MyCity » Ambulanta -> Arhiva Ambulante » avira mi signalizira ???

avira mi signalizira ???

Napisano na dan: 2.4.2009

Strana:
1
2

avira mi signalizira ???

Sledeća strana

Pagination

Odgovori

Strana:
1
2

robert40 Poslao: 02 Apr 2009 20:31 Idi na vrh
offline robert40 Novi MyCity građanin Pridružio: 02 Apr 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prvi sam puta na ovom forumu pa se ispričavam ako nešto pogriješim. Naime,dešava mi se da mi avira usred postanja po nekom forumu(ništa ne downloadujem) ili prilikom surfanja zvučno oglasi te se na kratko. Imam li problem? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:12:53, on 2.4.2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\T-Com Antidialer\T-Com Antidialer.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Users\robi\Desktop\picpick.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe E:\INSTALIRAJ\DAEMON Tools Lite\daemon.exe C:\Program Files\DNA\btdna.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\robi\Desktop\đigđag\TR3exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 78.2.15.21 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [tcomantidialerrun] C:\Program Files\T-Com Antidialer\T-Com Antidialer.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [PicPick Start] C:\Users\robi\Desktop\picpick.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\INSTALIRAJ\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\INSTAL~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - amazon.co.uk/exec/obidos/redirect-home?.....;site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\INSTAL~1\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 7511 bytes

Profil

helen1 Poslao: 02 Apr 2009 20:35 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, a sta oglasi, imas li neki log od Avire da mi pokazes?

Profil

robert40 Poslao: 02 Apr 2009 20:52 Idi na vrh
offline robert40 Novi MyCity građanin Pridružio: 02 Apr 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku!

Profil

helen1 Poslao: 02 Apr 2009 20:56 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Klikni desnim tasterom na Avira ikonicu ( ) u donjem, desnom uglu ekrana i deštikliraj AntiVir Guard Enable. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ------------------ Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

robert40 Poslao: 02 Apr 2009 20:58 Idi na vrh
offline robert40 Novi MyCity građanin Pridružio: 02 Apr 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sorry,malo sam smotan.Ništa ,ono da zvučni signal i nakratko,možda djelić sekunde se na desktopu pojavi kao avirin log i nestane.Inače ova dva što su na corelu tu i moraju biti jer inače ne radi ovaj treći je na 32-ci i mislim da je bolje da ga ne diram.Malware mi ništa ne pronalazi.

Profil

helen1 Poslao: 02 Apr 2009 20:59 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pa Avira ti verovatno prijavljuje krekove. Mislim da je ipak bolje da uradis kako sam ti ja rekao. Na tebi je da biras.

Profil

robert40 Poslao: 02 Apr 2009 21:09 Idi na vrh
offline robert40 Novi MyCity građanin Pridružio: 02 Apr 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-04-01.01 - robi 2009-04-02 20:02:03.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1033.18.2045.1038 [GMT 1:00] Running from: c:\users\robi\Desktop\SKINUTO\ComboFix.exe AV: Norton Internet Security On-access scanning enabled (Updated) FW: Norton Internet Security enabled * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2009-03-02 to 2009-04-02 ))))))))))))))))))))))))))))))) . 2009-04-02 20:00 . 2006-03-03 00:42 73,728 --a------ C:\pv.exe 2009-04-02 18:49 . 2009-04-02 18:49 <DIR> d-------- c:\program files\Trend Micro 2009-03-28 23:54 . 2009-03-28 23:54 <DIR> d-------- c:\users\robi\AppData\Roaming\toshiba 2009-03-28 00:33 . 2009-03-28 00:33 <DIR> d-------- c:\programdata\ashampoo 2009-03-28 00:33 . 2009-03-28 00:33 <DIR> d-------- c:\program files\Ashampoo 2009-03-27 16:23 . 2009-03-27 16:23 <DIR> d-------- c:\program files\Corel 2009-03-27 16:14 . 2009-03-27 16:14 <DIR> d-------- c:\programdata\NOS 2009-03-27 16:14 . 2009-03-27 16:14 <DIR> d-------- c:\program files\NOS 2009-03-26 23:40 . 2009-03-26 23:40 <DIR> d-------- c:\users\robi\AppData\Roaming\Corel 2009-03-26 22:51 . 2009-03-26 22:51 <DIR> d-------- c:\users\robi\AppData\Roaming\InstallShield 2009-03-26 22:50 . 2009-03-27 09:31 <DIR> d-------- c:\windows\System32\Working Keygen (CorelDraw Graphic Suite X4) 2009-03-26 22:41 . 2009-03-31 16:34 2,828 --ahs---- c:\programdata\KGyGaAvL.sys 2009-03-26 22:41 . 2009-03-31 16:34 88 -r-hs---- c:\programdata\0668744723.sys 2009-03-26 22:08 . 2009-03-26 22:08 <DIR> d-------- c:\program files\Microsoft ActiveSync 2009-03-26 21:59 . 2009-03-26 21:59 <DIR> d-------- c:\program files\Microsoft.NET 2009-03-24 13:08 . 2009-03-24 15:22 <DIR> d-------- c:\users\robi\AppData\Roaming\OnlineArmor 2009-03-24 13:08 . 2009-03-24 13:08 <DIR> d-------- c:\programdata\OnlineArmor 2009-03-23 17:23 . 2009-03-23 17:23 <DIR> d-------- c:\users\robi\AppData\Roaming\Avira 2009-03-23 16:52 . 2009-03-24 15:26 <DIR> d-------- c:\program files\CCleaner 2009-03-23 16:32 . 2009-03-24 15:26 <DIR> d-------- c:\program files\Glary Utilities 2009-03-23 14:08 . 2009-03-24 15:34 <DIR> d-------- c:\users\robi\AppData\Roaming\Desktopicon 2009-03-23 14:08 . 2009-03-25 02:30 <DIR> d-------- c:\program files\Unlocker 2009-03-23 12:13 . 2009-03-23 12:13 <DIR> d-------- c:\program files\Avira 2009-03-23 12:13 . 2009-03-23 12:12 55,640 --a------ c:\windows\System32\drivers\avgntflt.sys 2009-03-22 19:09 . 2009-03-22 19:09 <DIR> d-------- c:\program files\BTMPro 2009-03-22 18:40 . 2009-03-22 18:40 <DIR> d-------- c:\users\robi\AppData\Roaming\GlarySoft 2009-03-21 02:10 . 2009-04-02 19:01 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-21 02:10 . 2009-03-26 16:49 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-03-21 02:10 . 2009-03-26 16:49 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-03-21 00:09 . 2009-03-21 00:09 <DIR> d-------- c:\users\robi\AppData\Roaming\Malwarebytes 2009-03-21 00:09 . 2009-03-21 00:09 <DIR> d-------- c:\programdata\Malwarebytes 2009-03-20 02:23 . 2009-03-20 02:37 <DIR> d-------- c:\programdata\avg8 2009-03-19 19:13 . 2008-03-03 15:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg 2009-03-19 19:11 . 2009-03-19 19:11 <DIR> d-------- c:\programdata\ESET 2009-03-19 19:11 . 2009-03-19 19:11 <DIR> d-------- c:\program files\ESET 2009-03-19 19:01 . 2009-03-19 19:01 130 --ahs---- c:\windows\klif.spi 2009-03-19 18:59 . 2009-03-19 18:59 501 --a------ c:\windows\System32\%LocalXml% 2009-03-19 17:00 . 2009-03-19 19:14 <DIR> d-------- c:\programdata\Kaspersky Lab 2009-03-19 16:39 . 2009-03-19 16:39 <DIR> d-------- c:\programdata\Kaspersky Lab Setup Files 2009-03-19 16:15 . 2009-03-19 16:17 <DIR> d-------- c:\users\robi\AppData\Roaming\DriverCure 2009-03-19 16:15 . 2009-03-19 16:15 <DIR> d-------- c:\programdata\ParetoLogic 2009-03-19 16:15 . 2009-03-19 16:27 <DIR> d-------- c:\programdata\DriverCure 2009-03-19 16:15 . 2009-03-19 16:15 <DIR> d-------- c:\program files\Common Files\ParetoLogic 2009-03-13 18:40 . 2009-03-13 18:40 <DIR> d-------- c:\program files\Microsoft Silverlight 2009-03-13 18:32 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll 2009-03-13 18:32 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll 2009-03-13 18:32 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax 2009-03-13 18:32 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax 2009-03-13 18:32 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax 2009-03-12 18:57 . 2009-03-19 14:45 <DIR> d----c--- c:\windows\System32\DRVSTORE 2009-03-12 18:51 . 2009-03-12 18:51 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-03-12 18:51 . 2009-03-19 14:54 <DIR> d-------- c:\program files\Windows Live 2009-03-12 18:49 . 2009-03-12 18:49 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-03-10 19:31 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL 2009-03-10 19:31 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys 2009-03-10 19:31 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll 2009-03-10 19:31 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll 2009-03-10 19:31 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx 2009-03-10 19:31 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll 2009-03-09 21:13 . 2009-03-14 23:42 <DIR> d-------- C:\Temp . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-02 19:01 --------- d-----w c:\users\robi\AppData\Roaming\DNA 2009-04-02 13:55 --------- d-----w c:\users\robi\AppData\Roaming\uTorrent 2009-04-02 09:10 --------- d-----w c:\program files\DNA 2009-03-27 15:26 --------- d-----w c:\programdata\Corel 2009-03-24 14:26 --------- d-----w c:\program files\Windows Mail 2009-03-23 12:52 --------- d-----w c:\programdata\Symantec 2009-03-23 10:13 --------- d-----w c:\program files\7-Zip 2009-03-23 02:21 --------- d-----w c:\program files\Common Files\Symantec Shared 2009-03-23 00:11 --------- d-----w c:\programdata\Avira 2009-03-19 15:54 --------- d-----w c:\program files\Norton Internet Security 2009-03-19 15:40 --------- d-----w c:\program files\Symantec 2009-03-14 23:03 2,828 --sha-w c:\windows\System32\KGyGaAvL.sys 2009-03-13 16:24 --------- d-----w c:\program files\VS Revo Group 2009-03-13 16:11 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-13 16:11 --------- d-----w c:\program files\TOSHIBA 2009-03-09 20:10 --------- d-----w c:\program files\Common Files\Adobe 2009-03-07 15:20 --------- d-----w c:\users\robi\AppData\Roaming\EPSON 2009-02-06 23:58 --------- d-----w c:\programdata\FLEXnet 2009-02-06 23:12 --------- d-----w c:\program files\Common Files\Corel 2009-02-06 21:15 --------- d-----w c:\program files\Common Files\Protexis 2009-02-06 19:46 --------- d-----w c:\programdata\InstallShield 2009-02-04 22:42 --------- d-----w c:\program files\Common Files\Macrovision Shared 2009-01-15 06:11 827,392 ----a-w c:\windows\System32\wininet.dll 2009-01-11 17:20 682,280 ----a-w c:\windows\System32\pbsvc.exe 2009-01-11 17:19 22,328 ----a-w c:\users\robi\AppData\Roaming\PnkBstrK.sys 2009-01-11 17:19 107,832 ----a-w c:\users\robi\AppData\Roaming\PnkBstrB.exe 2009-01-11 02:13 174 --sha-w c:\program files\desktop.ini 2009-01-11 01:42 101,888 ----a-w c:\windows\System32\ifxcardm.dll 2009-01-11 01:41 82,432 ----a-w c:\windows\System32\axaltocm.dll 2009-01-11 00:28 47,560 ----a-w c:\windows\System32\SPReview.exe 2009-01-11 00:28 152,576 ----a-w c:\windows\System32\SPWizUI.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-01-13 270128] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184] "DAEMON Tools Lite"="e:\instaliraj\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-01-18 342848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136] "tcomantidialerrun"="c:\program files\T-Com Antidialer\T-Com Antidialer.exe" [2005-01-19 526120] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-23 209153] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "PicPick Start"="c:\users\robi\Desktop\picpick.exe" [2008-11-13 830464] "RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 c:\windows\RtHDVCpl.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm "msacm.divxa32"= msaud32_divx.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain] --a------ 2007-05-22 16:32 538744 c:\program files\TOSHIBA\FlashCards\TCrdMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] --a------ 2009-01-18 19:48 342848 c:\program files\DNA\btdna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software] --a------ 2007-05-22 10:50 413696 c:\program files\Camera Assistant Software for Toshiba\traybar.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-08-08 13:11 490952 e:\instaliraj\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView] --a------ 2007-04-03 16:52 509496 c:\program files\TOSHIBA\SmoothView\SmoothView.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVPWUTIL] --a------ 2006-03-22 20:42 438272 c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration] --a------ 2007-05-04 12:05 571024 c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{8411530D-117E-4992-850A-FCCF41418D34}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{4B8D25B8-CAAC-4413-B698-F1A57AE5A6AC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{C413F3BA-EBD2-42AA-A2C9-CC6A618A1211}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{7DCEEF4E-9A7C-4DE5-9786-ACCE64164295}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{9ADC918E-5864-46C5-9799-4D266006FBF1}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{D8E7D2B3-D0F1-45A5-BF30-BFD796D85AE3}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "{81D7C69A-AAB0-4B0E-AFB9-8DF3FA73598C}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{0D91E272-9180-47AF-AF39-CDC0350C8355}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{25B51C26-7F08-4767-B5BF-8C2C041D5E86}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync R0 CplIR;Embedded IR Driver;c:\windows\System32\drivers\CplIR.sys [2007-03-06 14848] R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2009-03-23 186625] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-03-23 108289] R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [2009-03-23 432897] R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2008-10-03 37936] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-27 101936] S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-03-27 33176] --- Other Services/Drivers In Memory --- NewlyCreated - COMHOST . Contents of the 'Scheduled Tasks' folder 2009-04-02 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2009-03-23 10:49] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - e:\instal~1\OFFICE11\EXCEL.EXE/3000 IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - rover.ebay.com/rover/1/710-44557-9400-3/4 IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - amazon.co.uk/exec/obidos/redirect-home?.....;site=home LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll FF - ProfilePath - c:\users\robi\AppData\Roaming\Mozilla\Firefox\Profiles\hbbgbz5u.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.hr/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll . ************************************************************************ catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-04-02 20:04:36 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-04-02 20:07:00 ComboFix-quarantined-files.txt 2009-04-02 19:06:56 Pre-Run: 90.986.217.472 bytes free Post-Run: 90,957,320,192 bytes free 216 --- E O F --- 2009-03-21 13:59:53

Profil

helen1 Poslao: 03 Apr 2009 00:01 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zasto nemas instaliran SP2 barem? Iskljuci Antivirus ponovo. Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\pv.exe` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

robert40 Poslao: 03 Apr 2009 17:03 Idi na vrh
offline robert40 Novi MyCity građanin Pridružio: 02 Apr 2009 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ako misliš updateove,visti sam omogićio da mi skida samo sigurnosne.Probat ću i sa SR2 loga: ComboFix 09-04-01.01 - robi 2009-04-03 15:55:16.4 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1033.18.2045.1278 [GMT 1:00] Running from: c:\users\robi\Desktop\SKINUTO\ComboFix.exe Command switches used :: c:\users\robi\Desktop\CFScript\1.txt * Created a new restore point FILE :: C:\pv.exe . ((((((((((((((((((((((((( Files Created from 2009-03-03 to 2009-04-03 ))))))))))))))))))))))))))))))) . 2009-04-02 21:32 . 2009-04-02 21:32 <DIR> d-------- c:\users\robi\AppData\Roaming\FastStone 2009-04-02 21:32 . 2009-04-02 21:32 <DIR> d-------- c:\program files\FastStone Capture 2009-04-02 18:49 . 2009-04-02 18:49 <DIR> d-------- c:\program files\Trend Micro 2009-03-28 23:54 . 2009-03-28 23:54 <DIR> d-------- c:\users\robi\AppData\Roaming\toshiba 2009-03-28 00:33 . 2009-03-28 00:33 <DIR> d-------- c:\programdata\ashampoo 2009-03-28 00:33 . 2009-03-28 00:33 <DIR> d-------- c:\program files\Ashampoo 2009-03-27 16:23 . 2009-03-27 16:23 <DIR> d-------- c:\program files\Corel 2009-03-27 16:14 . 2009-03-27 16:14 <DIR> d-------- c:\programdata\NOS 2009-03-27 16:14 . 2009-03-27 16:14 <DIR> d-------- c:\program files\NOS 2009-03-26 23:40 . 2009-03-26 23:40 <DIR> d-------- c:\users\robi\AppData\Roaming\Corel 2009-03-26 22:51 . 2009-03-26 22:51 <DIR> d-------- c:\users\robi\AppData\Roaming\InstallShield 2009-03-26 22:50 . 2009-03-27 09:31 <DIR> d-------- c:\windows\System32\Working Keygen (CorelDraw Graphic Suite X4) 2009-03-26 22:41 . 2009-03-31 16:34 2,828 --ahs---- c:\programdata\KGyGaAvL.sys 2009-03-26 22:41 . 2009-03-31 16:34 88 -r-hs---- c:\programdata\0668744723.sys 2009-03-26 22:08 . 2009-03-26 22:08 <DIR> d-------- c:\program files\Microsoft ActiveSync 2009-03-26 21:59 . 2009-03-26 21:59 <DIR> d-------- c:\program files\Microsoft.NET 2009-03-24 13:08 . 2009-03-24 15:22 <DIR> d-------- c:\users\robi\AppData\Roaming\OnlineArmor 2009-03-24 13:08 . 2009-03-24 13:08 <DIR> d-------- c:\programdata\OnlineArmor 2009-03-23 17:23 . 2009-03-23 17:23 <DIR> d-------- c:\users\robi\AppData\Roaming\Avira 2009-03-23 16:52 . 2009-03-24 15:26 <DIR> d-------- c:\program files\CCleaner 2009-03-23 16:32 . 2009-03-24 15:26 <DIR> d-------- c:\program files\Glary Utilities 2009-03-23 14:08 . 2009-03-24 15:34 <DIR> d-------- c:\users\robi\AppData\Roaming\Desktopicon 2009-03-23 14:08 . 2009-03-25 02:30 <DIR> d-------- c:\program files\Unlocker 2009-03-23 12:13 . 2009-03-23 12:13 <DIR> d-------- c:\program files\Avira 2009-03-23 12:13 . 2009-03-23 12:12 55,640 --a------ c:\windows\System32\drivers\avgntflt.sys 2009-03-22 19:09 . 2009-03-22 19:09 <DIR> d-------- c:\program files\BTMPro 2009-03-22 18:40 . 2009-03-22 18:40 <DIR> d-------- c:\users\robi\AppData\Roaming\GlarySoft 2009-03-21 02:10 . 2009-04-02 19:01 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-21 02:10 . 2009-03-26 16:49 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-03-21 02:10 . 2009-03-26 16:49 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-03-21 00:09 . 2009-03-21 00:09 <DIR> d-------- c:\users\robi\AppData\Roaming\Malwarebytes 2009-03-21 00:09 . 2009-03-21 00:09 <DIR> d-------- c:\programdata\Malwarebytes 2009-03-20 02:23 . 2009-03-20 02:37 <DIR> d-------- c:\programdata\avg8 2009-03-19 19:13 . 2008-03-03 15:25 5,702 --ah----- c:\windows\nod32restoretemdono.reg 2009-03-19 19:11 . 2009-03-19 19:11 <DIR> d-------- c:\programdata\ESET 2009-03-19 19:11 . 2009-03-19 19:11 <DIR> d-------- c:\program files\ESET 2009-03-19 19:01 . 2009-03-19 19:01 130 --ahs---- c:\windows\klif.spi 2009-03-19 18:59 . 2009-03-19 18:59 501 --a------ c:\windows\System32\%LocalXml% 2009-03-19 17:00 . 2009-03-19 19:14 <DIR> d-------- c:\programdata\Kaspersky Lab 2009-03-19 16:39 . 2009-03-19 16:39 <DIR> d-------- c:\programdata\Kaspersky Lab Setup Files 2009-03-19 16:15 . 2009-03-19 16:17 <DIR> d-------- c:\users\robi\AppData\Roaming\DriverCure 2009-03-19 16:15 . 2009-03-19 16:15 <DIR> d-------- c:\programdata\ParetoLogic 2009-03-19 16:15 . 2009-03-19 16:27 <DIR> d-------- c:\programdata\DriverCure 2009-03-19 16:15 . 2009-03-19 16:15 <DIR> d-------- c:\program files\Common Files\ParetoLogic 2009-03-13 18:40 . 2009-03-13 18:40 <DIR> d-------- c:\program files\Microsoft Silverlight 2009-03-13 18:32 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll 2009-03-13 18:32 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll 2009-03-13 18:32 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax 2009-03-13 18:32 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax 2009-03-13 18:32 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax 2009-03-12 18:57 . 2009-03-19 14:45 <DIR> d----c--- c:\windows\System32\DRVSTORE 2009-03-12 18:51 . 2009-03-12 18:51 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-03-12 18:51 . 2009-03-19 14:54 <DIR> d-------- c:\program files\Windows Live 2009-03-12 18:49 . 2009-03-12 18:49 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-03-10 19:31 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL 2009-03-10 19:31 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys 2009-03-10 19:31 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll 2009-03-10 19:31 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll 2009-03-10 19:31 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx 2009-03-10 19:31 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll 2009-03-09 21:13 . 2009-03-14 23:42 <DIR> d-------- C:\Temp . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-03 14:52 --------- d-----w c:\users\robi\AppData\Roaming\uTorrent 2009-04-03 14:52 --------- d-----w c:\users\robi\AppData\Roaming\DNA 2009-04-03 14:32 --------- d-----w c:\program files\DNA 2009-04-02 19:45 --------- d-----w c:\programdata\Symantec 2009-03-27 15:26 --------- d-----w c:\programdata\Corel 2009-03-24 14:26 --------- d-----w c:\program files\Windows Mail 2009-03-23 10:13 --------- d-----w c:\program files\7-Zip 2009-03-23 00:11 --------- d-----w c:\programdata\Avira 2009-03-14 23:03 2,828 --sha-w c:\windows\System32\KGyGaAvL.sys 2009-03-13 16:24 --------- d-----w c:\program files\VS Revo Group 2009-03-13 16:11 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-13 16:11 --------- d-----w c:\program files\TOSHIBA 2009-03-09 20:10 --------- d-----w c:\program files\Common Files\Adobe 2009-03-07 15:20 --------- d-----w c:\users\robi\AppData\Roaming\EPSON 2009-02-06 23:58 --------- d-----w c:\programdata\FLEXnet 2009-02-06 23:12 --------- d-----w c:\program files\Common Files\Corel 2009-02-06 21:15 --------- d-----w c:\program files\Common Files\Protexis 2009-02-06 19:46 --------- d-----w c:\programdata\InstallShield 2009-02-04 22:42 --------- d-----w c:\program files\Common Files\Macrovision Shared 2009-01-15 06:11 827,392 ----a-w c:\windows\System32\wininet.dll 2009-01-11 17:20 682,280 ----a-w c:\windows\System32\pbsvc.exe 2009-01-11 17:19 22,328 ----a-w c:\users\robi\AppData\Roaming\PnkBstrK.sys 2009-01-11 17:19 107,832 ----a-w c:\users\robi\AppData\Roaming\PnkBstrB.exe 2009-01-11 02:13 174 --sha-w c:\program files\desktop.ini 2009-01-11 01:42 101,888 ----a-w c:\windows\System32\ifxcardm.dll 2009-01-11 01:41 82,432 ----a-w c:\windows\System32\axaltocm.dll 2009-01-11 00:28 47,560 ----a-w c:\windows\System32\SPReview.exe 2009-01-11 00:28 152,576 ----a-w c:\windows\System32\SPWizUI.dll . ((((((((((((((((((((((((((((( SnapShot@2009-04-02_20.05.13,70 ))))))))))))))))))))))))))))))))))))))))) . - 2009-04-01 00:04:04 3,183,512 ----a-w c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2009-04-03 14:17:58 3,183,512 ----a-w c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2009-04-02 09:11:47 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-04-03 14:33:35 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-04-03 14:33:35 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2009-04-02 09:11:52 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2009-04-03 14:33:41 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT - 2009-04-02 09:10:24 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-04-03 14:32:08 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-04-02 09:10:24 65,536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-04-03 14:32:08 65,536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-04-02 09:10:24 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-04-03 14:32:08 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-04-02 09:16:39 102,094 ----a-w c:\windows\System32\perfc009.dat + 2009-04-03 14:36:57 102,094 ----a-w c:\windows\System32\perfc009.dat - 2009-04-02 09:16:39 590,082 ----a-w c:\windows\System32\perfh009.dat + 2009-04-03 14:36:57 590,082 ----a-w c:\windows\System32\perfh009.dat - 2009-04-02 09:12:06 9,836 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1884948838-3747584591-1098956581-1000_UserData.bin + 2009-04-03 12:37:28 9,868 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1884948838-3747584591-1098956581-1000_UserData.bin - 2009-04-02 09:12:06 97,058 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-04-03 14:33:46 97,260 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2009-04-02 09:12:05 53,948 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-04-03 14:33:45 53,964 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-03-31 17:24:33 350,648 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-04-03 13:34:50 352,404 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-01-13 270128] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184] "DAEMON Tools Lite"="e:\instaliraj\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-01-18 342848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136] "tcomantidialerrun"="c:\program files\T-Com Antidialer\T-Com Antidialer.exe" [2005-01-19 526120] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-23 209153] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 c:\windows\RtHDVCpl.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm "msacm.divxa32"= msaud32_divx.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain] --a------ 2007-05-22 16:32 538744 c:\program files\TOSHIBA\FlashCards\TCrdMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] --a------ 2009-01-18 19:48 342848 c:\program files\DNA\btdna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software] --a------ 2007-05-22 10:50 413696 c:\program files\Camera Assistant Software for Toshiba\traybar.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-08-08 13:11 490952 e:\instaliraj\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView] --a------ 2007-04-03 16:52 509496 c:\program files\TOSHIBA\SmoothView\SmoothView.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVPWUTIL] --a------ 2006-03-22 20:42 438272 c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration] --a------ 2007-05-04 12:05 571024 c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{8411530D-117E-4992-850A-FCCF41418D34}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{4B8D25B8-CAAC-4413-B698-F1A57AE5A6AC}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{C413F3BA-EBD2-42AA-A2C9-CC6A618A1211}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{7DCEEF4E-9A7C-4DE5-9786-ACCE64164295}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{9ADC918E-5864-46C5-9799-4D266006FBF1}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{D8E7D2B3-D0F1-45A5-BF30-BFD796D85AE3}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "{81D7C69A-AAB0-4B0E-AFB9-8DF3FA73598C}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{0D91E272-9180-47AF-AF39-CDC0350C8355}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{25B51C26-7F08-4767-B5BF-8C2C041D5E86}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{B3EA3204-BF0E-4E84-8C1E-F88004B91780}"= UDP:c:\users\robi\AppData\Local\Temp\7zSB601.tmp\SymNRT.exe:Norton Removal Tool "{0B4DD26C-6B63-4E68-B49E-DFB1B6EAF984}"= TCP:c:\users\robi\AppData\Local\Temp\7zSB601.tmp\SymNRT.exe:Norton Removal Tool R0 CplIR;Embedded IR Driver;c:\windows\System32\drivers\CplIR.sys [2007-03-06 14848] R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2009-03-23 186625] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-03-23 108289] R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [2009-03-23 432897] S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-03-27 33176] . Contents of the 'Scheduled Tasks' folder 2009-04-03 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2009-03-23 10:49] . - - - - ORPHANS REMOVED - - - - HKLM-Run-PicPick Start - c:\users\robi\Desktop\picpick.exe . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - e:\instal~1\OFFICE11\EXCEL.EXE/3000 IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - rover.ebay.com/rover/1/710-44557-9400-3/4 IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - amazon.co.uk/exec/obidos/redirect-home?.....;site=home LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll FF - ProfilePath - c:\users\robi\AppData\Roaming\Mozilla\Firefox\Profiles\hbbgbz5u.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.hr/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll . ************************************************************************ catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-04-03 15:56:43 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-04-03 15:58:39 ComboFix-quarantined-files.txt 2009-04-03 14:58:37 ComboFix2.txt 2009-04-02 19:07:01 Pre-Run: 87,670,804,480 bytes free Post-Run: 87,649,812,480 bytes free 243 --- E O F --- 2009-03-21 13:59:53

Profil

helen1 Poslao: 03 Apr 2009 21:26 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to. Uradi jos ovo: Deinstalacija ComboFix-a: Klikni START a zatim RUN. U liniju za unos teksta ukucaj (iskopiraj) sledeće: Combofix /u a zatim klikni OK. Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » avira mi signalizira ???

Ko je trenutno na forumu

Ukupno su 836 korisnika na forumu :: 49 registrovanih, 5 sakrivenih i 782 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Andrija357, Areal84, arton, babaroga, bankulen, Bubimir, cavatina, Dimitrise93, Djole, DPera, FileFinder, flash12, Griffon vulture, havoc995, hologram, ikan, JOntra, Karla, kolle.the.kid, Kubovac, kunktator, Marko Marković, mercedesamg, mile23, moldway, Motocar, nenad81, NoOneEver Dreams, nuke92, oldtimer, opt1, pacika, Panter, Pohovani_00, Ripanjac, Sale.S, sasa76, Shinobi, Simon simonović, Srle993, StepskiVuk, vlad4, VP6919, YugoSlav, zziko, |_MeD_|, šumar bk2, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by