Možda tražite i:
Svastara za neke korisne informacije
Svastara
Svastara.com zatvorena :(

MyCity » Ambulanta -> Arhiva Ambulante » Svastara

Svastara

Napisano na dan: 15.3.2008

Strana:
1
2

Svastara

Pagination

Prethodna strana

Odgovori

Strana:
1
2

lime70 Poslao: 16 Mar 2008 13:04 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-03-14.4 - HP_Administrator 2008-03-16 12.54.31.3 - NTFSx86 Eseguito da: C:\Documents and Settings\HP_Administrator\Desktop\th3\ComboFix.exe . ((((((((((((((((((((((((( Files Creati Da 2008-02-16 al 2008-03-16 ))))))))))))))))))))))))))))))))))) . 2008-03-16 11:10 . 2007-10-04 10:01 66,048 --a------ C:\WINDOWS\ieResetIcons.exe 2008-03-16 08:42 . 2008-03-16 08:42 <DIR> d-------- C:\Programmi\RivaTuner v2.08 2008-03-16 08:41 . 2008-03-16 09:50 <DIR> d-------- C:\programi internet 2008-03-16 07:49 . 2008-03-16 07:49 4,131,160 --a------ C:\registrybooster.exe 2008-03-16 07:45 . 2008-03-16 07:45 3,995,968 --a------ C:\systemtweakerv1.0 kupljen.exe 2008-03-15 21:55 . 2008-03-15 21:55 <DIR> d-------- C:\Documents and Settings\LocalService\Dati applicazioni\Ahead 2008-03-15 19:11 . 2008-03-16 07:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-03-15 19:11 . 2008-03-15 19:11 1,409 --a------ C:\WINDOWS\QTFont.for 2008-03-15 19:09 . 2008-03-15 19:09 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Apple Computer 2008-03-15 19:08 . 2008-03-15 19:09 <DIR> d-------- C:\Programmi\iTunes 2008-03-15 19:08 . 2008-03-15 19:08 <DIR> d-------- C:\Programmi\iPod 2008-03-15 19:08 . 2008-03-15 19:08 <DIR> d-------- C:\Programmi\Bonjour 2008-03-15 19:07 . 2008-03-15 19:07 <DIR> d-------- C:\Programmi\Apple Software Update 2008-03-15 19:06 . 2008-03-15 19:06 <DIR> d-------- C:\Programmi\File comuni\Apple 2008-03-15 19:06 . 2008-03-15 19:06 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple 2008-03-15 18:53 . 2008-03-15 19:01 59,163,944 --a------ C:\iTunesSetup.exe 2008-03-15 16:54 . 2008-03-15 16:54 4,561,816 --a------ C:\sump3_5_2435_209 kuplljenn.exe 2008-03-15 12:13 . 2008-03-15 12:13 <DIR> d-------- C:\Programmi\WinPcap 2008-03-15 11:37 . 2008-03-15 11:54 <DIR> d-------- C:\VundoFix Backups 2008-03-14 23:54 . 2008-03-14 23:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files 2008-03-09 14:10 . 2008-03-15 12:16 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\RFA_Backups 2008-03-09 14:01 . 2008-03-09 14:01 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\RegClean 2008-03-09 08:31 . 2008-03-09 08:32 <DIR> d-------- C:\Sanjarica 2008-03-09 08:11 . 2008-03-15 17:00 <DIR> d-------- C:\Programmi\Kaspersky Lab 2008-03-09 08:11 . 2008-03-09 08:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab 2008-03-09 08:11 . 2008-03-16 12:57 7,114,272 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-03-09 08:11 . 2008-03-15 13:14 92,720 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-03-09 08:11 . 2008-03-15 21:46 69,408 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-03-09 08:11 . 2008-03-15 13:14 3,476 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-03-04 18:34 . 2008-03-04 18:57 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Prevx 2008-03-02 17:28 . 2008-03-02 17:28 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Snapfish 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Programmi\VoipStunt.com 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Programmi\ACD Systems 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\ACD Systems 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Vinci al SuperEnalotto 2 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Veoh Networks 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\NEXT 3D ARREDAMENTO D'INTERNI 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Mario Forever 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Le Guide di Finson Patente Europea per il Computer 2 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Hair Pro 2006 Light 2008-02-20 21:29 . 2008-02-20 21:29 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\ProtezionefiData 2008-02-20 21:28 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\ProtezionefiData 2008-02-16 20:39 . 2008-02-16 20:39 <DIR> d-------- C:\Programmi\Navman . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-16 11:54 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Skype 2008-03-16 09:44 --------- d-----w C:\Programmi\RegistryFix 2008-03-16 09:00 --------- d-----w C:\Programmi\eMule 2008-03-16 08:41 --------- d-----w C:\Programmi\Spybot - Search & Destroy 2008-03-16 07:23 --------- d-----w C:\Programmi\Mozilla Thunderbird 2008-03-16 06:45 --------- d-----w C:\Programmi\Uniblue 2008-03-15 18:15 --------- d-----w C:\Programmi\QuickTime 2008-03-15 18:08 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer 2008-03-15 12:33 --------- d-----w C:\Programmi\Spyware Terminator 2008-03-15 11:11 --------- d-----w C:\Programmi\iViVo 2008-03-15 11:09 --------- d--h--w C:\Programmi\InstallShield Installation Information 2008-03-15 10:54 --------- d-----w C:\Programmi\PowerISO 2008-03-15 10:37 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\CallingID 2008-03-14 19:50 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator 2008-03-13 12:09 --------- d-----w C:\Programmi\Zortam Mp3 Media Studio 2008-03-13 12:09 --------- d-----w C:\Programmi\Microsoft ActiveSync 2008-03-09 07:08 --------- d-----w C:\Programmi\ESET 2008-03-07 18:36 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CanonIJPLM 2008-03-02 12:57 --------- d-----w C:\Programmi\File comuni\ACD Systems 2008-03-02 12:55 --------- d-----w C:\Programmi\TorrenTopia 2008-03-01 19:08 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\AntiVir PersonalEdition Classic 2008-02-27 15:35 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Uniblue 2008-02-03 11:51 --------- d-----w C:\Programmi\PrestoNotes 2008-02-03 10:45 --------- d-----w C:\Programmi\Ashampoo 2008-01-27 07:59 15,360 ----a-w C:\WINDOWS\system32\ctfmon .exe 2008-01-21 20:00 140 ------w C:\Documents and Settings\HP_Administrator\Dati applicazioni\wklnhst.dat 2008-01-19 23:03 --------- d-----w C:\Programmi\HP 2008-01-19 17:06 --------- d-----w C:\Programmi\LogiGuard 2007-06-03 20:31 540,000 ----a-w C:\Programmi\System Cleaner 5.50.zip 2007-05-30 19:13 4,660,390 ----a-w C:\Programmi\DV_Install_Demo_v21.exe 2007-05-30 19:05 947,526 ----a-w C:\Programmi\waver.zip 2007-05-30 19:03 186,767 ----a-w C:\Programmi\audc80konvertor.exe 2007-05-30 18:39 4,408,592 ----a-w C:\Programmi\vfvh571i fax.exe 2007-05-20 08:56 814,016 ----a-w C:\Programmi\Google_Updater.exe 2007-05-19 08:06 6,337,564 ----a-w C:\Programmi\WebUpdaterForLegacyOperatingSystems_240.exe 2007-05-19 07:57 4,310,568 ----a-w C:\Programmi\WebUpdater_241 za navigator.exe 2007-05-06 17:17 17,938,288 ----a-w C:\Programmi\Install_Messenger.exe 2007-05-06 15:33 10,064,213 ----a-w C:\Programmi\POILoader_232.exe 2007-05-06 10:46 669,184 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_6_80_5_1_ita.msi 2007-05-06 10:45 658,432 ----a-w C:\Programmi\nokia_connectivity_cable_driver_rel_6_81_1_spa.msi 2007-05-06 10:07 2,372,760 ----a-w C:\Programmi\winzip90.exe 2007-05-06 10:05 13,185,024 ----a-w C:\Programmi\Nokia_DKU-5_1_24.exe 2007-05-06 08:45 273,229,544 ----a-w C:\Programmi\WindowsXP-KB835935-SP2-ITA.exe 2007-05-06 08:20 445,208 ----a-w C:\Programmi\windowsxp-kb838989-X86-ITA.exe 2007-05-06 08:08 5,034,240 ----a-w C:\Programmi\DriverDetective.exe 2007-05-06 08:04 829,577 ----a-w C:\Programmi\modem_it.chm 2007-05-05 22:32 994,304 ----a-w C:\Programmi\Setup.msi 2007-05-05 22:01 21,485,136 ----a-w C:\Programmi\Nokia_PC_Suite_683_rel_14_1_ita_web.exe 2007-05-05 21:29 23,785,680 ----a-w C:\Programmi\NokiaSoftwareUpdaterSetup_it.exe 2007-05-05 15:40 840,192 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_rel_6_83_9_0_eng.msi 2007-05-05 15:39 6,685 ----a-w C:\Programmi\Nokia6103_MS_BT.inf 2007-05-05 15:39 6,494 ----a-w C:\Programmi\Nokia6103BT.inf 2007-04-30 11:31 4,212,210 ----a-w C:\Programmi\Demo_SSTworld.exe 2007-04-30 11:27 4,064,518 ----a-w C:\Programmi\bettinggenius30.exe 2007-04-29 00:11 1,087,682 ----a-w C:\Programmi\subtitleworkshop251.zip 2007-04-24 16:09 10,451,656 ----a-w C:\Programmi\XLVIEWER.EXE 2007-04-24 16:05 28,508,368 ----a-w C:\Programmi\FileFormatConverters.exe 2007-04-24 16:01 1,321 ----a-w C:\Programmi\katalog18apr07.CSV 2007-04-24 15:51 4,792,136 ----a-w C:\Programmi\CX.EXE 2007-04-24 15:48 735,232 ----a-w C:\Programmi\katalog18Apr07.xls 2007-04-24 15:46 12,337,352 ----a-w C:\Programmi\WDVIEWER.EXE 2007-04-19 20:34 122,880 ----a-w C:\Programmi\Download_wma-mp3-converter.exe 2007-04-18 08:37 1,014,730 ----a-w C:\Programmi\PowerISO37.exe 2007-03-28 22:14 6,597,960 ----a-w C:\Programmi\audioconverter_wmf_setup.exe 2007-03-28 22:08 4,708,303 ----a-w C:\Programmi\mms1001.exe 2007-03-28 21:33 404,890 ----a-w C:\Programmi\switch.zip 2007-03-25 09:56 122,880 ----a-w C:\Programmi\Download_AliveWMAMP3Recorder.exe 2007-03-25 06:50 3,326,142 ----a-w C:\Programmi\DupKillerSetup081.zip 2007-03-20 22:19 4,107,201 ----a-w C:\Programmi\burn4free_setup.exe 2007-03-20 21:48 1,219,544 ----a-w C:\Programmi\mp3cddoctorlite.exe 2007-03-18 22:48 1,988,744 ----a-w C:\Programmi\trojanb6758.exe 2007-03-18 22:42 414,580 ----a-w C:\Programmi\Megamp3Split_2.0b.zip 2007-03-18 11:58 59,392 ----a-w C:\Programmi\Italian_Serie_A_06-07.mdb 2007-03-18 10:13 2,863,832 ----a-w C:\Programmi\DeepBurner1.exe 2007-03-18 08:37 15,342,568 ----a-w C:\Programmi\20070317-017-i32.exe 2007-03-18 08:31 13,445,912 ----a-w C:\Programmi\XPBP_ESD_IT.exe 2007-03-17 22:42 3,109,256 ----a-w C:\Programmi\LinkScannerProSetup_2_5_2_0052_9.exe 2007-03-16 18:05 402,208 ----a-w C:\Programmi\rainbow(zabranjeno)-1.2-win.zip 2007-03-16 15:22 652,560 ----a-w C:\Programmi\pdf2text.exe 2007-03-16 13:44 1,622,912 ----a-w C:\Programmi\CuteWriter.exe 2007-03-16 12:57 697,042 ----a-w C:\Programmi\Scan2PDF.zip 2007-03-16 10:12 934,479 ----a-w C:\Programmi\TE20Setup.exe 2007-03-13 15:34 71,737,595 ----a-w C:\Programmi\200301010000aib.zip 2007-03-13 15:17 3,519,074 ----a-w C:\Programmi\teach800.exe 2007-03-13 15:12 23,510,720 ----a-w C:\Programmi\dotnetfx.exe 2007-03-13 14:14 14,730,232 ----a-w C:\Programmi\DivXPlay.exe 2007-03-11 21:30 1,834,548 ----a-w C:\Programmi\tbrush35 slikanje.exe 2007-03-11 21:21 34,959,384 ----a-w C:\Programmi\5.05.18.00_ntune_winxp_international.exe 2007-03-11 21:19 9,590,117 ----a-w C:\Programmi\kmp.exe 2007-03-11 21:14 4,237,337 ----a-w C:\Programmi\RLSetup_Final.exe 2007-03-11 21:10 34,282,256 ----a-w C:\Programmi\AVSTVBox.exe 2007-03-11 20:58 24,836,360 ----a-w C:\Programmi\acdsee.exe 2007-03-11 20:52 3,424,620 ----a-w C:\Programmi\MP4 Video Player.zip 2007-03-11 14:29 2,649,601 ----a-w C:\Programmi\winsonar_free_70103.zip 2007-03-11 13:17 988,039 ----a-w C:\Programmi\starsetup.exe 2007-03-11 10:50 6,932,421 ----a-w C:\Programmi\Alcohol52.zip 2007-03-11 10:45 2,579,338 ----a-w C:\Programmi\MyPhoneExplorer_Setup_1.5.9.exe 2007-03-11 10:40 1,118,786 ----a-w C:\Programmi\installer_Ringtone_CD_Ripper.exe 2007-03-11 10:38 1,665,325 ----a-w C:\Programmi\agsetup sa cd-ea.exe 2007-03-11 10:31 12,128,824 ----a-w C:\Programmi\SimpleDivX.zip 2007-03-11 00:56 56 --sh--r C:\WINDOWS\system32\590BA312D1.sys 2007-03-11 00:56 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . <pre> ----a-w 61,440 2008-03-09 13:45:27 C:\hp\KBD\KBD .EXE ----a-w 1,603,152 2008-03-09 13:45:33 C:\Programmi\Canon\MyPrinter\BJMyPrt .exe ----a-w 644,696 2008-03-09 13:45:31 C:\Programmi\Canon\SolutionMenu\CNSLMAIN .exe ----a-w 155,648 2008-01-19 17:03:55 C:\Programmi\File comuni\Ahead\Lib\NeroCheck .exe ----a-w 210,472 2008-03-09 13:45:33 C:\Programmi\File comuni\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate .exe ----a-w 176,128 2008-03-09 13:46:08 C:\Programmi\LogiGuard\Master Mechanic II\agent .exe ----a-w 79,400 2008-01-19 17:04:13 C:\Programmi\ScanSoft\OmniPageSE4\OpwareSE4 .exe ----a-w 2,870,784 2008-03-09 07:14:10 C:\Programmi\Spyware Terminator\SpywareTerminatorShield .exe ----a-w 64,512 2008-03-06 17:11:32 C:\WINDOWS\ehome\ehtray .exe ----a-w 15,360 2008-01-27 07:59:23 C:\WINDOWS\system32\ctfmon .exe </pre> ((((((((((((((((((((((((((((( snapshot@2008-03-15_13.21.30.95 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-15 18:08:36 86,016 ----a-r C:\WINDOWS\Installer\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}\PrntWzrdIco.exe + 2008-03-15 18:09:31 102,400 ----a-r C:\WINDOWS\Installer\{80FD852F-5AAC-4129-B931-06AAFFA43138}\iTunesIco.exe + 2008-03-15 18:07:20 27,136 ----a-r C:\WINDOWS\Installer\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}\AppleSoftwareUpdateIco.exe + 2007-07-24 14:17:08 81,920 ----a-w C:\WINDOWS\system32\dns-sd.exe + 2007-07-24 14:17:08 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll + 2006-09-19 13:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys + 2008-02-18 10:16:24 30,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys + 2006-10-03 18:47:52 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll + 2008-03-16 06:09:36 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_334.dat . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 Nota i valori vuoti & legittimi/default non sono visualizzati. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{33161E98-0A6C-4d3c-BD62-3A7D56137F52}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7EBD0DF4-1263-4ED3-96CB-4CDC66C58318}] C:\WINDOWS\system32\mlljj.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e133f12d-08c2-4d7e-a5f7-09cc0a4a151d}] C:\WINDOWS\system32\cidqmmrf.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Procs] @={51D8EAB2-A055-487F-BBE0-DFB79DD0E76D} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [ ] "Uniblue SpeedUpMyPC"="C:\Programmi\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe" [2007-01-12 09:26 5288960] "Uniblue RegistryBooster 2"="C:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-12-05 16:06 1885464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ftutil2"="ftutil2.dll" [2004-06-07 13:05 106496 C:\WINDOWS\system32\ftutil2.dll] "nwiz"="nwiz.exe" [2006-10-22 11:22 1622016 C:\WINDOWS\system32\nwiz.exe] "CanonSolutionMenu"="C:\Programmi\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-09 14:42 644696] "CanonMyPrinter"="C:\Programmi\Canon\MyPrinter\BJMyPrt.exe" [2008-03-09 18:45 1603152] "SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2008-03-09 18:44 210472] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 11:22 7700480] "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-03-09 18:46 2870784] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ] "kis"="C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-03-24 19:09 139367] "QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2008-01-31 23:13 385024] "iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoSecCPL"= 0 (0x0) "NoDevMgrPage"= 0 (0x0) "NoConfigPage"= 0 (0x0) "NoVirtMemPage"= 0 (0x0) "NoFileSysPage"= 0 (0x0) "NoNetSetup"= 0 (0x0) "NoNetSetupIDPage"= 0 (0x0) "NoNetSetupSecurityPage"= 0 (0x0) "NoWorkgroupContents"= 0 (0x0) "NoEntireNetwork"= 0 (0x0) "NoFileSharingControl"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) "RestrictRun"= 0 (0x0) "NoResolveTrack"= 1 (0x1) "NoThumbnailCache"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoRun"= 0 (0x0) "NoLogOff"= 0 (0x0) "NoFind"= 0 (0x0) "NoClose"= 0 (0x0) "NoSetFolders"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcawts] efcawts.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "xmlprov"=3 (0x3) "WudfSvc"=3 (0x3) "ServiceLayer"=3 (0x3) "Fax"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" "VoipStunt"="C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized "DAEMON Tools"="C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "RegEasy.exe"=C:\Programmi\Registry Easy\RegEasy.exe "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" "ISUSPM Startup"=C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup "ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\\Programmi\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programmi\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"= "C:\\Programmi\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"= "C:\\Programmi\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"= "C:\\Programmi\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"= "C:\\Programmi\\NAMCO BANDAI Games\\Warhammer Mark of Chaos\\Warhammer.exe"= "C:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"= "C:\\Programmi\\RadLight Company\\RadLight 4.0\\rlkernel.exe"= "C:\Programmi\Microsoft ActiveSync\rapimgr.exe"= C:\Programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Programmi\Microsoft ActiveSync\WCESMgr.exe"= C:\Programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Programmi\\Bonjour\\mDNSResponder.exe"= "C:\\Programmi\\iTunes\\iTunes.exe"= "C:\\Programmi\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4662:TCP"= 4662:TCP:emule "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ca93cf4-7368-11dc-82fa-001731e138a9}] \Shell\AutoRun\command - K:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc3187-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc318d-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - J:\Autorun.exe Newly Created Service - RIVATUNER32 . Contenuto della cartella 'Scheduled Tasks' "2008-03-07 21:19:22 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Programmi\TuneUp Utilities 2006\SystemOptimizer.exe "2008-03-15 18:07:19 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programmi\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-03-16 12:57:58 Windows 5.1.2600 Service Pack 2 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************ . Ora fine scansione: 2008-03-16 12.58.45 ComboFix-quarantined-files.txt 2008-03-16 11:58:43 ComboFix2.txt 2008-03-15 16:13:37 ComboFix3.txt 2008-03-15 12:22:10 . 2007-10-07 01:25:16 --- E O F ---

Profil

dr_Bora Poslao: 16 Mar 2008 13:51 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst (sve što se nalazi unutar Kod polja): File:: C:\Documents and Settings\HP_Administrator\Dati applicazioni\wklnhst.dat Folder:: C:\VundoFix Backups RenV:: ----a-w 61,440 2008-03-09 13:45:27 C:\hp\KBD\KBD .EXE ----a-w 1,603,152 2008-03-09 13:45:33 C:\Programmi\Canon\MyPrinter\BJMyPrt .exe ----a-w 644,696 2008-03-09 13:45:31 C:\Programmi\Canon\SolutionMenu\CNSLMAIN .exe ----a-w 155,648 2008-01-19 17:03:55 C:\Programmi\File comuni\Ahead\Lib\NeroCheck .exe ----a-w 210,472 2008-03-09 13:45:33 C:\Programmi\File comuni\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate .exe ----a-w 176,128 2008-03-09 13:46:08 C:\Programmi\LogiGuard\Master Mechanic II\agent .exe ----a-w 79,400 2008-01-19 17:04:13 C:\Programmi\ScanSoft\OmniPageSE4\OpwareSE4 .exe ----a-w 2,870,784 2008-03-09 07:14:10 C:\Programmi\Spyware Terminator\SpywareTerminatorShield .exe ----a-w 64,512 2008-03-06 17:11:32 C:\WINDOWS\ehome\ehtray .exe ----a-w 15,360 2008-01-27 07:59:23 C:\WINDOWS\system32\ctfmon .exe Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{33161E98-0A6C-4d3c-BD62-3A7D56137F52}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7EBD0DF4-1263-4ED3-96CB-4CDC66C58318}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e133f12d-08c2-4d7e-a5f7-09cc0a4a151d}] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcawts] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

lime70 Poslao: 16 Mar 2008 14:27 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pocelo je stalno da mi izbaciju jedan prozor ERROR CONSOLE i onda mi se blokira internet moram sve da ztvorim a i neznam kako da napravim taj CFSskript na desktopu .Tu consolu mi otvara browser Opera (CSS.Java script) i ispred je crveni kruzic sa crvenim X-om (kao znak zabranjeno parkiranje i zaustavljanje) i zuti trougao sa znakom uzvika. Znaci ispred je jedan od tih znakova i posle pise CSS ili Java Script a posle toga ide neka internet adresa

Profil

dr_Bora Poslao: 16 Mar 2008 16:08 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Hajde da probamo ovako... Skini file sa sledećeg linka: https://www.mycity.rs/must-login.png i pokreni ga dvoklikom. Ovo bi trebalo da automatski pokrene ComboFix sa odgovarajućom skriptom. Kada proces bude završen, postavi ovde log koji će se otvoriti...

Profil

lime70 Poslao: 16 Mar 2008 17:21 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-03-14.4 - HP_Administrator 2008-03-16 17:08:32.4 - NTFSx86 Eseguito da: C:\Documents and Settings\HP_Administrator\Desktop\th3\ComboFix.exe Command switches used :: CFScript.txt . ((((((((((((((((((((((((( Files Creati Da 2008-02-16 al 2008-03-16 ))))))))))))))))))))))))))))))))))) . 2008-03-16 11:10 . 2007-10-04 10:01 66,048 --a------ C:\WINDOWS\ieResetIcons.exe 2008-03-16 08:42 . 2008-03-16 08:42 <DIR> d-------- C:\Programmi\RivaTuner v2.08 2008-03-16 08:41 . 2008-03-16 14:27 <DIR> d-------- C:\programi internet 2008-03-16 07:49 . 2008-03-16 07:49 4,131,160 --a------ C:\registrybooster.exe 2008-03-16 07:45 . 2008-03-16 07:45 3,995,968 --a------ C:\systemtweakerv1.0 kupljen.exe 2008-03-15 21:55 . 2008-03-15 21:55 <DIR> d-------- C:\Documents and Settings\LocalService\Dati applicazioni\Ahead 2008-03-15 19:11 . 2008-03-16 07:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-03-15 19:11 . 2008-03-15 19:11 1,409 --a------ C:\WINDOWS\QTFont.for 2008-03-15 19:09 . 2008-03-15 19:09 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Apple Computer 2008-03-15 19:08 . 2008-03-15 19:09 <DIR> d-------- C:\Programmi\iTunes 2008-03-15 19:08 . 2008-03-15 19:08 <DIR> d-------- C:\Programmi\iPod 2008-03-15 19:08 . 2008-03-15 19:08 <DIR> d-------- C:\Programmi\Bonjour 2008-03-15 19:07 . 2008-03-15 19:07 <DIR> d-------- C:\Programmi\Apple Software Update 2008-03-15 19:06 . 2008-03-15 19:06 <DIR> d-------- C:\Programmi\File comuni\Apple 2008-03-15 19:06 . 2008-03-15 19:06 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple 2008-03-15 18:53 . 2008-03-15 19:01 59,163,944 --a------ C:\iTunesSetup.exe 2008-03-15 16:54 . 2008-03-15 16:54 4,561,816 --a------ C:\sump3_5_2435_209 kuplljenn.exe 2008-03-15 12:13 . 2008-03-15 12:13 <DIR> d-------- C:\Programmi\WinPcap 2008-03-15 11:37 . 2008-03-15 11:54 <DIR> d-------- C:\VundoFix Backups 2008-03-14 23:54 . 2008-03-14 23:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files 2008-03-09 14:10 . 2008-03-15 12:16 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\RFA_Backups 2008-03-09 14:01 . 2008-03-09 14:01 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\RegClean 2008-03-09 08:31 . 2008-03-09 08:32 <DIR> d-------- C:\Sanjarica 2008-03-09 08:11 . 2008-03-15 17:00 <DIR> d-------- C:\Programmi\Kaspersky Lab 2008-03-09 08:11 . 2008-03-09 08:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab 2008-03-09 08:11 . 2008-03-16 17:10 7,345,440 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-03-09 08:11 . 2008-03-15 13:14 92,720 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-03-09 08:11 . 2008-03-15 21:46 69,408 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-03-09 08:11 . 2008-03-15 13:14 3,476 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-03-04 18:34 . 2008-03-04 18:57 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Prevx 2008-03-02 17:28 . 2008-03-02 17:28 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Snapfish 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Programmi\VoipStunt.com 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Programmi\ACD Systems 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\ACD Systems 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Vinci al SuperEnalotto 2 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Veoh Networks 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\NEXT 3D ARREDAMENTO D'INTERNI 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Mario Forever 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Le Guide di Finson Patente Europea per il Computer 2 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Hair Pro 2006 Light 2008-02-20 21:29 . 2008-02-20 21:29 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\ProtezionefiData 2008-02-20 21:28 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\ProtezionefiData 2008-02-16 20:39 . 2008-02-16 20:39 <DIR> d-------- C:\Programmi\Navman . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-16 15:49 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Skype 2008-03-16 13:33 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\CallingID 2008-03-16 09:44 --------- d-----w C:\Programmi\RegistryFix 2008-03-16 09:00 --------- d-----w C:\Programmi\eMule 2008-03-16 08:41 --------- d-----w C:\Programmi\Spybot - Search & Destroy 2008-03-16 07:23 --------- d-----w C:\Programmi\Mozilla Thunderbird 2008-03-16 06:45 --------- d-----w C:\Programmi\Uniblue 2008-03-15 18:15 --------- d-----w C:\Programmi\QuickTime 2008-03-15 18:08 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer 2008-03-15 12:33 --------- d-----w C:\Programmi\Spyware Terminator 2008-03-15 11:11 --------- d-----w C:\Programmi\iViVo 2008-03-15 11:09 --------- d--h--w C:\Programmi\InstallShield Installation Information 2008-03-15 10:54 --------- d-----w C:\Programmi\PowerISO 2008-03-14 19:50 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator 2008-03-13 12:09 --------- d-----w C:\Programmi\Zortam Mp3 Media Studio 2008-03-13 12:09 --------- d-----w C:\Programmi\Microsoft ActiveSync 2008-03-09 07:08 --------- d-----w C:\Programmi\ESET 2008-03-07 18:36 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CanonIJPLM 2008-03-02 12:57 --------- d-----w C:\Programmi\File comuni\ACD Systems 2008-03-02 12:55 --------- d-----w C:\Programmi\TorrenTopia 2008-03-01 19:08 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\AntiVir PersonalEdition Classic 2008-02-27 15:35 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Uniblue 2008-02-03 11:51 --------- d-----w C:\Programmi\PrestoNotes 2008-02-03 10:45 --------- d-----w C:\Programmi\Ashampoo 2008-01-27 07:59 15,360 ----a-w C:\WINDOWS\system32\ctfmon .exe 2008-01-21 20:00 140 ------w C:\Documents and Settings\HP_Administrator\Dati applicazioni\wklnhst.dat 2008-01-19 23:03 --------- d-----w C:\Programmi\HP 2008-01-19 17:06 --------- d-----w C:\Programmi\LogiGuard 2007-06-03 20:31 540,000 ----a-w C:\Programmi\System Cleaner 5.50.zip 2007-05-30 19:13 4,660,390 ----a-w C:\Programmi\DV_Install_Demo_v21.exe 2007-05-30 19:05 947,526 ----a-w C:\Programmi\waver.zip 2007-05-30 19:03 186,767 ----a-w C:\Programmi\audc80konvertor.exe 2007-05-30 18:39 4,408,592 ----a-w C:\Programmi\vfvh571i fax.exe 2007-05-20 08:56 814,016 ----a-w C:\Programmi\Google_Updater.exe 2007-05-19 08:06 6,337,564 ----a-w C:\Programmi\WebUpdaterForLegacyOperatingSystems_240.exe 2007-05-19 07:57 4,310,568 ----a-w C:\Programmi\WebUpdater_241 za navigator.exe 2007-05-06 17:17 17,938,288 ----a-w C:\Programmi\Install_Messenger.exe 2007-05-06 15:33 10,064,213 ----a-w C:\Programmi\POILoader_232.exe 2007-05-06 10:46 669,184 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_6_80_5_1_ita.msi 2007-05-06 10:45 658,432 ----a-w C:\Programmi\nokia_connectivity_cable_driver_rel_6_81_1_spa.msi 2007-05-06 10:07 2,372,760 ----a-w C:\Programmi\winzip90.exe 2007-05-06 10:05 13,185,024 ----a-w C:\Programmi\Nokia_DKU-5_1_24.exe 2007-05-06 08:45 273,229,544 ----a-w C:\Programmi\WindowsXP-KB835935-SP2-ITA.exe 2007-05-06 08:20 445,208 ----a-w C:\Programmi\windowsxp-kb838989-X86-ITA.exe 2007-05-06 08:08 5,034,240 ----a-w C:\Programmi\DriverDetective.exe 2007-05-06 08:04 829,577 ----a-w C:\Programmi\modem_it.chm 2007-05-05 22:32 994,304 ----a-w C:\Programmi\Setup.msi 2007-05-05 22:01 21,485,136 ----a-w C:\Programmi\Nokia_PC_Suite_683_rel_14_1_ita_web.exe 2007-05-05 21:29 23,785,680 ----a-w C:\Programmi\NokiaSoftwareUpdaterSetup_it.exe 2007-05-05 15:40 840,192 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_rel_6_83_9_0_eng.msi 2007-05-05 15:39 6,685 ----a-w C:\Programmi\Nokia6103_MS_BT.inf 2007-05-05 15:39 6,494 ----a-w C:\Programmi\Nokia6103BT.inf 2007-04-30 11:31 4,212,210 ----a-w C:\Programmi\Demo_SSTworld.exe 2007-04-30 11:27 4,064,518 ----a-w C:\Programmi\bettinggenius30.exe 2007-04-29 00:11 1,087,682 ----a-w C:\Programmi\subtitleworkshop251.zip 2007-04-24 16:09 10,451,656 ----a-w C:\Programmi\XLVIEWER.EXE 2007-04-24 16:05 28,508,368 ----a-w C:\Programmi\FileFormatConverters.exe 2007-04-24 16:01 1,321 ----a-w C:\Programmi\katalog18apr07.CSV 2007-04-24 15:51 4,792,136 ----a-w C:\Programmi\CX.EXE 2007-04-24 15:48 735,232 ----a-w C:\Programmi\katalog18Apr07.xls 2007-04-24 15:46 12,337,352 ----a-w C:\Programmi\WDVIEWER.EXE 2007-04-19 20:34 122,880 ----a-w C:\Programmi\Download_wma-mp3-converter.exe 2007-04-18 08:37 1,014,730 ----a-w C:\Programmi\PowerISO37.exe 2007-03-28 22:14 6,597,960 ----a-w C:\Programmi\audioconverter_wmf_setup.exe 2007-03-28 22:08 4,708,303 ----a-w C:\Programmi\mms1001.exe 2007-03-28 21:33 404,890 ----a-w C:\Programmi\switch.zip 2007-03-25 09:56 122,880 ----a-w C:\Programmi\Download_AliveWMAMP3Recorder.exe 2007-03-25 06:50 3,326,142 ----a-w C:\Programmi\DupKillerSetup081.zip 2007-03-20 22:19 4,107,201 ----a-w C:\Programmi\burn4free_setup.exe 2007-03-20 21:48 1,219,544 ----a-w C:\Programmi\mp3cddoctorlite.exe 2007-03-18 22:48 1,988,744 ----a-w C:\Programmi\trojanb6758.exe 2007-03-18 22:42 414,580 ----a-w C:\Programmi\Megamp3Split_2.0b.zip 2007-03-18 11:58 59,392 ----a-w C:\Programmi\Italian_Serie_A_06-07.mdb 2007-03-18 10:13 2,863,832 ----a-w C:\Programmi\DeepBurner1.exe 2007-03-18 08:37 15,342,568 ----a-w C:\Programmi\20070317-017-i32.exe 2007-03-18 08:31 13,445,912 ----a-w C:\Programmi\XPBP_ESD_IT.exe 2007-03-17 22:42 3,109,256 ----a-w C:\Programmi\LinkScannerProSetup_2_5_2_0052_9.exe 2007-03-16 18:05 402,208 ----a-w C:\Programmi\rainbow(zabranjeno)-1.2-win.zip 2007-03-16 15:22 652,560 ----a-w C:\Programmi\pdf2text.exe 2007-03-16 13:44 1,622,912 ----a-w C:\Programmi\CuteWriter.exe 2007-03-16 12:57 697,042 ----a-w C:\Programmi\Scan2PDF.zip 2007-03-16 10:12 934,479 ----a-w C:\Programmi\TE20Setup.exe 2007-03-13 15:34 71,737,595 ----a-w C:\Programmi\200301010000aib.zip 2007-03-13 15:17 3,519,074 ----a-w C:\Programmi\teach800.exe 2007-03-13 15:12 23,510,720 ----a-w C:\Programmi\dotnetfx.exe 2007-03-13 14:14 14,730,232 ----a-w C:\Programmi\DivXPlay.exe 2007-03-11 21:30 1,834,548 ----a-w C:\Programmi\tbrush35 slikanje.exe 2007-03-11 21:21 34,959,384 ----a-w C:\Programmi\5.05.18.00_ntune_winxp_international.exe 2007-03-11 21:19 9,590,117 ----a-w C:\Programmi\kmp.exe 2007-03-11 21:14 4,237,337 ----a-w C:\Programmi\RLSetup_Final.exe 2007-03-11 21:10 34,282,256 ----a-w C:\Programmi\AVSTVBox.exe 2007-03-11 20:58 24,836,360 ----a-w C:\Programmi\acdsee.exe 2007-03-11 20:52 3,424,620 ----a-w C:\Programmi\MP4 Video Player.zip 2007-03-11 14:29 2,649,601 ----a-w C:\Programmi\winsonar_free_70103.zip 2007-03-11 13:17 988,039 ----a-w C:\Programmi\starsetup.exe 2007-03-11 10:50 6,932,421 ----a-w C:\Programmi\Alcohol52.zip 2007-03-11 10:45 2,579,338 ----a-w C:\Programmi\MyPhoneExplorer_Setup_1.5.9.exe 2007-03-11 10:40 1,118,786 ----a-w C:\Programmi\installer_Ringtone_CD_Ripper.exe 2007-03-11 10:38 1,665,325 ----a-w C:\Programmi\agsetup sa cd-ea.exe 2007-03-11 10:31 12,128,824 ----a-w C:\Programmi\SimpleDivX.zip 2007-03-11 00:56 56 --sh--r C:\WINDOWS\system32\590BA312D1.sys 2007-03-11 00:56 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . <pre> ----a-w 61,440 2008-03-09 13:45:27 C:\hp\KBD\KBD .EXE ----a-w 1,603,152 2008-03-09 13:45:33 C:\Programmi\Canon\MyPrinter\BJMyPrt .exe ----a-w 644,696 2008-03-09 13:45:31 C:\Programmi\Canon\SolutionMenu\CNSLMAIN .exe ----a-w 155,648 2008-01-19 17:03:55 C:\Programmi\File comuni\Ahead\Lib\NeroCheck .exe ----a-w 210,472 2008-03-09 13:45:33 C:\Programmi\File comuni\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate .exe ----a-w 176,128 2008-03-09 13:46:08 C:\Programmi\LogiGuard\Master Mechanic II\agent .exe ----a-w 79,400 2008-01-19 17:04:13 C:\Programmi\ScanSoft\OmniPageSE4\OpwareSE4 .exe ----a-w 2,870,784 2008-03-09 07:14:10 C:\Programmi\Spyware Terminator\SpywareTerminatorShield .exe ----a-w 64,512 2008-03-06 17:11:32 C:\WINDOWS\ehome\ehtray .exe ----a-w 15,360 2008-01-27 07:59:23 C:\WINDOWS\system32\ctfmon .exe </pre> ((((((((((((((((((((((((((((( snapshot@2008-03-15_13.21.30.95 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-15 18:08:36 86,016 ----a-r C:\WINDOWS\Installer\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}\PrntWzrdIco.exe + 2008-03-15 18:09:31 102,400 ----a-r C:\WINDOWS\Installer\{80FD852F-5AAC-4129-B931-06AAFFA43138}\iTunesIco.exe + 2008-03-15 18:07:20 27,136 ----a-r C:\WINDOWS\Installer\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}\AppleSoftwareUpdateIco.exe + 2007-07-24 14:17:08 81,920 ----a-w C:\WINDOWS\system32\dns-sd.exe + 2007-07-24 14:17:08 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll + 2006-09-19 13:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys + 2008-02-18 10:16:24 30,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys + 2006-10-03 18:47:52 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll + 2008-03-16 06:09:36 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_334.dat . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 Nota i valori vuoti & legittimi/default non sono visualizzati. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{33161E98-0A6C-4d3c-BD62-3A7D56137F52}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7EBD0DF4-1263-4ED3-96CB-4CDC66C58318}] C:\WINDOWS\system32\mlljj.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e133f12d-08c2-4d7e-a5f7-09cc0a4a151d}] C:\WINDOWS\system32\cidqmmrf.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Procs] @={51D8EAB2-A055-487F-BBE0-DFB79DD0E76D} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [ ] "Uniblue SpeedUpMyPC"="C:\Programmi\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe" [2007-01-12 09:26 5288960] "Uniblue RegistryBooster 2"="C:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-12-05 16:06 1885464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ftutil2"="ftutil2.dll" [2004-06-07 13:05 106496 C:\WINDOWS\system32\ftutil2.dll] "nwiz"="nwiz.exe" [2006-10-22 11:22 1622016 C:\WINDOWS\system32\nwiz.exe] "CanonSolutionMenu"="C:\Programmi\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-09 14:42 644696] "CanonMyPrinter"="C:\Programmi\Canon\MyPrinter\BJMyPrt.exe" [2008-03-09 18:45 1603152] "SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2008-03-09 18:44 210472] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 11:22 7700480] "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-03-09 18:46 2870784] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ] "kis"="C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-03-24 19:09 139367] "QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2008-01-31 23:13 385024] "iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoSecCPL"= 0 (0x0) "NoDevMgrPage"= 0 (0x0) "NoConfigPage"= 0 (0x0) "NoVirtMemPage"= 0 (0x0) "NoFileSysPage"= 0 (0x0) "NoNetSetup"= 0 (0x0) "NoNetSetupIDPage"= 0 (0x0) "NoNetSetupSecurityPage"= 0 (0x0) "NoWorkgroupContents"= 0 (0x0) "NoEntireNetwork"= 0 (0x0) "NoFileSharingControl"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) "RestrictRun"= 0 (0x0) "NoResolveTrack"= 1 (0x1) "NoThumbnailCache"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoRun"= 0 (0x0) "NoLogOff"= 0 (0x0) "NoFind"= 0 (0x0) "NoClose"= 0 (0x0) "NoSetFolders"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcawts] efcawts.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "xmlprov"=3 (0x3) "WudfSvc"=3 (0x3) "ServiceLayer"=3 (0x3) "Fax"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" "VoipStunt"="C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized "DAEMON Tools"="C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "RegEasy.exe"=C:\Programmi\Registry Easy\RegEasy.exe "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" "ISUSPM Startup"=C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup "ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\\Programmi\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programmi\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"= "C:\\Programmi\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"= "C:\\Programmi\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"= "C:\\Programmi\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"= "C:\\Programmi\\NAMCO BANDAI Games\\Warhammer Mark of Chaos\\Warhammer.exe"= "C:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"= "C:\\Programmi\\RadLight Company\\RadLight 4.0\\rlkernel.exe"= "C:\Programmi\Microsoft ActiveSync\rapimgr.exe"= C:\Programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Programmi\Microsoft ActiveSync\WCESMgr.exe"= C:\Programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Programmi\\Bonjour\\mDNSResponder.exe"= "C:\\Programmi\\iTunes\\iTunes.exe"= "C:\\Programmi\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4662:TCP"= 4662:TCP:emule "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ca93cf4-7368-11dc-82fa-001731e138a9}] \Shell\AutoRun\command - K:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc3187-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc318d-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - J:\Autorun.exe Newly Created Service - RIVATUNER32 . Contenuto della cartella 'Scheduled Tasks' "2008-03-07 21:19:22 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Programmi\TuneUp Utilities 2006\SystemOptimizer.exe "2008-03-15 18:07:19 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programmi\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-03-16 17:11:13 Windows 5.1.2600 Service Pack 2 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************ . Ora fine scansione: 2008-03-16 17:11:59 ComboFix-quarantined-files.txt 2008-03-16 16:11:56 ComboFix2.txt 2008-03-16 11:58:46 ComboFix3.txt 2008-03-15 16:13:37 ComboFix4.txt 2008-03-15 12:22:10 . 2007-10-07 01:25:16 --- E O F ---

Profil

dr_Bora Poslao: 16 Mar 2008 17:34 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uhhh... Ni ovo nije dobro, ali je ovaj put moja greška. No, deo posla je bar obavljen. Da Desktopu imaš folder th3 i u njemu se nalazi ComboFix. Sada bi tamo trebao biti i file CFScript. Prevuci file CFScript na ikonicu ComboFix-a kao na slici: Kad bude gotovo, logfile će se otvoriti - iskopiraj ga ovde.

Profil

lime70 Poslao: 16 Mar 2008 17:54 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-03-14.4 - HP_Administrator 2008-03-16 17.45.34.5 - NTFSx86 Eseguito da: C:\Documents and Settings\HP_Administrator\Desktop\th3\ComboFix.exe Command switches used :: C:\Documents and Settings\HP_Administrator\Desktop\th3\CFScript.txt * Creato nuovo punto di ripristino FILE :: C:\Documents and Settings\HP_Administrator\Dati applicazioni\wklnhst.dat . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\HP_Administrator\Dati applicazioni\wklnhst.dat C:\VundoFix Backups C:\VundoFix Backups\addmorefiles.txt C:\VundoFix Backups\PWRISOSH.DLL.bad C:\VundoFix Backups\ymfevzil.dllbox.bad . ((((((((((((((((((((((((( Files Creati Da 2008-02-16 al 2008-03-16 ))))))))))))))))))))))))))))))))))) . 2008-03-16 11:10 . 2007-10-04 10:01 66,048 --a------ C:\WINDOWS\ieResetIcons.exe 2008-03-16 08:42 . 2008-03-16 08:42 <DIR> d-------- C:\Programmi\RivaTuner v2.08 2008-03-16 08:41 . 2008-03-16 14:27 <DIR> d-------- C:\programi internet 2008-03-16 07:49 . 2008-03-16 07:49 4,131,160 --a------ C:\registrybooster.exe 2008-03-16 07:45 . 2008-03-16 07:45 3,995,968 --a------ C:\systemtweakerv1.0 kupljen.exe 2008-03-15 21:55 . 2008-03-15 21:55 <DIR> d-------- C:\Documents and Settings\LocalService\Dati applicazioni\Ahead 2008-03-15 19:11 . 2008-03-16 07:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-03-15 19:11 . 2008-03-15 19:11 1,409 --a------ C:\WINDOWS\QTFont.for 2008-03-15 19:09 . 2008-03-15 19:09 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Apple Computer 2008-03-15 19:08 . 2008-03-15 19:09 <DIR> d-------- C:\Programmi\iTunes 2008-03-15 19:08 . 2008-03-15 19:08 <DIR> d-------- C:\Programmi\iPod 2008-03-15 19:08 . 2008-03-15 19:08 <DIR> d-------- C:\Programmi\Bonjour 2008-03-15 19:07 . 2008-03-15 19:07 <DIR> d-------- C:\Programmi\Apple Software Update 2008-03-15 19:06 . 2008-03-15 19:06 <DIR> d-------- C:\Programmi\File comuni\Apple 2008-03-15 19:06 . 2008-03-15 19:06 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Apple 2008-03-15 18:53 . 2008-03-15 19:01 59,163,944 --a------ C:\iTunesSetup.exe 2008-03-15 16:54 . 2008-03-15 16:54 4,561,816 --a------ C:\sump3_5_2435_209 kuplljenn.exe 2008-03-15 12:13 . 2008-03-15 12:13 <DIR> d-------- C:\Programmi\WinPcap 2008-03-14 23:54 . 2008-03-14 23:54 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab Setup Files 2008-03-09 14:10 . 2008-03-15 12:16 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\RFA_Backups 2008-03-09 14:01 . 2008-03-09 14:01 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\RegClean 2008-03-09 08:31 . 2008-03-09 08:32 <DIR> d-------- C:\Sanjarica 2008-03-09 08:11 . 2008-03-15 17:00 <DIR> d-------- C:\Programmi\Kaspersky Lab 2008-03-09 08:11 . 2008-03-09 08:11 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab 2008-03-09 08:11 . 2008-03-16 17:48 7,384,864 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-03-09 08:11 . 2008-03-15 13:14 92,720 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-03-09 08:11 . 2008-03-15 21:46 69,408 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-03-09 08:11 . 2008-03-15 13:14 3,476 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-03-04 18:34 . 2008-03-04 18:57 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Prevx 2008-03-02 17:28 . 2008-03-02 17:28 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\Snapfish 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Programmi\VoipStunt.com 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Programmi\ACD Systems 2008-03-02 13:57 . 2008-03-02 13:57 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\ACD Systems 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Vinci al SuperEnalotto 2 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Veoh Networks 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\NEXT 3D ARREDAMENTO D'INTERNI 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Mario Forever 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Le Guide di Finson Patente Europea per il Computer 2 2008-03-02 13:55 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\Hair Pro 2006 Light 2008-02-20 21:29 . 2008-02-20 21:29 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\ProtezionefiData 2008-02-20 21:28 . 2008-03-02 13:55 <DIR> d-------- C:\Programmi\ProtezionefiData 2008-02-16 20:39 . 2008-02-16 20:39 <DIR> d-------- C:\Programmi\Navman . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-16 16:48 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Skype 2008-03-16 16:45 --------- d-----w C:\Programmi\Spyware Terminator 2008-03-16 13:33 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\CallingID 2008-03-16 09:44 --------- d-----w C:\Programmi\RegistryFix 2008-03-16 09:00 --------- d-----w C:\Programmi\eMule 2008-03-16 08:41 --------- d-----w C:\Programmi\Spybot - Search & Destroy 2008-03-16 07:23 --------- d-----w C:\Programmi\Mozilla Thunderbird 2008-03-16 06:45 --------- d-----w C:\Programmi\Uniblue 2008-03-15 18:15 --------- d-----w C:\Programmi\QuickTime 2008-03-15 18:08 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer 2008-03-15 11:11 --------- d-----w C:\Programmi\iViVo 2008-03-15 11:09 --------- d--h--w C:\Programmi\InstallShield Installation Information 2008-03-15 10:54 --------- d-----w C:\Programmi\PowerISO 2008-03-14 19:50 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator 2008-03-13 12:09 --------- d-----w C:\Programmi\Zortam Mp3 Media Studio 2008-03-13 12:09 --------- d-----w C:\Programmi\Microsoft ActiveSync 2008-03-09 07:08 --------- d-----w C:\Programmi\ESET 2008-03-07 18:36 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CanonIJPLM 2008-03-06 17:11 64,512 ----a-w C:\WINDOWS\system32\dllcache\ehtray.exe 2008-03-02 12:57 --------- d-----w C:\Programmi\File comuni\ACD Systems 2008-03-02 12:55 --------- d-----w C:\Programmi\TorrenTopia 2008-03-01 19:08 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\AntiVir PersonalEdition Classic 2008-02-27 15:35 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Uniblue 2008-02-03 11:51 --------- d-----w C:\Programmi\PrestoNotes 2008-02-03 10:45 --------- d-----w C:\Programmi\Ashampoo 2008-01-27 07:59 15,360 ----a-w C:\WINDOWS\system32\dllcache\ctfmon.exe 2008-01-27 07:59 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe 2008-01-19 23:03 --------- d-----w C:\Programmi\HP 2008-01-19 17:06 --------- d-----w C:\Programmi\LogiGuard 2007-06-03 20:31 540,000 ----a-w C:\Programmi\System Cleaner 5.50.zip 2007-05-30 19:13 4,660,390 ----a-w C:\Programmi\DV_Install_Demo_v21.exe 2007-05-30 19:05 947,526 ----a-w C:\Programmi\waver.zip 2007-05-30 19:03 186,767 ----a-w C:\Programmi\audc80konvertor.exe 2007-05-30 18:39 4,408,592 ----a-w C:\Programmi\vfvh571i fax.exe 2007-05-20 08:56 814,016 ----a-w C:\Programmi\Google_Updater.exe 2007-05-19 08:06 6,337,564 ----a-w C:\Programmi\WebUpdaterForLegacyOperatingSystems_240.exe 2007-05-19 07:57 4,310,568 ----a-w C:\Programmi\WebUpdater_241 za navigator.exe 2007-05-06 17:17 17,938,288 ----a-w C:\Programmi\Install_Messenger.exe 2007-05-06 15:33 10,064,213 ----a-w C:\Programmi\POILoader_232.exe 2007-05-06 10:46 669,184 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_6_80_5_1_ita.msi 2007-05-06 10:45 658,432 ----a-w C:\Programmi\nokia_connectivity_cable_driver_rel_6_81_1_spa.msi 2007-05-06 10:07 2,372,760 ----a-w C:\Programmi\winzip90.exe 2007-05-06 10:05 13,185,024 ----a-w C:\Programmi\Nokia_DKU-5_1_24.exe 2007-05-06 08:45 273,229,544 ----a-w C:\Programmi\WindowsXP-KB835935-SP2-ITA.exe 2007-05-06 08:20 445,208 ----a-w C:\Programmi\windowsxp-kb838989-X86-ITA.exe 2007-05-06 08:08 5,034,240 ----a-w C:\Programmi\DriverDetective.exe 2007-05-06 08:04 829,577 ----a-w C:\Programmi\modem_it.chm 2007-05-05 22:32 994,304 ----a-w C:\Programmi\Setup.msi 2007-05-05 22:01 21,485,136 ----a-w C:\Programmi\Nokia_PC_Suite_683_rel_14_1_ita_web.exe 2007-05-05 21:29 23,785,680 ----a-w C:\Programmi\NokiaSoftwareUpdaterSetup_it.exe 2007-05-05 15:40 840,192 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_rel_6_83_9_0_eng.msi 2007-05-05 15:39 6,685 ----a-w C:\Programmi\Nokia6103_MS_BT.inf 2007-05-05 15:39 6,494 ----a-w C:\Programmi\Nokia6103BT.inf 2007-04-30 11:31 4,212,210 ----a-w C:\Programmi\Demo_SSTworld.exe 2007-04-30 11:27 4,064,518 ----a-w C:\Programmi\bettinggenius30.exe 2007-04-29 00:11 1,087,682 ----a-w C:\Programmi\subtitleworkshop251.zip 2007-04-24 16:09 10,451,656 ----a-w C:\Programmi\XLVIEWER.EXE 2007-04-24 16:05 28,508,368 ----a-w C:\Programmi\FileFormatConverters.exe 2007-04-24 16:01 1,321 ----a-w C:\Programmi\katalog18apr07.CSV 2007-04-24 15:51 4,792,136 ----a-w C:\Programmi\CX.EXE 2007-04-24 15:48 735,232 ----a-w C:\Programmi\katalog18Apr07.xls 2007-04-24 15:46 12,337,352 ----a-w C:\Programmi\WDVIEWER.EXE 2007-04-19 20:34 122,880 ----a-w C:\Programmi\Download_wma-mp3-converter.exe 2007-04-18 08:37 1,014,730 ----a-w C:\Programmi\PowerISO37.exe 2007-03-28 22:14 6,597,960 ----a-w C:\Programmi\audioconverter_wmf_setup.exe 2007-03-28 22:08 4,708,303 ----a-w C:\Programmi\mms1001.exe 2007-03-28 21:33 404,890 ----a-w C:\Programmi\switch.zip 2007-03-25 09:56 122,880 ----a-w C:\Programmi\Download_AliveWMAMP3Recorder.exe 2007-03-25 06:50 3,326,142 ----a-w C:\Programmi\DupKillerSetup081.zip 2007-03-20 22:19 4,107,201 ----a-w C:\Programmi\burn4free_setup.exe 2007-03-20 21:48 1,219,544 ----a-w C:\Programmi\mp3cddoctorlite.exe 2007-03-18 22:48 1,988,744 ----a-w C:\Programmi\trojanb6758.exe 2007-03-18 22:42 414,580 ----a-w C:\Programmi\Megamp3Split_2.0b.zip 2007-03-18 11:58 59,392 ----a-w C:\Programmi\Italian_Serie_A_06-07.mdb 2007-03-18 10:13 2,863,832 ----a-w C:\Programmi\DeepBurner1.exe 2007-03-18 08:37 15,342,568 ----a-w C:\Programmi\20070317-017-i32.exe 2007-03-18 08:31 13,445,912 ----a-w C:\Programmi\XPBP_ESD_IT.exe 2007-03-17 22:42 3,109,256 ----a-w C:\Programmi\LinkScannerProSetup_2_5_2_0052_9.exe 2007-03-16 18:05 402,208 ----a-w C:\Programmi\rainbow(zabranjeno)-1.2-win.zip 2007-03-16 15:22 652,560 ----a-w C:\Programmi\pdf2text.exe 2007-03-16 13:44 1,622,912 ----a-w C:\Programmi\CuteWriter.exe 2007-03-16 12:57 697,042 ----a-w C:\Programmi\Scan2PDF.zip 2007-03-16 10:12 934,479 ----a-w C:\Programmi\TE20Setup.exe 2007-03-13 15:34 71,737,595 ----a-w C:\Programmi\200301010000aib.zip 2007-03-13 15:17 3,519,074 ----a-w C:\Programmi\teach800.exe 2007-03-13 15:12 23,510,720 ----a-w C:\Programmi\dotnetfx.exe 2007-03-13 14:14 14,730,232 ----a-w C:\Programmi\DivXPlay.exe 2007-03-11 21:30 1,834,548 ----a-w C:\Programmi\tbrush35 slikanje.exe 2007-03-11 21:21 34,959,384 ----a-w C:\Programmi\5.05.18.00_ntune_winxp_international.exe 2007-03-11 21:19 9,590,117 ----a-w C:\Programmi\kmp.exe 2007-03-11 21:14 4,237,337 ----a-w C:\Programmi\RLSetup_Final.exe 2007-03-11 21:10 34,282,256 ----a-w C:\Programmi\AVSTVBox.exe 2007-03-11 20:58 24,836,360 ----a-w C:\Programmi\acdsee.exe 2007-03-11 20:52 3,424,620 ----a-w C:\Programmi\MP4 Video Player.zip 2007-03-11 14:29 2,649,601 ----a-w C:\Programmi\winsonar_free_70103.zip 2007-03-11 13:17 988,039 ----a-w C:\Programmi\starsetup.exe 2007-03-11 10:50 6,932,421 ----a-w C:\Programmi\Alcohol52.zip 2007-03-11 10:45 2,579,338 ----a-w C:\Programmi\MyPhoneExplorer_Setup_1.5.9.exe 2007-03-11 10:40 1,118,786 ----a-w C:\Programmi\installer_Ringtone_CD_Ripper.exe 2007-03-11 10:38 1,665,325 ----a-w C:\Programmi\agsetup sa cd-ea.exe 2007-03-11 00:56 56 --sh--r C:\WINDOWS\system32\590BA312D1.sys 2007-03-11 00:56 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot@2008-03-15_13.21.30.95 ))))))))))))))))))))))))))))))))))))))))) . + 2008-03-06 17:11:32 64,512 ----a-w C:\WINDOWS\ehome\ehtray.exe + 2008-03-15 18:08:36 86,016 ----a-r C:\WINDOWS\Installer\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}\PrntWzrdIco.exe + 2008-03-15 18:09:31 102,400 ----a-r C:\WINDOWS\Installer\{80FD852F-5AAC-4129-B931-06AAFFA43138}\iTunesIco.exe + 2008-03-15 18:07:20 27,136 ----a-r C:\WINDOWS\Installer\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}\AppleSoftwareUpdateIco.exe + 2007-07-24 14:17:08 81,920 ----a-w C:\WINDOWS\system32\dns-sd.exe + 2007-07-24 14:17:08 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll + 2006-09-19 13:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys + 2008-02-18 10:16:24 30,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys + 2006-10-03 18:47:52 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll + 2008-03-16 06:09:36 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_334.dat . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 Nota i valori vuoti & legittimi/default non sono visualizzati. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Procs] @={51D8EAB2-A055-487F-BBE0-DFB79DD0E76D} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [ ] "Uniblue SpeedUpMyPC"="C:\Programmi\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe" [2007-01-12 09:26 5288960] "Uniblue RegistryBooster 2"="C:\Programmi\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2007-12-05 16:06 1885464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ftutil2"="ftutil2.dll" [2004-06-07 13:05 106496 C:\WINDOWS\system32\ftutil2.dll] "nwiz"="nwiz.exe" [2006-10-22 11:22 1622016 C:\WINDOWS\system32\nwiz.exe] "CanonSolutionMenu"="C:\Programmi\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-09 14:45 644696] "CanonMyPrinter"="C:\Programmi\Canon\MyPrinter\BJMyPrt.exe" [2008-03-09 14:45 1603152] "SSBkgdUpdate"="C:\Programmi\File comuni\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2008-03-09 14:45 210472] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 11:22 7700480] "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-03-09 08:14 2870784] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ] "kis"="C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-03-24 19:09 139367] "QuickTime Task"="C:\Programmi\QuickTime\QTTask.exe" [2008-01-31 23:13 385024] "iTunesHelper"="C:\Programmi\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoSecCPL"= 0 (0x0) "NoDevMgrPage"= 0 (0x0) "NoConfigPage"= 0 (0x0) "NoVirtMemPage"= 0 (0x0) "NoFileSysPage"= 0 (0x0) "NoNetSetup"= 0 (0x0) "NoNetSetupIDPage"= 0 (0x0) "NoNetSetupSecurityPage"= 0 (0x0) "NoWorkgroupContents"= 0 (0x0) "NoEntireNetwork"= 0 (0x0) "NoFileSharingControl"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) "RestrictRun"= 0 (0x0) "NoResolveTrack"= 1 (0x1) "NoThumbnailCache"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoRun"= 0 (0x0) "NoLogOff"= 0 (0x0) "NoFind"= 0 (0x0) "NoClose"= 0 (0x0) "NoSetFolders"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "xmlprov"=3 (0x3) "WudfSvc"=3 (0x3) "ServiceLayer"=3 (0x3) "Fax"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" "VoipStunt"="C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized "DAEMON Tools"="C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "RegEasy.exe"=C:\Programmi\Registry Easy\RegEasy.exe "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" "ISUSPM Startup"=C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup "ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\\Programmi\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programmi\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"= "C:\\Programmi\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"= "C:\\Programmi\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"= "C:\\Programmi\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"= "C:\\Programmi\\NAMCO BANDAI Games\\Warhammer Mark of Chaos\\Warhammer.exe"= "C:\\Programmi\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"= "C:\\Programmi\\RadLight Company\\RadLight 4.0\\rlkernel.exe"= "C:\Programmi\Microsoft ActiveSync\rapimgr.exe"= C:\Programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Programmi\Microsoft ActiveSync\WCESMgr.exe"= C:\Programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Programmi\\Bonjour\\mDNSResponder.exe"= "C:\\Programmi\\iTunes\\iTunes.exe"= "C:\\Programmi\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4662:TCP"= 4662:TCP:emule "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ca93cf4-7368-11dc-82fa-001731e138a9}] \Shell\AutoRun\command - K:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc3187-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc318d-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - J:\Autorun.exe Newly Created Service - RIVATUNER32 . Contenuto della cartella 'Scheduled Tasks' "2008-03-07 21:19:22 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Programmi\TuneUp Utilities 2006\SystemOptimizer.exe "2008-03-15 18:07:19 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programmi\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-03-16 17:48:07 Windows 5.1.2600 Service Pack 2 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************ . Ora fine scansione: 2008-03-16 17.48.48 ComboFix-quarantined-files.txt 2008-03-16 16:48:46 ComboFix2.txt 2008-03-16 16:12:00 ComboFix3.txt 2008-03-16 11:58:46 ComboFix4.txt 2008-03-15 16:13:37 ComboFix5.txt 2008-03-15 12:22:10 . 2007-10-07 01:25:16 --- E O F ---

Profil

dr_Bora Poslao: 16 Mar 2008 18:00 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To je to... Rešili smo se posledica infekcije koju si imao. Kakvo je sada stanje? Postoje li neki problemi?

Profil

lime70 Poslao: 16 Mar 2008 18:35 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala bas si se namaltretirao oko mene svaka cast kako radite ovo profesionalno, ako postoji nacin za neku donaciju pomoc sajtu ili vec nekako . Videcu ovih dana kako radi moracu ponovo da skinem IE on mi nije radi mesecima Dopuna: 16 Mar 2008 18:35 A da dali da deinstaliram combofix sad ?

Profil

dr_Bora Poslao: 16 Mar 2008 19:24 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Svastara

Ko je trenutno na forumu

Ukupno su 831 korisnika na forumu :: 5 registrovanih, 0 sakrivenih i 826 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bobrock1, DragoslavS, mrav pesadinac, sokojet, Srle993

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by