Sporo otvaranje svih aplikacija

Sporo otvaranje svih aplikacija

offline
  • Pridružio: 21 Jul 2009
  • Poruke: 16
  • Gde živiš: Teslic,R.S.

Napisano: 19 Maj 2010 14:21

U zadnjih 20-ak dana sporo mi ide otvaranje svih programa, foldera odnosno svih aplikacija a narocito moz.f. Prilikom ukljucivanja racunara potrebno je sacekati i po 15 min. da bi se pristupilo net-u.
U prilogu su log-ovi stim da nisam uspjeo izvrsiti skeniranje sa GMER-om s'obzirom da mi je prilikom skeniranja izbacio gresku i nakon toga se zatvorio i prilikom sledeceg starta racunar se sam restartovao.


mycity.rs/must-login.png




DDS (Ver_10-03-17.01) - NTFSx86
Run by Vlado at 13:44:42.78 on Wed 05/19/2010
Internet Explorer: 6.0.2900.3264
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.71 [GMT 2:00]

AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Vlado\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: The Pirate Bay Toolbar: {a33fa729-d155-4b23-842b-2c665ecabdb6} - c:\program files\the_pirate_bay\tbThe_.dll
mWinlogon: Taskman=c:\documents and settings\vlado\ctfmon.exe
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: The Pirate Bay Toolbar: {a33fa729-d155-4b23-842b-2c665ecabdb6} - c:\program files\the_pirate_bay\tbThe_.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: The Pirate Bay Toolbar: {a33fa729-d155-4b23-842b-2c665ecabdb6} - c:\program files\the_pirate_bay\tbThe_.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Google Update] "c:\documents and settings\vlado\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [Spamihilator] "c:\program files\spamihilator\spamihilator.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\vlado\applic~1\mozilla\firefox\profiles\a575hvgp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1361345&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - The Pirate Bay Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
FF - plugin: c:\documents and settings\vlado\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\vlado\application data\mozilla\plugins\npPxPlay.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 aaatimeo;aaatimeo;c:\windows\system32\drivers\aaatimeo.sys [2006-2-26 4928]
R0 afamgt;afamgt;c:\windows\system32\drivers\afamgt.sys [2006-3-28 91707]
R0 siwinacc;siwinacc;c:\windows\system32\drivers\siwinacc.sys [2004-11-1 10368]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-3-19 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-7-1 93848]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\common files\abbyy\finereader\9.00\licensing\pe\NetworkLicenseServer.exe [2007-12-6 660768]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-3-19 731840]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-5-2 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-5-2 20952]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2004-8-4 3584]
S2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2007-11-30 14336]

=============== Created Last 30 ================

2010-05-14 08:49:58 0 d-----w- C:\wamp
2010-05-12 14:23:53 0 d-----w- c:\windows\system32\wbem\Repository
2010-05-12 06:04:03 0 ----a-w- c:\documents and settings\vlado\Desktop.ini
2010-05-11 06:52:50 157696 --sh--r- c:\documents and settings\vlado\ctfmon.exe
2010-05-02 20:04:05 711168 ----a-w- c:\windows\isRS-000.tmp
2010-05-02 19:59:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-02 19:59:45 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-02 19:59:41 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-02 17:45:48 5702 ---ha-w- c:\windows\nod32restoretemdono.reg
2010-05-02 17:45:48 568 ---ha-w- c:\windows\nod32fixtemdono.reg
2010-05-02 16:00:32 0 d-----w- c:\docume~1\vlado\applic~1\ESET

==================== Find3M ====================

2010-04-05 10:54:35 81896 ----a-w- c:\windows\fonts\RUSIJA-01.ttf
2010-04-05 10:54:27 105132 ----a-w- c:\windows\fonts\RUSIJA-02.ttf

============= FINISH: 13:45:42.87 ===============







mycity.rs/must-login.png

Dopuna: 19 Maj 2010 14:43

E da, da dodam jos ovo:


offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Pozdrav.. Uradi sledece :

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 21 Jul 2009
  • Poruke: 16
  • Gde živiš: Teslic,R.S.

ComboFix 10-05-17.05 - Vlado 05/19/2010 15:36:47.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.90 [GMT 2:00]
Running from: c:\documents and settings\Vlado\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Vlado\ctfmon.exe
c:\documents and settings\Vlado\My Documents\cc_20100512_180116.reg
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS


((((((((((((((((((((((((( Files Created from 2010-04-19 to 2010-05-19 )))))))))))))))))))))))))))))))
.

2010-05-14 08:49 . 2010-05-14 08:52 -------- d-----w- C:\wamp
2010-05-12 14:23 . 2010-05-12 14:23 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-12 14:14 . 2010-05-12 14:23 -------- d-s---w- c:\documents and settings\TEMP
2010-05-02 19:59 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-02 19:59 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-02 19:59 . 2010-05-02 20:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-02 17:45 . 2008-03-03 16:21 568 ---ha-w- c:\windows\nod32fixtemdono.reg
2010-05-02 17:45 . 2008-03-03 12:25 5702 ---ha-w- c:\windows\nod32restoretemdono.reg
2010-05-02 17:28 . 2010-05-02 17:28 -------- d-----w- c:\documents and settings\Administrator
2010-05-02 16:00 . 2010-05-02 16:00 -------- d-----w- c:\documents and settings\Vlado\Application Data\ESET

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-19 13:57 . 2009-06-28 07:05 -------- d-----w- c:\program files\DNA
2010-05-19 13:57 . 2009-06-28 07:05 -------- d-----w- c:\documents and settings\Vlado\Application Data\DNA
2010-05-19 11:33 . 2009-07-21 07:51 -------- d-----w- c:\documents and settings\Vlado\Application Data\Spamihilator
2010-05-16 08:43 . 2009-07-28 14:08 -------- d-----w- c:\program files\CCleaner
2010-05-14 17:53 . 2009-06-28 07:10 -------- d-----w- c:\documents and settings\Vlado\Application Data\BitTorrent
2010-05-14 17:47 . 2009-06-28 18:43 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-05-13 18:08 . 2009-06-28 17:12 -------- d-----w- c:\program files\Microsoft
2010-05-02 20:09 . 2010-05-02 20:04 711168 ----a-w- c:\windows\isRS-000.tmp
2010-05-02 17:33 . 2009-06-28 07:21 -------- d-----w- c:\program files\ESET
2010-05-02 15:46 . 2009-06-28 14:45 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-04-12 14:15 . 2010-03-21 07:41 -------- d-----w- c:\documents and settings\All Users\Application Data\boost_interprocess
2010-04-11 18:21 . 2009-06-28 15:01 364424 ----a-w- c:\documents and settings\Vlado\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-07 08:11 . 2010-04-07 08:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-04-07 08:00 . 2010-04-07 07:58 -------- d-----w- c:\program files\PhotoModeler Scanner
2010-04-03 19:17 . 2009-06-28 20:21 -------- d-----w- c:\documents and settings\Vlado\Application Data\Skype
2010-04-02 14:10 . 2009-06-28 20:29 -------- d-----w- c:\documents and settings\Vlado\Application Data\skypePM
2010-03-30 20:57 . 2009-07-21 11:16 -------- d-----w- c:\documents and settings\Vlado\Application Data\HPAppData
2010-03-28 13:28 . 2010-03-28 13:27 -------- d-----w- c:\program files\SWiSH Max2
2010-03-28 13:28 . 2010-03-28 13:28 -------- d-----w- c:\program files\Common Files\SWiSHzone.com
2010-03-23 20:13 . 2010-03-23 20:13 50354 ----a-w- c:\documents and settings\Vlado\Application Data\Facebook\uninstall.exe
2010-03-23 20:13 . 2010-03-23 20:13 -------- d-----w- c:\documents and settings\Vlado\Application Data\Facebook
2010-03-21 14:35 . 2010-03-21 14:35 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2010-03-21 14:35 . 2010-03-21 14:35 -------- d-----w- c:\program files\TechSmith
2010-03-21 14:33 . 2010-03-21 14:33 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-21 07:37 . 2010-03-21 07:37 -------- d-----w- c:\program files\Common Files\Topaz Labs
2010-03-21 07:37 . 2010-03-21 07:37 -------- d-----w- c:\program files\Topaz Labs
2010-03-21 07:07 . 2010-03-21 06:50 -------- d-----w- c:\program files\Google Earth Pro 5.1.2
2010-03-06 05:30 . 2010-03-06 05:30 847040 ----a-w- c:\documents and settings\Vlado\Application Data\Facebook\axfbootloader.dll
2010-03-06 05:30 . 2010-03-06 05:30 5582848 ----a-w- c:\documents and settings\Vlado\Application Data\Facebook\npfbplugin_1_0_3.dll
.

------- Sigcheck -------

[-] 2008-01-11 . 2B60598FE17A9EAA1468C1B8F73EA0B9 . 1613824 . . [5.1.2600.3264] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a33fa729-d155-4b23-842b-2c665ecabdb6}"= "c:\program files\The_Pirate_Bay\tbThe_.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 10:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a33fa729-d155-4b23-842b-2c665ecabdb6}]
2009-11-09 17:38 2331672 ----a-w- c:\program files\The_Pirate_Bay\tbThe_.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
"{a33fa729-d155-4b23-842b-2c665ecabdb6}"= "c:\program files\The_Pirate_Bay\tbThe_.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
"{A33FA729-D155-4B23-842B-2C665ECABDB6}"= "c:\program files\The_Pirate_Bay\tbThe_.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-12 323392]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-05-27 24264488]
"Google Update"="c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-07-15 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2007-11-30 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2007-11-30 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2007-11-30 455168]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SoundMan"="SOUNDMAN.EXE" [2008-01-11 64512]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-12 98304]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"Spamihilator"="c:\program files\Spamihilator\spamihilator.exe" [2008-12-23 1321984]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-03-19 2029640]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-7-3 110592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Spamihilator\\cdcc.exe"=
"c:\\Program Files\\Spamihilator\\dccproc.exe"=
"c:\\Program Files\\Spamihilator\\spamihilator.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 aaatimeo;aaatimeo;c:\windows\system32\drivers\aaatimeo.sys [2/26/2006 5:21 PM 4928]
R0 afamgt;afamgt;c:\windows\system32\drivers\afamgt.sys [3/28/2006 4:43 PM 91707]
R0 siwinacc;siwinacc;c:\windows\system32\drivers\siwinacc.sys [11/1/2004 12:21 PM 10368]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [3/19/2009 11:44 AM 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [7/1/2008 9:04 AM 93848]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [12/6/2007 9:03 PM 660768]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [3/19/2009 11:44 AM 731840]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/2/2010 9:59 PM 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/2/2010 9:59 PM 20952]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [8/4/2004 1:00 PM 3584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1292428093-1417001333-1003Core.job
- c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-15 13:47]

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1292428093-1417001333-1003UA.job
- c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-15 13:47]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Vlado\Application Data\Mozilla\Firefox\Profiles\a575hvgp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1361345&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - The Pirate Bay Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
FF - plugin: c:\documents and settings\Vlado\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\Vlado\Application Data\Mozilla\plugins\npPxPlay.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
AddRemove-Microsoft AutoRoute Express EUR - F:\ENGSetup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2010-05-19 15:59
Windows 5.1.2600 Service Pack 3, v.3264 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3948-)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2010-05-19 16:05:53 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-19 14:05
ComboFix2.txt 2009-11-21 15:18

Pre-Run: 15,286,386,688 bytes free
Post-Run: 16,632,057,856 bytes free

- - End Of File - - 1956E244EEF928BE52A9D4F80F384862

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Prijavljuje li sad MBAM nesto? Kakvo je opste stanje?

offline
  • Pridružio: 21 Jul 2009
  • Poruke: 16
  • Gde živiš: Teslic,R.S.

Nije nista nasao od jutros, medjutim u zadnjih par dana je detektovao zarazu koju sam u prosloj poruci poslao i kao sto vidite ponudio je opcije, a kada posaljem u karantin i nakon otvaranja karantina on je cist znaci bez ijedne zaraze.

Ko je trenutno na forumu
 

Ukupno su 974 korisnika na forumu :: 75 registrovanih, 9 sakrivenih i 890 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., aboris, ajo baba, aleksmajstor, Alibaba1981, alkatraz080, amaterSRB, armor, Atomski čoban, babaroga, bato, Ben Roj, Beria, Bobrock1, bojank, brundo65, comi_pfc, darcaud, Despot1, Djokislav, draganl, Drug pukovnik, duca1983 2, dukajov, Ehinacea, eulereix, flash12, Frunze, galijot, Georgius, goran.vvv, GORDI, HrcAk47, ikan, komkom, Krusarac, kunktator, kybonacci, larisadanilenko, Lucije Kvint, Marko Marković, MB120mm, menges, milancumbo, miodrag, Miskohd, Miškić, nenooo, nikoladim, nizam, nuke92, panzerwaffe, Parker, pedja2506, pein, Rakenica, raskoljnikov, Rocker, Rogan33, ruso, S-lash, S2M, segax1, Sirius, Steeeefan, Stuka76, tanakadzo, Toni, torlak 1, Tschetschen, upitnik, Van, wolf431, Čivi