MyCity » Ambulanta -> Arhiva Ambulante » Otvaranje internet stranica

Otvaranje internet stranica

Napisano na dan: 24.12.2008

Otvaranje internet stranica

Sledeća strana

Pagination

Odgovori

margo.grcic Poslao: 24 Dec 2008 19:26 Idi na vrh
offline margo.grcic Novi MyCity građanin Pridružio: 25 Apr 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Problem je sto ne mogu da otvorim internet stranicu koju sam do sada normalno otvarao i to me bas iritira. Adresa stranice je irfree.com Znaci ne mogu da podignem nijednu bukmarkovanu stranicu tog sajta niti da udjem na njega preko gugla.Kada pokusam on jednostavno ucitava stranicu non stop a nista se ne pojavljuje sem bele stranice na kojoj nista ne pise.KOristim ESET NOD 32 3.0.642.0 Ne koristim sajtove koje ste naveli da se ne koriste ali dosta skidam filmova i muzike izmedju ostalog sa ovog foruma. Imam kablovski internet 1024/256 i koristim OPERU Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:11:28 PM, on 12/24/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\Margo\Desktop\New Folder\tr3.exe.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {27BC96B2-CBE9-40A9-9AAD-0CB1DFD09E0D} - C:\WINDOWS\system32\fccdeefC.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: (no name) - {6DCFCDBA-95A3-42DF-AE11-4597A72F02B2} - C:\WINDOWS\system32\pmnoPjJD.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: (no name) - {EEBCEA7B-BA5B-435E-883F-D142A2F1B51A} - C:\WINDOWS\system32\xxyxVpoO.dll (file missing) O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: xxyxVpoO - xxyxVpoO.dll (file missing) O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 7416 bytes

Profil

bobby Poslao: 24 Dec 2008 19:41 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

margo.grcic Poslao: 24 Dec 2008 23:27 Idi na vrh
offline margo.grcic Novi MyCity građanin Pridružio: 25 Apr 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-12-24.01 - Margo 2008-12-24 23:11:27.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1475 [GMT 1:00] Running from: c:\documents and settings\Margo\Desktop\ComboFix.exe * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat C:\resycled c:\windows\Install.txt c:\windows\system32\Cfeedccf.ini c:\windows\system32\tmp0_124683315071.bk c:\windows\system32\tmp0_14624513463.bk c:\windows\system32\tmp0_501377668156.bk c:\windows\system32\tmp0_668405419299.bk c:\windows\system32\tmp0_680327676612.bk c:\windows\system32\tmp0_737549840830.bk D:\resycled ----- BITS: Possible infected sites ----- hxxp://leongkaiyoung.com . ((((((((((((((((((((((((( Files Created from 2008-11-24 to 2008-12-24 ))))))))))))))))))))))))))))))) . 2008-12-24 13:45 . 2008-12-24 13:45 <DIR> d-------- c:\program files\Common Files\Vbox 2008-12-24 13:44 . 2003-09-25 11:12 14,604 --a------ c:\windows\system32\drivers\pfc.sys 2008-12-24 12:51 . 2008-03-03 18:21 568 --ah----- c:\windows\nod32fixtemdono.reg 2008-12-24 12:45 . 2008-12-24 12:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avg8 2008-12-24 12:08 . 2008-12-24 12:08 <DIR> d-------- c:\program files\AVG 2008-12-24 00:19 . 2008-12-24 00:19 <DIR> d-------- c:\program files\Lavasoft 2008-12-23 22:05 . 2008-12-24 15:03 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-12-23 22:05 . 2008-12-23 23:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-23 21:31 . 2008-12-24 00:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-12-21 21:47 . 2008-12-21 21:47 <DIR> d-------- c:\documents and settings\Margo\Application Data\MAXON 2008-12-21 19:04 . 2008-12-21 19:15 <DIR> d-------- c:\documents and settings\Margo\Application Data\360desktop 2008-12-21 15:45 . 2008-12-21 15:45 55,866 --a------ c:\windows\FontData.fdb 2008-12-21 14:57 . 2008-12-21 14:57 <DIR> d-------- c:\program files\Office Mouse Driver 2008-12-21 13:06 . 2006-07-17 17:02 6,528 --a------ c:\windows\system32\drivers\MOUSEWD.SYS 2008-12-21 12:50 . 2008-12-21 17:56 <DIR> d-------- c:\windows\Downloaded Installations 2008-12-21 12:39 . 2008-04-13 17:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys 2008-12-21 12:39 . 2008-04-13 17:15 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys 2008-12-21 12:39 . 2008-04-13 17:09 14,592 --a------ c:\windows\system32\drivers\kbdhid.sys 2008-12-21 12:39 . 2008-04-13 17:09 14,592 --a--c--- c:\windows\system32\dllcache\kbdhid.sys 2008-12-19 23:43 . 2008-12-19 23:43 <DIR> d-------- c:\documents and settings\Margo\Application Data\NetMedia Providers 2008-12-19 23:41 . 2008-12-19 23:41 <DIR> d-------- c:\program files\Sony 2008-12-19 21:54 . 2008-12-19 21:54 <DIR> d-------- c:\program files\Common Files\DirectX 2008-12-17 16:40 . 2008-03-03 14:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg 2008-12-13 17:43 . 2008-12-13 17:24 1,420 --a------ c:\windows\system32\pbsec.htm 2008-12-13 17:18 . 2008-12-13 17:42 682,280 --a------ c:\windows\system32\pbsvc.exe 2008-12-12 13:45 . 2008-12-24 23:03 69 --a------ c:\windows\NeroDigital.ini 2008-12-11 22:40 . 2008-12-11 22:40 <DIR> d-------- c:\documents and settings\Margo\Application Data\Ahead 2008-12-11 22:39 . 2008-12-11 22:39 <DIR> d-------- c:\program files\Nero 2008-12-11 22:39 . 2008-12-11 22:39 <DIR> d-------- c:\program files\Common Files\Ahead 2008-12-11 22:39 . 2005-10-17 16:15 2,605,056 --a------ c:\windows\system32\BCGCBPRO800u.dll 2008-12-11 22:39 . 2005-10-17 16:07 2,600,960 --a------ c:\windows\system32\BCGCBPRO800.dll 2008-12-11 22:39 . 2004-07-26 16:16 1,568,768 --a------ c:\windows\system32\imagX7.dll 2008-12-11 22:39 . 2004-07-26 16:16 476,320 --a------ c:\windows\system32\imagXpr7.dll 2008-12-11 22:39 . 2004-07-26 16:16 471,040 --a------ c:\windows\system32\imagXRA7.dll 2008-12-11 22:39 . 2004-07-09 08:43 364,544 --a------ c:\windows\system32\TwnLib4.dll 2008-12-11 22:39 . 2004-07-26 16:16 262,144 --a------ c:\windows\system32\imagXR7.dll 2008-12-11 22:39 . 2005-12-23 16:50 32,768 --a------ c:\windows\system32\BCGPOleAcc.dll 2008-12-11 22:25 . 2008-12-11 22:25 <DIR> d-------- c:\windows\system32\xlive 2008-12-11 21:36 . 2008-12-11 21:36 <DIR> d-------- c:\program files\Empire Interactive 2008-12-11 14:06 . 2008-12-11 14:06 <DIR> d-------- c:\documents and settings\Margo\Application Data\Publish Providers 2008-12-11 14:05 . 2006-12-28 16:56 26,013 --a------ c:\windows\system32\sleep.exe 2008-12-11 14:03 . 2008-12-11 14:03 <DIR> d-------- c:\program files\Common Files\Skype 2008-12-11 14:03 . 2008-12-14 22:56 <DIR> d-------- c:\documents and settings\Margo\Application Data\skypePM 2008-12-11 14:03 . 2008-12-14 23:31 <DIR> d-------- c:\documents and settings\Margo\Application Data\Skype 2008-12-11 14:03 . 2008-12-11 14:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype 2008-12-11 14:03 . 2008-12-11 14:03 56 --ah----- c:\windows\system32\ezsidmv.dat 2008-12-11 13:52 . 2008-12-11 14:03 <DIR> d-------- c:\program files\Skype 2008-12-11 13:52 . 2006-12-28 16:56 94,208 --a------ c:\windows\system32\pskill.exe 2008-12-10 20:23 . 2008-12-10 20:23 <DIR> d-------- c:\program files\VID_1345&PID_0003 2008-12-10 17:37 . 2008-12-14 22:17 138,464 --a------ c:\windows\system32\drivers\PnkBstrK.sys 2008-12-10 17:37 . 2008-12-14 22:17 111,928 --a------ c:\windows\system32\PnkBstrB.exe 2008-12-10 17:37 . 2008-12-13 17:43 66,872 --a------ c:\windows\system32\PnkBstrA.exe 2008-12-10 17:31 . 2008-12-10 17:31 <DIR> d-------- c:\program files\Activision 2008-12-10 17:16 . 2008-12-13 17:43 22,328 --a------ c:\documents and settings\Margo\Application Data\PnkBstrK.sys 2008-12-10 16:40 . 2008-12-10 16:40 <DIR> d-------- c:\documents and settings\Margo\Application Data\2K Sports 2008-12-10 16:29 . 2008-12-10 16:38 <DIR> d-------- c:\program files\NBA 2K9 2008-12-10 16:21 . 2008-12-10 16:21 <DIR> d--h----- c:\windows\PIF 2008-12-04 14:15 . 2008-04-13 17:15 26,368 --a--c--- c:\windows\system32\dllcache\usbstor.sys 2008-12-02 00:19 . 2008-12-02 00:19 <DIR> d-------- c:\documents and settings\Margo\Application Data\Apple Computer 2008-12-02 00:16 . 2008-12-02 00:16 <DIR> d-------- c:\program files\QuickTime 2008-12-02 00:16 . 2008-12-02 00:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer 2008-12-01 23:18 . 2008-12-01 23:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\Bluetooth 2008-12-01 22:52 . 2008-04-13 22:42 16,384 --a------ c:\windows\system32\ipsink.ax 2008-12-01 22:52 . 2008-04-13 22:42 16,384 --a--c--- c:\windows\system32\dllcache\ipsink.ax 2008-12-01 22:52 . 2008-04-13 17:16 15,232 --a------ c:\windows\system32\drivers\StreamIP.sys 2008-12-01 22:52 . 2008-04-13 17:16 15,232 --a--c--- c:\windows\system32\dllcache\streamip.sys 2008-12-01 22:52 . 2008-04-13 17:16 11,136 --a------ c:\windows\system32\drivers\SLIP.sys 2008-12-01 22:52 . 2008-04-13 17:16 11,136 --a--c--- c:\windows\system32\dllcache\slip.sys 2008-12-01 22:52 . 2008-04-13 17:16 10,880 --a------ c:\windows\system32\drivers\NdisIP.sys 2008-12-01 22:52 . 2008-04-13 17:16 10,880 --a--c--- c:\windows\system32\dllcache\ndisip.sys 2008-12-01 22:52 . 2008-04-13 17:09 5,504 --a------ c:\windows\system32\drivers\MSTEE.sys 2008-12-01 22:52 . 2008-04-13 17:09 5,504 --a--c--- c:\windows\system32\dllcache\mstee.sys 2008-12-01 22:51 . 2008-12-01 22:51 <DIR> d-------- c:\program files\IVT Corporation 2008-11-30 00:58 . 2008-11-30 00:58 <DIR> d-------- c:\documents and settings\Margo\Application Data\AdobeUM 2008-11-30 00:30 . 2008-11-30 01:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\TrackMania 2008-11-30 00:22 . 2008-11-30 01:06 <DIR> d-------- c:\program files\TmUnitedForever 2008-11-29 23:30 . 2008-12-17 16:34 <DIR> d-------- c:\program files\Common Files\Panda Software 2008-11-29 23:08 . 2008-11-30 18:29 <DIR> d-------- c:\windows\system32\NtmsData 2008-11-29 23:08 . 2008-11-29 23:08 <DIR> d-------- c:\program files\Auslogics 2008-11-29 23:08 . 2008-11-29 23:08 <DIR> d-------- c:\documents and settings\Margo\Application Data\Auslogics 2008-11-29 22:42 . 2008-11-29 22:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\sentinel 2008-11-29 02:06 . 2008-11-29 02:06 4,933,667 --------- c:\windows\{00000001-00000000-00000007-00001102-00000008-10011102}.BAK 2008-11-29 01:59 . 2008-12-13 19:14 <DIR> d-------- c:\program files\TrackMania Nations ESWC 2008-11-28 18:24 . 2006-06-20 09:56 225,280 --a------ c:\windows\system32\rewire.dll 2008-11-28 18:23 . 2008-11-28 18:24 <DIR> d-------- c:\program files\Vst 2008-11-28 18:23 . 2008-11-28 18:23 <DIR> d-------- c:\program files\Outsim 2008-11-28 18:23 . 2008-11-29 01:49 <DIR> d-------- c:\program files\Image-Line 2008-11-28 18:23 . 2002-07-07 23:14 1,294,336 --a------ c:\windows\system32\vorbis.acm 2008-11-28 18:02 . 2008-11-28 18:02 161 --------- C:\Delme.bat 2008-11-28 17:58 . 2008-11-28 17:58 0 ---h----- c:\windows\SwSys2.bmp 2008-11-28 17:58 . 2008-11-28 17:58 0 ---h----- c:\windows\SwSys1.bmp 2008-11-28 16:55 . 2008-12-24 23:14 2,172,135,456 --ahs---- c:\windows\system32\drivers\fidbox.dat 2008-11-28 16:55 . 2008-12-24 23:12 25,456,808 --ahs---- c:\windows\system32\drivers\fidbox.idx 2008-11-28 16:55 . 2008-07-08 14:54 148,496 --------- c:\windows\system32\drivers\58757252.sys 2008-11-28 16:47 . 2008-11-28 16:49 <DIR> d-------- c:\program files\Kantaris 2008-11-28 16:47 . 2008-11-28 16:47 <DIR> d-------- c:\documents and settings\Margo\Application Data\kantaris 2008-11-27 21:13 . 1998-04-24 00:00 1,045,776 --a------ c:\windows\system32\MSJET35.DLL 2008-11-27 21:13 . 1998-04-24 00:00 252,176 --a------ c:\windows\system32\MSRD2X35.DLL 2008-11-27 21:13 . 1998-06-24 00:00 244,024 --a------ c:\windows\system32\MsFlxGrd.ocx 2008-11-27 21:13 . 1998-06-24 00:00 200,496 --a------ c:\windows\system32\DBList32.ocx 2008-11-27 21:13 . 1998-06-24 00:00 140,096 --a------ c:\windows\system32\ComDlg32.ocx 2008-11-27 21:13 . 1998-06-24 00:00 103,744 --a------ c:\windows\system32\Mscomm32.ocx 2008-11-27 21:13 . 1998-06-18 00:00 89,360 --a------ c:\windows\system32\Vb5db.dll 2008-11-27 21:13 . 1998-06-24 00:00 67,376 --a------ c:\windows\system32\Sysinfo.ocx 2008-11-27 21:12 . 2008-12-24 12:21 <DIR> d-------- c:\program files\Planplus 2008-11-27 10:17 . 2008-12-24 11:51 <DIR> d-------- c:\program files\Kaspersky Lab 2008-11-27 03:00 . 2008-11-27 03:00 <DIR> d-------- C:\00000082 2008-11-27 02:51 . 2008-11-27 02:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller 2008-11-27 01:09 . 2008-11-27 01:09 <DIR> d-------- c:\documents and settings\Margo\Application Data\ESET 2008-11-27 01:08 . 2008-12-17 16:36 <DIR> d-------- c:\program files\ESET 2008-11-27 00:52 . 2008-11-27 01:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-11-27 00:38 . 2008-11-27 00:38 <DIR> d-------- c:\windows\system32\AGEIA 2008-11-27 00:38 . 2008-11-27 00:38 <DIR> d-------- c:\program files\AGEIA Technologies 2008-11-27 00:35 . 2008-11-27 00:39 <DIR> d-------- c:\windows\NV13762920.TMP 2008-11-27 00:35 . 2008-12-24 00:18 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-11-27 00:35 . 2008-11-13 16:20 203,540 --a------ c:\windows\system32\nvapps.nvb 2008-11-27 00:34 . 2008-11-27 00:34 <DIR> d-------- C:\NVIDIA 2008-11-26 18:29 . 2008-11-28 20:05 8 --a------ c:\windows\system32\nvModes.dat 2008-11-26 18:28 . 2008-11-26 18:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles 2008-11-26 17:58 . 2008-12-24 23:13 196,238 --a------ c:\windows\system32\nvapps.xml 2008-11-26 17:57 . 2008-11-27 00:39 <DIR> d-------- c:\windows\nview 2008-11-26 17:57 . 2008-11-12 14:54 453,152 --a------ c:\windows\system32\nvudisp.exe 2008-11-26 17:57 . 2008-11-12 14:54 18,537 --a------ c:\windows\system32\nvdisp.nvu 2008-11-26 17:48 . 2008-11-26 17:48 10 --------- c:\windows\WININIT.INI . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-24 16:03 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2008-12-24 12:45 --------- d-----w c:\program files\Common Files\Adobe 2008-12-24 12:44 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-21 21:33 2,880 --sha-w c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2008-12-21 11:50 --------- d-----w c:\program files\Common Files\InstallShield 2008-12-19 22:40 --------- d-----w c:\program files\Sony Setup 2008-12-19 19:13 --------- d-----w c:\program files\Opera 2008-12-11 13:06 --------- d-----w c:\documents and settings\Margo\Application Data\Sony 2008-12-01 23:56 --------- d-----w c:\program files\Webteh 2008-12-01 23:52 --------- d-----w c:\documents and settings\Margo\Application Data\BSplayer Pro 2008-12-01 23:33 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2008-11-29 01:06 --------- d-----w c:\documents and settings\Margo\Application Data\Creative 2008-11-27 01:58 --------- d-----w c:\program files\Symantec 2008-11-26 16:49 --------- d-----w c:\program files\ATI Technologies 2008-11-12 12:45 453,152 ----a-w c:\windows\system32\NVUNINST.EXE 2008-11-03 08:26 --------- d-----w c:\program files\Zone Labs 2008-11-03 08:23 --------- d-----w c:\documents and settings\All Users\Application Data\CrystalIdea Software 2008-11-03 08:05 --------- d-----w c:\documents and settings\All Users\Application Data\Ashampoo 2008-11-03 02:04 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-11-02 21:41 --------- d-----w c:\documents and settings\Margo\Application Data\Disney Interactive Studios 2008-11-02 21:39 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-11-02 21:31 --------- d-----w c:\documents and settings\Margo\Application Data\Leadertech 2008-11-02 21:24 --------- d-----w c:\program files\Disney Interactive Studios 2008-11-02 20:50 --------- d-----w c:\program files\DAEMON Tools Lite 2008-11-02 20:45 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-02 20:45 --------- d-----w c:\documents and settings\Margo\Application Data\DAEMON Tools 2008-11-02 20:44 --------- d-----w c:\program files\Uninstall Tool 2008-11-02 19:03 --------- d-----w c:\documents and settings\Margo\Application Data\Ulead Systems 2008-11-02 19:01 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems 2008-11-02 19:00 --------- d-----w c:\documents and settings\Margo\Application Data\InstallShield 2008-11-02 18:59 --------- d-----w c:\program files\Windows Media Components 2008-11-02 18:59 --------- d-----w c:\program files\Common Files\Ulead Systems 2008-11-02 18:59 --------- d-----w c:\program files\Common Files\InterVideo 2008-11-02 18:59 --------- d-----w c:\documents and settings\All Users\Application Data\InterVideo 2008-11-02 18:58 --------- d-----w c:\program files\Ulead Systems 2008-11-02 18:17 --------- d-----w c:\documents and settings\All Users\Application Data\Corel 2008-11-02 18:16 8 --sh--r c:\documents and settings\All Users\Application Data\2AE9E4E4BB.sys 2008-11-02 18:16 --------- d-----w c:\documents and settings\Margo\Application Data\Corel 2008-11-02 18:13 --------- d-----w c:\program files\Common Files\Protexis 2008-11-02 18:12 --------- d-----w c:\program files\Common Files\Corel 2008-11-02 18:11 --------- d-----w c:\program files\Corel 2008-11-01 23:19 --------- d-----w c:\documents and settings\Margo\Application Data\Hamachi 2008-11-01 20:58 25,280 ------w c:\windows\system32\drivers\hamachi.sys 2008-11-01 20:47 --------- d-----w c:\program files\Hamachi 2008-11-01 19:10 --------- d-----w c:\program files\Stardock 2008-11-01 19:10 --------- d-----w c:\program files\Common Files\Stardock 2008-11-01 19:06 --------- d-----w c:\program files\Valve 2008-11-01 17:06 --------- d-----w c:\program files\Google 2008-11-01 15:20 --------- d-----w c:\program files\Common Files\BitDefender 2008-11-01 14:22 --------- d-----w c:\documents and settings\Margo\Application Data\Symantec 2008-11-01 14:07 --------- d-----w c:\program files\Creative 2008-11-01 13:19 --------- d-----w c:\program files\Windows Live 2008-11-01 13:19 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2008-11-01 13:18 --------- d-----w c:\program files\Microsoft 2008-11-01 13:13 --------- d-----w c:\program files\Common Files\Windows Live 2008-10-31 23:45 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller 2008-10-31 23:32 --------- d-----w c:\program files\Sega 2008-10-31 23:29 --------- d-----w c:\documents and settings\Margo\Application Data\ATI 2008-10-31 23:22 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-10-31 23:19 --------- d-----w c:\program files\Microsoft.NET 2008-10-31 23:19 --------- d-----w c:\program files\Microsoft Works 2008-10-31 23:13 --------- d-----w c:\program files\Microsoft Visual Studio 8 2008-10-31 21:49 --------- d-----w c:\program files\Reference Assemblies 2008-10-31 21:49 --------- d-----w c:\program files\MSBuild 2008-10-31 21:06 737,280 ------w c:\windows\iun6002.exe 2008-10-31 21:00 --------- d-----w c:\program files\DIFX 2008-10-31 14:25 --------- d-----w c:\documents and settings\Margo\Application Data\OtakuSoftware 2008-10-31 14:24 --------- d-----w c:\program files\Windows7 2008-10-31 14:24 --------- d-----w c:\program files\RocketDock 2008-10-31 14:16 --------- d-----w c:\program files\microsoft frontpage 2008-10-31 14:13 --------- d-----w c:\program files\Windows Media Connect 2 2008-10-13 08:56 70,936 ----a-w c:\windows\system32\PhysXLoader.dll 2008-09-24 02:17 311,296 ----a-w c:\windows\system32\SETE0.tmp 2008-09-24 02:06 143,360 ----a-w c:\windows\system32\SET113.tmp 2008-09-24 02:04 581,632 ----a-w c:\windows\system32\SET110.tmp 2008-09-24 01:54 4,008,864 ----a-w c:\windows\system32\SETE9.tmp 2008-09-24 01:12 573,440 ----a-w c:\windows\system32\SETE3.tmp 2008-08-24 17:12 13,622 ------w c:\documents and settings\Margo\STARTUP.reg . ------- Sigcheck ------- 2008-03-20 19:36 578560 f92d8964b5286de225bd2b6bf89764be c:\windows\system32\user32.dll 2008-04-28 10:25 920064 88348f8c92c28ba99fe49bd392100ce0 c:\windows\system32\wininet.dll 2008-04-28 10:24 547328 a55b8899d2ea2e800061bcfd456e34dc c:\windows\system32\winlogon.exe 2008-04-26 04:58 2185216 e184a0cf10cadd2b4f5af0a31e8627d6 c:\windows\system32\ntkrnlpa.exe 2008-04-26 04:44 2306560 0f733106a818383806060abc29fe0f3a c:\windows\system32\ntoskrnl.exe 2008-08-18 19:17 1616384 4a90f51b778fa0157f60d206e8b37d2a c:\windows\explorer.exe 2008-04-28 10:22 25088 b5e8782d4af1b3756f38e11e7c157bbe c:\windows\system32\ctfmon.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "Creative MediaSource Go"="c:\program files\Creative\MediaSource\Go\CTCMSGo.exe" [2003-08-12 131072] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-28 25088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-28 3504128] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072] "nwiz"="nwiz.exe" [2008-11-12 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] "nltide_3"="advpack.dll" [2008-04-26 c:\windows\system32\advpack.dll] c:\documents and settings\Margo\Start Menu\Programs\Startup\ Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-11-01 3450608] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm "msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm "msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm [HKLM\~\startupfolder\C:^Documents and Settings^Margo^Start Menu^Programs^Startup^YzDock.lnk] path=c:\documents and settings\Margo\Start Menu\Programs\Startup\YzDock.lnk backup=c:\windows\pss\YzDock.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\windows\system32 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 14.0 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnalogClock] --------- 2005-11-05 07:10 480256 c:\program files\Windows7\Analog Clock\AnalogClock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET] --------- 2003-06-18 01:00 45056 c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2008-04-28 10:22 25088 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol] --------- 2003-09-17 10:43 57344 c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --------- 2008-08-08 13:11 490952 c:\program files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui] --a------ 2008-02-20 11:06 1443072 c:\program files\ESET\ESET NOD32 Antivirus\egui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --------- 2006-10-26 18:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KRun] --------- 2007-04-06 15:15 518656 c:\program files\Windows7\RunMe\RunMe.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --------- 2008-09-09 00:02 3513344 c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pie Dock] --------- 2007-09-02 07:12 586240 c:\program files\Windows7\Windows 7 Pie Dock\Windows 7 Pie Dock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-12-11 10:56 286720 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBDrvDet] --------- 2002-12-03 18:06 45056 c:\program files\Creative\SB Drive Det\SBDrvDet.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2008-11-07 14:31 21633320 c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] -rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TopDesk] --------- 2007-06-20 09:21 1912832 c:\program files\Windows7\TopDesk\topdesk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransBar] --------- 2005-06-01 16:41 65536 c:\program files\Windows7\TransBar\TransBar.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload] --------- 2007-07-23 13:55 341232 c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viena Explorer] --------- 2006-11-18 11:31 581632 c:\program files\Windows7\Vienna Explorer\Vienna Explorer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Visual Task Tips] --------- 2007-09-05 18:20 36352 c:\program files\Windows7\VisualTaskTips\VisualTaskTips.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessMouse] --a------ 2005-11-30 12:48 94208 c:\program files\Office Mouse Driver\StartAutorun.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2004-03-19 09:33 24576 c:\windows\system32\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\English\\setup.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\English\\setup.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Hamachi\\hamachi.exe"= "c:\\Program Files\\Valve\\hlds.exe"= "c:\\Program Files\\Valve\\hl.exe"= "c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "c:\\Program Files\\TmUnitedForever\\TmForever.exe"= "c:\\Program Files\\Disney Interactive Studios\\Pure\\Pure.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"= "c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800] R1 is-HHN5Ldrv;is-HHN5Ldrv;c:\windows\system32\DRIVERS\58757252.sys [2008-11-28 148496] R2 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" [2008-02-20 472320] S2 .norton2009Reset;Norton 2009 Reset;c:\documents and settings\All Users\Application Data\Norton\Norton2009Reset.exe [] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe /s c:\windows\nod32fixtemdono.reg [2008-04-28 25600] S3 MOUSEWDFilter;MOUSEWDFilter;\??\c:\windows\System32\Drivers\MOUSEWD.SYS [2008-12-21 6528] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{97777AE5-97E3-72A5-11B8-32B41A7F575D}] c:\windows\system32\winupd.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F8B9E5C0-4DCC-CFCF-ABA5-00401D608516}] c:\documents and settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe . - - - - ORPHANS REMOVED - - - - BHO-{27BC96B2-CBE9-40A9-9AAD-0CB1DFD09E0D} - c:\windows\system32\fccdeefC.dll BHO-{6DCFCDBA-95A3-42DF-AE11-4597A72F02B2} - c:\windows\system32\pmnoPjJD.dll BHO-{EEBCEA7B-BA5B-435E-883F-D142A2F1B51A} - c:\windows\system32\xxyxVpoO.dll ShellExecuteHooks-{EEBCEA7B-BA5B-435E-883F-D142A2F1B51A} - c:\windows\system32\xxyxVpoO.dll Notify-AtiExtEvent - (no file) Notify-xxyxVpoO - xxyxVpoO.dll MSConfigStartUp-kdwyc - c:\windows\system32\kdwyc.exe MSConfigStartUp-NodLogin - c:\program files\ESET\ESET Smart Security\nodlogin.exe MSConfigStartUp-SystemShowInfo - c:\recycler\S-1-5-21-2161344838-9540535240-129662953-9641\sysinfo.exe . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-12-24 23:13:38 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(916) c:\windows\system32\SETUPAPI.dll c:\windows\system32\sfc_os.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(972) c:\windows\system32\setupapi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\windows\system32\rundll32.exe c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe c:\windows\system32\CTSVCCDA.EXE c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\program files\Common Files\Protexis\License Service\PsiService_2.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\system32\MsPMSPSv.exe . ************************************************************************ . Completion time: 2008-12-24 23:16:14 - machine was rebooted ComboFix-quarantined-files.txt 2008-12-24 22:16:11 Pre-Run: 9,935,679,488 bytes free Post-Run: 9,858,875,392 bytes free 409

Profil

bobby Poslao: 25 Dec 2008 10:33 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: c:\windows\system32\winupd.exe c:\documents and settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe c:\windows\system32\DRIVERS\58757252.sys c:\documents and settings\All Users\Application Data\Norton\Norton2009Reset.exe Driver:: is-HHN5Ldrv .norton2009Reset Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{97777AE5-97E3-72A5-11B8-32B41A7F575D}] [-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F8B9E5C0-4DCC-CFCF-ABA5-00401D608516}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

margo.grcic Poslao: 25 Dec 2008 11:00 Idi na vrh
offline margo.grcic Novi MyCity građanin Pridružio: 25 Apr 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-12-24.01 - Margo 2008-12-25 10:46:01.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1302 [GMT 1:00] Running from: c:\documents and settings\Margo\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Margo\Desktop\CFScript.txt * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: c:\documents and settings\All Users\Application Data\Norton\Norton2009Reset.exe c:\documents and settings\All Users\Start Menu\Programs\Administrative Tools\Recycle Bin\kdja.exe c:\windows\system32\DRIVERS\58757252.sys c:\windows\system32\winupd.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\DRIVERS\58757252.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_IS-HHN5LDRV -------\Service_.norton2009Reset -------\Service_is-HHN5Ldrv ((((((((((((((((((((((((( Files Created from 2008-11-25 to 2008-12-25 ))))))))))))))))))))))))))))))) . 2008-12-25 01:38 . 2008-12-25 01:38 54,156 --ah----- c:\windows\QTFont.qfn 2008-12-25 01:38 . 2008-12-25 01:38 1,409 --a------ c:\windows\QTFont.for 2008-12-24 13:45 . 2008-12-24 13:45 <DIR> d-------- c:\program files\Common Files\Vbox 2008-12-24 13:44 . 2003-09-25 11:12 14,604 --a------ c:\windows\system32\drivers\pfc.sys 2008-12-24 12:51 . 2008-03-03 18:21 568 --ah----- c:\windows\nod32fixtemdono.reg 2008-12-24 12:45 . 2008-12-24 12:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avg8 2008-12-24 12:08 . 2008-12-24 12:08 <DIR> d-------- c:\program files\AVG 2008-12-24 00:19 . 2008-12-24 00:19 <DIR> d-------- c:\program files\Lavasoft 2008-12-23 22:05 . 2008-12-24 15:03 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-12-23 22:05 . 2008-12-23 23:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-23 21:31 . 2008-12-24 00:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-12-21 21:47 . 2008-12-21 21:47 <DIR> d-------- c:\documents and settings\Margo\Application Data\MAXON 2008-12-21 19:04 . 2008-12-21 19:15 <DIR> d-------- c:\documents and settings\Margo\Application Data\360desktop 2008-12-21 15:45 . 2008-12-21 15:45 55,866 --a------ c:\windows\FontData.fdb 2008-12-21 14:57 . 2008-12-21 14:57 <DIR> d-------- c:\program files\Office Mouse Driver 2008-12-21 13:06 . 2006-07-17 17:02 6,528 --a------ c:\windows\system32\drivers\MOUSEWD.SYS 2008-12-21 12:50 . 2008-12-21 17:56 <DIR> d-------- c:\windows\Downloaded Installations 2008-12-21 12:39 . 2008-04-13 17:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys 2008-12-21 12:39 . 2008-04-13 17:15 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys 2008-12-21 12:39 . 2008-04-13 17:09 14,592 --a------ c:\windows\system32\drivers\kbdhid.sys 2008-12-21 12:39 . 2008-04-13 17:09 14,592 --a--c--- c:\windows\system32\dllcache\kbdhid.sys 2008-12-19 23:43 . 2008-12-19 23:43 <DIR> d-------- c:\documents and settings\Margo\Application Data\NetMedia Providers 2008-12-19 23:41 . 2008-12-19 23:41 <DIR> d-------- c:\program files\Sony 2008-12-19 21:54 . 2008-12-19 21:54 <DIR> d-------- c:\program files\Common Files\DirectX 2008-12-17 16:40 . 2008-03-03 14:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg 2008-12-13 17:43 . 2008-12-13 17:24 1,420 --a------ c:\windows\system32\pbsec.htm 2008-12-13 17:18 . 2008-12-13 17:42 682,280 --a------ c:\windows\system32\pbsvc.exe 2008-12-12 13:45 . 2008-12-25 02:34 69 --a------ c:\windows\NeroDigital.ini 2008-12-11 22:40 . 2008-12-11 22:40 <DIR> d-------- c:\documents and settings\Margo\Application Data\Ahead 2008-12-11 22:39 . 2008-12-11 22:39 <DIR> d-------- c:\program files\Nero 2008-12-11 22:39 . 2008-12-11 22:39 <DIR> d-------- c:\program files\Common Files\Ahead 2008-12-11 22:39 . 2005-10-17 16:15 2,605,056 --a------ c:\windows\system32\BCGCBPRO800u.dll 2008-12-11 22:39 . 2005-10-17 16:07 2,600,960 --a------ c:\windows\system32\BCGCBPRO800.dll 2008-12-11 22:39 . 2004-07-26 16:16 1,568,768 --a------ c:\windows\system32\imagX7.dll 2008-12-11 22:39 . 2004-07-26 16:16 476,320 --a------ c:\windows\system32\imagXpr7.dll 2008-12-11 22:39 . 2004-07-26 16:16 471,040 --a------ c:\windows\system32\imagXRA7.dll 2008-12-11 22:39 . 2004-07-09 08:43 364,544 --a------ c:\windows\system32\TwnLib4.dll 2008-12-11 22:39 . 2004-07-26 16:16 262,144 --a------ c:\windows\system32\imagXR7.dll 2008-12-11 22:39 . 2005-12-23 16:50 32,768 --a------ c:\windows\system32\BCGPOleAcc.dll 2008-12-11 22:25 . 2008-12-11 22:25 <DIR> d-------- c:\windows\system32\xlive 2008-12-11 21:36 . 2008-12-11 21:36 <DIR> d-------- c:\program files\Empire Interactive 2008-12-11 14:06 . 2008-12-11 14:06 <DIR> d-------- c:\documents and settings\Margo\Application Data\Publish Providers 2008-12-11 14:05 . 2006-12-28 16:56 26,013 --a------ c:\windows\system32\sleep.exe 2008-12-11 14:03 . 2008-12-11 14:03 <DIR> d-------- c:\program files\Common Files\Skype 2008-12-11 14:03 . 2008-12-14 22:56 <DIR> d-------- c:\documents and settings\Margo\Application Data\skypePM 2008-12-11 14:03 . 2008-12-14 23:31 <DIR> d-------- c:\documents and settings\Margo\Application Data\Skype 2008-12-11 14:03 . 2008-12-11 14:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype 2008-12-11 14:03 . 2008-12-11 14:03 56 --ah----- c:\windows\system32\ezsidmv.dat 2008-12-11 13:52 . 2008-12-11 14:03 <DIR> d-------- c:\program files\Skype 2008-12-11 13:52 . 2006-12-28 16:56 94,208 --a------ c:\windows\system32\pskill.exe 2008-12-10 20:23 . 2008-12-10 20:23 <DIR> d-------- c:\program files\VID_1345&PID_0003 2008-12-10 17:37 . 2008-12-14 22:17 138,464 --a------ c:\windows\system32\drivers\PnkBstrK.sys 2008-12-10 17:37 . 2008-12-14 22:17 111,928 --a------ c:\windows\system32\PnkBstrB.exe 2008-12-10 17:37 . 2008-12-13 17:43 66,872 --a------ c:\windows\system32\PnkBstrA.exe 2008-12-10 17:31 . 2008-12-10 17:31 <DIR> d-------- c:\program files\Activision 2008-12-10 17:16 . 2008-12-13 17:43 22,328 --a------ c:\documents and settings\Margo\Application Data\PnkBstrK.sys 2008-12-10 16:40 . 2008-12-10 16:40 <DIR> d-------- c:\documents and settings\Margo\Application Data\2K Sports 2008-12-10 16:29 . 2008-12-10 16:38 <DIR> d-------- c:\program files\NBA 2K9 2008-12-10 16:21 . 2008-12-10 16:21 <DIR> d--h----- c:\windows\PIF 2008-12-04 14:15 . 2008-04-13 17:15 26,368 --a--c--- c:\windows\system32\dllcache\usbstor.sys 2008-12-02 00:19 . 2008-12-02 00:19 <DIR> d-------- c:\documents and settings\Margo\Application Data\Apple Computer 2008-12-02 00:16 . 2008-12-02 00:16 <DIR> d-------- c:\program files\QuickTime 2008-12-02 00:16 . 2008-12-02 00:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer 2008-12-01 23:18 . 2008-12-01 23:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\Bluetooth 2008-12-01 22:52 . 2008-04-13 22:42 16,384 --a------ c:\windows\system32\ipsink.ax 2008-12-01 22:52 . 2008-04-13 22:42 16,384 --a--c--- c:\windows\system32\dllcache\ipsink.ax 2008-12-01 22:52 . 2008-04-13 17:16 15,232 --a------ c:\windows\system32\drivers\StreamIP.sys 2008-12-01 22:52 . 2008-04-13 17:16 15,232 --a--c--- c:\windows\system32\dllcache\streamip.sys 2008-12-01 22:52 . 2008-04-13 17:16 11,136 --a------ c:\windows\system32\drivers\SLIP.sys 2008-12-01 22:52 . 2008-04-13 17:16 11,136 --a--c--- c:\windows\system32\dllcache\slip.sys 2008-12-01 22:52 . 2008-04-13 17:16 10,880 --a------ c:\windows\system32\drivers\NdisIP.sys 2008-12-01 22:52 . 2008-04-13 17:16 10,880 --a--c--- c:\windows\system32\dllcache\ndisip.sys 2008-12-01 22:52 . 2008-04-13 17:09 5,504 --a------ c:\windows\system32\drivers\MSTEE.sys 2008-12-01 22:52 . 2008-04-13 17:09 5,504 --a--c--- c:\windows\system32\dllcache\mstee.sys 2008-12-01 22:51 . 2008-12-01 22:51 <DIR> d-------- c:\program files\IVT Corporation 2008-11-30 00:58 . 2008-11-30 00:58 <DIR> d-------- c:\documents and settings\Margo\Application Data\AdobeUM 2008-11-30 00:30 . 2008-11-30 01:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\TrackMania 2008-11-30 00:22 . 2008-11-30 01:06 <DIR> d-------- c:\program files\TmUnitedForever 2008-11-29 23:30 . 2008-12-17 16:34 <DIR> d-------- c:\program files\Common Files\Panda Software 2008-11-29 23:08 . 2008-11-30 18:29 <DIR> d-------- c:\windows\system32\NtmsData 2008-11-29 23:08 . 2008-11-29 23:08 <DIR> d-------- c:\program files\Auslogics 2008-11-29 23:08 . 2008-11-29 23:08 <DIR> d-------- c:\documents and settings\Margo\Application Data\Auslogics 2008-11-29 22:42 . 2008-11-29 22:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\sentinel 2008-11-29 02:06 . 2008-11-29 02:06 4,933,667 --------- c:\windows\{00000001-00000000-00000007-00001102-00000008-10011102}.BAK 2008-11-29 01:59 . 2008-12-13 19:14 <DIR> d-------- c:\program files\TrackMania Nations ESWC 2008-11-28 18:24 . 2006-06-20 09:56 225,280 --a------ c:\windows\system32\rewire.dll 2008-11-28 18:23 . 2008-11-28 18:24 <DIR> d-------- c:\program files\Vst 2008-11-28 18:23 . 2008-11-28 18:23 <DIR> d-------- c:\program files\Outsim 2008-11-28 18:23 . 2008-11-29 01:49 <DIR> d-------- c:\program files\Image-Line 2008-11-28 18:23 . 2002-07-07 23:14 1,294,336 --a------ c:\windows\system32\vorbis.acm 2008-11-28 18:02 . 2008-11-28 18:02 161 --------- C:\Delme.bat 2008-11-28 17:58 . 2008-11-28 17:58 0 ---h----- c:\windows\SwSys2.bmp 2008-11-28 17:58 . 2008-11-28 17:58 0 ---h----- c:\windows\SwSys1.bmp 2008-11-28 16:55 . 2008-12-25 10:47 2,430,582,816 --ahs---- c:\windows\system32\drivers\fidbox.dat 2008-11-28 16:55 . 2008-12-25 10:47 28,485,512 --ahs---- c:\windows\system32\drivers\fidbox.idx 2008-11-28 16:47 . 2008-11-28 16:49 <DIR> d-------- c:\program files\Kantaris 2008-11-28 16:47 . 2008-11-28 16:47 <DIR> d-------- c:\documents and settings\Margo\Application Data\kantaris 2008-11-27 21:13 . 1998-04-24 00:00 1,045,776 --a------ c:\windows\system32\MSJET35.DLL 2008-11-27 21:13 . 1998-04-24 00:00 252,176 --a------ c:\windows\system32\MSRD2X35.DLL 2008-11-27 21:13 . 1998-06-24 00:00 244,024 --a------ c:\windows\system32\MsFlxGrd.ocx 2008-11-27 21:13 . 1998-06-24 00:00 200,496 --a------ c:\windows\system32\DBList32.ocx 2008-11-27 21:13 . 1998-06-24 00:00 140,096 --a------ c:\windows\system32\ComDlg32.ocx 2008-11-27 21:13 . 1998-06-24 00:00 103,744 --a------ c:\windows\system32\Mscomm32.ocx 2008-11-27 21:13 . 1998-06-18 00:00 89,360 --a------ c:\windows\system32\Vb5db.dll 2008-11-27 21:13 . 1998-06-24 00:00 67,376 --a------ c:\windows\system32\Sysinfo.ocx 2008-11-27 21:12 . 2008-12-24 12:21 <DIR> d-------- c:\program files\Planplus 2008-11-27 10:17 . 2008-12-24 11:51 <DIR> d-------- c:\program files\Kaspersky Lab 2008-11-27 03:00 . 2008-11-27 03:00 <DIR> d-------- C:\00000082 2008-11-27 02:51 . 2008-11-27 02:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller 2008-11-27 01:09 . 2008-11-27 01:09 <DIR> d-------- c:\documents and settings\Margo\Application Data\ESET 2008-11-27 01:08 . 2008-12-17 16:36 <DIR> d-------- c:\program files\ESET 2008-11-27 00:52 . 2008-11-27 01:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-11-27 00:38 . 2008-11-27 00:38 <DIR> d-------- c:\windows\system32\AGEIA 2008-11-27 00:38 . 2008-11-27 00:38 <DIR> d-------- c:\program files\AGEIA Technologies 2008-11-27 00:35 . 2008-11-27 00:39 <DIR> d-------- c:\windows\NV13762920.TMP 2008-11-27 00:35 . 2008-12-24 00:18 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-11-27 00:35 . 2008-11-13 16:20 203,540 --a------ c:\windows\system32\nvapps.nvb 2008-11-27 00:34 . 2008-11-27 00:34 <DIR> d-------- C:\NVIDIA 2008-11-26 18:29 . 2008-11-28 20:05 8 --a------ c:\windows\system32\nvModes.dat 2008-11-26 18:28 . 2008-11-26 18:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles 2008-11-26 17:58 . 2008-12-25 10:48 196,238 --a------ c:\windows\system32\nvapps.xml 2008-11-26 17:57 . 2008-11-27 00:39 <DIR> d-------- c:\windows\nview 2008-11-26 17:57 . 2008-11-12 14:54 453,152 --a------ c:\windows\system32\nvudisp.exe 2008-11-26 17:57 . 2008-11-12 14:54 18,537 --a------ c:\windows\system32\nvdisp.nvu 2008-11-26 17:48 . 2008-11-26 17:48 10 --------- c:\windows\WININIT.INI . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-24 16:03 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2008-12-24 12:45 --------- d-----w c:\program files\Common Files\Adobe 2008-12-24 12:44 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-21 21:33 2,880 --sha-w c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2008-12-21 11:50 --------- d-----w c:\program files\Common Files\InstallShield 2008-12-19 22:40 --------- d-----w c:\program files\Sony Setup 2008-12-19 19:13 --------- d-----w c:\program files\Opera 2008-12-11 13:06 --------- d-----w c:\documents and settings\Margo\Application Data\Sony 2008-12-01 23:56 --------- d-----w c:\program files\Webteh 2008-12-01 23:52 --------- d-----w c:\documents and settings\Margo\Application Data\BSplayer Pro 2008-12-01 23:33 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2008-11-29 01:06 --------- d-----w c:\documents and settings\Margo\Application Data\Creative 2008-11-27 01:58 --------- d-----w c:\program files\Symantec 2008-11-26 16:49 --------- d-----w c:\program files\ATI Technologies 2008-11-12 12:45 453,152 ----a-w c:\windows\system32\NVUNINST.EXE 2008-11-03 08:26 --------- d-----w c:\program files\Zone Labs 2008-11-03 08:23 --------- d-----w c:\documents and settings\All Users\Application Data\CrystalIdea Software 2008-11-03 08:05 --------- d-----w c:\documents and settings\All Users\Application Data\Ashampoo 2008-11-03 02:04 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-11-02 21:41 --------- d-----w c:\documents and settings\Margo\Application Data\Disney Interactive Studios 2008-11-02 21:39 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-11-02 21:31 --------- d-----w c:\documents and settings\Margo\Application Data\Leadertech 2008-11-02 21:24 --------- d-----w c:\program files\Disney Interactive Studios 2008-11-02 20:50 --------- d-----w c:\program files\DAEMON Tools Lite 2008-11-02 20:45 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-02 20:45 --------- d-----w c:\documents and settings\Margo\Application Data\DAEMON Tools 2008-11-02 20:44 --------- d-----w c:\program files\Uninstall Tool 2008-11-02 19:03 --------- d-----w c:\documents and settings\Margo\Application Data\Ulead Systems 2008-11-02 19:01 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems 2008-11-02 19:00 --------- d-----w c:\documents and settings\Margo\Application Data\InstallShield 2008-11-02 18:59 --------- d-----w c:\program files\Windows Media Components 2008-11-02 18:59 --------- d-----w c:\program files\Common Files\Ulead Systems 2008-11-02 18:59 --------- d-----w c:\program files\Common Files\InterVideo 2008-11-02 18:59 --------- d-----w c:\documents and settings\All Users\Application Data\InterVideo 2008-11-02 18:58 --------- d-----w c:\program files\Ulead Systems 2008-11-02 18:17 --------- d-----w c:\documents and settings\All Users\Application Data\Corel 2008-11-02 18:16 8 --sh--r c:\documents and settings\All Users\Application Data\2AE9E4E4BB.sys 2008-11-02 18:16 --------- d-----w c:\documents and settings\Margo\Application Data\Corel 2008-11-02 18:13 --------- d-----w c:\program files\Common Files\Protexis 2008-11-02 18:12 --------- d-----w c:\program files\Common Files\Corel 2008-11-02 18:11 --------- d-----w c:\program files\Corel 2008-11-01 23:19 --------- d-----w c:\documents and settings\Margo\Application Data\Hamachi 2008-11-01 20:58 25,280 ------w c:\windows\system32\drivers\hamachi.sys 2008-11-01 20:47 --------- d-----w c:\program files\Hamachi 2008-11-01 19:10 --------- d-----w c:\program files\Stardock 2008-11-01 19:10 --------- d-----w c:\program files\Common Files\Stardock 2008-11-01 19:06 --------- d-----w c:\program files\Valve 2008-11-01 17:06 --------- d-----w c:\program files\Google 2008-11-01 15:20 --------- d-----w c:\program files\Common Files\BitDefender 2008-11-01 14:22 --------- d-----w c:\documents and settings\Margo\Application Data\Symantec 2008-11-01 14:07 --------- d-----w c:\program files\Creative 2008-11-01 13:19 --------- d-----w c:\program files\Windows Live 2008-11-01 13:19 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2008-11-01 13:18 --------- d-----w c:\program files\Microsoft 2008-11-01 13:13 --------- d-----w c:\program files\Common Files\Windows Live 2008-10-31 23:45 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller 2008-10-31 23:32 --------- d-----w c:\program files\Sega 2008-10-31 23:29 --------- d-----w c:\documents and settings\Margo\Application Data\ATI 2008-10-31 23:22 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-10-31 23:19 --------- d-----w c:\program files\Microsoft.NET 2008-10-31 23:19 --------- d-----w c:\program files\Microsoft Works 2008-10-31 23:13 --------- d-----w c:\program files\Microsoft Visual Studio 8 2008-10-31 21:49 --------- d-----w c:\program files\Reference Assemblies 2008-10-31 21:49 --------- d-----w c:\program files\MSBuild 2008-10-31 21:06 737,280 ------w c:\windows\iun6002.exe 2008-10-31 21:00 --------- d-----w c:\program files\DIFX 2008-10-31 14:25 --------- d-----w c:\documents and settings\Margo\Application Data\OtakuSoftware 2008-10-31 14:24 --------- d-----w c:\program files\Windows7 2008-10-31 14:24 --------- d-----w c:\program files\RocketDock 2008-10-31 14:16 --------- d-----w c:\program files\microsoft frontpage 2008-10-31 14:13 --------- d-----w c:\program files\Windows Media Connect 2 2008-10-13 08:56 70,936 ----a-w c:\windows\system32\PhysXLoader.dll 2008-08-24 17:12 13,622 ------w c:\documents and settings\Margo\STARTUP.reg . ((((((((((((((((((((((((((((( snapshot@2008-12-24_23.15.53.46 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-13 22:42:12 32,256 -c----w c:\windows\system32\dllcache\wups.dll + 2007-07-30 12:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "Creative MediaSource Go"="c:\program files\Creative\MediaSource\Go\CTCMSGo.exe" [2003-08-12 131072] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-28 25088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-28 3504128] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13672448] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-12 86016] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072] "nwiz"="nwiz.exe" [2008-11-12 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] "nltide_3"="advpack.dll" [2008-04-26 c:\windows\system32\advpack.dll] c:\documents and settings\Margo\Start Menu\Programs\Startup\ Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-11-01 3450608] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm "msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm "msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm [HKLM\~\startupfolder\C:^Documents and Settings^Margo^Start Menu^Programs^Startup^YzDock.lnk] path=c:\documents and settings\Margo\Start Menu\Programs\Startup\YzDock.lnk backup=c:\windows\pss\YzDock.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnalogClock] --------- 2005-11-05 07:10 480256 c:\program files\Windows7\Analog Clock\AnalogClock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET] --------- 2003-06-18 01:00 45056 c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2008-04-28 10:22 25088 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol] --------- 2003-09-17 10:43 57344 c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --------- 2008-08-08 13:11 490952 c:\program files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui] --a------ 2008-02-20 11:06 1443072 c:\program files\ESET\ESET NOD32 Antivirus\egui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --------- 2006-10-26 18:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KRun] --------- 2007-04-06 15:15 518656 c:\program files\Windows7\RunMe\RunMe.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --------- 2008-09-09 00:02 3513344 c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pie Dock] --------- 2007-09-02 07:12 586240 c:\program files\Windows7\Windows 7 Pie Dock\Windows 7 Pie Dock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-12-11 10:56 286720 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBDrvDet] --------- 2002-12-03 18:06 45056 c:\program files\Creative\SB Drive Det\SBDrvDet.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2008-11-07 14:31 21633320 c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] -rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TopDesk] --------- 2007-06-20 09:21 1912832 c:\program files\Windows7\TopDesk\topdesk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransBar] --------- 2005-06-01 16:41 65536 c:\program files\Windows7\TransBar\TransBar.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload] --------- 2007-07-23 13:55 341232 c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viena Explorer] --------- 2006-11-18 11:31 581632 c:\program files\Windows7\Vienna Explorer\Vienna Explorer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Visual Task Tips] --------- 2007-09-05 18:20 36352 c:\program files\Windows7\VisualTaskTips\VisualTaskTips.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessMouse] --a------ 2005-11-30 12:48 94208 c:\program files\Office Mouse Driver\StartAutorun.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2004-03-19 09:33 24576 c:\windows\system32\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\English\\setup.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\English\\setup.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Hamachi\\hamachi.exe"= "c:\\Program Files\\Valve\\hlds.exe"= "c:\\Program Files\\Valve\\hl.exe"= "c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "c:\\Program Files\\TmUnitedForever\\TmForever.exe"= "c:\\Program Files\\Disney Interactive Studios\\Pure\\Pure.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"= "c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800] R2 ekrn;Eset Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" [2008-02-20 472320] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe /s c:\windows\nod32fixtemdono.reg [2008-04-28 25600] S3 MOUSEWDFilter;MOUSEWDFilter;\??\c:\windows\System32\Drivers\MOUSEWD.SYS [2008-12-21 6528] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-12-25 10:48:08 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(900) c:\windows\system32\SETUPAPI.dll c:\windows\system32\sfc_os.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(956) c:\windows\system32\setupapi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\windows\system32\rundll32.exe c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe c:\windows\system32\CTSVCCDA.EXE c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\program files\Common Files\Protexis\License Service\PsiService_2.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\system32\MsPMSPSv.exe . ************************************************************************ . Completion time: 2008-12-25 10:50:10 - machine was rebooted [Margo] ComboFix-quarantined-files.txt 2008-12-25 09:50:07 ComboFix2.txt 2008-12-24 22:16:15 Pre-Run: 9,367,588,864 bytes free Post-Run: 9,411,514,368 bytes free 380

Profil

bobby Poslao: 25 Dec 2008 12:39 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to sto se tice malwarea. Kako se sada komp ponasa?

Profil

margo.grcic Poslao: 25 Dec 2008 15:14 Idi na vrh
offline margo.grcic Novi MyCity građanin Pridružio: 25 Apr 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pa ponasa se ekstra.Mislim da mi net nije radio ovako dobro odkako ga imam.Znaci sve je u redu.Zanima me da li su mi jos neka podesavanja vracena na difolt posto mi je start meni ponovo po starom i pojavila se ta ikona internet eksplorera na desktopu.TO me eto cisto zanima da ne jurim ako nema nista vise.Ovo nije prvi put da ste mi pomogli tako da hvala po ko zna koji put

Profil

bobby Poslao: 25 Dec 2008 15:16 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jeste, ComboFix vraca prilicno puno podesavanja na default: - system restore - Win Security Center - default browser - vidljivost skrivenih fajlova - itd. Treba sada jos deinstalirati ComboFix (vazno je da se ovo odradi, posto ce to ocistiti fajlove koje je on ubacio u karantin): Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore

Profil

margo.grcic Poslao: 25 Dec 2008 17:24 Idi na vrh
offline margo.grcic Novi MyCity građanin Pridružio: 25 Apr 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio sam deinstalaciju.Zanima me da li mozete da mi preporucite neki program da bi se zastitio od mejlverova posto sam shvatio da je to u stvari bio problem.Mozda sam to sve nahvatao pre nego sto sam postavio bilo koji antivirus odnosno pre nod-a posto sam jedno vreme bio bez antivirus programa a i dalje sam skidao sa neta.Bio bih zahvalan na bilo kakvom odgovoru. Marko Grcic

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Otvaranje internet stranica

Ko je trenutno na forumu

Ukupno su 698 korisnika na forumu :: 2 registrovanih, 1 sakriven i 695 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Milos82, panzerwaffe

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by