\application data\Easeware
2012-01-07 15:58:10 -------- d-----w- c:\program files\Easeware
2012-01-07 15:45:23 -------- d-----w- c:\program files\FinalWire
2012-01-07 15:08:08 -------- d-----w- c:\windows\system32\oodag
2012-01-07 15:07:30 -------- d-----w- c:\documents and settings\administrator\local settings\application data\O&O
2012-01-07 15:07:22 -------- d-----w- c:\program files\OO Software
2012-01-07 15:06:02 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Downloaded Installations
2012-01-07 14:50:49 -------- d-----w- c:\windows\pss
2012-01-04 04:18:18 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-04 04:18:17 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-01-04 04:18:17 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2012-01-04 04:18:17 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-03 14:11:58 -------- dc-h--w- c:\documents and settings\all users\application data\{0B944FF9-D61F-4D53-99D1-CBD889A971D0}
2012-01-03 14:09:19 -------- d-----w- c:\documents and settings\administrator\local settings\application data\BearShare
2012-01-03 14:08:40 -------- d-----w- c:\documents and settings\administrator\local settings\application data\PackageAware
2012-01-02 18:53:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-02 18:53:29 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-02 18:53:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-27 08:55:36 -------- d-----w- c:\program files\Firebird
2011-12-26 13:34:37 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-12-26 13:34:37 -------- d-----w- c:\windows\system32\wbem\Repository
2011-12-24 16:59:54 -------- d-sh--w- c:\documents and settings\administrator\local settings\application data\5b227151
2011-12-19 05:37:12 -------- d-----w- c:\program files\Maxthon3
2011-12-16 08:52:51 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-16 08:52:30 -------- d-----w- c:\program files\TuneUp Utilities 2012
2011-12-14 12:54:37 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Flock
2011-12-14 07:14:36 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
.
==================== Find3M ====================
.
2012-01-08 15:21:36 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2012-01-07 17:04:09 567184 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-07 17:04:09 141312 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-24 16:24:24 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 17:18:18 1630544 ----a-w- c:\windows\system32\ooscrsav.scr
2011-11-17 17:17:12 277328 ----a-w- c:\windows\system32\oodbs.exe
2011-11-17 17:15:58 536400 ----a-w- c:\windows\system32\oodssrs.dll
2011-11-17 17:15:38 10064 ----a-w- c:\windows\system32\oodbsrs.dll
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll
.
============= FINISH: 17:46:16.51 ===============
https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Pozdrav njuskalo75




Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 445
  • Gde živiš: Landau and der Pfalz

Evo skenirano

ComboFix 12-01-09.07 - Administrator 10-Jan-12 7:09.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1251.381.1033.18.1023.688 [GMT 1:00]
Running from: d:\my documents\¤­Ó-òÂÓ\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB54668$
c:\windows\$NtUninstallKB54668$\121727690
c:\windows\$NtUninstallKB54668$\1528983889\@
c:\windows\$NtUninstallKB54668$\1528983889\L\xwnaetpi
c:\windows\$NtUninstallKB54668$\1528983889\loader.tlb
c:\windows\$NtUninstallKB54668$\1528983889\U\@00000001
c:\windows\$NtUninstallKB54668$\1528983889\U\@000000c0
c:\windows\$NtUninstallKB54668$\1528983889\U\@000000cb
c:\windows\$NtUninstallKB54668$\1528983889\U\@000000cf
c:\windows\$NtUninstallKB54668$\1528983889\U\@80000000
c:\windows\$NtUninstallKB54668$\1528983889\U\@800000c0
c:\windows\$NtUninstallKB54668$\1528983889\U\@800000cb
c:\windows\$NtUninstallKB54668$\1528983889\U\@800000cf
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\
.
.
((((((((((((((((((((((((( Files Created from 2011-12-10 to 2012-01-10 )))))))))))))))))))))))))))))))
.
.
2012-01-08 16:20 . 2012-01-08 16:20 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\eSupport.com
2012-01-08 16:20 . 2012-01-08 16:20 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-01-08 08:57 . 2012-01-08 08:57 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun
2012-01-07 23:12 . 2008-04-14 03:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2012-01-07 23:03 . 2012-01-07 23:23 -------- d-----w- c:\windows\ie8updates
2012-01-07 17:14 . 2012-01-07 17:53 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-01-07 17:14 . 2012-01-07 17:14 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-01-07 17:14 . 2012-01-07 17:14 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-07 17:14 . 2012-01-07 17:14 -------- d-----w- c:\program files\Symantec
2012-01-07 17:13 . 2012-01-07 17:35 -------- d-----w- c:\windows\system32\drivers\NIS
2012-01-07 17:13 . 2012-01-07 17:13 -------- d-----w- c:\program files\Norton Internet Security
2012-01-07 17:13 . 2012-01-07 17:13 -------- d-----w- c:\program files\Windows Sidebar
2012-01-07 17:13 . 2012-01-07 17:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2012-01-07 17:12 . 2012-01-07 17:12 -------- d-----w- c:\program files\NortonInstaller
2012-01-07 17:06 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2012-01-07 17:05 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2012-01-07 17:05 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2012-01-07 17:04 . 2012-01-07 17:04 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-01-07 17:02 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2012-01-07 17:02 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2012-01-07 17:02 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2012-01-07 17:02 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2012-01-07 17:01 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2012-01-07 17:01 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2012-01-07 17:01 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2012-01-07 17:01 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2012-01-07 17:01 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2012-01-07 17:01 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2012-01-07 17:01 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2012-01-07 17:00 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2012-01-07 16:59 . 2011-04-15 15:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-01-07 16:58 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2012-01-07 16:57 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2012-01-07 16:57 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2012-01-07 16:49 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2012-01-07 16:49 . 2009-03-03 19:18 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2012-01-07 16:43 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2012-01-07 16:43 . 2010-06-14 07:41 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2012-01-07 16:42 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2012-01-07 16:42 . 2011-11-04 19:20 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2012-01-07 16:42 . 2011-11-04 19:20 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2012-01-07 16:42 . 2011-11-04 19:20 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2012-01-07 16:42 . 2011-11-04 19:20 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2012-01-07 16:42 . 2011-11-04 19:20 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2012-01-07 16:42 . 2011-11-04 19:20 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll
2012-01-07 16:42 . 2011-11-04 19:20 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2012-01-07 16:41 . 2012-01-07 16:41 53248 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-01-07 16:41 . 2012-01-07 16:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\Leadertech
2012-01-07 16:40 . 2012-01-07 16:40 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-01-07 16:40 . 2008-11-07 17:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-01-07 16:39 . 2011-09-02 06:30 12184 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2012-01-07 16:39 . 2012-01-10 05:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Logishrd
2012-01-07 16:38 . 2012-01-10 05:25 -------- d-----w- c:\program files\Common Files\LogiShrd
2012-01-07 16:38 . 2012-01-07 16:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\Logitech
2012-01-07 16:38 . 2012-01-07 16:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Logishrd
2012-01-07 16:36 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2012-01-07 16:36 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2012-01-07 16:35 . 2010-12-09 15:15 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2012-01-07 16:34 . 2010-07-12 12:55 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2012-01-07 16:34 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2012-01-07 16:33 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2012-01-07 16:33 . 2011-02-17 12:32 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2012-01-07 16:33 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2012-01-07 15:58 . 2012-01-08 16:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Easeware
2012-01-07 15:08 . 2012-01-07 15:08 -------- d-----w- c:\windows\system32\oodag
2012-01-07 15:07 . 2012-01-07 15:07 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\O&O
2012-01-07 15:07 . 2012-01-07 15:07 -------- d-----w- c:\program files\OO Software
2012-01-07 15:06 . 2012-01-07 15:06 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Downloaded Installations
2012-01-04 04:18 . 2012-01-04 04:18 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-04 04:18 . 2012-01-04 04:18 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-04 04:18 . 2012-01-04 04:18 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-04 04:18 . 2012-01-04 04:18 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-03 14:11 . 2012-01-03 14:11 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{0B944FF9-D61F-4D53-99D1-CBD889A971D0}
2012-01-03 14:09 . 2012-01-04 11:39 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\BearShare
2012-01-03 14:08 . 2012-01-03 14:08 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\PackageAware
2011-12-28 09:44 . 2011-12-28 09:44 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-12-28 09:44 . 2011-12-28 09:44 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2011-12-27 08:55 . 2011-12-27 08:55 -------- d-----w- c:\program files\Firebird
2011-12-26 13:34 . 2011-12-26 13:34 -------- d-----w- c:\windows\system32\wbem\Repository
2011-12-24 20:55 . 2011-12-24 20:55 -------- d-----w- c:\program files\Common Files\Java
2011-12-24 18:45 . 2012-01-03 06:47 -------- d-----w- c:\program files\Opera
2011-12-24 18:32 . 2012-01-07 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2011-12-24 16:59 . 2011-12-24 16:59 -------- d-sh--w- c:\documents and settings\Administrator\Local Settings\Application Data\5b227151
2011-12-19 05:37 . 2011-12-24 17:17 -------- d-----w- c:\program files\Maxthon3
2011-12-16 08:52 . 2011-12-14 11:47 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-16 08:52 . 2012-01-07 15:41 -------- d-----w- c:\program files\TuneUp Utilities 2012
2011-12-14 17:25 . 2011-12-15 03:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\Apple Computer
2011-12-14 17:24 . 2011-12-14 17:24 -------- d-----w- c:\program files\Apple Software Update
2011-12-14 12:54 . 2011-12-14 16:44 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Flock
2011-12-14 07:14 . 2011-12-14 07:14 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-08 15:21 . 2011-09-25 21:16 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2012-01-07 17:04 . 2011-08-28 00:13 567184 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-07 17:04 . 2011-08-28 00:13 141312 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-24 16:24 . 2011-08-28 00:13 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:25 . 2004-08-03 22:17 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 17:18 . 2011-11-17 17:18 1630544 ----a-w- c:\windows\system32\ooscrsav.scr
2011-11-17 17:17 . 2011-11-17 17:17 277328 ----a-w- c:\windows\system32\oodbs.exe
2011-11-17 17:15 . 2011-11-17 17:15 536400 ----a-w- c:\windows\system32\oodssrs.dll
2011-11-17 17:15 . 2011-11-17 17:15 10064 ----a-w- c:\windows\system32\oodbsrs.dll
2011-11-04 19:20 . 2004-08-03 23:56 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 19:20 . 2004-08-03 23:56 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-03 23:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 11:23 . 2004-08-03 21:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-03 23:56 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-03 23:56 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2004-08-03 22:18 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 22:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2004-08-03 23:56 186880 ----a-w- c:\windows\system32\encdec.dll
2012-01-04 04:18 . 2011-09-01 18:51 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VMSnap3"="c:\windows\VMSnap3.exe" [2006-07-18 49152]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-11-17 2773328]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2007-07-26 270336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DualCoreCenter.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\DualCoreCenter.lnk
backup=c:\windows\pss\DualCoreCenter.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 11:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2007-10-12 08:32 69632 ------r- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelReg]
2008-05-13 17:26 196608 ----a-w- c:\program files\MSI\DualCoreCenter\DelReg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
2006-07-04 06:16 49152 ----a-r- c:\windows\Domino.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-01-01 12:30 136176 ----atw- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitmanPro35]
2011-08-14 22:27 6355002 ----a-w- c:\program files\Hitman Pro 3.5\HitmanPro35.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-04-13 10:09 49152 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2011-11-17 17:18 2773328 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2005-12-07 21:57 30208 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-10-12 08:33 16384512 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2009-10-26 07:33 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1302000.00A\symds.sys [07-Jan-12 18:21 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1302000.00A\symefa.sys [07-Jan-12 18:21 897656]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111223.001\BHDrvx86.sys [01-Dec-11 03:25 820344]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1302000.00A\ccsetx86.sys [07-Jan-12 18:21 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1302000.00A\ironx86.sys [07-Jan-12 18:21 149624]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbguard.exe [27-Dec-11 09:55 98304]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [07-Jan-12 17:39 12184]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe [07-Jan-12 18:21 138760]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [17-Nov-11 18:17 2489680]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [07-Jan-12 18:21 106104]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe [27-Dec-11 09:55 3735552]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120107.001\IDSXpx86.sys [10-Jan-12 01:03 356280]
R3 vvftav303;vvftav303;c:\windows\system32\drivers\vvftav303.sys [28-Aug-11 12:01 480128]
R3 ZSMC0303;A4 TECH PC Camera H;c:\windows\system32\drivers\usbVM303.sys [28-Aug-11 12:01 1472768]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29-Sep-11 07:33 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [28-Aug-11 01:05 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [08-Jan-12 17:20 23456]
S3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [28-Aug-11 01:09 36152]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29-Sep-11 07:33 136176]
S3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [28-Aug-11 01:09 55296]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys --> c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2012-01-10 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-08-28 16:47]
.
2012-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-29 06:33]
.
2012-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-29 06:33]
.
2012-01-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1214440339-839522115-500Core.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-01 12:30]
.
2012-01-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1214440339-839522115-500UA.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-01 12:30]
.
2012-01-10 c:\windows\Tasks\User_Feed_Synchronization-{5DAE0F76-3D56-431E-9B01-97E1F2F58833}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.bearshare.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: Interfaces\{3318030E-D9FE-4743-86EB-1FC99D49B8CB}: NameServer = 194.247.192.33,194.247.192.1
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5bzqvh71.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&q=
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-10 07:20
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="FDB2CF63CB3DD06A4BDB9BAA74BD9069FA815BDF4962AD0A725CA68E37BE6C744D59FAD67D3AAFC94FB482B4D0271B33332013DFCC788C87BCF514B2B47CD8FAA9822BA17FAD67DFDD5D314EBF8D9381F948079A4C17607B28AC2B54473AFC36CB9DADF26C6C9DE2F7F366DFADC61B8FB4EB824F2AB366CB9DE3E2AE6AAD5458451FC99BF08DA96BEF1DD3719F6B84031C0044605E8811445A82A79BA7520BF4F5FDB78FCF6E94F7ED031FB029595A5F3D00015574150614F0F2D89AA068078596B5A4E75CAE21E8EED1FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98085D575E7D6A3B9808FEBC9E127BECC74C85A6DFC471F5A58372E19CE80E41C0AB5004437B2CA57B368D82B810C71FAE473A4119E5E256B7442D154937A5E2302B0A49D216B822F77885BC9A5E7C180E1D070A5B30915EB68414457A03282CF7AF89C3A53EA763DDD32D77C5ECA13815180659BEFA16E052588B64FD820C560E7B219F5D29ED2B87DCE337D294C66CA2BF41ABEFDFBF108C56ED853532FB7FB75818A7305833A0A0AEFBA0E9F4B102E71E391F2FBF9186BC1A076395D25828129327CF6789564EA9653E01CCEEDC2F6B42E2F84F3CC1BE8C4497D9286835360DFDFD2D6343E5A2F8A364C5CE29748906BEA521B9BDB99AFC78D6E8893A59F2EBEABB7A944E27EE360F1D01550EDB0D662ADDA26B6E1ADD5E5D6B37EBD4408CC53478948239916A5DD00CEB5CCBA6970E205AAE733EB3B0D820730D950A1A1388363FFEC6D253304097C8DF745420EED2BD609777DF8D20E56EFED65C6CC9FBF1D08A5E8E32CC3D0514DD5CBFDD4439DEA627D6AD4AE19B56FD94263153E7A296E8CF7B1FAF90F4227BCA83F5E246022E015C87643A20784B84AC2F145C3EC25EE773C6CB68699C6489021DE1200AB814F71EE97AACE9EE3C3FB4CB19E64DFC04BAD0D0803D5360EEF8E913E2992A32363A016065E5179AF3ED8C77EA18C8D8195034CF3BD3FCCDB38E5E756C14F2A28EF98DF4AB6C30FC91D20AD4465798BE001F601D0D164DD57D8DAE76069A67A76AECBFD2EB8CF4FA07B67527FCD057FAF09E0B379EAFDB5168BF1DED4BFA3C406B4F86495454D85A1B640D59F2F454C077CB5FBF2812F579E47462D4E9475AD08760C64D2B1700C9E82C01F5247794A474A87A7C78F39AECB87C264B2756619E89605976C66CC6D9E0E0F52F1BD04D209937EE5772CBFE2EFA2D8A15D84121570D188800142F3CFC425B86DAF9BD6D90708142DE8C598BA21BE0A297EA671F0806D015C914FE200EA6773E6FF63D11B755946E454F9CDD16D6F372DEDB6916A6B95A34D75ABE6B4878139E0C5A138D3BF401E05E5BD945364549F719C0AE720940070CD31095C8CA"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(780)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2208-)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-01-10 07:23:53 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-10 06:23
.
Pre-Run: 11,021,479,936 bytes free
Post-Run: 11,593,584,640 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 5E7CAB459084D0FB149D8F39ADFE34A5

https://www.mycity.rs/must-login.png

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Spakuj u ZIP ili RAR arhivu sledeći folder:

C:\Qoobox\Quarantine

i pošalji ga preko sledećeg linka:

http://www.mycity.rs/ambulanta-upload.php

offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 445
  • Gde živiš: Landau and der Pfalz

Napisano: 11 Jan 2012 9:24

Taj fajl je uspesno uploadovan.

Dopuna: 12 Jan 2012 13:15

Jel treba još šta da odradim,dosta dobro sada računar radi..Smile))

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Izvini,privatne obaveze....



Odradi sledece:


Preuzmi CatchMe.

Dvoklikom pokreni catchme.exe i pređi na Script tab.
U (beli) prozor programa iskopiraj tekst koji se nalazi unutar kod polja:

files:
c:\windows\system32\wuauclt.exe


Klikni na taster Run.

Kada se pojavi poruka sa obaveštenjem, kliknuti OK.


Po završetku procesa, na Desktopu će se nalaziti file catchme.zip.
Uploaduj ga preko sledeće forme: http://www.mycity.rs/ambulanta-upload.php


NIx Car (AMF Tim)

offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 445
  • Gde živiš: Landau and der Pfalz

Napisano: 13 Jan 2012 8:19

Fajl je uspesno uploadovan.
Drug šta dalje ....Very Happy

Dopuna: 13 Jan 2012 12:47

Umori se mogli bi na (b)

Dopuna: 13 Jan 2012 12:47

pivo Very Happy Very HappyVery Happy

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Racunar je cist sto se malwarea tice.


Odradi sledece:

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.



I preporuka:

- Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/

Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html




offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 445
  • Gde živiš: Landau and der Pfalz

E vo pokušavam da sklonim Combo fix kako ste mi postavili
[*]ComboFix /Uninstall
kopirao sam ga ušao na start i na RUN i ok ili enter i javlja mi stalno ovu grešku
https://www.mycity.rs/must-login.png
Neznam kako da to uklonim

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Preuzmi i pokreni ovaj uninstaller,trebalo bi da on ukloni Combofix


http://download.bleepingcomputer.com/sUBs/CF_UNINST.EXE


NIx Car (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 1148 korisnika na forumu :: 46 registrovanih, 10 sakrivenih i 1092 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Alibaba1981, Andrija357, bankulen, Ben Roj, BraneS, brundo65, ccoogg123, Dannyboy, djboj, DonRumataEstorski, Dorcolac, draganca, Georgius, havoc995, ikan, Joja, Još malo pa deda, kovinacc, Kubovac, kybonacci, Lazarus, ljubacv, loon123, LUDI, MB120mm, mercedesamg, milimoj, milos.cbr, MrNo, Nemanja.M, nenad81, nick79, ostoja, Panter, panzerwaffe, prle122, randja26, savaskytec, slonic_tonic, solic, stalja, tubular, vathra, vobo, xanadu