spor kompjuter

spor kompjuter

offline
  • Pridružio: 03 Jan 2011
  • Poruke: 4

Napisano: 03 Jan 2011 20:13

mnogo koci



DDS (Ver_10-12-12.02) - NTFSx86
Run by Marina at 17:31:43,95 on pon 03.01.2011
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.20 [GMT 1:00]

AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Documents and Settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marina\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Documents and Settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Marina\My Documents\Downloads\dds (1).scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.iminent.com/?appId=F8470122-A633-46FF-AB7C-39C5B17B65B4
mSearchAssistant = hxxp://start.facemoods.com/?a=ssm&s={searchTerms}&f=4
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
uURLSearchHooks: Hunt TB Toolbar: {d3f4b70a-92e0-4393-a0f3-976d03b1ebf5} - c:\program files\hunt_tb\tbHunt.dll
uURLSearchHooks: Iminent.BHO.NavigationError: {84ff7bd6-b47f-46f8-9130-01b2696b36cb} - c:\program files\iminent\searchtheweb\Iminent.BHO.NavigationError.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\program files\bearshare applications\mediabar\toolbar\BearshareMediabarDx.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
BHO: TBSB01620 Class: {58124a0b-dc32-4180-9bff-e0e21ae34026} - c:\program files\iminent toolbar\tbcore3.dll
BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\program files\bearshare applications\mediabar\datamngr\IEBHO.dll
BHO: Iminent.BHO.NavigationError: {84ff7bd6-b47f-46f8-9130-01b2696b36cb} - c:\program files\iminent\searchtheweb\Iminent.BHO.NavigationError.dll
BHO: Windows Live pomagac za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: IMinent WebBooster (BHO): {a09ab6eb-31b5-454c-97ec-9b294d92ee2a} - c:\program files\iminent\imbooster4web\Iminent.WebBooster.dll
BHO: Hunt TB Toolbar: {d3f4b70a-92e0-4393-a0f3-976d03b1ebf5} - c:\program files\hunt_tb\tbHunt.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\program files\bearshare applications\mediabar\toolbar\BearshareMediabarDx.dll
TB: Hunt TB Toolbar: {d3f4b70a-92e0-4393-a0f3-976d03b1ebf5} - c:\program files\hunt_tb\tbHunt.dll
TB: IMinent Toolbar: {977ae9cc-af83-45e8-9e03-e2798216e2d5} - c:\program files\iminent toolbar\tbcore3.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Google Update] "c:\documents and settings\marina\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRunOnce: [.IMinentUpdate] c:\docume~1\marina\locals~1\temp\NotifierSetup.exe
mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [AutorunRemover.exe] c:\program files\autorunremover\AutorunRemover.exe -Hide
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DataMngr] c:\progra~1\bearsh~1\mediabar\datamngr\DataMngrUI.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [IMBooster] c:\program files\iminent\imbooster\imbooster.exe /warmup
mRun: [Iminent.Notifier] c:\program files\iminent\searchtheweb\Iminent.Notifier.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: &Download All using 4shared Desktop - c:\program files\4shared desktop\down_all.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: c:\progra~1\bearsh~1\mediabar\datamngr\datamngr.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\marina\applic~1\mozilla\firefox\profiles\fr95jksn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - SearchTheWeb
FF - prefs.js: browser.startup.homepage - hxxp://search.iminent.com/?appId=f8470122-a633-46ff-ab7c-39c5b17b65b4&lcid=2074&ref=homepage
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&q=
FF - component: c:\documents and settings\marina\application data\mozilla\firefox\profiles\fr95jksn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\marina\application data\mozilla\firefox\profiles\fr95jksn.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\marina\application data\mozilla\firefox\profiles\fr95jksn.default\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444}\components\Engine.dll
FF - component: c:\program files\mozilla firefox\extensions\webbooster@iminent.com\components\Iminent.XPCOM.dll
FF - plugin: c:\documents and settings\marina\application data\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Iminent WebBooster: webbooster@iminent.com - c:\program files\mozilla firefox\extensions\webbooster@iminent.com
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: MediaBar: {E84D42CA-64EB-11DE-A65F-8C3656D89593} - %profile%\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
FF - Ext: IMinent Toolbar: {C9B68337-E93A-44EA-94DC-CB300EC06444} - %profile%\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2010-12-31 23:48:49 -------- d-----w- c:\docume~1\alluse~1\applic~1\309C
2010-12-20 22:14:23 -------- d-----w- c:\docume~1\marina\locals~1\applic~1\Graboid_Inc
2010-12-20 22:14:02 -------- d-----w- c:\docume~1\marina\locals~1\applic~1\Graboid
2010-12-20 22:13:35 -------- d-----w- c:\docume~1\marina\locals~1\applic~1\Geckofx
2010-12-20 21:59:23 -------- d-----w- c:\program files\VideoLAN
2010-12-20 21:58:05 -------- d-----w- c:\program files\Graboid
2010-12-10 23:41:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Iminent
2010-12-10 23:39:47 24576 ----a-w- c:\program files\mozilla firefox\extensions\webbooster@iminent.com\components\Iminent.XPCOM.dll

==================== Find3M ====================


============= FINISH: 17:33:15,93 ===============





Dopuna: 03 Jan 2011 20:20

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 03 Jan 2011 20:21

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Pozdrav i dobrodošla na MyCity. Smile


Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 03 Jan 2011
  • Poruke: 4

ComboFix 11-01-03.01 - Marina 03.01.2011 21:52:20.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.108 [GMT 1:00]
Running from: c:\documents and settings\Marina\My Documents\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Marina\Application Data\facemoods.com
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat

.
((((((((((((((((((((((((( Files Created from 2010-12-03 to 2011-01-03 )))))))))))))))))))))))))))))))
.

2010-12-31 23:48 . 2010-12-31 23:48 -------- d-----w- c:\documents and settings\All Users\Application Data\309C
2010-12-20 22:18 . 2010-12-20 22:18 -------- d-----w- c:\documents and settings\Marina\Application Data\vlc
2010-12-20 22:14 . 2010-12-20 22:14 -------- d-----w- c:\documents and settings\Marina\Local Settings\Application Data\Graboid
2010-12-20 22:13 . 2010-12-20 22:13 -------- d-----w- c:\documents and settings\Marina\Local Settings\Application Data\Geckofx
2010-12-20 21:59 . 2010-12-20 21:59 -------- d-----w- c:\program files\VideoLAN
2010-12-20 21:58 . 2010-12-20 22:12 -------- d-----w- c:\program files\Graboid
2010-12-10 23:41 . 2010-12-10 23:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Iminent
2010-12-10 23:39 . 2010-08-17 11:06 24576 ----a-w- c:\program files\Mozilla Firefox\extensions\webbooster@iminent.com\components\Iminent.XPCOM.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
"{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}"= "c:\program files\Hunt_TB\tbHunt.dll" [2010-06-13 2734688]
"{84FF7BD6-B47F-46F8-9130-01B2696B36CB}"= "c:\program files\Iminent\SearchTheWeb\Iminent.BHO.NavigationError.dll" [2010-11-12 111608]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}]

[HKEY_CLASSES_ROOT\clsid\{84ff7bd6-b47f-46f8-9130-01b2696b36cb}]
[HKEY_CLASSES_ROOT\IminentBHONavigationError.CHelperBHO.1]
[HKEY_CLASSES_ROOT\TypeLib\{59E6E159-57CC-4DA5-8700-2AD17DC31DD1}]
[HKEY_CLASSES_ROOT\IminentBHONavigationError.CHelperBHO]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-12-20 09:51 87480 ----a-w- c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-03-17 13:45 2355224 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
2010-07-02 07:54 2607872 ----a-w- c:\program files\IMinent Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2010-06-06 14:38 392112 ----a-w- c:\program files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
2010-11-12 08:09 111608 ----a-w- c:\program files\Iminent\SearchTheWeb\Iminent.BHO.NavigationError.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\Hunt_TB\tbHunt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 13:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 87480]
"{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}"= "c:\program files\Hunt_TB\tbHunt.dll" [2010-06-13 2734688]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CLASSES_ROOT\clsid\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}]

[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-03-17 2355224]
"{D3F4B70A-92E0-4393-A0F3-976D03B1EBF5}"= "c:\program files\Hunt_TB\tbHunt.dll" [2010-06-13 2734688]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}]

[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Google Update"="c:\documents and settings\Marina\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-22 136176]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AutorunRemover.exe"="c:\program files\AutorunRemover\AutorunRemover.exe" [2010-06-20 1257472]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DataMngr"="c:\progra~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe" [2010-06-06 796600]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"IMBooster"="c:\program files\Iminent\IMBooster\imbooster.exe" [2010-11-19 1323000]
"Iminent.Notifier"="c:\program files\Iminent\SearchTheWeb\Iminent.Notifier.exe" [2010-11-12 536056]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.6.2010 16:10 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14.5.2009 14:49 94360]
R3 ULI5261;ULi Based Ethernet NT Driver;c:\windows\system32\drivers\ULILAN.SYS [20.6.2010 16:01 28160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2011-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-796845957-2052111302-682003330-1003Core.job
- c:\documents and settings\Marina\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-22 14:49]

2011-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-796845957-2052111302-682003330-1003UA.job
- c:\documents and settings\Marina\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-22 14:49]

2011-01-03 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-26 13:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.iminent.com/?appId=F8470122-A633-46FF-AB7C-39C5B17B65B4
IE: &Download All using 4shared Desktop - c:\program files\4shared Desktop\down_all.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Marina\Application Data\Mozilla\Firefox\Profiles\fr95jksn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - SearchTheWeb
FF - prefs.js: browser.startup.homepage - hxxp://search.iminent.com/?appId=f8470122-a633-46ff-ab7c-39c5b17b65b4&lcid=2074&ref=homepage
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Iminent WebBooster: webbooster@iminent.com - c:\program files\Mozilla Firefox\extensions\webbooster@iminent.com
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: MediaBar: {E84D42CA-64EB-11DE-A65F-8C3656D89593} - %profile%\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
FF - Ext: IMinent Toolbar: {C9B68337-E93A-44EA-94DC-CB300EC06444} - %profile%\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2011-01-03 22:01
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\docume~1\Marina\LOCALS~1\Temp\etilqs_S4uOaZxFo1PKKFgqP6hS 0 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.0.437.0"
"UniqueId"="000BC52F4C1E3074"
"ScannerBuild"=dword:00001329
"ScannerVersionId"=dword:00000feb
"ScannerVersion"="Open window for status."
"FixId"=dword:00000007
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3196)
c:\program files\Iminent\IMBooster\Iminent.WinCore.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\documents and settings\Marina\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe
c:\documents and settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\windows\system32\wscntfy.exe
c:\documents and settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
c:\documents and settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
c:\documents and settings\Marina\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system32\DllHost.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2011-01-03 22:31:57 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-03 21:31

Pre-Run: 2.536.693.760 bytes free
Post-Run: 2.411.651.072 bytes free

- - End Of File - - 82634622A4806FF1234568FC19702E06

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Izvini na čekanju.


Kakvo je sada stanje?

offline
  • Pridružio: 03 Jan 2011
  • Poruke: 4

nista... stanje je isto

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Tvoj problem nije vezan za maliciozne programe.


Sistemska particija ti je skoro puna, tako da i to može biti uzrok problema.

Ukloni sve što ti nije potrebno sa te particije;

Počisti sa CCleaner-om http://www.piriform.com/ccleaner

Odradi defragmentaciju diska.


U svakom slučaju ako ni ovo ne pomogne slobodno otvori temu u Windows delu foruma, jer Ambulanta služi isključivo za rešavanje problema vezanih za maliciozne programe.

http://www.mycity.rs/Windows/



----------------------------------------------

Isprati još sledeće...



Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.

offline
  • Pridružio: 03 Jan 2011
  • Poruke: 4

vazi hvala ti puno

Ko je trenutno na forumu
 

Ukupno su 599 korisnika na forumu :: 13 registrovanih, 2 sakrivenih i 584 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Dorcolac, HrcAk47, ivan979, ivica976, ljubo70, maCvele, MB120mm, Mixelotti, sifogiannis, suton, Trpe Grozni, uruk, 223223