MyCity » Ambulanta -> Arhiva Ambulante » usporen rad kompjutera

usporen rad kompjutera

Napisano na dan: 27.9.2009

usporen rad kompjutera

Sledeća strana

Pagination

Odgovori

zeka_94 Poslao: 27 Sep 2009 16:45 Idi na vrh
offline zeka_94 Novi MyCity građanin Pridružio: 22 Sep 2009 Poruke: 10 Gde živiš: Cuprija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav svima,koristim windows xp sp3 i u zadnje vreme kompjuter mi veoma usporeno radi,ocistio sam ga Nod-om,ali i dalje je usporen,koristim i tuneup utilities 2009,unapred hvala... DDS (Ver_09-09-24.01) - NTFSx86 Run by CUPRIJA at 18:46:36.20 on Sun 09/27/2009 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_15 ============== Pseudo HJT Report =============== uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2077543 uSearch Page = hxxp://search.live.com uInternet Connection Wizard,ShellNext = login.live.com/ppsecure/sha1auth.srf?lc=1033 uInternet Settings,ProxyOverride = *.local mSearchAssistant = hxxp://search.live.com/sphome.aspx uURLSearchHooks: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll BHO: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Windows Live pomagač za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll TB: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll uRun: [DAEMON Tools Lite] "d:\program files\daemon tools lite\daemon.exe" -autorun uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [H/PC Connection Agent] "d:\program files\microsoft activesync\wcescomm.exe" mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe mRun: [ACU] c:\program files\atheros\acu\utility\ACU.exe -nogui mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe" mRun: [Java Updates] "d:\program files\java\jre6\bin\java.exe" -jar "d:\program files\java\jre6\bin\java32wind.jar" mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [SunJavaUpdateSched] d:\program files\java\jre6\bin\jusched.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm IE: Download with Xilisoft Download YouTube Video - d:\program files\xilisoft\download youtube video\upod_link.HTM IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC} - d:\program files\java\jre6\bin\npjpi160_15.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - d:\progra~1\micros~1\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - d:\progra~1\micros~1\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL LSP: c:\windows\system32\imon.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - c:\windows\system32\BTXPPanel.dll Notify: AtiExtEvent - Ati2evxx.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\cuprija\applic~1\mozilla\firefox\profiles\113q3kwx.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://sr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sr:official FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PCW&o=14734&locale=en_EU&q= FF - component: c:\program files\mozilla firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: d:\program files\java\jre6\bin\new_plugin\npdeploytk.dll FF - plugin: d:\program files\java\jre6\bin\new_plugin\npjp2.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 ============= SERVICES / DRIVERS =============== =============== Created Last 30 ================ 2009-09-24 13:40 1,908 a------- c:\windows\diagwrn.xml 2009-09-24 13:40 1,908 a------- c:\windows\diagerr.xml 2009-09-22 13:33 3,072,054 a------- c:\windows\ACD Wallpaper.bmp 2009-09-19 23:55 <DIR> --d----- c:\program files\common files\xing shared 2009-09-13 22:28 <DIR> --d----- c:\docume~1\cuprija\applic~1\uTorrent 2009-09-13 16:14 401,484 a------- c:\windows\system32\msvcrtd.dll 2009-09-13 15:24 85,248 ac------ c:\windows\system32\dllcache\nabtsfec.sys 2009-09-13 15:24 85,248 a------- c:\windows\system32\drivers\NABTSFEC.sys 2009-09-13 15:24 17,024 ac------ c:\windows\system32\dllcache\ccdecode.sys 2009-09-13 15:24 17,024 a------- c:\windows\system32\drivers\CCDECODE.sys 2009-09-13 15:24 219,264 a------- c:\windows\system32\drivers\BTCamDrv.sys 2009-09-13 15:13 114,688 a------- c:\windows\system32\BTCamVideoSource.dll 2009-09-13 14:12 1,047,552 a------- c:\windows\system32\MFC71u.dll 2009-09-13 12:56 56 a---h--- c:\windows\system32\ezsidmv.dat 2009-09-10 21:57 <DIR> --d----- c:\docume~1\cuprija\applic~1\Gmail 2009-09-10 20:07 <DIR> --d----- c:\docume~1\cuprija\applic~1\mIRC 2009-09-08 22:11 <DIR> --d----- c:\program files\AnswerWorks 4.0 2009-09-08 22:09 <DIR> --d----- c:\docume~1\cuprija\applic~1\Autodesk 2009-09-08 22:05 <DIR> --d----- c:\program files\common files\Autodesk Shared 2009-09-08 22:05 <DIR> --d----- c:\program files\Autodesk 2009-09-06 12:47 <DIR> --d----- c:\windows\system32\XPSViewer 2009-09-06 12:46 14,048 -------- c:\windows\system32\spmsg2.dll 2009-09-03 20:40 <DIR> --d----- c:\program files\Gaxian 2009-08-30 21:39 <DIR> --d----- c:\documents and settings\cuprija\.idlerc 2009-08-29 13:19 86,016 a------- c:\windows\system32\frapsvid.dll 2009-08-28 19:07 <DIR> --d----- c:\docume~1\cuprija\applic~1\ACD Systems ==================== Find3M ==================== 2009-09-19 23:54 499,712 a------- c:\windows\system32\msvcp71.dll 2009-09-19 23:54 348,160 a------- c:\windows\system32\msvcr71.dll 2009-08-22 00:13 604,488 a------- c:\windows\system32\TUProgSt.exe 2009-08-22 00:13 361,288 a------- c:\windows\system32\TuneUpDefragService.exe 2009-08-14 23:09 25,280 a------- c:\windows\system32\drivers\hamachi.sys 2009-08-06 00:45 411,368 a------- c:\windows\system32\deploytk.dll 2009-08-05 11:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-29 06:37 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-29 06:37 81,920 a------- c:\windows\system32\fontsub.dll 2009-07-17 21:01 58,880 a------- c:\windows\system32\atl.dll 2009-07-15 11:48 29,000 a------- c:\windows\system32\uxtuneup.dll 2009-07-14 13:44 65,292 a------- c:\windows\Sysvxd.exe 2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll ============= FINISH: 18:49:40.07 =============== mycity.rs/must-login.png Evo i analiza GMER-a: mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

dr_Bora Poslao: 27 Sep 2009 19:41 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovde ima nešto tragova malware-a, no to teško da je uzrok sporog rada. O tome kasnije kada počistimo ovo... Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

zeka_94 Poslao: 27 Sep 2009 20:27 Idi na vrh
offline zeka_94 Novi MyCity građanin Pridružio: 22 Sep 2009 Poruke: 10 Gde živiš: Cuprija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo ga i ComboFix,imao sam jedan problem,posle skeniranja combofix-a kompjuter mi se dizao oko 5 minuta,ali posle je bilo sve u redu..... ComboFix 09-09-25.01 - CUPRIJA 09/27/2009 19:51.1.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.511.216 [GMT 2:00] Running from: c:\documents and settings\CUPRIJA\Desktop\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ADS - system32: deleted 1047061 bytes in 2 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\CUPRIJA\Application Data\Gmail c:\program files\XPCode\Games.lnk c:\windows\system32\28463 c:\windows\system32\28463\akv.cfg c:\windows\system32\28463\NUSR.001 c:\windows\system32\28463\NUSR.002 c:\windows\system32\28463\NUSR.005 c:\windows\system32\28463\NUSR.009 c:\windows\Sysvxd.exe . ((((((((((((((((((((((((( Files Created from 2009-08-27 to 2009-09-27 ))))))))))))))))))))))))))))))) . 2009-09-23 15:10 . 2009-09-23 15:12 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\Temp 2009-09-19 22:10 . 2009-09-19 22:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2009-09-19 21:56 . 2009-09-19 21:56 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\Real 2009-09-19 21:55 . 2009-09-19 21:55 -------- d-----w- c:\program files\Common Files\xing shared 2009-09-19 21:52 . 2009-09-19 21:52 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google 2009-09-16 13:15 . 2009-09-16 13:15 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\WMTools Downloaded Files 2009-09-13 20:28 . 2009-09-14 16:27 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\uTorrent 2009-09-13 14:14 . 2004-03-18 16:36 401484 ----a-w- c:\windows\system32\msvcrtd.dll 2009-09-13 13:25 . 2008-04-13 22:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys 2009-09-13 13:25 . 2008-04-13 22:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys 2009-09-13 13:25 . 2008-04-13 22:16 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys 2009-09-13 13:25 . 2008-04-13 22:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys 2009-09-13 13:25 . 2008-04-13 22:16 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys 2009-09-13 13:25 . 2008-04-13 22:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys 2009-09-13 13:25 . 2008-04-13 22:16 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys 2009-09-13 13:25 . 2008-04-13 22:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys 2009-09-13 13:25 . 2008-04-14 03:42 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll 2009-09-13 13:25 . 2008-04-14 03:42 53760 ----a-w- c:\windows\system32\vfwwdm32.dll 2009-09-13 13:25 . 2008-04-13 22:16 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys 2009-09-13 13:25 . 2008-04-13 22:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS 2009-09-13 13:24 . 2008-04-13 22:16 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys 2009-09-13 13:24 . 2008-04-13 22:16 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys 2009-09-13 13:24 . 2008-04-13 22:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys 2009-09-13 13:24 . 2008-04-13 22:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys 2009-09-13 13:24 . 2006-11-01 16:45 219264 ----a-w- c:\windows\system32\drivers\BTCamDrv.sys 2009-09-13 13:13 . 2007-09-20 11:04 114688 ----a-w- c:\windows\system32\BTCamVideoSource.dll 2009-09-13 12:38 . 2009-09-13 12:38 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\WinZip 2009-09-13 12:37 . 2009-09-13 12:40 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-09-13 12:12 . 2003-03-19 07:12 1047552 ----a-w- c:\windows\system32\MFC71u.dll 2009-09-13 10:56 . 2009-09-13 10:56 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-09-13 10:55 . 2009-09-24 16:42 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\skypePM 2009-09-13 10:52 . 2009-09-24 21:20 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Skype 2009-09-13 10:51 . 2009-09-13 10:51 -------- d-----w- c:\program files\Common Files\Skype 2009-09-10 18:07 . 2009-09-10 18:11 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\mIRC 2009-09-08 20:11 . 2009-09-08 20:11 -------- d-----w- c:\program files\AnswerWorks 4.0 2009-09-08 20:09 . 2009-09-08 20:18 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Autodesk 2009-09-08 20:09 . 2009-09-08 20:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk 2009-09-08 20:09 . 2009-09-08 20:09 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\Autodesk 2009-09-08 20:05 . 2009-09-08 20:13 -------- d-----w- c:\program files\Common Files\Autodesk Shared 2009-09-08 20:05 . 2009-09-08 20:05 -------- d-----w- c:\program files\Autodesk 2009-09-06 10:49 . 2009-09-06 10:49 278768 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-09-06 10:47 . 2009-09-06 10:47 -------- d-----w- c:\program files\MSBuild 2009-09-06 10:47 . 2009-09-06 10:47 -------- d-----w- c:\windows\system32\XPSViewer 2009-09-06 10:47 . 2009-09-06 10:47 -------- d-----w- c:\program files\Reference Assemblies 2009-09-06 10:46 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2009-09-04 14:12 . 2009-09-04 14:12 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\Deployment 2009-09-03 18:40 . 2009-09-03 18:40 -------- d-----w- c:\program files\Gaxian 2009-08-31 00:08 . 2009-08-31 00:08 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142020} 2009-08-30 19:39 . 2009-08-30 19:39 -------- d-----w- c:\documents and settings\CUPRIJA\.idlerc 2009-08-29 11:19 . 2009-08-29 11:19 86016 ----a-w- c:\windows\system32\frapsvid.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-27 18:07 . 2009-06-22 14:30 -------- d-----w- c:\program files\XPCode 2009-09-26 21:06 . 2009-06-05 17:58 -------- d-----w- c:\program files\Common Files\Adobe 2009-09-22 19:58 . 2009-08-21 17:36 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-19 21:55 . 2009-06-05 16:29 -------- d-----w- c:\program files\Common Files\Real 2009-09-19 21:54 . 2009-06-05 16:29 499712 ----a-w- c:\windows\system32\msvcp71.dll 2009-09-19 21:54 . 2009-06-05 16:29 348160 ----a-w- c:\windows\system32\msvcr71.dll 2009-09-19 21:54 . 2009-06-05 16:29 -------- d-----w- c:\program files\Real 2009-09-19 21:53 . 2009-07-21 17:20 -------- d-----w- c:\program files\Google 2009-09-14 16:27 . 2009-06-05 17:54 -------- d-----w- c:\program files\FlashGet 2009-09-13 10:50 . 2009-07-01 21:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-09-08 20:17 . 2009-06-05 14:08 168952 ----a-w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-07 18:40 . 2009-06-05 15:09 -------- d-----w- c:\program files\ATI Technologies 2009-08-28 17:07 . 2009-08-28 17:07 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\ACD Systems 2009-08-27 18:16 . 2009-08-27 18:11 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Notepad++ 2009-08-26 17:52 . 2009-08-26 17:52 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\teamspeak2 2009-08-24 13:15 . 2009-08-24 13:15 -------- d-----w- c:\program files\Lavasoft 2009-08-24 13:15 . 2009-08-22 11:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-08-24 13:14 . 2009-08-24 13:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-08-22 15:36 . 2009-08-22 00:20 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Uniblue 2009-08-22 15:36 . 2009-08-22 00:20 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-08-22 11:05 . 2009-06-05 14:19 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Lavasoft 2009-08-22 00:58 . 2009-08-22 00:58 -------- d-----w- c:\program files\MSXML 4.0 2009-08-21 22:13 . 2009-08-21 22:13 604488 ----a-w- c:\windows\system32\TUProgSt.exe 2009-08-21 22:13 . 2009-08-21 22:13 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-08-21 22:13 . 2009-08-21 18:10 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-08-21 19:43 . 2009-08-21 19:43 -------- d-----w- c:\program files\aSkola 2009-08-21 18:11 . 2009-08-21 18:11 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\TuneUp Software 2009-08-21 18:10 . 2009-08-21 18:10 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-08-21 18:09 . 2009-08-21 18:09 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-08-21 08:42 . 2009-06-05 14:12 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-20 21:18 . 2009-08-17 12:46 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\MessengerDiscovery 2 2009-08-20 15:15 . 2009-08-20 15:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-08-20 15:15 . 2009-08-20 15:15 -------- d-----w- c:\program files\Microsoft WSE 2009-08-20 13:55 . 2009-08-20 13:16 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\TeamViewer 2009-08-20 11:22 . 2009-08-19 23:16 -------- d-----w- c:\program files\Common Files\Reallusion 2009-08-19 11:32 . 2009-08-19 11:32 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Media Player Classic 2009-08-17 15:03 . 2009-08-17 15:03 -------- d-----w- c:\program files\Ask.com 2009-08-15 22:35 . 2009-08-14 20:45 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Hamachi 2009-08-14 22:35 . 2009-08-14 22:35 552 ----a-w- c:\windows\system32\d3d8caps.dat 2009-08-14 21:09 . 2009-08-14 20:43 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys 2009-08-11 20:33 . 2009-08-11 20:32 -------- d-----w- c:\program files\WinPcap 2009-08-10 21:05 . 2009-08-07 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet 2009-08-09 22:47 . 2009-08-09 22:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus! 2009-08-08 22:13 . 2009-06-05 17:58 -------- d-----w- c:\program files\Mv2Player 2009-08-07 17:30 . 2009-08-07 17:30 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2009-08-05 22:45 . 2009-08-05 22:45 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-08-05 09:01 . 2008-04-14 03:42 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-29 04:37 . 2008-04-14 03:42 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-29 04:37 . 2008-04-14 03:41 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-07-26 16:26 . 2009-07-26 16:26 0 ----a-w- c:\windows\nsreg.dat 2009-07-26 10:59 . 2009-07-26 10:59 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys 2009-07-21 15:56 . 2009-07-21 15:56 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-07-17 19:01 . 2008-04-14 03:41 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-15 09:48 . 2009-08-21 22:13 29000 ----a-w- c:\windows\system32\uxtuneup.dll 2009-07-13 16:46 . 2009-07-11 23:44 25 ----a-w- c:\windows\popcinfot.dat 2009-07-13 08:08 . 2008-04-14 03:42 286720 ----a-w- c:\windows\system32\wmpdxm.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTogg.dll" [2009-07-02 2215960] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] 2009-07-02 08:18 2215960 ----a-w- c:\program files\ToggleEN\tbTogg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-05-06 16:11 1145736 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTogg.dll" [2009-07-02 2215960] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-06 1145736] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{038CB5C7-48EA-4AF9-94E0-A1646542E62B}"= "c:\program files\ToggleEN\tbTogg.dll" [2009-07-02 2215960] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-06 1145736] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] "H/PC Connection Agent"="d:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-06-05 949376] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-20 177472] "ACU"="c:\program files\Atheros\ACU\Utility\ACU.exe" [2005-11-28 303104] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-07 344064] "Java Updates"="d:\program files\Java\jre6\bin\java.exe" [2009-08-05 145184] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-19 198160] "SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-08-05 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2008-04-14 99840] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-25 113664] AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2005-3-5 10872] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-19 565309] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BTTray.lnk backup=c:\windows\pss\BTTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\Valve\\hl.exe"= "c:\\Documents and Settings\\CUPRIJA\\temp\\TeamViewer\\Version4\\TeamViewer.exe"= "d:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"= "d:\program files\Microsoft ActiveSync\rapimgr.exe"= d:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "d:\program files\Microsoft ActiveSync\wcescomm.exe"= d:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "d:\program files\Microsoft ActiveSync\WCESMgr.exe"= d:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "d:\\Program Files\\mIRC\\mirc.exe"= "d:\\Program Files\\Mobiola Web Camera for Windows Mobile\\webcam.exe"= "c:\\Documents and Settings\\CUPRIJA\\Desktop\\wlan hack\\air(zabranjeno)-ng-1.0-win\\bin\\buddy-ng.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Documents and Settings\\CUPRIJA\\Desktop\\webhack\\Hacking-WEP.Plugin\\WEPdecoder.exe"= "d:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [6/5/2009 6:29 PM 15424] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [8/22/2009 12:13 AM 604488] R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [8/22/2009 2:37 AM 7808] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [1/25/2008 11:12 AM 25088] S2 gupdate1ca397378a8f1f0;Google Update Service (gupdate1ca397378a8f1f0);c:\program files\Google\Update\GoogleUpdate.exe [9/19/2009 11:52 PM 133104] S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [9/13/2009 3:24 PM 219264] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;d:\program files\MAGIX\Common\Database\bin\fbserver.exe [7/21/2009 2:53 PM 1527900] S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\NPF.sys --> c:\windows\system32\drivers\NPF.sys [?] S3 WLAN_400_500_SERVICE;HP WLAN W400/W500 Wireless Network Adapter Service;c:\windows\system32\drivers\ar5211.sys [7/26/2009 1:20 PM 558560] --- Other Services/Drivers In Memory --- NewlyCreated - UWKIQFOG Deregistered - uwkiqfog HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4944C57-1102-8529-D13C-EE0924183803}] c:\windows\system32:winlogon..exe . Contents of the 'Scheduled Tasks' folder 2009-09-27 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 08:54] 2009-09-17 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-19 21:52] 2009-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-19 21:52] 2009-09-27 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2009-05-06 16:11] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2077543 uInternet Connection Wizard,ShellNext = login.live.com/ppsecure/sha1auth.srf?lc=1033 uInternet Settings,ProxyOverride = .local IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm IE: Download with Xilisoft Download YouTube Video - d:\program files\Xilisoft\Download YouTube Video\upod_link.HTM IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm LSP: c:\windows\system32\imon.dll FF - ProfilePath - c:\documents and settings\CUPRIJA\Application Data\Mozilla\Firefox\Profiles\113q3kwx.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://sr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sr:official FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PCW&o=14734&locale=en_EU&q= FF - component: c:\program files\Mozilla Firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npjp2.dll ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-27 20:07 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1275210071-1993962763-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{486F6224-DB96-F6FB-BE49-96F33E0142FD}] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "ialnlbfbbekjbcbhff"=hex:6a,61,6f,65,65,65,61,66,6e,6c,66,6d,6f,6d,6b,6f,62,65, 69,61,00,00 "hafobbcimnijleme"=hex:6a,61,6f,65,65,65,61,66,6e,6c,66,6d,6f,6d,6b,6f,62,65, 69,61,00,00 [HKEY_USERS\S-1-5-21-1275210071-1993962763-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C9D733B8-CDB7-7F4A-39E9-A9661C08FE55}] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iamafaoffhhjopklaa"=hex:6a,61,6a,62,6e,62,66,70,69,65,70,6e,6d,64,6f,63,63,6e, 66,6e,00,00 "haobljkmenpicddl"=hex:6a,61,6a,62,6e,62,66,70,69,65,70,6e,6d,64,6f,63,63,6e, 66,6e,00,00 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1300) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-09-27 20:14 ComboFix-quarantined-files.txt 2009-09-27 18:14 Pre-Run: 2,769,477,632 bytes free Post-Run: 2,955,694,080 bytes free 315 --- E O F --- 2009-08-22 01:07

Profil

dr_Bora Poslao: 27 Sep 2009 23:05 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: DirLook:: c:\documents and settings\CUPRIJA\Local Settings\Application Data\WMTools Downloaded Files Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4944C57-1102-8529-D13C-EE0924183803}] RegNull:: [HKEY_USERS\S-1-5-21-1275210071-1993962763-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{486F6224-DB96-F6FB-BE49-96F33E0142FD}] [HKEY_USERS\S-1-5-21-1275210071-1993962763-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C9D733B8-CDB7-7F4A-39E9-A9661C08FE55}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

zeka_94 Poslao: 28 Sep 2009 14:37 Idi na vrh
offline zeka_94 Novi MyCity građanin Pridružio: 22 Sep 2009 Poruke: 10 Gde živiš: Cuprija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-09-27.04 - CUPRIJA 09/28/2009 14:16.2.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.511.225 [GMT 2:00] Running from: c:\documents and settings\CUPRIJA\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\CUPRIJA\Desktop\CFScript.txt AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-28 ))))))))))))))))))))))))))))))) . 2009-09-23 15:10 . 2009-09-23 15:12 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\Temp 2009-09-19 22:10 . 2009-09-19 22:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2009-09-19 21:56 . 2009-09-19 21:56 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\Real 2009-09-19 21:55 . 2009-09-19 21:55 -------- d-----w- c:\program files\Common Files\xing shared 2009-09-19 21:52 . 2009-09-19 21:52 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google 2009-09-16 13:15 . 2009-09-16 13:15 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\WMTools Downloaded Files 2009-09-13 20:28 . 2009-09-14 16:27 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\uTorrent 2009-09-13 14:14 . 2004-03-18 16:36 401484 ----a-w- c:\windows\system32\msvcrtd.dll 2009-09-13 13:25 . 2008-04-13 22:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys 2009-09-13 13:25 . 2008-04-13 22:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys 2009-09-13 13:25 . 2008-04-13 22:16 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys 2009-09-13 13:25 . 2008-04-13 22:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys 2009-09-13 13:25 . 2008-04-13 22:16 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys 2009-09-13 13:25 . 2008-04-13 22:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys 2009-09-13 13:25 . 2008-04-13 22:16 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys 2009-09-13 13:25 . 2008-04-13 22:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys 2009-09-13 13:25 . 2008-04-14 03:42 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll 2009-09-13 13:25 . 2008-04-14 03:42 53760 ----a-w- c:\windows\system32\vfwwdm32.dll 2009-09-13 13:25 . 2008-04-13 22:16 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys 2009-09-13 13:25 . 2008-04-13 22:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS 2009-09-13 13:24 . 2008-04-13 22:16 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys 2009-09-13 13:24 . 2008-04-13 22:16 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys 2009-09-13 13:24 . 2008-04-13 22:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys 2009-09-13 13:24 . 2008-04-13 22:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys 2009-09-13 13:24 . 2006-11-01 16:45 219264 ----a-w- c:\windows\system32\drivers\BTCamDrv.sys 2009-09-13 13:13 . 2007-09-20 11:04 114688 ----a-w- c:\windows\system32\BTCamVideoSource.dll 2009-09-13 12:38 . 2009-09-13 12:38 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\WinZip 2009-09-13 12:37 . 2009-09-13 12:40 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-09-13 12:12 . 2003-03-19 07:12 1047552 ----a-w- c:\windows\system32\MFC71u.dll 2009-09-13 10:56 . 2009-09-13 10:56 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-09-13 10:55 . 2009-09-24 16:42 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\skypePM 2009-09-13 10:52 . 2009-09-24 21:20 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Skype 2009-09-13 10:51 . 2009-09-13 10:51 -------- d-----w- c:\program files\Common Files\Skype 2009-09-10 18:07 . 2009-09-10 18:11 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\mIRC 2009-09-08 20:11 . 2009-09-08 20:11 -------- d-----w- c:\program files\AnswerWorks 4.0 2009-09-08 20:09 . 2009-09-08 20:18 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Autodesk 2009-09-08 20:09 . 2009-09-08 20:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk 2009-09-08 20:09 . 2009-09-08 20:09 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\Autodesk 2009-09-08 20:05 . 2009-09-08 20:13 -------- d-----w- c:\program files\Common Files\Autodesk Shared 2009-09-08 20:05 . 2009-09-08 20:05 -------- d-----w- c:\program files\Autodesk 2009-09-06 10:49 . 2009-09-06 10:49 278768 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-09-06 10:47 . 2009-09-06 10:47 -------- d-----w- c:\program files\MSBuild 2009-09-06 10:47 . 2009-09-06 10:47 -------- d-----w- c:\windows\system32\XPSViewer 2009-09-06 10:47 . 2009-09-06 10:47 -------- d-----w- c:\program files\Reference Assemblies 2009-09-06 10:46 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2009-09-04 14:12 . 2009-09-04 14:12 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\Deployment 2009-09-03 18:40 . 2009-09-03 18:40 -------- d-----w- c:\program files\Gaxian 2009-08-31 00:08 . 2009-08-31 00:08 -------- d-----w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142020} 2009-08-30 19:39 . 2009-08-30 19:39 -------- d-----w- c:\documents and settings\CUPRIJA\.idlerc . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-27 18:07 . 2009-06-22 14:30 -------- d-----w- c:\program files\XPCode 2009-09-26 21:06 . 2009-06-05 17:58 -------- d-----w- c:\program files\Common Files\Adobe 2009-09-22 19:58 . 2009-08-21 17:36 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-19 21:55 . 2009-06-05 16:29 -------- d-----w- c:\program files\Common Files\Real 2009-09-19 21:54 . 2009-06-05 16:29 499712 ----a-w- c:\windows\system32\msvcp71.dll 2009-09-19 21:54 . 2009-06-05 16:29 348160 ----a-w- c:\windows\system32\msvcr71.dll 2009-09-19 21:54 . 2009-06-05 16:29 -------- d-----w- c:\program files\Real 2009-09-19 21:53 . 2009-07-21 17:20 -------- d-----w- c:\program files\Google 2009-09-14 16:27 . 2009-06-05 17:54 -------- d-----w- c:\program files\FlashGet 2009-09-13 10:50 . 2009-07-01 21:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-09-08 20:17 . 2009-06-05 14:08 168952 ----a-w- c:\documents and settings\CUPRIJA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-07 18:40 . 2009-06-05 15:09 -------- d-----w- c:\program files\ATI Technologies 2009-08-29 11:19 . 2009-08-29 11:19 86016 ----a-w- c:\windows\system32\frapsvid.dll 2009-08-28 17:07 . 2009-08-28 17:07 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\ACD Systems 2009-08-27 18:16 . 2009-08-27 18:11 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Notepad++ 2009-08-26 17:52 . 2009-08-26 17:52 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\teamspeak2 2009-08-24 13:15 . 2009-08-24 13:15 -------- d-----w- c:\program files\Lavasoft 2009-08-24 13:15 . 2009-08-22 11:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-08-24 13:14 . 2009-08-24 13:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-08-22 15:36 . 2009-08-22 00:20 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Uniblue 2009-08-22 15:36 . 2009-08-22 00:20 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-08-22 11:05 . 2009-06-05 14:19 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Lavasoft 2009-08-22 00:58 . 2009-08-22 00:58 -------- d-----w- c:\program files\MSXML 4.0 2009-08-21 22:13 . 2009-08-21 22:13 604488 ----a-w- c:\windows\system32\TUProgSt.exe 2009-08-21 22:13 . 2009-08-21 22:13 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-08-21 22:13 . 2009-08-21 18:10 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-08-21 19:43 . 2009-08-21 19:43 -------- d-----w- c:\program files\aSkola 2009-08-21 18:11 . 2009-08-21 18:11 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\TuneUp Software 2009-08-21 18:10 . 2009-08-21 18:10 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-08-21 18:09 . 2009-08-21 18:09 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-08-21 08:42 . 2009-06-05 14:12 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-20 21:18 . 2009-08-17 12:46 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\MessengerDiscovery 2 2009-08-20 15:15 . 2009-08-20 15:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-08-20 15:15 . 2009-08-20 15:15 -------- d-----w- c:\program files\Microsoft WSE 2009-08-20 13:55 . 2009-08-20 13:16 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\TeamViewer 2009-08-20 11:22 . 2009-08-19 23:16 -------- d-----w- c:\program files\Common Files\Reallusion 2009-08-19 11:32 . 2009-08-19 11:32 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Media Player Classic 2009-08-17 15:03 . 2009-08-17 15:03 -------- d-----w- c:\program files\Ask.com 2009-08-15 22:35 . 2009-08-14 20:45 -------- d-----w- c:\documents and settings\CUPRIJA\Application Data\Hamachi 2009-08-14 22:35 . 2009-08-14 22:35 552 ----a-w- c:\windows\system32\d3d8caps.dat 2009-08-14 21:09 . 2009-08-14 20:43 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys 2009-08-11 20:33 . 2009-08-11 20:32 -------- d-----w- c:\program files\WinPcap 2009-08-10 21:05 . 2009-08-07 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet 2009-08-09 22:47 . 2009-08-09 22:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus! 2009-08-08 22:13 . 2009-06-05 17:58 -------- d-----w- c:\program files\Mv2Player 2009-08-07 17:30 . 2009-08-07 17:30 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2009-08-05 22:45 . 2009-08-05 22:45 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-08-05 09:01 . 2008-04-14 03:42 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-29 04:37 . 2008-04-14 03:42 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-29 04:37 . 2008-04-14 03:41 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-07-26 16:26 . 2009-07-26 16:26 0 ----a-w- c:\windows\nsreg.dat 2009-07-26 10:59 . 2009-07-26 10:59 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys 2009-07-21 15:56 . 2009-07-21 15:56 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-07-17 19:01 . 2008-04-14 03:41 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-15 09:48 . 2009-08-21 22:13 29000 ----a-w- c:\windows\system32\uxtuneup.dll 2009-07-13 16:46 . 2009-07-11 23:44 25 ----a-w- c:\windows\popcinfot.dat 2009-07-13 08:08 . 2008-04-14 03:42 286720 ----a-w- c:\windows\system32\wmpdxm.dll . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\documents and settings\CUPRIJA\Local Settings\Application Data\WMTools Downloaded Files ---- ((((((((((((((((((((((((((((( SnapShot@2009-09-27_18.08.43 ))))))))))))))))))))))))))))))))))))))))) . + 2009-09-28 08:36 . 2009-09-28 08:36 16384 c:\windows\Temp\Perflib_Perfdata_430.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTogg.dll" [2009-07-02 2215960] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] 2009-07-02 08:18 2215960 ----a-w- c:\program files\ToggleEN\tbTogg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-05-06 16:11 1145736 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTogg.dll" [2009-07-02 2215960] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-06 1145736] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{038CB5C7-48EA-4AF9-94E0-A1646542E62B}"= "c:\program files\ToggleEN\tbTogg.dll" [2009-07-02 2215960] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-05-06 1145736] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] "H/PC Connection Agent"="d:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-06-05 949376] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-20 177472] "ACU"="c:\program files\Atheros\ACU\Utility\ACU.exe" [2005-11-28 303104] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-07 344064] "Java Updates"="d:\program files\Java\jre6\bin\java.exe" [2009-08-05 145184] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-19 198160] "SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-08-05 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2008-04-14 99840] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-25 113664] AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2005-3-5 10872] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-19 565309] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BTTray.lnk backup=c:\windows\pss\BTTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\Valve\\hl.exe"= "c:\\Documents and Settings\\CUPRIJA\\temp\\TeamViewer\\Version4\\TeamViewer.exe"= "d:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"= "d:\program files\Microsoft ActiveSync\rapimgr.exe"= d:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "d:\program files\Microsoft ActiveSync\wcescomm.exe"= d:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "d:\program files\Microsoft ActiveSync\WCESMgr.exe"= d:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "d:\\Program Files\\mIRC\\mirc.exe"= "d:\\Program Files\\Mobiola Web Camera for Windows Mobile\\webcam.exe"= "c:\\Documents and Settings\\CUPRIJA\\Desktop\\wlan hack\\air(zabranjeno)-ng-1.0-win\\bin\\buddy-ng.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Documents and Settings\\CUPRIJA\\Desktop\\webhack\\Hacking-WEP.Plugin\\WEPdecoder.exe"= "d:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [6/5/2009 6:29 PM 15424] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [8/22/2009 12:13 AM 604488] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [1/25/2008 11:12 AM 25088] S2 gupdate1ca397378a8f1f0;Google Update Service (gupdate1ca397378a8f1f0);c:\program files\Google\Update\GoogleUpdate.exe [9/19/2009 11:52 PM 133104] S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [9/13/2009 3:24 PM 219264] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;d:\program files\MAGIX\Common\Database\bin\fbserver.exe [7/21/2009 2:53 PM 1527900] S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [8/22/2009 2:37 AM 7808] S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\NPF.sys --> c:\windows\system32\drivers\NPF.sys [?] S3 WLAN_400_500_SERVICE;HP WLAN W400/W500 Wireless Network Adapter Service;c:\windows\system32\drivers\ar5211.sys [7/26/2009 1:20 PM 558560] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2009-09-28 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 08:54] 2009-09-17 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-19 21:52] 2009-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-19 21:52] 2009-09-28 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2009-05-06 16:11] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2077543 uInternet Connection Wizard,ShellNext = login.live.com/ppsecure/sha1auth.srf?lc=1033 uInternet Settings,ProxyOverride = .local IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm IE: Download with Xilisoft Download YouTube Video - d:\program files\Xilisoft\Download YouTube Video\upod_link.HTM IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm LSP: c:\windows\system32\imon.dll FF - ProfilePath - c:\documents and settings\CUPRIJA\Application Data\Mozilla\Firefox\Profiles\113q3kwx.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://sr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sr:official FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PCW&o=14734&locale=en_EU&q= FF - component: c:\program files\Mozilla Firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npjp2.dll ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-28 14:25 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1176) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-09-28 14:30 ComboFix-quarantined-files.txt 2009-09-28 12:29 ComboFix2.txt 2009-09-27 18:14 Pre-Run: 2,897,416,192 bytes free Post-Run: 2,915,196,928 bytes free 290 --- E O F --- 2009-08-22 01:07

Profil

dr_Bora Poslao: 28 Sep 2009 16:02 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovde više nema tragova malware-a. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. To bi bilo sve...

Profil

zeka_94 Poslao: 28 Sep 2009 21:02 Idi na vrh
offline zeka_94 Novi MyCity građanin Pridružio: 22 Sep 2009 Poruke: 10 Gde živiš: Cuprija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Deinstalirao sam ComboFix,hvala na pomoci...Pozdrav...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » usporen rad kompjutera

Ko je trenutno na forumu

Ukupno su 969 korisnika na forumu :: 28 registrovanih, 9 sakrivenih i 932 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Ben Roj, bokisha253, Boris BM, cavatina, DonRumataEstorski, draganca, Excalibur13, Georgius, goxin, hatman, ILGromovnik, kihot, Kubovac, Leonov, Luka Blažević, mercedesamg, Mercury, ozzy, pein, Rakenica, ruma, Toper, Trpe Grozni, vukdra, wizzardone, x9, zeo

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by