Komp mi se baguje se........

2

Komp mi se baguje se........

offline
  • Pridružio: 05 Sep 2008
  • Poruke: 204








Dopuna: 04 Feb 2009 23:24

Citat:Ne vidim sta bi ovde moglo biti uzrok "bagovanju"


Hajde da proverimo nesto:


Otvoriti Notepad i iskopirati sledeci tekst:

Kod:
DirLook::
C:\cc237b20efb32377876ae997e8


Snimiti na Desktop fajl iz Notepada kao "CFScript"



ComboFix 09-02-04.01 - MIHAJLO & MARKO 2009-02-04 23:12:13.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1402 [GMT 1:00]
Running from: c:\documents and settings\MIHAJLO & MARKO\Desktop\MC\ComboFix.exe
Command switches used :: c:\documents and settings\MIHAJLO & MARKO\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090203-1] *On-access scanning disabled* (Updated)
FW: PC Tools Firewall Plus *disabled*
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-01-04 to 2009-02-04 )))))))))))))))))))))))))))))))
.

2009-02-04 10:45 . 2009-02-04 10:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\JH Software
2009-01-31 23:13 . 2009-02-04 23:02 <DIR> d-------- c:\program files\Steam
2009-01-31 22:28 . 2009-01-31 22:37 <DIR> d-------- c:\windows\system32\rserver30
2009-01-31 21:44 . 2009-01-31 21:44 <DIR> d-------- c:\program files\MultiRes
2009-01-31 21:43 . 2009-01-31 21:43 <DIR> d-------- c:\program files\Radeon Omega Drivers
2009-01-31 15:17 . 2009-02-02 20:36 <DIR> d-------- c:\program files\Valve
2009-01-31 13:23 . 2009-01-31 15:42 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-01-30 23:28 . 2009-01-30 23:29 664 --a------ c:\windows\system32\d3d9caps.dat
2009-01-30 23:14 . 2009-01-31 15:37 <DIR> d-------- c:\program files\Cheating-Death
2009-01-29 20:10 . 2009-01-29 20:10 <DIR> d-------- c:\windows\Downloaded Installations
2009-01-29 20:00 . 2009-01-29 20:00 <DIR> d-------- c:\program files\TitanTV
2009-01-29 19:59 . 2009-01-29 19:59 <DIR> d-------- c:\windows\system32\windows media
2009-01-29 19:59 . 2009-01-29 19:59 <DIR> d--h----- c:\windows\msdownld.tmp
2009-01-29 19:56 . 2009-01-31 13:07 <DIR> d-------- c:\program files\Windows Media Components
2009-01-29 19:04 . 2009-01-29 19:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\ATI
2009-01-29 18:56 . 2007-09-28 21:05 593,920 --------- c:\windows\system32\ati2sgag.exe
2009-01-29 18:55 . 2009-01-29 18:55 <DIR> d-------- C:\ATI
2009-01-29 17:22 . 2009-01-29 17:22 <DIR> d-------- c:\windows\system32\drivers\umdf
2009-01-29 17:20 . 2009-01-29 17:50 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-29 16:57 . 2009-01-29 20:49 <DIR> d-------- c:\program files\Rockstar Games
2009-01-29 16:17 . 2009-01-29 16:17 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\DAEMON Tools Pro
2009-01-29 16:17 . 2009-01-29 16:17 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\DAEMON Tools
2009-01-29 16:16 . 2009-01-29 16:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-01-29 16:12 . 2009-01-29 16:12 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\DAEMON Tools Lite
2009-01-29 16:12 . 2009-01-29 16:12 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-01-28 16:25 . 2009-01-28 16:25 <DIR> d-------- c:\program files\Lindersoft
2009-01-28 16:25 . 2009-01-28 16:25 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\Lindersoft
2009-01-24 14:00 . 2009-01-25 01:01 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\Any Video Converter
2009-01-24 13:29 . 2009-01-24 13:29 <DIR> d-------- c:\program files\GlobalSCAPE
2009-01-24 13:21 . 2009-01-24 13:28 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\FileZilla
2009-01-24 01:41 . 2009-01-24 01:41 <DIR> d-------- c:\program files\Axialis
2009-01-24 01:41 . 2009-01-24 01:41 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\Axialis
2009-01-22 09:59 . 2009-01-22 09:59 <DIR> d-------- c:\program files\Innovative Solutions
2009-01-22 01:29 . 2009-01-22 01:29 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-01-22 01:28 . 2009-01-22 01:28 <DIR> d-------- c:\program files\Lavasoft
2009-01-22 01:28 . 2009-01-22 01:28 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-21 04:27 . 2009-01-21 04:27 <DIR> d--hs---- C:\Boot
2009-01-21 04:27 . 2008-12-13 08:03 377,151 -rahs---- C:\bootmgr
2009-01-21 04:27 . 2009-01-21 04:27 8,192 -rahs---- C:\BOOTSECT.BAK
2009-01-20 12:21 . 2009-01-20 12:21 <DIR> d-------- C:\cc237b20efb32377876ae997e8
2009-01-19 22:37 . 2009-01-19 22:40 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\Eltima Software
2009-01-17 23:20 . 2009-01-17 23:20 175,616 --a------ c:\windows\system32\wmp.oca
2009-01-14 06:46 . 2007-12-05 03:19 5,435,392 --a------ c:\windows\system32\atioglxx.dll
2009-01-14 05:05 . 2009-01-14 05:05 79,008 --a------ c:\windows\system32\ativvaxx.cap
2009-01-14 03:36 . 2009-01-14 03:36 45,056 --a------ c:\windows\system32\amdcalrt.dll
2009-01-14 03:36 . 2009-01-14 03:36 45,056 --a------ c:\windows\system32\amdcalcl.dll
2009-01-14 03:34 . 2009-01-14 03:34 3,227,648 --a------ c:\windows\system32\Amdcaldd.dll
2009-01-06 14:44 . 2009-01-06 14:44 <DIR> d-------- c:\documents and settings\MIHAJLO & MARKO\Application Data\PCToolsFirewallPlus
2009-01-06 14:37 . 2008-12-11 08:38 159,600 --a------ c:\windows\system32\drivers\pctgntdi.sys
2009-01-06 14:37 . 2008-12-11 12:32 132,976 --a------ c:\windows\system32\drivers\PCTCore.sys
2009-01-06 14:37 . 2008-12-11 12:32 73,840 --a------ c:\windows\system32\drivers\PCTAppEvent.sys
2009-01-06 14:36 . 2009-01-28 14:09 <DIR> d-------- c:\program files\PC Tools Firewall Plus
2009-01-06 14:36 . 2009-01-06 14:37 <DIR> d-------- c:\program files\Common Files\PC Tools
2009-01-06 14:36 . 2008-09-22 12:29 97,408 --a------ c:\windows\system32\drivers\pctfw.sys
2009-01-06 14:36 . 2008-12-11 17:01 95,640 --a------ c:\windows\system32\drivers\pctplfw.sys
2009-01-06 14:23 . 2009-01-06 14:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2009-01-06 14:23 . 2008-11-17 13:05 12,576 --a------ c:\windows\system32\drivers\TfKbMon.sys
2009-01-06 12:51 . 2009-01-22 01:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-06 00:40 . 2009-01-22 09:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\SecTaskMan
2009-01-05 15:19 . 2009-01-05 15:19 <DIR> d-------- c:\program files\OO Software
2009-01-04 19:07 . 2009-01-04 19:07 <DIR> d-------- c:\windows\system32\xlive
2009-01-04 19:05 . 2009-01-04 19:05 <DIR> d-------- c:\program files\Microsoft XNA

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-04 22:02 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-01-31 20:43 472,576 ----a-w c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe
2009-01-31 14:17 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-29 18:00 --------- d-----w c:\program files\ATI Technologies
2009-01-29 16:25 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2009-01-23 23:26 --------- d-----w c:\program files\IconForge7
2009-01-22 00:38 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\uTorrent
2009-01-22 00:28 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-21 23:24 --------- d-----w c:\program files\SUPERAntiSpyware
2009-01-21 23:24 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\SUPERAntiSpyware.com
2009-01-20 10:08 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\Download Manager
2009-01-14 03:50 48,640 ----a-w c:\windows\system32\amdpcom32.dll
2009-01-14 03:44 110,592 ----a-w c:\windows\system32\atiadlxx.dll
2009-01-14 03:37 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2009-01-04 18:12 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-01 14:22 --------- d-----w c:\documents and settings\All Users\Application Data\TVU Networks
2008-12-30 14:41 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\Winamp
2008-12-29 21:39 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\Media Player Classic
2008-12-29 21:38 --------- d-----w c:\program files\Real Alternative
2008-12-29 21:38 --------- d-----w c:\program files\Common Files\Real
2008-12-29 20:20 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\CursorArts
2008-12-29 17:47 --------- d-----w c:\program files\GRETECH
2008-12-29 17:47 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\GRETECH
2008-12-29 17:47 --------- d-----w c:\documents and settings\All Users\Application Data\GRETECH
2008-12-27 16:38 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield
2008-12-27 13:19 --------- d--h--w c:\program files\Zero G Registry
2008-12-27 13:19 --------- d-----w c:\program files\Macrovision
2008-12-26 18:37 --------- d-----w c:\program files\Zeallsoft
2008-12-26 12:26 5,632 ----a-w c:\windows\system32\drivers\StarOpen.sys
2008-12-26 11:06 --------- d-----w c:\program files\Common Files\Adobe
2008-12-25 20:05 --------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-17 21:57 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\ImTOO Software Studio
2008-12-16 19:52 --------- d-----w c:\program files\QuickTime
2008-12-16 19:52 --------- d-----w c:\program files\Common Files\Apple
2008-12-16 19:52 --------- d-----w c:\program files\Apple Software Update
2008-12-16 19:52 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-16 19:52 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-12-13 19:36 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\BearShare
2008-12-12 10:26 --------- d-----w c:\documents and settings\MIHAJLO & MARKO\Application Data\Samsung
2008-12-04 17:35 --------- d-----w c:\program files\Microsoft Silverlight
2008-12-04 15:25 --------- d-----w c:\program files\Microsoft Visual Studio 9.0
2008-11-10 04:43 410,984 ----a-w c:\windows\system32\deploytk.dll
2006-06-24 06:48 32,768 ----a-r c:\windows\inf\UpdateUSB.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\cc237b20efb32377876ae997e8 ----

2008-07-06 17:36 2936832 --a------ c:\cc237b20efb32377876ae997e8\amd64\xpssvcs.dll
2008-07-06 13:06 89088 --a------ c:\cc237b20efb32377876ae997e8\i386\filterpipelineprintproc.dll
2008-07-06 13:06 765440 --a------ c:\cc237b20efb32377876ae997e8\i386\mxdwdrv.dll
2008-07-06 13:06 748032 --a------ c:\cc237b20efb32377876ae997e8\amd64\mxdwdrv.dll
2008-07-06 13:06 1676288 --a------ c:\cc237b20efb32377876ae997e8\i386\xpssvcs.dll
2008-07-06 13:06 147456 --a------ c:\cc237b20efb32377876ae997e8\amd64\filterpipelineprintproc.dll
2008-07-06 13:06 10929 --a------ c:\cc237b20efb32377876ae997e8\i386\msxpsdrv.cat
2008-07-06 13:06 10929 --a------ c:\cc237b20efb32377876ae997e8\amd64\msxpsdrv.cat
2008-06-19 11:03 73 --a------ c:\cc237b20efb32377876ae997e8\i386\msxpsinc.gpd
2008-06-19 11:03 73 --a------ c:\cc237b20efb32377876ae997e8\amd64\msxpsinc.gpd
2008-06-19 06:33 72 --a------ c:\cc237b20efb32377876ae997e8\i386\msxpsinc.ppd
2008-06-19 06:33 72 --a------ c:\cc237b20efb32377876ae997e8\amd64\msxpsinc.ppd
2008-06-19 06:33 2204 --a------ c:\cc237b20efb32377876ae997e8\i386\msxpsdrv.inf
2008-06-19 06:33 2204 --a------ c:\cc237b20efb32377876ae997e8\amd64\msxpsdrv.inf


((((((((((((((((((((((((((((( snapshot@2009-02-03_21.35.00.68 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-04 22:01:50 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_34c.dat
+ 2009-02-04 22:01:43 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_79c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-01-15 1830128]
"Steam"="c:\program files\Steam\Steam.exe" [2003-09-11 958464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"="c:\program files\ASUS\EPU-4 Engine\FourEngine.exe" [2008-05-28 6664192]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2004-01-21 103936]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-12-16 413696]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-01-28 2652056]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-31 509784]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 c:\windows\RTHDCPL.EXE]
"AtiPTA"="atiptaxx.exe" [2006-02-22 c:\windows\system32\atiptaxx.exe]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Giganology\\Gigaget\\Gigaget.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Adobe\\Adobe Dreamweaver CS4\\Dreamweaver.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Valve\\hl.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-01-22 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-21 111184]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-01-06 159600]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-21 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 950096]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-01-06 73840]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-10-26 93696]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2008-10-26 36864]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-01-06 95640]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S2 ThreatFire;ThreatFire;c:\program files\ThreatFire\TFService.exe service --> c:\program files\ThreatFire\TFService.exe service [?]
S3 mirrorv3;mirrorv3;c:\windows\system32\drivers\rminiv3.sys [2006-11-01 3328]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2009-01-22 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-31 15:42]

2009-02-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
IE: &Download All by Gigaget - c:\program files\Giganology\Gigaget\getallurl.htm
IE: &Download by Gigaget - c:\program files\Giganology\Gigaget\geturl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
FF - ProfilePath - c:\documents and settings\MIHAJLO & MARKO\Application Data\Mozilla\Firefox\Profiles\qsasppbe.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\MIHAJLO & MARKO\Application Data\Mozilla\Firefox\Profiles\qsasppbe.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-04 23:13:49
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-527237240-1580436667-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:a4,af,85,36,9e,c7,5f,0f,a9,b0,b1,cb,c2,a3,c2,fa,12,20,e3,a3,d6,
22,3b,09,d0,b6,f6,85,cc,a1,d0,08,bf,c5,c5,a6,cc,d9,64,65,b5,44,5b,72,77,58,\
"rkeysecu"=hex:f2,82,08,c3,db,2a,27,66,39,7e,27,b4,a1,8a,73,c0
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1028-)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Completion time: 2009-02-04 23:14:41
ComboFix-quarantined-files.txt 2009-02-04 22:14:40
ComboFix2.txt 2009-02-03 20:35:36

Pre-Run: 137,571,782,656 bytes free
Post-Run: 137,557,184,512 bytes free

260 --- E O F --- 2008-12-22 23:22:37

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Ovde smo gotovi...

Uradi sledece :

U Run kucaj cmd

I u konzoli kucaj :

c:
cd "\documents and settings\MIHAJLO & MARKO\Desktop\MC\"
ComboFix.exe /u


To ce deinstalirati Combofix...

PozZz

Dopuna: 04 Feb 2009 23:35

Onaj folder nemoj brisati...

offline
  • Pridružio: 05 Sep 2008
  • Poruke: 204

OK,hvala mnogo na pomoci!!

Ko je trenutno na forumu
 

Ukupno su 527 korisnika na forumu :: 8 registrovanih, 3 sakrivenih i 516 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: amstel2, dekir, DM1994, havoc995, kybonacci, nemkea71, pavle_pzs, Srki94