MyCity » Ambulanta -> Arhiva Ambulante » Wuauclt.exe

Wuauclt.exe

Napisano na dan: 17.10.2010

Strana:
1
2

Wuauclt.exe

Pagination

Prethodna strana

Odgovori

Strana:
1
2

vladanstankovic Poslao: 20 Okt 2010 01:51 Idi na vrh
offline vladanstankovic Novi MyCity građanin Pridružio: 02 Dec 2007 Poruke: 7 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Mozda subjektivno, windows se "podize" brze. Videcu sutra pa javljam. Evo i loga: Pozdrav mycity.rs/must-login.png ComboFix 10-10-18.06 - Cetvorka 10/20/2010 1:38.3.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2761 [GMT 2:00] Running from: c:\documents and settings\Cetvorka\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Cetvorka\Desktop\CFScript.txt AV: ESET Smart Security 4.2 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall enabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} * Resident AV is active FILE :: "c:\windows\system32\tmp23B.tmp" "c:\windows\system32\tmp23C.tmp" "c:\windows\system32\tmp894.tmp" "c:\windows\system32\tmp895.tmp" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\tmp23B.tmp c:\windows\system32\tmp23C.tmp c:\windows\system32\tmp894.tmp c:\windows\system32\tmp895.tmp . --------------- FCopy --------------- c:\windows\ServicePackFiles\i386\wuauclt.exe --> c:\windows\System32\wuauclt.exe . ((((((((((((((((((((((((( Files Created from 2010-09-19 to 2010-10-19 ))))))))))))))))))))))))))))))) . 2010-10-19 23:38 . 2008-04-14 04:42 111104 -c--a-w- c:\windows\system32\dllcache\wuauclt.exe 2010-10-19 23:38 . 2008-04-14 04:42 111104 ----a-w- c:\windows\system32\wuauclt.exe 2010-10-19 19:49 . 2010-10-19 19:49 -------- d-----w- C:\TDSSKiller_Quarantine 2010-10-19 13:17 . 2010-10-19 13:17 14802944 ---ha-w- c:\documents and settings\Cetvorka\ntuser.tmp 2010-10-17 20:47 . 2010-10-17 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\RFA_Backups 2010-10-17 20:47 . 2010-10-17 20:47 -------- d-----w- c:\documents and settings\Cetvorka\Local Settings\Application Data\Thinstall 2010-10-17 20:47 . 2010-10-17 20:47 -------- d-----w- c:\documents and settings\Cetvorka\Application Data\Thinstall 2010-10-17 17:03 . 2010-10-17 17:03 -------- d-----w- c:\documents and settings\Cetvorka\DoctorWeb 2010-10-17 13:01 . 2010-10-17 13:01 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2010-10-17 12:01 . 2010-10-17 12:01 -------- d-----w- c:\program files\Electronic Arts 2010-10-12 17:50 . 2010-10-12 17:50 -------- d-----w- c:\program files\Neat Video for Premiere 2010-10-12 17:49 . 2010-10-12 17:49 -------- d-----w- c:\program files\Neat Video for After Effects 2010-10-12 12:02 . 2010-10-12 12:02 -------- d-----w- c:\program files\Common Files\Apple 2010-10-11 22:00 . 2010-10-11 22:00 -------- d-----w- c:\program files\Camtech 2010-10-11 21:26 . 2010-10-11 21:26 -------- d-----w- c:\program files\DVFilm 2010-10-11 21:26 . 2008-06-23 17:15 927232 ----a-w- c:\windows\system32\raylightQuicktime1.qtx 2010-10-11 21:26 . 2008-06-23 17:15 927232 ----a-w- c:\windows\system32\raylightQuicktime2.qtx 2010-10-11 21:26 . 2008-06-23 17:14 927232 ----a-w- c:\windows\system32\raylightQuicktime3.qtx 2010-10-11 21:26 . 2008-06-23 17:14 927232 ----a-w- c:\windows\system32\raylightQuicktime4.qtx 2010-10-11 21:26 . 2008-06-23 17:14 927232 ----a-w- c:\windows\system32\raylightQuicktime7.qtx 2010-10-11 21:26 . 2008-06-23 17:14 927232 ----a-w- c:\windows\system32\raylightQuicktime8.qtx 2010-10-11 21:26 . 2008-06-23 17:14 927232 ----a-w- c:\windows\system32\raylightQuicktime13.qtx 2010-10-11 21:26 . 2008-06-23 17:14 927232 ----a-w- c:\windows\system32\raylightQuicktime14.qtx 2010-10-07 21:37 . 2010-10-07 21:37 -------- d-----w- c:\documents and settings\Cetvorka\Application Data\BlackBean 2010-10-07 20:21 . 2010-10-07 20:21 -------- d-----w- c:\program files\BlackBeanGames 2010-10-06 18:35 . 2010-10-06 18:35 -------- d-----w- c:\documents and settings\Cetvorka\Local Settings\Application Data\SKIDROW 2010-10-05 17:18 . 2010-10-15 21:24 -------- d-----w- c:\program files\JDownloader 2010-10-04 19:53 . 2010-10-04 19:53 -------- d-----w- c:\documents and settings\Cetvorka\Local Settings\Application Data\My Games 2010-10-04 19:38 . 2010-10-06 18:34 -------- d-----w- c:\program files\Sid Meier's Civilization V 2010-10-04 07:51 . 2010-10-04 07:51 -------- d-----w- c:\documents and settings\Cetvorka\Application Data\CheeseSoft 2010-10-04 07:51 . 2010-10-04 07:51 -------- d-----w- c:\program files\FinalUninstaller 2010-10-03 20:15 . 2010-10-03 20:35 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedMP3Downloader 2010-10-03 20:15 . 2010-10-03 20:15 -------- d-----w- c:\documents and settings\Cetvorka\Application Data\SpeedMP3Downloader 2010-10-03 19:57 . 2010-10-04 16:27 -------- d-----w- c:\documents and settings\Cetvorka\Local Settings\Application Data\Conduit 2010-10-03 19:57 . 2010-10-03 19:57 -------- d-----w- c:\program files\Conduit 2010-10-03 19:57 . 2010-10-04 16:53 -------- d-----w- c:\documents and settings\Cetvorka\Local Settings\Application Data\Hot_MP3 2010-10-03 19:57 . 2010-10-04 16:27 -------- d-----w- c:\program files\Hot_MP3 2010-10-03 19:57 . 2010-10-03 19:58 -------- d-----w- c:\program files\SpeedMP3Downloader 2010-10-01 23:04 . 2010-10-01 23:04 -------- d-----w- c:\program files\2K Games 2010-10-01 20:00 . 2004-01-21 19:26 377856 ----a-w- c:\windows\system\binkw32.dll 2010-10-01 19:53 . 2010-10-01 19:53 -------- d-----w- c:\program files\RADVideo 2010-10-01 17:18 . 2010-10-01 18:12 -------- d-----w- C:\BackSys 2010-10-01 15:51 . 2010-10-01 15:51 -------- d-----w- c:\documents and settings\Cetvorka\Local Settings\Application Data\4A Games 2010-10-01 15:51 . 2010-10-01 15:51 -------- d-----w- c:\documents and settings\Cetvorka\Application Data\NVIDIA 2010-10-01 15:00 . 2010-10-01 19:58 -------- d-----w- c:\program files\Steam 2010-10-01 11:30 . 2010-10-01 17:26 -------- d-----w- c:\windows\RestoreSafeDeleted 2010-10-01 11:30 . 2010-10-01 18:11 24416 ----a-w- c:\windows\system32\drivers\regguard.sys 2010-10-01 10:25 . 2010-10-01 10:25 -------- d-----w- c:\program files\Digieffects 2010-10-01 10:22 . 2010-10-01 10:22 2 --shatr- c:\windows\winstart.bat 2010-10-01 10:22 . 2010-09-01 12:18 12808 ----a-w- c:\windows\system32\drivers\UnHackMeDrv.sys 2010-10-01 10:22 . 2010-10-01 16:58 -------- d-----w- c:\program files\UnHackMe 2010-09-22 19:29 . 2010-09-22 19:29 -------- d-----w- c:\documents and settings\All Users\Application Data\IncrediMail 2010-09-22 19:29 . 2010-09-22 19:30 -------- d-----w- c:\documents and settings\All Users\Application Data\IM 2010-09-21 23:22 . 2010-09-21 23:24 1160 --sha-w- c:\windows\system32\KGyGaAvL.sys 2010-09-20 16:55 . 2000-05-22 20:58 608448 ----a-w- c:\windows\system32\comctl32.ocx 2010-09-20 16:55 . 2010-10-11 20:44 -------- d-----w- c:\program files\Total Video Converter . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-08 12:51 . 2010-05-08 12:51 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((( SnapShot@2010-10-17_23.53.11 ))))))))))))))))))))))))))))))))))))))))) . + 2010-10-19 19:53 . 2010-10-19 19:53 16384 c:\windows\Temp\Perflib_Perfdata_2ac.dat + 2010-10-19 19:54 . 2010-10-19 19:54 16384 c:\windows\Temp\Perflib_Perfdata_25c.dat + 2008-12-22 19:00 . 2010-10-18 22:23 77200 c:\windows\system32\drivers\jraid.sys - 2008-12-22 19:00 . 2008-05-08 06:21 77200 c:\windows\system32\drivers\jraid.sys + 2008-12-22 18:39 . 2010-10-19 09:06 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-12-22 18:39 . 2010-07-21 14:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-12-22 18:39 . 2010-07-21 14:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2008-12-22 18:39 . 2010-10-19 09:06 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2008-12-22 19:10 . 2010-10-19 19:54 16608 c:\windows\gdrv.sys - 2008-12-22 19:10 . 2010-10-17 23:53 16608 c:\windows\gdrv.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{9384bd4c-dd14-4be9-80f7-f6277511e4f5}"= "c:\program files\Hot_MP3\tbHot1.dll" [2010-10-04 2735200] [HKEY_CLASSES_ROOT\clsid\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}] 2010-10-04 16:27 2735200 ----a-w- c:\program files\Hot_MP3\tbHot1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{9384bd4c-dd14-4be9-80f7-f6277511e4f5}"= "c:\program files\Hot_MP3\tbHot1.dll" [2010-10-04 2735200] [HKEY_CLASSES_ROOT\clsid\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{9384BD4C-DD14-4BE9-80F7-F6277511E4F5}"= "c:\program files\Hot_MP3\tbHot1.dll" [2010-10-04 2735200] [HKEY_CLASSES_ROOT\clsid\{9384bd4c-dd14-4be9-80f7-f6277511e4f5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-09-28 2407632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AutorunRemover.exe"="c:\program files\AutorunRemover\AutorunRemover.exe" [2010-04-02 1370624] "CertificateRegistration"="SafeSignCertReg.exe" [2004-02-17 28672] "{914C5BF8-EEDD-4F3A-A8BE-34EE71CF1B29}"="c:\program files\Mediafour\XPlay 3\XPlay.exe" [2010-04-08 300544] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-06-24 2202704] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0Vlaki [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-05-08 12:45 136176 ----atw- c:\documents and settings\Cetvorka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "Bonjour Service"=2 (0x2) "GoogleDesktopManager-110309-193829"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Home 2009.SP2\\RpcAgentSrv.exe"= "c:\\WINDOWS\\system32\\java.exe"= "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\totalcmd\\TOTALCMD.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Sony\\Vegas Pro 8.0\\VegSrv80.exe"= "c:\\Program Files\\Adobe\\Adobe After Effects CS3\\Support Files\\AfterFX.exe"= "c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Home 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"= "c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"= "c:\\Program Files\\Autodesk\\Backburner\\manager.exe"= "c:\\Program Files\\Autodesk\\Backburner\\server.exe"= "c:\\Program Files\\Autodesk\\3ds Max 2009\\3dsmax.exe"= "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Autodesk\\Maya2010\\bin\\maya.exe"= "c:\\Program Files\\Autodesk\\Autodesk Toxik 2010\\program\\toxik.exe"= "c:\\Program Files\\Adobe\\Adobe Premiere Pro CS3\\Adobe Premiere Pro.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\eyeon\\Fusion 6.0\\eyeonScript.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\PESEdit\\2010 FIFA World Cup Patch\\pes2010.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"= "c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Adobe\\Adobe After Effects CS4\\Support Files\\AfterFX.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server "1055:TCP"= 1055:TCP:Discreet BrowseD "1066:TCP"= 1066:TCP:Discreet Slave Render "1947:TCP"= 1947:TCP:HASP SRM "1947:UDP"= 1947:UDP:HASP SRM [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 MDFSYSNT;MacDrive file system driver;c:\windows\system32\drivers\MDFSYSNT.SYS [9/28/2009 2:02 PM 259176] R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [5/3/2009 4:11 PM 130936] R1 CbFs;CbFs;c:\windows\system32\drivers\cbfs.sys [7/18/2010 1:38 AM 145504] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4/28/2010 8:17 AM 114984] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6/24/2010 9:27 AM 810144] R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [12/22/2008 9:10 PM 80392] R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?] R2 JawsService.exe;Jaws Service;c:\program files\SpeedSix\bin\JawsService.exe [8/22/2006 12:27 PM 53248] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/2/2009 5:01 PM 304464] R3 EuMusDesignVirtualAudioCableWdm_s2x;Sound2x Audio Cable (WDM);c:\windows\system32\drivers\vacs2xkd.sys [12/23/2008 5:57 PM 42880] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/2/2009 5:01 PM 20952] S2 57xx SteelVine Manager;57xx SteelVine;c:\program files\Silicon Image\57xx SteelVine\SteelVine.exe [8/20/2007 12:42 PM 1282048] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/8/2010 2:54 PM 136176] S2 M4iPodWPDService;M4iPodWPDService;c:\program files\Common Files\Mediafour\iPod\M4iPodWPDService.exe [6/18/2010 2:16 PM 223232] S2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [3/10/2008 12:04 AM 65536] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [12/23/2008 5:57 PM 16512] S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [10/1/2010 1:30 PM 24416] S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [6/23/2010 3:59 PM 83208] S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [6/23/2010 3:59 PM 15112] S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [6/23/2010 3:59 PM 108680] S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [6/23/2010 3:59 PM 100488] S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [6/23/2010 3:59 PM 98568] S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professional Home 2009.SP2\RpcAgentSrv.exe [12/23/2008 3:43 PM 98488] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [5/3/2009 4:11 PM 348752] S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096] S3 TodosAgmII;Driver for Todos Argosmini II USB;c:\windows\system32\drivers\AgmIIusb.sys [6/21/2010 11:17 PM 22016] S4 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [5/8/2010 2:51 PM 30192] --- Other Services/Drivers In Memory --- Deregistered* - klmd25 Deregistered - klmdb . Contents of the 'Scheduled Tasks' folder 2010-10-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-08 12:51] 2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-08 12:54] 2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-08 12:54] 2010-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1957994488-682003330-1003Core.job - c:\documents and settings\Cetvorka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-08 12:45] 2010-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1957994488-682003330-1003UA.job - c:\documents and settings\Cetvorka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-08 12:45] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ig?hl=en uInternet Settings,ProxyOverride = .local IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} FF - ProfilePath - c:\documents and settings\Cetvorka\Application Data\Mozilla\Firefox\Profiles\wijp8ut3.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_fs&search= FF - component: c:\documents and settings\Cetvorka\Application Data\Mozilla\Firefox\Profiles\wijp8ut3.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll FF - component: c:\documents and settings\Cetvorka\Application Data\Mozilla\Firefox\Profiles\wijp8ut3.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll FF - plugin: c:\documents and settings\Cetvorka\Application Data\Mozilla\Firefox\Profiles\wijp8ut3.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll FF - plugin: c:\documents and settings\Cetvorka\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\VersionVersion] "Version"=hex:40,57,d0,3f,22,9f,8b,82,9f,c1,fa,0d,a8,8d,e6,83,db,64,1e,8a,c4, 84,db,e9,3d,ac,d4,7f,28,62,66,bb,fa,69,78,b8,4b,a2,27,a6,76,a7,60,44,fb,fa,\ [HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version] "Version"=hex:40,57,d0,3f,22,9f,8b,82,9f,c1,fa,0d,a8,8d,e6,83,db,64,1e,8a,c4, 84,db,e9,3d,ac,d4,7f,28,62,66,bb,fa,69,78,b8,4b,a2,27,a6,76,a7,60,44,fb,fa,\ . Completion time: 2010-10-20 01:45:56 ComboFix-quarantined-files.txt 2010-10-19 23:45 ComboFix2.txt 2010-10-19 21:52 ComboFix3.txt 2010-10-17 23:59 Pre-Run: 95,849,299,968 bytes free Post-Run: 95,830,499,328 bytes free - - End Of File - - 1BF5F70919A3C8FD56D45E2E1A88D78F

Profil

1l padr1n0 Poslao: 20 Okt 2010 23:21 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ocekujem da mi javis stanje racunara jer jos uvek nismo zavrsili slucaj! Dok cekam tvoj odgovor, zip-uj i upload-uj mi sledece foldere: C:\TDSSKiller_Quarantine C:\Qoobox\Quarantine preko ovog linka: http://www.mycity.rs/ambulanta-upload.php goran9888 (AMF Tim)

Profil

vladanstankovic Poslao: 21 Okt 2010 00:31 Idi na vrh
offline vladanstankovic Novi MyCity građanin Pridružio: 02 Dec 2007 Poruke: 7 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Gorane, definitivno je bolje stanje, brze se "podize" OS, aplikacije takodje, nema vise problema sa nesretnim"refresh"-om desktopa. Potrebno mi je jos neko vreme da vidim da li je 100% ok. Kazem ,definitivno treba jedan reinstall sistema ali trenutno (dok ne bekapujem preko 3TB podataka) ne mogu. Javicu jos za 30-ak sati da li je bolje. Da li da odradim jos neki scan sa Eset-om npr. Da li da defragmentisem diskove (trebalo bi za sigurno) i da sredim Registry malo? Uploadovao sam pre par minuta ovo sto si mi trazio, fajl je Archive.zip, tu su oba quarantina. Hvala jos jednom! Pozdrav Vlada

Profil

1l padr1n0 Poslao: 21 Okt 2010 20:45 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uspesno smo uklonili TDL3 infekciju ... Tvoj racunar je sada cist sto se malware-a tice. Detaljno isprati sledece uputstvo --------------------------------------------------------------------------------------- Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. --------------------------------------------------------------------------------------- Predlog: - Alate koje smo koristili u slucaju, slobodno mozes ukloniti sa racunara; - Ukoliko imas problema sa operativnim sistemom (usporen rad, itd) predlazem ti da otvoris novu temu u Windows delu foruma gde ces dobiti upute na koji nacin mozes rasteretiti Windows i ubrzati njegov rad: http://www.mycity.rs/Windows/ Ovom mojom porukom zavrsavamo diskusiju u ovoj temi. Hvala sto verujes AMF Timu Pozdrav, goran9888 (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Wuauclt.exe

Ko je trenutno na forumu

Ukupno su 638 korisnika na forumu :: 10 registrovanih, 4 sakrivenih i 624 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: darkojbn, Dorcolac, Istman, Lazarus, Marko Marković, miodrag, mrav pesadinac, Oscar2, suton, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by