Pomoc...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 08-04-24.1 - Kralj 2008-04-26 23:57:27.1 - NTFSx86
Running from: C:\Documents and Settings\kuki\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url
C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url
C:\Documents and Settings\Kralj\Favorites\Online Security Test.url
C:\Program Files\inetget2
C:\Program Files\JavaCore
C:\Program Files\JavaCore\JavaCore.exe
C:\Program Files\JavaCore\UnInstall.exe
C:\Program Files\spylocked 4.3
C:\Program Files\spylocked 4.3\blacklist.txt
C:\Program Files\spylocked 4.3\sl.dat
C:\Program Files\spylocked 4.3\SpyLocked 4.3.url
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\resources\languages.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\updates\webmediasDB.upd
C:\Program Files\webmediaplayer\WebMediaPlayer.url
C:\WINDOWS\b152.exe
C:\WINDOWS\b999.exe
C:\WINDOWS\mrofinu1001186.exe
C:\WINDOWS\pack.epk
C:\WINDOWS\SCVVHSOT.exe
C:\WINDOWS\system\_sv_CMD_
C:\WINDOWS\system\_sv_CMD_\_U_.exe
C:\WINDOWS\system\svchost.exe
C:\WINDOWS\system32\autorun.ini
C:\WINDOWS\system32\blastclnnn.exe
C:\WINDOWS\system32\SCVVHSOT.exe
C:\WINDOWS\system32\setting.ini
C:\WINDOWS\system32\ufescbqafn.dat
C:\WINDOWS\system32\ufescbqafn_nav.dat
C:\WINDOWS\system32\ufescbqafn_navps.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NWSAPAGENT
-------\Service_NwSapAgent


((((((((((((((((((((((((( Files Created from 2008-03-26 to 2008-04-26 )))))))))))))))))))))))))))))))
.

2008-04-26 23:35 . 2008-04-26 23:35 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-26 21:39 . 2008-04-26 21:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-04-26 20:58 . 2008-04-26 20:58 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-26 16:10 . 2008-04-26 16:10 <DIR> d-------- C:\Program Files\AnVir Task Manager Free
2008-04-26 09:57 . 2008-04-26 09:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\leena.26-4-2008
2008-04-25 10:07 . 2008-04-25 11:55 <DIR> d-------- C:\077dd3dae234ad6b934e1e7a39337753
2008-04-25 00:39 . 2008-04-25 00:39 <DIR> d-------- C:\Documents and Settings\Kralj\Application Data\Bitdefender
2008-04-25 00:39 . 2008-04-25 00:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\leena.25-4-2008
2008-04-25 00:32 . 2008-04-25 00:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-25 00:31 . 2008-04-25 00:31 <DIR> d-------- C:\Program Files\Softwin
2008-04-25 00:28 . 2008-04-25 00:32 <DIR> d-------- C:\Program Files\Common Files\Softwin
2008-04-24 10:55 . 2008-04-24 10:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\leena.24-4-2008
2008-04-23 21:33 . 2008-04-23 21:33 268 --ah----- C:\sqmdata01.sqm
2008-04-23 21:33 . 2008-04-23 21:33 244 --ah----- C:\sqmnoopt01.sqm
2008-04-23 17:37 . 2008-04-26 21:40 21,717 --a------ C:\WINDOWS\leena.ini
2008-04-23 17:33 . 2008-04-23 17:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\leena.23-4-2008
2008-04-23 13:51 . 2006-07-16 20:22 86,016 --a------ C:\WINDOWS\system32\ex-plorer.exe
2008-04-23 13:51 . 2006-07-16 20:22 86,016 --a------ C:\WINDOWS\system32\controls.exe
2008-04-23 13:51 . 2006-07-16 20:22 86,016 --a------ C:\WINDOWS\system32\Av-Prev.exe
2008-04-23 13:51 . 2006-07-16 20:22 86,016 --------- C:\Documents and Settings\All Users\Application Data\Normal.exe
2008-04-21 21:22 . 2008-04-21 21:22 <DIR> d-------- C:\Program Files\Dream Day Wedding
2008-04-21 20:08 . 2008-04-25 09:56 <DIR> d-------- C:\Program Files\Cate West The Vanishing Files
2008-04-21 19:34 . 2008-04-21 19:34 <DIR> d-------- C:\Program Files\Mind Machine
2008-04-09 15:07 . 2008-04-09 22:18 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-04-04 05:56 . 2008-04-04 07:51 2,411 --a------ C:\WINDOWS\MDVDP.Ini
2008-04-03 16:27 . 2008-04-09 22:18 1,355 --a------ C:\WINDOWS\imsins.BAK
2008-04-03 10:45 . 2008-04-03 10:45 <DIR> d-------- C:\Program Files\Picasa2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 22:06 498 ----a-w C:\sccfg.sys
2008-04-26 21:26 770,048 -c--a-w C:\WINDOWS\TMUninst.exe
2008-04-26 21:22 77,824 ----a-w C:\WINDOWS\soundman.exe
2008-04-26 20:42 557,056 ----a-w C:\Documents and Settings\Kralj\GoToAssist_phone__317_en.exe
2008-04-26 19:54 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-04-26 19:46 146,432 ----a-w C:\WINDOWS\regedit.exe
2008-04-26 19:39 --------- d-----w C:\Program Files\ESET
2008-04-25 08:07 --------- d-----w C:\Program Files\Common Files\BitDefender
2008-04-25 07:57 --------- d-----w C:\Program Files\Platypus II
2008-04-23 17:22 --------- d-----w C:\Program Files\GrabIt
2008-04-23 17:22 --------- d-----w C:\Program Files\Free Tetrix
2008-04-23 17:22 --------- d-----w C:\Program Files\ffdshow
2008-04-23 17:22 --------- d-----w C:\Program Files\DVD Shrink
2008-04-23 17:22 --------- d-----w C:\Program Files\CCleaner
2008-04-23 17:22 --------- d-----w C:\Program Files\BTMPro
2008-04-23 17:22 --------- d-----w C:\Program Files\BitComet
2008-04-23 17:22 --------- d-----w C:\Program Files\BIHnet
2008-04-23 17:22 --------- d-----w C:\Program Files\All Sound Recorder XP 210
2008-04-23 17:22 --------- d-----w C:\Program Files\Advanced Karaoke Player
2008-04-18 19:16 --------- d-----w C:\Program Files\Winamp
2008-04-03 08:45 --------- d-----w C:\Program Files\Google
2008-03-28 13:11 --------- d-----w C:\Program Files\Folder Lock
2008-03-19 19:55 --------- d-----w C:\Documents and Settings\Kralj\Application Data\SolSuite
2008-03-14 19:11 --------- d-----w C:\Program Files\SolSuite
2008-03-14 11:43 --------- d-----w C:\Program Files\Secrets Of Great Art
2008-02-28 19:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-07 15:45 15,938,165 ----a-w C:\Program Files\GrabIt.rar
2007-12-04 14:33 22,328 ----a-w C:\Documents and Settings\Kralj\Application Data\PnkBstrK.sys
2007-03-09 07:12 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll
2004-02-22 20:00 1,386,496 --sh--r C:\WINDOWS\system32\msvbvm60.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2008-04-26 23:22 65536]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 22016]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2004-12-22 02:10 88358 C:\WINDOWS\agrsmmsg.exe]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2008-04-27 00:01 196608]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2008-04-27 00:01 671744]
"HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2008-04-26 21:44 28672]
"SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2008-04-26 21:44 65536]
"TCtryIOHook"="TCtrlIOHook.exe" [2008-04-26 21:44 28672 C:\WINDOWS\system32\TCtrlIOHook.exe]
"TPSMain"="TPSMain.exe" [2008-04-26 21:45 266240 C:\WINDOWS\system32\TPSMain.exe]
"TFncKy"="TFncKy.exe" []
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2008-04-27 00:01 73728]
"NDSTray.exe"="NDSTray.exe" []
"CFSServ.exe"="CFSServ.exe" []
"TLGInit"="C:\WINDOWS\_load.exe" [ ]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27 228864]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 22016]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-04-27 00:06 1634304]
"Yahoo Messengger"="C:\WINDOWS\system32\SCVVHSOT.exe" [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv
"vidc.3ivx"= 3ivxVfWCodec.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor.lnk
backup=C:\WINDOWS\pss\Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Kralj^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Kralj\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Kralj^Start Menu^Programs^Startup^IMVU.lnk]
path=C:\Documents and Settings\Kralj\Start Menu\Programs\Startup\IMVU.lnk
backup=C:\WINDOWS\pss\IMVU.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Kralj^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\Kralj\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Kralj^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
path=C:\Documents and Settings\Kralj\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2008-04-25 03:11 352256 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
C:\Program Files\Softwin\BitDefender10\bdmcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDefender Antiphishing Helper]
C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files\BitTorrent\bittorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DNA]
C:\Program Files\BitTorrent_DNA\dna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-05-11 23:12 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2006-10-30 10:36 256576 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-26 23:26 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 13:54 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
C:\Program Files\Eset\nod32kui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch]
--a------ 2008-04-26 21:55 1077248 C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2006-11-08 14:27 228864 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pro Mp3 Recorder]
--a------ 2008-04-26 21:50 1155072 C:\Program Files\ProMp3Recorder\ProMp3Recorder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2008-04-25 03:27 40960 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
--a------ 2008-04-26 21:55 118784 C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2007-05-30 22:28 1259000 C:\Program Files\Valve\Steam\\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
-ra------ 2007-10-14 18:09 103712 C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF]
--a------ 2005-08-25 20:11 53248 C:\Program Files\TOSHIBA\TouchPad\TPTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zooming]
--a------ 2005-06-06 10:58 24576 C:\WINDOWS\system32\ZoomingHook.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"\\\\ADIERNI\\C\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\Toshiba\\ConfigFree\\CFXFER.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\Kralj\\Desktop\\games\\SIERRA 16\\Half-Life\\hl.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\explorer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"10414:TCP"= 10414:TCP:BitComet 10414 TCP
"10414:UDP"= 10414:UDP:BitComet 10414 UDP

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11]
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-10-20 21:12]
R3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-03-24 17:36]
S3 autorun;autorun;c:\huadio.tmp []
S3 GTF32BUS;GT F32 BUS;C:\WINDOWS\system32\DRIVERS\gtf32bus.sys [2005-10-03 16:56]
S3 GTPTSER;GT PT SER;C:\WINDOWS\system32\DRIVERS\gtptser.sys [2005-10-03 16:56]
S3 GTSCSER;GT SC SER;C:\WINDOWS\system32\DRIVERS\gtscser.sys [2005-10-03 16:56]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 13:54]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf3c189a-8fd1-11dc-8ef6-00037a11b5cf}]
\Shell\AutoRun\command - H:\MonopolyPBInstall.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eab02d3d-8fd0-11dc-8ef5-00037a11b5cf}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

.
Contents of the 'Scheduled Tasks' folder
"2008-04-26 19:36:06 C:\WINDOWS\Tasks\At1.job"
- C:\WINDOWS\system32\blastclnnn.exe
"2008-04-25 18:05:00 C:\WINDOWS\Tasks\leena.job"
- C:\WINDOWS\system32\controls.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2008-04-27 00:06:06
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\autorun]
"ImagePath"="\??\c:\huadio.tmp"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Apoint2K\ApntEx.exe
C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Toshiba\ConfigFree\CFXFER.exe
C:\WINDOWS\TEMP\DIL4.tmp
C:\WINDOWS\TEMP\DIL5.tmp
.
**************************************************************************
.
Completion time: 2008-04-27 0:10:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-26 22:10:18

Pre-Run: 4,161,019,904 bytes free
Post-Run: 4,134,928,384 bytes free

309 --- E O F --- 2008-04-16 14:07:04

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Gde je HijackThis logfile?

Gde je opis problema?

Zašto si koristio ComboFix?