MyCity » Ambulanta -> Arhiva Ambulante » task menager problem..

task menager problem..

Napisano na dan: 24.9.2009
3

task menager problem..
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 28 Sep 2009 16:11
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

ComboFix 09-09-25.01 - XPPRESP3 28.09.2009 15:56.4.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.2046.1362 [GMT 2:00]
Running from: f:\documents and settings\XPPRESP3\Desktop\ComboFix.exe
Command switches used :: f:\documents and settings\XPPRESP3\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SEEKAPPSRCH_SERVICE
-------\Service_SeekappSrch Service


((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-28 )))))))))))))))))))))))))))))))
.

2009-09-24 21:10 . 2009-09-24 21:10 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Folding@home-gpu
2009-09-24 21:10 . 2009-09-24 21:10 -------- d-----w- f:\program files\Folding@home
2009-09-24 20:14 . 2009-09-10 12:54 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2009-09-24 20:14 . 2009-09-24 20:14 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
2009-09-24 20:14 . 2009-09-10 12:53 19160 ----a-w- f:\windows\system32\drivers\mbam.sys
2009-09-23 20:37 . 2009-09-24 21:11 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\AskToolbar
2009-09-23 20:37 . 2009-09-23 20:37 -------- d-----w- f:\program files\VersalSoft
2009-09-23 20:37 . 2009-09-23 20:37 -------- d-----w- f:\program files\Universal
2009-09-21 22:32 . 2009-09-21 22:32 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Windows Search
2009-09-21 22:19 . 2009-09-21 22:19 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Windows Desktop Search
2009-09-21 22:19 . 2009-09-22 15:36 -------- d-----w- f:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2009-09-21 22:19 . 2009-09-21 22:19 -------- d-----w- f:\program files\Windows Desktop Search
2009-09-21 22:18 . 2008-03-07 16:56 98304 -c----w- f:\windows\system32\dllcache\nlhtml.dll
2009-09-21 22:18 . 2008-03-07 16:56 29696 -c----w- f:\windows\system32\dllcache\mimefilt.dll
2009-09-21 22:18 . 2008-03-07 16:56 192000 -c----w- f:\windows\system32\dllcache\offfilt.dll
2009-09-21 22:18 . 2009-09-21 22:18 -------- d--h--w- f:\windows\$hf_mig$
2009-09-21 18:50 . 2009-09-21 18:50 -------- d-----w- f:\program files\MultiScreen
2009-09-17 19:42 . 2009-09-17 19:42 -------- d-----w- f:\program files\Common Files\xing shared
2009-09-05 08:49 . 2009-09-05 09:04 -------- d-----w- F:\Dev-Cpp
2009-09-04 15:43 . 2009-09-05 08:37 -------- d-----w- f:\program files\DS Clock

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-28 14:03 . 2009-04-18 16:15 -------- d-----w- f:\program files\DNA
2009-09-28 14:03 . 2009-04-18 16:15 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\DNA
2009-09-28 13:48 . 2009-04-14 17:38 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Skype
2009-09-28 13:09 . 2009-06-06 11:28 -------- d-----w- f:\documents and settings\All Users\Application Data\HDD Thermometer
2009-09-25 19:55 . 2009-04-21 17:36 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\BitTorrent
2009-09-21 21:48 . 2009-04-30 20:25 -------- d-----w- f:\program files\Opera
2009-09-21 19:02 . 2009-07-06 19:46 -------- d-----w- f:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-19 21:32 . 2009-09-07 21:00 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\vlc
2009-09-17 19:42 . 2009-04-18 15:53 -------- d-----w- f:\program files\Common Files\Real
2009-09-15 21:35 . 2009-06-17 21:19 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Vso
2009-09-15 21:35 . 2009-06-17 21:20 47360 ----a-w- f:\documents and settings\XPPRESP3\Application Data\pcouffin.sys
2009-09-15 21:34 . 2009-09-15 21:33 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
2009-09-15 21:28 . 2009-09-15 21:28 -------- d-----w- f:\program files\Ask.com
2009-09-15 10:00 . 2009-04-15 18:57 -------- d-----w- f:\program files\Spybot - Search & Destroy
2009-09-14 19:29 . 2009-04-17 18:21 -------- d-----w- f:\documents and settings\All Users\Application Data\Installations
2009-09-14 19:29 . 2009-04-28 16:38 -------- d-----w- f:\program files\Common Files\Nokia
2009-09-14 19:29 . 2009-04-17 18:21 -------- d-----w- f:\program files\Nokia
2009-09-14 17:26 . 2009-07-12 20:23 2516 --sha-w- f:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2009-09-14 17:26 . 2009-07-12 20:23 88 --sh--r- f:\documents and settings\All Users\Application Data\4353A6A8EB.sys
2009-09-14 16:15 . 2009-09-14 16:15 -------- d-----w- f:\program files\Common Files\ATI Technologies
2009-09-14 16:15 . 2009-09-14 16:15 -------- d-----w- f:\program files\USB TV
2009-09-14 16:15 . 2009-04-14 12:51 -------- d--h--w- f:\program files\InstallShield Installation Information
2009-09-13 19:42 . 2009-09-13 19:42 -------- d-----w- f:\documents and settings\All Users\Application Data\ATI
2009-09-13 19:40 . 2009-04-15 02:07 -------- d-----w- f:\program files\ATI Technologies
2009-09-07 20:10 . 2009-09-07 20:10 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\MozillaControl
2009-09-07 20:10 . 2009-09-07 20:10 -------- d-----w- f:\program files\Mozilla ActiveX Control v1.7.12
2009-09-07 20:10 . 2009-09-07 20:07 -------- d-----w- f:\program files\Graboid
2009-09-07 19:15 . 2003-02-21 08:42 348160 ----a-w- f:\windows\system32\msvcr71.dll
2009-09-05 18:16 . 2009-04-14 19:20 -------- d-----w- f:\program files\Microsoft Silverlight
2009-09-05 10:15 . 2009-06-22 21:16 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Dev-Cpp
2009-09-04 16:07 . 2009-07-15 14:33 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\BITRAR
2009-08-27 14:51 . 2009-06-03 13:31 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Apple Computer
2009-08-26 21:13 . 2009-06-06 16:03 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Ahead
2009-08-26 21:09 . 2009-08-26 21:09 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Sony
2009-08-26 21:09 . 2009-08-26 21:09 -------- d-----w- f:\documents and settings\All Users\Application Data\Sony
2009-08-26 21:07 . 2009-08-26 21:07 -------- d-----w- f:\program files\Sony
2009-08-26 21:07 . 2009-08-26 20:29 -------- d-----w- f:\program files\Sony Ericsson
2009-08-26 21:06 . 2009-08-26 21:06 -------- d-----w- f:\program files\QuickTime
2009-08-26 20:33 . 2009-08-26 20:30 -------- d-----w- f:\program files\Avanquest update
2009-08-26 20:30 . 2009-08-26 20:30 -------- d-----w- f:\documents and settings\All Users\Application Data\BVRP Software
2009-08-26 20:29 . 2009-08-26 20:29 -------- d-----w- f:\documents and settings\All Users\Application Data\Sony Ericsson
2009-08-25 19:25 . 2009-06-02 09:46 -------- d-----w- f:\program files\Java
2009-08-22 11:28 . 2009-08-22 11:28 -------- d-----w- f:\program files\Folder Password Expert
2009-08-22 11:09 . 2009-08-22 11:09 -------- d-----w- f:\documents and settings\All Users\Application Data\ZA_PreservedFiles
2009-08-22 10:49 . 2009-08-22 10:44 4212 ---ha-w- f:\windows\system32\zllictbl.dat
2009-08-21 16:24 . 2009-04-13 16:13 -------- d-----w- f:\program files\K-Lite Codec Pack
2009-08-21 12:12 . 2009-04-13 16:13 -------- d-----w- f:\documents and settings\All Users\Application Data\Apple Computer
2009-08-17 19:09 . 2009-05-31 12:34 10 ----a-w- f:\windows\popcinfo.dat
2009-08-10 20:26 . 2009-07-25 19:58 2680 ----a-w- f:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-08-08 18:55 . 2009-04-14 17:55 1324 ----a-w- f:\windows\system32\d3d9caps.dat
2009-08-05 10:03 . 2009-04-15 19:14 55656 ----a-w- f:\windows\system32\drivers\avgntflt.sys
2009-08-01 17:11 . 2009-04-17 11:19 -------- d-----w- f:\program files\Picasa2
2009-08-01 07:50 . 2009-08-01 07:50 -------- d-----w- f:\program files\MagicTune
2009-07-25 21:12 . 2009-04-14 18:44 87560 ----a-w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-25 03:23 . 2009-06-01 20:15 411368 ----a-w- f:\windows\system32\deploytk.dll
2003-12-06 20:12 . 2003-12-06 20:12 121856 --sha-w- f:\windows\system32\fpplock.exe
.

------- Sigcheck -------

[-] 2005-07-13 . 0601F83F6784C220EE302F03F702316E . 360448 . . [5.1.2600.2688] . . f:\windows\system32\drivers\tcpip.sys


f:\windows\system32\wscntfy.exe ... is missing !!
.
((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-28 14:02 . 2009-09-28 14:02 16384 f:\windows\system32\config\systemprofile\Local Settings\temp\Perflib_Perfdata_6ac.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-04-02 17:50 809864 ----a-w- f:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "f:\program files\Ask.com\GenericAskToolbar.dll" [2009-04-02 809864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "f:\program files\Ask.com\GenericAskToolbar.dll" [2009-04-02 809864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="f:\program files\Skype\Phone\Skype.exe" [2009-03-27 24103720]
"BitTorrent DNA"="f:\program files\DNA\btdna.exe" [2009-04-18 321344]
"Google Update"="f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-16 133104]
"msnmsgr"="f:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Sony Ericsson PC Suite"="f:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"PC Suite Tray"="f:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"RSD_HDDThermo"="f:\program files\HDD Thermometer\HDD Thermometer.exe" [2004-05-30 213504]
"Picasa Media Detector"="f:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="f:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-12-16 94208]
"ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="f:\windows\system32\dumprep 0 -u" [X]
"NokiaMServer"="f:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"TWCU"="f:\program files\TP-LINK\TWCU\TWCU.exe" [2006-10-17 380928]
"PAC7302_Monitor"="f:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"googletalk"="f:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"avgnt"="f:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"AppleSyncNotifier"="f:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-20 177472]
"StatusClient"="f:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="f:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"ISUSPM Startup"="f:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"ISUSScheduler"="f:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"SunJavaUpdateSched"="f:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"QuickTime Task"="f:\program files\K-Lite Codec Pack\QuickTime\QTTask.exe" [2007-10-19 286720]
"StartCCC"="f:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-27 61440]
"TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-17 198160]
"NokiaMusic FastStart"="f:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-22 2331936]
"kX Mixer"="f:\windows\system32\kxmixer.exe" [2004-02-16 438784]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"Malwarebytes Anti-Malware (reboot)"="f:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"WINDVDPatch"="CTHELPER.EXE" - f:\windows\system32\CTHELPER.EXE [2002-07-02 24576]
"Warning: do not remove it!"="fpplock.exe" - f:\windows\system32\fpplock.exe [2003-12-06 121856]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="f:\windows\system32\ctfmon.exe" [2004-08-04 15360]

f:\documents and settings\XPPRESP3\Start Menu\Programs\Startup\
[Link mogu videti samo ulogovani korisnici] - f:\documents and settings\XPPRESP3\Application Data\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_98830A63A82EB98D7BA198.exe [2009-9-24 98477]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "f:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"f:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"f:\\Program Files\\DNA\\btdna.exe"=
"f:\\Program Files\\BitTorrent\\bittorrent.exe"=
"f:\\Documents and Settings\\XPPRESP3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"f:\\Documents and Settings\\XPPRESP3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\ed2kcontrol.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\BITRAR.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\ed2k.exe"=
"f:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"f:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"f:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"f:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"f:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"f:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;f:\program files\Avira\AntiVir Desktop\sched.exe [22.5.2009 22:34 108289]
R3 kxwdmdrv;kX WDM Driver Service;f:\windows\system32\drivers\kx.sys [17.2.2004 0:19 571776]
R3 PAC7302;Eye 312;f:\windows\system32\drivers\PAC7302.SYS [30.4.2007 13:26 449664]
S2 gupdate1c9cc30383a82e8;Google Update Service (gupdate1c9cc30383a82e8-);f:\program files\Google\Update\GoogleUpdate.exe [3.5.2009 22:46 133104]
S3 Nmwdpapfrwwr;Nmwdpapfrwwr;f:\windows\system32\drivers\atmuni.sys [4.8.2004 18:00 352256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00
.
Contents of the 'Scheduled Tasks' folder

2009-09-16 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-09-28 f:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 20:46]

2009-09-28 f:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 20:46]

2009-09-25 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-583907252-682003330-1001Core.job
- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 06:26]

2009-09-28 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-583907252-682003330-1001UA.job
- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 06:26]

2009-09-25 f:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- f:\program files\Ask.com\UpdateTask.exe [2009-04-02 17:50]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = [Link mogu videti samo ulogovani korisnici]
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]
IE: &Winamp Search - f:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download
IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
DPF: 
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - ProfilePath - f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\
FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - component: f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\extensions\{52f2b999-2724-4693-b1a5-86d167ba79a6}\components\FFExternalAlert.dll
FF - component: f:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: f:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: f:\documents and settings\XPPRESP3\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: f:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: f:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: f:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: f:\program files\Picasa2\npPicasa2.dll
FF - plugin: f:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-09-28 16:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
"value"="?\07\03\0f\0e!/?"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(524)
f:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3004)
f:\program files\Windows Media Player\wmpband.dll
f:\program files\Windows Desktop Search\deskbar.dll
f:\program files\Windows Desktop Search\en-us\dbres.dll.mui
f:\program files\Windows Desktop Search\dbres.dll
f:\program files\Windows Desktop Search\wordwheel.dll
f:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
f:\program files\Windows Desktop Search\msnlExtRes.dll
f:\windows\system32\msi.dll
f:\windows\system32\WPDShServiceObj.dll
f:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
f:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCP80.dll
f:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
f:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
f:\windows\system32\PortableDeviceTypes.dll
f:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
f:\windows\system32\ati2evxx.exe
f:\windows\system32\ati2evxx.exe
f:\windows\system32\acs.exe
f:\program files\Avira\AntiVir Desktop\avguard.exe
f:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
f:\program files\Bonjour\mDNSResponder.exe
f:\program files\Java\jre6\bin\jqs.exe
f:\program files\Common Files\Protexis\License Service\PsiService_2.exe
f:\windows\system32\searchindexer.exe
f:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
f:\program files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
f:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
f:\program files\USB TV\EM28XX\BDARemote.exe
f:\program files\Windows Desktop Search\WindowsSearch.exe
f:\program files\iPod\bin\iPodService.exe
f:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
f:\program files\PC Connectivity Solution\ServiceLayer.exe
f:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
f:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
f:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Completion time: 2009-09-28 16:07 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-28 14:07
ComboFix2.txt 2009-09-26 10:18
ComboFix3.txt 2009-09-25 18:36

Pre-Run: 47.887.171.584 bytes free
Post-Run: 47.754.620.928 bytes free

322



Poslao: 28 Sep 2009 17:28
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

Uploaduj mi:

f:\windows\system32\drivers\atmuni.sys

preko sledeceg linka:

[Link mogu videti samo ulogovani korisnici]



Poslao: 28 Sep 2009 17:48
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

uradjeno kako si rekao..

Poslao: 28 Sep 2009 19:08
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

To bi bilo to. Uradi sledece:

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

combofix /u

Primeti da postoji razmak između "ComboFix" i "/u".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.



Pozz

Poslao: 28 Sep 2009 22:17
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

e znaci sad bi trebalo biti sve ok??a sta mi je sad sa msconfig kad ga kuzam u run nece da se open???ako gresim sa ovim pitanjem u ovoj temi postavicu ga posebno...??

Poslao: 28 Sep 2009 22:42
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

jockyy1 ::e znaci sad bi trebalo biti sve ok??a sta mi je sad sa msconfig kad ga kuzam u run nece da se open???ako gresim sa ovim pitanjem u ovoj temi postavicu ga posebno...??

Ne mozes da otvoris msconfig?

Jesi pre pocetka ciscenja mogao?

Poslao: 28 Sep 2009 22:44
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

jesam,...al sada nista ??

Poslao: 28 Sep 2009 22:46
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

Raspitacu se.

Poslao: 28 Sep 2009 22:55
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska



evo sta mi izbaci..??

Poslao: 29 Sep 2009 12:35
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

Nisam licno imao takvih problema, mozda ti ovo pomogne:

[Link mogu videti samo ulogovani korisnici]

Pogledaj da li je msconfig u tom folderu.

MyCity » Ambulanta -> Arhiva Ambulante » task menager problem..

Ko je trenutno na forumu
 

Ukupno su 880 korisnika na forumu :: 126 registrovanih, 10 sakrivenih i 744 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 04bokibole, 1MAP, Aleksandar Šljivar, aleph_one, Asparagus, Aster Blistok, Ba4e, baltazar01, Bob.Rock, bobpp, bojan_t, bojanM84, bokisha253, bolenbgd, Boris BM, BOXRR, Bubimir, BUDDAR70, Chainsaw, Cicumile, cifra, Colt D, cvrle312, dankisha, darcaud, darionis, dejandr, DENIRO, Despot1, djonsule, Djordje Kolačarić, dnevnasoba, Dolinc, DonRumataEstorski, Dorcolac, dusan.l, dushkomkd, dzada, Dzumanga, Džekson, famoso, goran.vvv, Gosha101980, grunff2, HrcAk47, Insan, Jose, K2, Kajzer Soze, Kolimator, kuntakinte, Lazur_01, ljubo70, Lošmi, ludiagresivan, M74AB3, Mackomen, MadMike, Makarid, Malahit, marki231, Marko Marković, Marko00, marsi, Meklejn, mercedesamg, Mercury, Milos82, milutin134, MKK7, mladen.zovko, MrG, mrm, Muki 123, nemkea71, nenad81, nixos, novator, Permaldar, pisac12, PlayerOne, procesor, proka89, radionica1, Radoslava, raykan, razumihin, RD84, RED4G-304, Ripanjac, rovac, royst33, SamoGledam, saputnik plavetnila, Sass Drake, semity, Sharpshooter, shlauf, sickmouse, Sir Budimir, Smiljkovich, Solunac na steroidima, Sr.Stat., StankoVrankovic, starlights, stegonosa, Szigetwar, The trojkaaa, Titan, tritonus, tubular, tvlada, vidra1, Vlado82, Vojkan Petrovic, vukajlo71, vuksa72, Wrangler, xAlex2, Zastava, ZetaMan, zexon, zil10, zixmix, Zjmc, zlizo