MyCity » Ambulanta -> Arhiva Ambulante » Restartovanje kompa

Restartovanje kompa

Napisano na dan: 25.2.2009
2

Restartovanje kompa
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 26 Feb 2009 21:38
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Gde se nalazi taj fajl ?

Poslao: 26 Feb 2009 21:51
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Poslednji USB flash koji si prikljucio na kompjuter, da bi skenirali sa USBNoRiskom, ima taj fajl, koji se zove:

Comment.htt

Njega je potrebno da otvoris sa Notepadom i da mi ga ovde iskopiras (sadrzaj fajla).

Poslao: 26 Feb 2009 22:04
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Nema na owu fleshku nigde...I search sam koristio...



-------------------------------------------------------------------------------------


E a sta je owo ???

Poslao: 26 Feb 2009 22:51
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Otvoriti Notepad i iskopirati sledeci tekst:

File::
C:\sys.exe
c:\recycler\S-1-5-21-2360512680-8165555793-455549005-6702\isl.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"windows service firewall"=-


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Poslao: 26 Feb 2009 23:18
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

ComboFix 09-02-26.01 - User 2009-02-26 23:09:55.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.255 [GMT 1:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Outdated)
* Created a new restore point
* Resident AV is active


FILE ::
c:\recycler\S-1-5-21-2360512680-8165555793-455549005-6702\isl.exe
C:\sys.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\sys.exe
h:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213
h:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-01-26 to 2009-02-26 )))))))))))))))))))))))))))))))
.

2009-02-26 21:13 . 2009-02-26 23:09 <DIR> d-------- c:\program files\ESET
2009-02-26 21:13 . 2009-02-26 21:13 512,096 --a------ c:\windows\system32\drivers\amon.sys
2009-02-26 21:13 . 2009-02-26 21:13 298,104 --a------ c:\windows\system32\imon.dll
2009-02-26 21:13 . 2009-02-26 21:13 15,424 --a------ c:\windows\system32\drivers\nod32drv.sys
2009-02-26 20:26 . 2009-02-26 20:26 <DIR> d-------- C:\USBNoRisk
2009-02-26 16:30 . 2009-02-26 16:30 <DIR> d-------- c:\documents and settings\Administrator\Application Data\URSoft
2009-02-26 16:18 . 2009-02-26 16:18 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-02-26 16:18 . 2009-02-26 18:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-26 14:09 . 2009-02-26 14:09 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Steinberg
2009-02-26 08:01 . 2009-02-26 08:01 49 --a------ c:\windows\bsclient.INI
2009-02-25 23:48 . 2009-02-26 16:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-25 23:48 . 2009-02-26 16:13 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-25 23:37 . 2009-02-26 14:28 <DIR> d-------- c:\program files\SensiveGuard
2009-02-25 22:02 . 2009-02-25 22:03 <DIR> d-------- c:\program files\Common Files\Macromedia
2009-02-25 22:00 . 2009-02-25 22:00 <DIR> d-------- c:\windows\Downloaded Installations
2009-02-25 21:55 . 2009-02-25 22:35 284 --a------ c:\windows\wcx_ftp.ini
2009-02-25 21:54 . 2009-02-25 22:29 <DIR> d-------- C:\totalcmd
2009-02-25 21:54 . 2009-02-25 22:35 816 --a------ c:\windows\wincmd.ini
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF
2009-02-25 16:58 . 2009-02-26 15:24 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-25 15:00 . 2009-02-25 15:00 <DIR> d-------- c:\program files\AVG
2009-02-25 15:00 . 2009-02-26 20:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-23 22:35 . 2009-02-25 21:58 <DIR> d-------- c:\program files\Common Files\Adobe
2009-02-23 14:18 . 2009-02-23 14:18 12,124 --a------ c:\windows\system32\rundll32.rar
2009-02-23 14:13 . 2000-05-22 22:58 608,448 --a------ c:\windows\system32\comctl32.ocx
2009-02-23 14:12 . 2009-02-23 14:14 <DIR> d-------- c:\program files\Total Video Converter
2009-02-23 13:57 . 2009-02-23 13:57 <DIR> d-------- c:\program files\DVDVideoSoft
2009-02-23 13:57 . 2009-02-23 13:57 <DIR> d-------- c:\program files\Common Files\DVDVideoSoft
2009-02-23 13:00 . 2009-02-23 13:00 <DIR> d-------- c:\program files\Alcohol Soft
2009-02-23 12:56 . 2009-02-23 12:56 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-02-22 23:17 . 2009-02-22 23:17 <DIR> d-------- c:\program files\FreeByte
2009-02-22 17:53 . 2009-02-25 15:00 <DIR> d-------- c:\documents and settings\Administrator
2009-02-22 11:01 . 2009-02-22 11:01 <DIR> d-------- C:\Team17
2009-02-22 10:38 . 2009-02-22 10:39 <DIR> d-------- c:\documents and settings\User\Application Data\Steinberg
2009-02-22 10:34 . 2005-06-04 09:08 487,936 --a------ c:\windows\system32\rmbe3260.dll
2009-02-22 10:34 . 2005-06-04 09:08 487,424 --a------ c:\windows\system32\msvcp70.dll
2009-02-22 10:34 . 2005-06-04 09:09 352,768 --a------ c:\windows\system32\pngu3263.dll
2009-02-22 10:34 . 2005-06-04 09:08 344,064 --a------ c:\windows\system32\msvcr70.dll
2009-02-22 10:34 . 2005-06-04 09:09 131,072 --a------ c:\windows\system32\pneng50.dll
2009-02-22 10:34 . 2005-06-04 09:09 130,560 --a------ c:\windows\system32\pnc3250.dll
2009-02-22 10:34 . 2005-06-04 09:08 87,040 --a------ c:\windows\system32\ra32sipr.dll
2009-02-22 10:34 . 2005-06-04 09:11 85,504 --a------ c:\windows\system32\encdnet.dll
2009-02-22 10:34 . 2005-06-04 09:09 81,920 --a------ c:\windows\system32\ra3214_4.dll
2009-02-22 10:34 . 2005-06-04 09:09 72,704 --a------ c:\windows\system32\ra3228_8.dll
2009-02-22 10:34 . 2005-06-04 09:09 61,952 --a------ c:\windows\system32\decdnet.dll
2009-02-22 10:34 . 2005-06-04 09:09 21,504 --a------ c:\windows\system32\ra32dnet.dll
2009-02-22 10:32 . 2009-02-26 16:06 <DIR> d-------- c:\program files\Steinberg
2009-02-22 01:38 . 2005-05-09 20:08 33,792 --a------ c:\windows\system32\drivers\cledx.sys
2009-02-22 01:37 . 2002-11-25 14:46 16,896 --a------ c:\windows\system32\drivers\synasUSB.sys
2009-02-21 19:05 . 2009-02-21 19:05 <DIR> d-------- c:\windows\Sun
2009-02-21 18:30 . 2009-02-25 13:19 3,036 --a------ C:\rollback.ini
2009-02-21 17:11 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-02-21 17:11 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-02-21 17:11 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-02-21 14:13 . 2009-02-22 10:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\MailFrontier
2009-02-21 13:09 . 2009-02-21 13:09 53,248 --a------ c:\windows\system32\suppdll.dll
2009-02-21 13:09 . 2009-02-21 13:09 35,363 --a------ c:\windows\system32\windrvNT.sys
2009-02-21 12:24 . 2009-02-23 13:14 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-02-21 12:13 . 2009-02-21 12:13 <DIR> d-------- c:\windows\system32\LogFiles
2009-02-21 12:13 . 2009-02-21 12:17 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-02-21 12:10 . 2008-04-14 05:42 221,184 --a------ c:\windows\system32\wmpns.dll
2009-02-21 12:02 . 2005-10-16 08:00 12,928 --a------ c:\windows\system32\drivers\filedisk.sys
2009-02-21 11:47 . 2009-02-21 11:47 <DIR> d-------- c:\program files\Java
2009-02-21 11:47 . 2009-02-21 11:47 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-21 11:47 . 2009-02-21 11:47 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-21 11:21 . 2009-02-21 11:21 <DIR> d-------- c:\program files\BitLord
2009-02-21 10:11 . 2009-02-21 10:11 <DIR> d---s---- c:\documents and settings\User\UserData
2009-02-21 03:06 . 2009-02-21 03:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\InstallShield
2009-02-21 03:06 . 2002-11-02 09:53 57,344 --a------ c:\windows\system32\WNASPINT.DLL
2009-02-21 03:05 . 2009-02-21 03:05 <DIR> d-------- c:\program files\Common Files\InstallShield Shared
2009-02-21 02:15 . 2006-09-28 13:10 11,648 --a------ c:\windows\system32\drivers\ggsemc.sys
2009-02-21 02:15 . 2006-09-28 13:10 11,648 --a------ c:\windows\system32\drivers\gggen.sys
2009-02-21 01:17 . 2009-02-21 01:20 <DIR> d-------- c:\program files\Your Uninstaller 2008
2009-02-21 01:17 . 2009-02-21 01:17 <DIR> d-------- c:\documents and settings\User\Application Data\URSoft
2009-02-21 01:17 . 2009-02-26 20:47 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-02-20 21:57 . 2009-02-26 21:46 <DIR> d-------- c:\documents and settings\User\Tracing
2009-02-20 21:56 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-02-20 21:56 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Microsoft
2009-02-20 21:55 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Windows Live
2009-02-20 21:47 . 2009-02-20 21:47 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\windows\system32\Nexus Radio
2009-02-20 21:10 . 2009-02-25 14:17 <DIR> d-------- c:\program files\Nexus Radio
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\program files\AskSearch
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\program files\AskBarDis
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- C:\My Saved Files
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- C:\My Recorded Files
2009-02-20 21:02 . 2009-02-20 21:02 <DIR> d-------- c:\program files\Opera
2009-02-20 20:24 . 2008-06-13 12:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-02-20 20:21 . 2008-10-16 02:00 1,499,136 -----c--- c:\windows\system32\dllcache\shdocvw.dll
2009-02-20 20:21 . 2008-10-16 02:00 666,112 -----c--- c:\windows\system32\dllcache\wininet.dll
2009-02-20 20:21 . 2008-10-16 02:00 619,520 -----c--- c:\windows\system32\dllcache\urlmon.dll
2009-02-20 20:20 . 2008-08-14 11:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-20 20:20 . 2008-08-14 11:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-20 20:20 . 2008-08-14 10:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-20 20:20 . 2008-08-14 10:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-20 20:20 . 2008-09-15 13:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-02-20 20:19 . 2008-12-12 18:01 3,067,904 -----c--- c:\windows\system32\dllcache\mshtml.dll
2009-02-20 20:19 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-20 20:19 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-02-20 20:19 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-02-20 20:18 . 2008-09-04 18:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-02-20 20:18 . 2008-04-11 20:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-02-20 20:18 . 2008-10-15 17:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-02-20 20:18 . 2008-05-01 15:33 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-02-20 20:13 . 2009-02-25 11:12 <DIR> d--h----- c:\windows\$hf_mig$
2009-02-20 19:40 . 2009-02-25 18:10 <DIR> d-------- c:\windows\system32\ZoneLabs
2009-02-20 19:40 . 2009-02-22 17:47 4,212 -rah----- c:\windows\system32\zllictbl.dat
2009-02-20 19:17 . 2009-02-20 19:20 <DIR> d-------- c:\program files\Avanquest update
2009-02-20 19:17 . 2009-02-20 19:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\BVRP Software
2009-02-20 19:16 . 2009-02-21 02:15 <DIR> d-------- c:\program files\Sony Ericsson
2009-02-20 19:16 . 2009-02-20 19:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-02-20 19:15 . 2009-02-20 19:15 <DIR> d-------- c:\windows\system32\scripting
2009-02-20 19:15 . 2009-02-20 19:15 <DIR> d-------- c:\documents and settings\User\Application Data\InstallShield
2009-02-20 19:12 . 2009-02-20 19:15 <DIR> d-------- c:\windows\ServicePackFiles
2009-02-20 19:12 . 2008-04-14 05:42 294,912 -----c--- c:\windows\system32\dllcache\dlimport.exe
2009-02-20 19:07 . 2007-08-10 20:46 26,488 --a------ c:\windows\system32\spupdsvc.exe
2009-02-20 18:48 . 2009-02-25 18:10 <DIR> d-------- c:\windows\Internet Logs
2009-02-20 18:39 . 2009-02-20 18:39 0 --a------ c:\windows\nsreg.dat
2009-02-20 18:36 . 2008-04-14 05:41 21,504 --a------ c:\windows\system32\hidserv.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 15:14 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-25 13:35 163,501 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_35_13_small.dmp.zip
2009-02-25 13:34 137,673 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_32_42_small.dmp.zip
2009-02-25 13:28 131,088 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_27_48_small.dmp.zip
2009-02-25 13:27 146,190 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_27_09_small.dmp.zip
2009-02-25 13:26 149,349 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_24_40_small.dmp.zip
2009-02-25 12:50 173,339 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_13_49_32_small.dmp.zip
2009-02-20 08:22 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-19 16:13 --------- d-----w c:\program files\VIA
2009-02-19 16:07 --------- d-----w c:\program files\Mv2Player
2009-02-19 16:06 --------- d-----w c:\program files\ffdshow
2009-02-19 16:06 --------- d-----w c:\program files\Analog Devices
2009-02-19 15:51 --------- d-----w c:\program files\microsoft frontpage
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-02-26_18.34.39.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-26 19:44:53 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_77c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-11-23 203720]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-16 7569408]
"SW24"="c:\windows\system32\sw24.exe" [2006-05-17 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-16 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-02-26 949376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
VIA RAID TOOL.lnk - c:\program files\VIA\RAID\raid_tool.exe [2009-02-19 565248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= c:\program files\ffdshow\ffdshow.ax

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-10-09 11:28 139264 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2008-04-14 05:42 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2009-02-06 18:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 16:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 20:24 32768 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
--------- 2008-06-18 17:15 393216 c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20]
-ra------ 2006-05-18 02:15 208896 c:\windows\system32\sw20.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2004-06-29 09:06 88363 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-04-16 15:51 1519616 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Valve\\hl.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\Garena\\Garena.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2009-02-19 77312]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-02-26 15424]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp --> c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp [?]
S3 gggen;Generic USB Flash Driver;c:\windows\system32\drivers\gggen.sys [2009-02-21 11648]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\yf03em3y.default\
FF - prefs.js: browser.startup.homepage - google.rs
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-26 23:12:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\sccfg.sys 20 bytes

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(672)
c:\windows\system32\imon.dll
.
Completion time: 2009-02-26 23:14:04
ComboFix-quarantined-files.txt 2009-02-26 22:14:01
ComboFix2.txt 2009-02-26 17:35:46

Pre-Run: 17,949,323,264 bytes free
Post-Run: 17,942,298,624 bytes free

259

Poslao: 26 Feb 2009 23:27
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Uploaduj mi:
c:\qoobox\quarantine

preko:

http://www.mycity.rs/ambulanta-upload.php

Poslao: 26 Feb 2009 23:37
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Uploadowao sam...Sta sad ? Very Happy

Poslao: 26 Feb 2009 23:43
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Kako radi komp sada?

Poslao: 26 Feb 2009 23:47
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Pa za sad radi super...Da kucnem u drwo....

Poslao: 26 Feb 2009 23:49
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Proveri da li ti radi realplayer?

MyCity » Ambulanta -> Arhiva Ambulante » Restartovanje kompa

Ko je trenutno na forumu
 

Ukupno su 1114 korisnika na forumu :: 48 registrovanih, 2 sakrivenih i 1064 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aleksmajstor, amaterSRB, aramis s, babaroga, bokisha253, Boris Bosiljčić, Buzdovan, Dannyboy, Denaya, DonRumataEstorski, DPera, dulleo, goxin, Hamannche, hologram, hooraay, Još malo pa deda, Karla, kjkszpj, kybonacci, laurusri, Lieutenant, mercedesamg, Mi lao shu, milenko crazy north, mrav pesadinac, nemkea71, opt1, ozzy, procesor, rodoljub, royst33, sasa87, shone34, Sirius, Sićko, slonic_tonic, ss10, Tandrkalo, theNedjeljko, vaso1, Vlad000, YU-UKI, YugoSlav, zeo, šumar bk2, 125