MyCity » Ambulanta -> Arhiva Ambulante » plavi ekran

plavi ekran

Napisano na dan: 10.9.2008

Strana:
1
2

plavi ekran

Sledeća strana

Pagination

Odgovori

Strana:
1
2

lime70 Poslao: 10 Sep 2008 18:45 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav svima evo mog problema odjednom mi se pojavio plavi ekran kao da je kom restartovan i pisalo je da pritisnem f8 ili da ga ugasim tako nesto ,restartovao sam ga i kada se pojavio ekran je bio promenjen tj pozadina. Imam atispaywarebot i on registruje i trojance ali i vundo I naravno jos puno toga sta da radim hvala

Profil

helen1 Poslao: 10 Sep 2008 18:50 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozzz, uradi kako se ovde kaze: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

lime70 Poslao: 10 Sep 2008 20:03 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19.49.01, on 09/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.17184) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\PuXpMan.exe C:\Programmi\SimpleCenter\bin\win\sclauncher.exe C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe C:\Programmi\Spyware Doctor\pctsTray.exe C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Programmi\Webroot\Spy Sweeper\SpySweeperUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Programmi\a-squared Anti-Dialer\a2service.exe C:\Programmi\a-squared Anti-Malware\a2service.exe C:\WINDOWS\System32\alg.exe C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\arservice.exe C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE C:\Programmi\File comuni\LightScribe\LSSrvc.exe C:\Programmi\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Spyware Doctor\pctsAuxs.exe C:\Programmi\Spyware Doctor\pctsSvc.exe C:\Programmi\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programmi\Huawei technologies\Mobile Connect\Mobile Connect.exe C:\Programmi\Webroot\Spy Sweeper\SSU.EXE C:\Programmi\Opera 9\Opera.exe C:\Documents and Settings\HP_Administrator\Desktop\emil\TXXW.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesear.....pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesear.....pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Programmi\HP\Digital Imaging\bin\MCPC\blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome.....pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: XPL LinkScannerIE - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\ExPLabs.com\LinkScanner\LinkScannerIE.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_11\bin\ssv.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ftutil2] "rundll32.exe" ftutil2.dll,SetWriteCacheMode O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [UserFaultCheck] C:\WINDOWS\system32\dumprep 0 -u O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\system32\PuXpMan.exe O4 - HKLM\..\Run: [sclauncher] C:\Programmi\SimpleCenter\bin\win\sclauncher.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [ISTray] "C:\Programmi\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [AVP] "C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [a-squared] "C:\Programmi\a-squared Anti-Malware\a2guard.exe" O4 - HKLM\..\Run: [SpySweeper] "C:\Programmi\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [AntispywareBot] "C:\Programmi\AntispywareBot\AntispywareBot.exe" -boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O10 - Unknown file in Winsock LSP: c:\programmi\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\programmi\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\programmi\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\programmi\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\programmi\explabs.com\linkscanner\wrnetdrv.dll O10 - Unknown file in Winsock LSP: c:\programmi\explabs.com\linkscanner\wrnetdrv.dll O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} - it.pixaco.de/static/download/pixacodndupload.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....6915200562 O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....6915111640 O17 - HKLM\System\CCS\Services\Tcpip\..\{E6AA5C9A-6B5D-4E9E-9340-2A1A0883C118}: NameServer = 62.13.171.4 62.13.171.5 O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Programmi\a-squared Anti-Dialer\a2service.exe O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Programmi\a-squared Anti-Malware\a2service.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: Bonjour Service - Unknown owner - C:\Programmi\Bonjour\mDNSResponder.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programmi\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Programmi\WinPcap\rpcapd.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programmi\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programmi\Spyware Doctor\pctsSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe O23 - Service: Sistema Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe -- End of file - 9360 bytes Dopuna: 10 Sep 2008 20:03 Izvini nisam ukapirao moram li ponovo da otvorim temu ili..... moze i o vako na ovom Nadam se da sam sve uradio lkako treba

Profil

helen1 Poslao: 10 Sep 2008 20:12 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! * Klikni desnim tasterom na Kaspersky ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Pause Protection. * U prozoru koji se otvori, izaberi By User Request. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. --------------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

lime70 Poslao: 10 Sep 2008 20:48 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-09-05.14 - HP_Administrator 2008-09-10 20.23.01.6 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.602 [GMT 2:00] Eseguito da: C:\Documents and Settings\HP_Administrator\Desktop\emil\ComboFix.exe * Creato nuovo punto di ripristino . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Desktop\AntiSpywareBot.lnk C:\Documents and Settings\All Users\Menu Avvio\Programmi\AntiSpywareBot C:\Documents and Settings\All Users\Menu Avvio\Programmi\AntiSpywareBot\AntispywareBot on the Web.lnk C:\Documents and Settings\All Users\Menu Avvio\Programmi\AntiSpywareBot\AntispywareBot.lnk C:\Programmi\AntispywareBot C:\Programmi\AntiSpywareBot\AntispywareBot.exe C:\Programmi\AntiSpywareBot\AntispywareBot.url C:\Programmi\AntiSpywareBot\DataBase.ref C:\Programmi\AntiSpywareBot\SpyCleaner.dll C:\Programmi\AntiSpywareBot\TCL.dll C:\Programmi\AntiSpywareBot\vistaCPtasks.xml C:\Programmi\AntiSpywareBot\zlib.dll C:\WINDOWS\BM6e0ffb33.txt C:\WINDOWS\cdmxtras C:\WINDOWS\Downloaded Program Files\setup.inf C:\WINDOWS\system32\blphc315j0epkn.scr C:\WINDOWS\system32\phc315j0epkn.bmp C:\WINDOWS\Tasks.\AntiSpywareBot Scheduled Scan.job C:\WINDOWS\temp\perflib_perfdata_1cc.dat M:\Autorun.inf . ((((((((((((((((((((((((( Files Creati Da 2008-08-10 al 2008-09-10 ))))))))))))))))))))))))))))))))))) . 2008-09-10 17:55 . 2008-09-10 18:06 <DIR> d-------- C:\VundoFix Backups 2008-09-09 19:40 . 2008-09-09 19:40 <DIR> d-------- C:\Programmi\a-squared HiJackFree 2008-09-09 19:14 . 2008-09-09 19:25 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\AntispywareBot 2008-09-09 17:37 . 2008-09-10 17:07 <DIR> d-------- C:\Programmi\a-squared Anti-Malware 2008-09-09 17:32 . 2008-09-09 17:32 <DIR> d-------- C:\Programmi\a-squared Anti-Dialer 2008-09-06 20:29 . 2008-09-06 20:33 <DIR> d-------- C:\Programmi\105 myPlayer 2008-09-06 20:26 . 2008-09-07 08:22 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-09-06 20:26 . 2008-09-06 20:26 1,409 --a------ C:\WINDOWS\QTFont.for . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-10 18:29 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab 2008-09-10 18:26 352,032 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-09-10 18:26 29,636 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-09-10 18:26 213,200 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-09-10 18:26 16,543,776 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-09-10 18:20 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP 2008-09-10 15:12 --------- d-----w C:\Programmi\Bonjour 2008-09-10 15:06 --------- d-----w C:\Programmi\Registry Easy 2008-09-10 15:01 --------- d-----w C:\Programmi\Spyware Terminator 2008-09-09 18:16 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\RFA_Backups 2008-09-09 17:06 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\CallingID 2008-08-27 16:51 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Nokia Multimedia Player 2008-08-26 20:51 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Skype 2008-08-12 18:00 --------- d-----w C:\Programmi\Fighters 2008-08-06 18:22 --------- d-----w C:\Programmi\Spyware Doctor 2008-08-05 18:40 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator 2008-08-03 18:18 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Fighters 2008-08-01 19:45 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\GARMIN 2008-07-31 20:15 --------- d-----w C:\Programmi\File comuni\Sonic Shared 2008-07-31 20:13 --------- d-----w C:\Programmi\Sonic 2008-07-31 16:29 --------- d-----w C:\Programmi\eMule 2008-07-31 16:21 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\uTorrent 2008-07-30 15:35 --------- d-----w C:\Programmi\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\LocalService\Dati applicazioni\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Webroot 2008-07-30 15:26 --------- d-----w C:\Programmi\BearShare Applications 2008-07-30 15:26 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\BearShare 2008-07-30 15:24 164 ----a-w C:\install.dat 2008-07-30 14:16 --------- d-----w C:\Programmi\Mozilla Thunderbird 2008-07-28 15:54 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CanonIJPLM 2008-07-27 12:40 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Apple Computer 2008-07-20 07:32 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Installations 2008-07-20 06:36 56 --sha-w C:\Documents and Settings\All Users\Dati applicazioni\dc64vg9.sys 2008-07-20 06:31 --------- d-----w C:\Programmi\File comuni\MainConcept 2008-07-13 13:17 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\NSeries 2008-07-10 16:43 --------- d-----w C:\Programmi\File comuni\Adobe 2007-06-03 20:31 540,000 ----a-w C:\Programmi\System Cleaner 5.50.zip 2007-05-30 19:13 4,660,390 ----a-w C:\Programmi\DV_Install_Demo_v21.exe 2007-05-30 19:05 947,526 ----a-w C:\Programmi\waver.zip 2007-05-30 19:03 186,767 ----a-w C:\Programmi\audc80konvertor.exe 2007-05-30 18:39 4,408,592 ----a-w C:\Programmi\vfvh571i fax.exe 2007-05-20 08:56 814,016 ----a-w C:\Programmi\Google_Updater.exe 2007-05-19 08:06 6,337,564 ----a-w C:\Programmi\WebUpdaterForLegacyOperatingSystems_240.exe 2007-05-19 07:57 4,310,568 ----a-w C:\Programmi\WebUpdater_241 za navigator.exe 2007-05-06 17:17 17,938,288 ----a-w C:\Programmi\Install_Messenger.exe 2007-05-06 15:33 10,064,213 ----a-w C:\Programmi\POILoader_232.exe 2007-05-06 10:46 669,184 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_6_80_5_1_ita.msi 2007-05-06 10:45 658,432 ----a-w C:\Programmi\nokia_connectivity_cable_driver_rel_6_81_1_spa.msi 2007-05-06 10:07 2,372,760 ----a-w C:\Programmi\winzip90.exe 2007-05-06 10:05 13,185,024 ----a-w C:\Programmi\Nokia_DKU-5_1_24.exe 2007-05-06 08:45 273,229,544 ----a-w C:\Programmi\WindowsXP-KB835935-SP2-ITA.exe 2007-05-06 08:20 445,208 ----a-w C:\Programmi\windowsxp-kb838989-X86-ITA.exe 2007-05-06 08:08 5,034,240 ----a-w C:\Programmi\DriverDetective.exe 2007-05-06 08:04 829,577 ----a-w C:\Programmi\modem_it.chm 2007-05-05 22:32 994,304 ----a-w C:\Programmi\Setup.msi 2007-05-05 22:01 21,485,136 ----a-w C:\Programmi\Nokia_PC_Suite_683_rel_14_1_ita_web.exe 2007-05-05 21:29 23,785,680 ----a-w C:\Programmi\NokiaSoftwareUpdaterSetup_it.exe 2007-05-05 15:40 840,192 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_rel_6_83_9_0_eng.msi 2007-05-05 15:39 6,685 ----a-w C:\Programmi\Nokia6103_MS_BT.inf 2007-05-05 15:39 6,494 ----a-w C:\Programmi\Nokia6103BT.inf 2007-04-30 11:31 4,212,210 ----a-w C:\Programmi\Demo_SSTworld.exe 2007-04-30 11:27 4,064,518 ----a-w C:\Programmi\bettinggenius30.exe 2007-04-29 00:11 1,087,682 ----a-w C:\Programmi\subtitleworkshop251.zip 2007-04-24 16:09 10,451,656 ----a-w C:\Programmi\XLVIEWER.EXE 2007-04-24 16:05 28,508,368 ----a-w C:\Programmi\FileFormatConverters.exe 2007-04-24 16:01 1,321 ----a-w C:\Programmi\katalog18apr07.CSV 2007-04-24 15:51 4,792,136 ----a-w C:\Programmi\CX.EXE 2007-04-24 15:48 735,232 ----a-w C:\Programmi\katalog18Apr07.xls 2007-04-24 15:46 12,337,352 ----a-w C:\Programmi\WDVIEWER.EXE 2007-04-19 20:34 122,880 ----a-w C:\Programmi\Download_wma-mp3-converter.exe 2007-04-18 08:37 1,014,730 ----a-w C:\Programmi\PowerISO37.exe 2007-03-28 22:14 6,597,960 ----a-w C:\Programmi\audioconverter_wmf_setup.exe 2007-03-28 22:08 4,708,303 ----a-w C:\Programmi\mms1001.exe 2007-03-28 21:33 404,890 ----a-w C:\Programmi\switch.zip 2007-03-25 09:56 122,880 ----a-w C:\Programmi\Download_AliveWMAMP3Recorder.exe 2007-03-25 06:50 3,326,142 ----a-w C:\Programmi\DupKillerSetup081.zip 2007-03-20 22:19 4,107,201 ----a-w C:\Programmi\burn4free_setup.exe 2007-03-20 21:48 1,219,544 ----a-w C:\Programmi\mp3cddoctorlite.exe 2007-03-18 22:48 1,988,744 ----a-w C:\Programmi\trojanb6758.exe 2007-03-18 22:42 414,580 ----a-w C:\Programmi\Megamp3Split_2.0b.zip 2007-03-18 11:58 59,392 ----a-w C:\Programmi\Italian_Serie_A_06-07.mdb 2007-03-18 10:13 2,863,832 ----a-w C:\Programmi\DeepBurner1.exe 2007-03-18 08:37 15,342,568 ----a-w C:\Programmi\20070317-017-i32.exe 2007-03-18 08:31 13,445,912 ----a-w C:\Programmi\XPBP_ESD_IT.exe 2007-03-17 22:42 3,109,256 ----a-w C:\Programmi\LinkScannerProSetup_2_5_2_0052_9.exe 2007-03-16 18:05 402,208 ----a-w C:\Programmi\rainbow(zabranjeno)-1.2-win.zip 2007-03-16 15:22 652,560 ----a-w C:\Programmi\pdf2text.exe 2007-03-16 13:44 1,622,912 ----a-w C:\Programmi\CuteWriter.exe 2007-03-16 12:57 697,042 ----a-w C:\Programmi\Scan2PDF.zip 2007-03-16 10:12 934,479 ----a-w C:\Programmi\TE20Setup.exe 2007-03-13 15:34 71,737,595 ----a-w C:\Programmi\200301010000aib.zip 2007-03-13 15:17 3,519,074 ----a-w C:\Programmi\teach800.exe 2007-03-13 15:12 23,510,720 ----a-w C:\Programmi\dotnetfx.exe 2007-03-13 14:14 14,730,232 ----a-w C:\Programmi\DivXPlay.exe 2007-03-11 21:30 1,834,548 ----a-w C:\Programmi\tbrush35 slikanje.exe 2007-03-11 21:21 34,959,384 ----a-w C:\Programmi\5.05.18.00_ntune_winxp_international.exe 2007-03-11 21:19 9,590,117 ----a-w C:\Programmi\kmp.exe 2007-03-11 21:14 4,237,337 ----a-w C:\Programmi\RLSetup_Final.exe 2007-03-11 21:10 34,282,256 ----a-w C:\Programmi\AVSTVBox.exe 2008-01-04 04:29 0 --sh--r C:\WINDOWS\SMINST\NPC.sys 2007-03-11 00:56 56 --sh--r C:\WINDOWS\system32\590BA312D1.sys 2007-03-11 00:56 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys 2008-04-05 08:00 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat . ------- Sigcheck ------- 2004-09-07 06:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-09-07 06:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-09-07 06:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-09-07 06:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . Nota i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-27 15360] "H/PC Connection Agent"="C:\Programmi\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [X] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776] "mspwr"="C:\WINDOWS\system32\PuXpMan.exe" [2004-06-12 102400] "sclauncher"="C:\Programmi\SimpleCenter\bin\win\sclauncher.exe" [2007-09-07 94208] "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-03-09 2870784] "a-squared"="C:\Programmi\a-squared Anti-Malware\a2guard.exe" [2008-07-31 2131600] "AVP"="C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 218376] "SpySweeper"="C:\Programmi\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-01-04 5367664] "ftutil2"="ftutil2.dll" [2004-06-07 C:\WINDOWS\system32\ftutil2.dll] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoSecCPL"= 0 (0x0) "NoDevMgrPage"= 0 (0x0) "NoConfigPage"= 0 (0x0) "NoVirtMemPage"= 0 (0x0) "NoFileSysPage"= 0 (0x0) "NoNetSetup"= 0 (0x0) "NoNetSetupIDPage"= 0 (0x0) "NoNetSetupSecurityPage"= 0 (0x0) "NoWorkgroupContents"= 0 (0x0) "NoEntireNetwork"= 0 (0x0) "NoFileSharingControl"= 0 (0x0) "DisableChangePassword"= 0 (0x0) "DisableLockWorkstation"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoFileAssociate"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) "RestrictRun"= 0 (0x0) "NoResolveTrack"= 1 (0x1) "NoThumbnailCache"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoRun"= 0 (0x0) "NoLogOff"= 0 (0x0) "NoFind"= 0 (0x0) "NoClose"= 0 (0x0) "NoSetFolders"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.audxacm"= audxacm.acm "msacm.ac3acm4audx"= AC3ACM4AUDX.acm "VIDC.ACDV"= ACDV.dll "vidc.yv12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "xmlprov"=3 (0x3) "WudfSvc"=3 (0x3) "ServiceLayer"=3 (0x3) "Fax"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" "VoipStunt"="C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized "DAEMON Tools"="C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "RegEasy.exe"=C:\Programmi\Registry Easy\RegEasy.exe "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" "ISUSPM Startup"=C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup "ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\Programmi\Microsoft ActiveSync\rapimgr.exe"= C:\Programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"= C:\Programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Programmi\Microsoft ActiveSync\WCESMgr.exe"= C:\Programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Programmi\\uTorrent\\uTorrent.exe"= "C:\\Programmi\\eMule\\49\\emule.exe"= "C:\\Programmi\\Soulseek\\slsk.exe"= "C:\\Programmi\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"= "C:\\Programmi\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "4667:UDP"= 4667:UDP:emule "4661:TCP"= 4661:TCP:127.0.0.1/255.255.255.255:Enabled:emul "4672:UDP"= 4672:UDP:127.0.0.1/255.255.255.255:Enabled:emul "4673:UDP"= 4673:UDP:emila udp "22008:TCP"= 22008:TCP:souleks R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 35328] R2 a2AntiDialer;a-squared Anti-Dialer Service;C:\Programmi\a-squared Anti-Dialer\a2service.exe [2008-06-11 380016] R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432] R2 StudioPro;StudioPro webcam;C:\WINDOWS\system32\DRIVERS\StudioPro.sys [2006-12-03 124416] R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-09-07 14336] R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-02-15 2825088] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344] R3 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2007-08-24 135936] R3 usbstor;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-09-07 26496] R3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768] S3 BIOSCHK;BIOSCHK;C:\DOCUME~1\HP_ADM~1\IMPOST~1\Temp\TII15.tmp\disk1\BIOSCHK.SYS [ ] S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc3187-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 . Contenuto della cartella 'Scheduled Tasks' . - - - - ORFÇOS REMOVIDOS - - - - ShellIconOverlayIdentifiers-{51D8EAB2-A055-487F-BBE0-DFB79DD0E76D} - (no file) ShellExecuteHooks-{097F10A7-487F-4457-AB1F-827C59479A72} - (no file) . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\wu4or4dd.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1055551&SearchSource=3&q= . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-10 20:28:36 Windows 5.1.2600 Service Pack 2 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Programmi\a-squared Anti-Malware\a2service.exe C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\arservice.exe C:\WINDOWS\ehome\ehrecvr.exe C:\WINDOWS\ehome\ehSched.exe C:\Programmi\File comuni\LightScribe\LSSrvc.exe C:\Programmi\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programmi\Spyware Terminator\sp_rsser.exe C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Programmi\Webroot\Spy Sweeper\ssu.exe . ************************************************************************ . Ora fine scansione: 2008-09-10 20:33:22 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-10 18:33:12 ComboFix2.txt 2008-03-16 16:48:49 ComboFix3.txt 2008-03-16 16:12:00 ComboFix4.txt 2008-03-16 11:58:46 ComboFix5.txt 2008-09-10 18:22:07 Pre-Run: 75,595,882,496 byte disponibili Post-Run: 75,632,685,056 byte disponibili 341 --- E O F --- 2007-10-07 01:25:16

Profil

helen1 Poslao: 11 Sep 2008 17:27 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: C:\Documents and Settings\HP_Administrator\Dati applicazioni\AntispywareBot DirLook:: C:\Programmi\Fighters` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

lime70 Poslao: 11 Sep 2008 18:26 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-09-05.14 - HP_Administrator 2008-09-11 18.11.48.7 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.565 [GMT 2:00] Eseguito da: C:\Documents and Settings\HP_Administrator\Desktop\emil\ComboFix.exe . ((((((((((((((((((((((((( Files Creati Da 2008-08-11 al 2008-09-11 ))))))))))))))))))))))))))))))))))) . 2008-09-10 17:55 . 2008-09-10 18:06 <DIR> d-------- C:\VundoFix Backups 2008-09-09 19:40 . 2008-09-09 19:40 <DIR> d-------- C:\Programmi\a-squared HiJackFree 2008-09-09 19:14 . 2008-09-09 19:25 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\AntispywareBot 2008-09-09 17:37 . 2008-09-10 17:07 <DIR> d-------- C:\Programmi\a-squared Anti-Malware 2008-09-09 17:32 . 2008-09-09 17:32 <DIR> d-------- C:\Programmi\a-squared Anti-Dialer 2008-09-06 20:29 . 2008-09-06 20:33 <DIR> d-------- C:\Programmi\105 myPlayer 2008-09-06 20:26 . 2008-09-07 08:22 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-09-06 20:26 . 2008-09-06 20:26 1,409 --a------ C:\WINDOWS\QTFont.for . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-11 15:43 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\CallingID 2008-09-10 20:04 352,032 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-09-10 20:04 29,804 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-09-10 20:04 213,944 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-09-10 20:04 16,543,776 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-09-10 18:29 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab 2008-09-10 18:20 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP 2008-09-10 15:12 --------- d-----w C:\Programmi\Bonjour 2008-09-10 15:06 --------- d-----w C:\Programmi\Registry Easy 2008-09-10 15:01 --------- d-----w C:\Programmi\Spyware Terminator 2008-09-09 18:16 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\RFA_Backups 2008-08-27 16:51 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Nokia Multimedia Player 2008-08-26 20:51 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Skype 2008-08-12 18:00 --------- d-----w C:\Programmi\Fighters 2008-08-06 18:22 --------- d-----w C:\Programmi\Spyware Doctor 2008-08-05 18:40 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator 2008-08-03 18:18 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Fighters 2008-08-01 19:45 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\GARMIN 2008-07-31 20:15 --------- d-----w C:\Programmi\File comuni\Sonic Shared 2008-07-31 20:13 --------- d-----w C:\Programmi\Sonic 2008-07-31 16:29 --------- d-----w C:\Programmi\eMule 2008-07-31 16:21 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\uTorrent 2008-07-30 15:35 --------- d-----w C:\Programmi\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\LocalService\Dati applicazioni\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Webroot 2008-07-30 15:26 --------- d-----w C:\Programmi\BearShare Applications 2008-07-30 15:26 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\BearShare 2008-07-30 15:24 164 ----a-w C:\install.dat 2008-07-30 14:16 --------- d-----w C:\Programmi\Mozilla Thunderbird 2008-07-28 15:54 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CanonIJPLM 2008-07-27 12:40 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Apple Computer 2008-07-20 07:32 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Installations 2008-07-20 06:36 56 --sha-w C:\Documents and Settings\All Users\Dati applicazioni\dc64vg9.sys 2008-07-20 06:31 --------- d-----w C:\Programmi\File comuni\MainConcept 2008-07-13 13:17 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\NSeries 2007-06-03 20:31 540,000 ----a-w C:\Programmi\System Cleaner 5.50.zip 2007-05-30 19:13 4,660,390 ----a-w C:\Programmi\DV_Install_Demo_v21.exe 2007-05-30 19:05 947,526 ----a-w C:\Programmi\waver.zip 2007-05-30 19:03 186,767 ----a-w C:\Programmi\audc80konvertor.exe 2007-05-30 18:39 4,408,592 ----a-w C:\Programmi\vfvh571i fax.exe 2007-05-20 08:56 814,016 ----a-w C:\Programmi\Google_Updater.exe 2007-05-19 08:06 6,337,564 ----a-w C:\Programmi\WebUpdaterForLegacyOperatingSystems_240.exe 2007-05-19 07:57 4,310,568 ----a-w C:\Programmi\WebUpdater_241 za navigator.exe 2007-05-06 17:17 17,938,288 ----a-w C:\Programmi\Install_Messenger.exe 2007-05-06 15:33 10,064,213 ----a-w C:\Programmi\POILoader_232.exe 2007-05-06 10:46 669,184 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_6_80_5_1_ita.msi 2007-05-06 10:45 658,432 ----a-w C:\Programmi\nokia_connectivity_cable_driver_rel_6_81_1_spa.msi 2007-05-06 10:07 2,372,760 ----a-w C:\Programmi\winzip90.exe 2007-05-06 10:05 13,185,024 ----a-w C:\Programmi\Nokia_DKU-5_1_24.exe 2007-05-06 08:45 273,229,544 ----a-w C:\Programmi\WindowsXP-KB835935-SP2-ITA.exe 2007-05-06 08:20 445,208 ----a-w C:\Programmi\windowsxp-kb838989-X86-ITA.exe 2007-05-06 08:08 5,034,240 ----a-w C:\Programmi\DriverDetective.exe 2007-05-06 08:04 829,577 ----a-w C:\Programmi\modem_it.chm 2007-05-05 22:32 994,304 ----a-w C:\Programmi\Setup.msi 2007-05-05 22:01 21,485,136 ----a-w C:\Programmi\Nokia_PC_Suite_683_rel_14_1_ita_web.exe 2007-05-05 21:29 23,785,680 ----a-w C:\Programmi\NokiaSoftwareUpdaterSetup_it.exe 2007-05-05 15:40 840,192 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_rel_6_83_9_0_eng.msi 2007-05-05 15:39 6,685 ----a-w C:\Programmi\Nokia6103_MS_BT.inf 2007-05-05 15:39 6,494 ----a-w C:\Programmi\Nokia6103BT.inf 2007-04-30 11:31 4,212,210 ----a-w C:\Programmi\Demo_SSTworld.exe 2007-04-30 11:27 4,064,518 ----a-w C:\Programmi\bettinggenius30.exe 2007-04-29 00:11 1,087,682 ----a-w C:\Programmi\subtitleworkshop251.zip 2007-04-24 16:09 10,451,656 ----a-w C:\Programmi\XLVIEWER.EXE 2007-04-24 16:05 28,508,368 ----a-w C:\Programmi\FileFormatConverters.exe 2007-04-24 16:01 1,321 ----a-w C:\Programmi\katalog18apr07.CSV 2007-04-24 15:51 4,792,136 ----a-w C:\Programmi\CX.EXE 2007-04-24 15:48 735,232 ----a-w C:\Programmi\katalog18Apr07.xls 2007-04-24 15:46 12,337,352 ----a-w C:\Programmi\WDVIEWER.EXE 2007-04-19 20:34 122,880 ----a-w C:\Programmi\Download_wma-mp3-converter.exe 2007-04-18 08:37 1,014,730 ----a-w C:\Programmi\PowerISO37.exe 2007-03-28 22:14 6,597,960 ----a-w C:\Programmi\audioconverter_wmf_setup.exe 2007-03-28 22:08 4,708,303 ----a-w C:\Programmi\mms1001.exe 2007-03-28 21:33 404,890 ----a-w C:\Programmi\switch.zip 2007-03-25 09:56 122,880 ----a-w C:\Programmi\Download_AliveWMAMP3Recorder.exe 2007-03-25 06:50 3,326,142 ----a-w C:\Programmi\DupKillerSetup081.zip 2007-03-20 22:19 4,107,201 ----a-w C:\Programmi\burn4free_setup.exe 2007-03-20 21:48 1,219,544 ----a-w C:\Programmi\mp3cddoctorlite.exe 2007-03-18 22:48 1,988,744 ----a-w C:\Programmi\trojanb6758.exe 2007-03-18 22:42 414,580 ----a-w C:\Programmi\Megamp3Split_2.0b.zip 2007-03-18 11:58 59,392 ----a-w C:\Programmi\Italian_Serie_A_06-07.mdb 2007-03-18 10:13 2,863,832 ----a-w C:\Programmi\DeepBurner1.exe 2007-03-18 08:37 15,342,568 ----a-w C:\Programmi\20070317-017-i32.exe 2007-03-18 08:31 13,445,912 ----a-w C:\Programmi\XPBP_ESD_IT.exe 2007-03-17 22:42 3,109,256 ----a-w C:\Programmi\LinkScannerProSetup_2_5_2_0052_9.exe 2007-03-16 18:05 402,208 ----a-w C:\Programmi\rainbow(zabranjeno)-1.2-win.zip 2007-03-16 15:22 652,560 ----a-w C:\Programmi\pdf2text.exe 2007-03-16 13:44 1,622,912 ----a-w C:\Programmi\CuteWriter.exe 2007-03-16 12:57 697,042 ----a-w C:\Programmi\Scan2PDF.zip 2007-03-16 10:12 934,479 ----a-w C:\Programmi\TE20Setup.exe 2007-03-13 15:34 71,737,595 ----a-w C:\Programmi\200301010000aib.zip 2007-03-13 15:17 3,519,074 ----a-w C:\Programmi\teach800.exe 2007-03-13 15:12 23,510,720 ----a-w C:\Programmi\dotnetfx.exe 2007-03-13 14:14 14,730,232 ----a-w C:\Programmi\DivXPlay.exe 2007-03-11 21:30 1,834,548 ----a-w C:\Programmi\tbrush35 slikanje.exe 2007-03-11 21:21 34,959,384 ----a-w C:\Programmi\5.05.18.00_ntune_winxp_international.exe 2007-03-11 21:19 9,590,117 ----a-w C:\Programmi\kmp.exe 2007-03-11 21:14 4,237,337 ----a-w C:\Programmi\RLSetup_Final.exe 2007-03-11 21:10 34,282,256 ----a-w C:\Programmi\AVSTVBox.exe 2007-03-11 20:58 24,836,360 ----a-w C:\Programmi\acdsee.exe 2008-01-04 04:29 0 --sh--r C:\WINDOWS\SMINST\NPC.sys 2007-03-11 00:56 56 --sh--r C:\WINDOWS\system32\590BA312D1.sys 2007-03-11 00:56 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys 2008-04-05 08:00 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat . ------- Sigcheck ------- 2004-09-07 06:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-09-07 06:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-09-07 06:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-09-07 06:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys . ((((((((((((((((((((((((((((( snapshot@2008-09-10_20.32.40.32 ))))))))))))))))))))))))))))))))))))))))) . + 2008-09-11 15:25:48 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_544.dat . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . Nota i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-27 15360] "H/PC Connection Agent"="C:\Programmi\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [X] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776] "mspwr"="C:\WINDOWS\system32\PuXpMan.exe" [2004-06-12 102400] "sclauncher"="C:\Programmi\SimpleCenter\bin\win\sclauncher.exe" [2007-09-07 94208] "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-03-09 2870784] "a-squared"="C:\Programmi\a-squared Anti-Malware\a2guard.exe" [2008-07-31 2131600] "SpySweeper"="C:\Programmi\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-01-04 5367664] "ftutil2"="ftutil2.dll" [2004-06-07 C:\WINDOWS\system32\ftutil2.dll] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoSecCPL"= 0 (0x0) "NoDevMgrPage"= 0 (0x0) "NoConfigPage"= 0 (0x0) "NoVirtMemPage"= 0 (0x0) "NoFileSysPage"= 0 (0x0) "NoNetSetup"= 0 (0x0) "NoNetSetupIDPage"= 0 (0x0) "NoNetSetupSecurityPage"= 0 (0x0) "NoWorkgroupContents"= 0 (0x0) "NoEntireNetwork"= 0 (0x0) "NoFileSharingControl"= 0 (0x0) "DisableChangePassword"= 0 (0x0) "DisableLockWorkstation"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoFileAssociate"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) "RestrictRun"= 0 (0x0) "NoResolveTrack"= 1 (0x1) "NoThumbnailCache"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoRun"= 0 (0x0) "NoLogOff"= 0 (0x0) "NoFind"= 0 (0x0) "NoClose"= 0 (0x0) "NoSetFolders"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.audxacm"= audxacm.acm "msacm.ac3acm4audx"= AC3ACM4AUDX.acm "VIDC.ACDV"= ACDV.dll "vidc.yv12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "xmlprov"=3 (0x3) "WudfSvc"=3 (0x3) "ServiceLayer"=3 (0x3) "Fax"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" "VoipStunt"="C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized "DAEMON Tools"="C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "RegEasy.exe"=C:\Programmi\Registry Easy\RegEasy.exe "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" "ISUSPM Startup"=C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup "ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\Programmi\Microsoft ActiveSync\rapimgr.exe"= C:\Programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"= C:\Programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Programmi\Microsoft ActiveSync\WCESMgr.exe"= C:\Programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Programmi\\uTorrent\\uTorrent.exe"= "C:\\Programmi\\eMule\\49\\emule.exe"= "C:\\Programmi\\Soulseek\\slsk.exe"= "C:\\Programmi\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"= "C:\\Programmi\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "4667:UDP"= 4667:UDP:emule "4661:TCP"= 4661:TCP:127.0.0.1/255.255.255.255:Enabled:emul "4672:UDP"= 4672:UDP:127.0.0.1/255.255.255.255:Enabled:emul "4673:UDP"= 4673:UDP:emila udp "22008:TCP"= 22008:TCP:souleks R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 35328] R2 a2AntiDialer;a-squared Anti-Dialer Service;C:\Programmi\a-squared Anti-Dialer\a2service.exe [2008-06-11 380016] R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432] R2 StudioPro;StudioPro webcam;C:\WINDOWS\system32\DRIVERS\StudioPro.sys [2006-12-03 124416] R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-09-07 14336] R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-02-15 2825088] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344] R3 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2007-08-24 135936] R3 usbstor;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-09-07 26496] R3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768] S3 BIOSCHK;BIOSCHK;C:\DOCUME~1\HP_ADM~1\IMPOST~1\Temp\TII15.tmp\disk1\BIOSCHK.SYS [ ] S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc3187-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 . Contenuto della cartella 'Scheduled Tasks' . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\wu4or4dd.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1055551&SearchSource=3&q= . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-11 18:14:24 Windows 5.1.2600 Service Pack 2 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************ . Ora fine scansione: 2008-09-11 18:15:26 ComboFix-quarantined-files.txt 2008-09-11 16:15:21 ComboFix2.txt 2008-09-10 18:33:24 ComboFix3.txt 2008-03-16 16:48:49 ComboFix4.txt 2008-03-16 16:12:00 ComboFix5.txt 2008-09-11 16:09:53 Pre-Run: 76,033,945,600 byte disponibili Post-Run: 76,013,404,160 byte disponibili 297 --- E O F --- 2007-10-07 01:25:16

Profil

helen1 Poslao: 11 Sep 2008 20:14 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi uradio kako sam ti rekao? Iskljuci Kaspersky pa probaj ponovo.

Profil

lime70 Poslao: 11 Sep 2008 22:10 Idi na vrh
offline lime70 Građanin Pridružio: 09 Mar 2008 Poruke: 42	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Cao mislim da ima neki problem sa ovim kad krene combofix napise mi upozorenje CFScript errore nome mada je combofix otvoren i pise da je spreman i da sacekam Dopuna: 11 Sep 2008 22:10 Kad prevucem skrip na combofix on se pokrene i izbacici da ime nije uredu kad otvorim combofix posle toga bez prebacivanja on skeneia evo ti ponovo log ComboFix 08-09-05.14 - HP_Administrator 2008-09-11 21.43.51.8 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.584 [GMT 2:00] Eseguito da: C:\Documents and Settings\HP_Administrator\Desktop\emil\ComboFix.exe . ((((((((((((((((((((((((( Files Creati Da 2008-08-11 al 2008-09-11 ))))))))))))))))))))))))))))))))))) . 2008-09-10 17:55 . 2008-09-10 18:06 <DIR> d-------- C:\VundoFix Backups 2008-09-09 19:40 . 2008-09-09 19:40 <DIR> d-------- C:\Programmi\a-squared HiJackFree 2008-09-09 19:14 . 2008-09-09 19:25 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Dati applicazioni\AntispywareBot 2008-09-09 17:37 . 2008-09-10 17:07 <DIR> d-------- C:\Programmi\a-squared Anti-Malware 2008-09-09 17:32 . 2008-09-09 17:32 <DIR> d-------- C:\Programmi\a-squared Anti-Dialer 2008-09-06 20:26 . 2008-09-07 08:22 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-09-06 20:26 . 2008-09-06 20:26 1,409 --a------ C:\WINDOWS\QTFont.for . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-11 19:42 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\CallingID 2008-09-11 18:06 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab 2008-09-10 20:04 352,032 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-09-10 20:04 29,804 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-09-10 20:04 213,944 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-09-10 20:04 16,543,776 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-09-10 18:20 --------- d---a-w C:\Documents and Settings\All Users\Dati applicazioni\TEMP 2008-09-10 15:12 --------- d-----w C:\Programmi\Bonjour 2008-09-10 15:06 --------- d-----w C:\Programmi\Registry Easy 2008-09-10 15:01 --------- d-----w C:\Programmi\Spyware Terminator 2008-09-09 18:16 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\RFA_Backups 2008-08-27 16:51 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Nokia Multimedia Player 2008-08-26 20:51 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Skype 2008-08-12 18:00 --------- d-----w C:\Programmi\Fighters 2008-08-06 18:22 --------- d-----w C:\Programmi\Spyware Doctor 2008-08-05 18:40 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator 2008-08-03 18:18 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Fighters 2008-08-01 19:45 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\GARMIN 2008-07-31 20:15 --------- d-----w C:\Programmi\File comuni\Sonic Shared 2008-07-31 20:13 --------- d-----w C:\Programmi\Sonic 2008-07-31 16:29 --------- d-----w C:\Programmi\eMule 2008-07-31 16:21 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\uTorrent 2008-07-30 15:35 --------- d-----w C:\Programmi\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\LocalService\Dati applicazioni\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Webroot 2008-07-30 15:35 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Webroot 2008-07-30 15:26 --------- d-----w C:\Programmi\BearShare Applications 2008-07-30 15:26 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\BearShare 2008-07-30 15:24 164 ----a-w C:\install.dat 2008-07-30 14:16 --------- d-----w C:\Programmi\Mozilla Thunderbird 2008-07-28 15:54 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\CanonIJPLM 2008-07-27 12:40 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\Apple Computer 2008-07-20 07:32 --------- d-----w C:\Documents and Settings\All Users\Dati applicazioni\Installations 2008-07-20 06:36 56 --sha-w C:\Documents and Settings\All Users\Dati applicazioni\dc64vg9.sys 2008-07-20 06:31 --------- d-----w C:\Programmi\File comuni\MainConcept 2008-07-13 13:17 --------- d-----w C:\Documents and Settings\HP_Administrator\Dati applicazioni\NSeries 2007-06-03 20:31 540,000 ----a-w C:\Programmi\System Cleaner 5.50.zip 2007-05-30 19:13 4,660,390 ----a-w C:\Programmi\DV_Install_Demo_v21.exe 2007-05-30 19:05 947,526 ----a-w C:\Programmi\waver.zip 2007-05-30 19:03 186,767 ----a-w C:\Programmi\audc80konvertor.exe 2007-05-30 18:39 4,408,592 ----a-w C:\Programmi\vfvh571i fax.exe 2007-05-20 08:56 814,016 ----a-w C:\Programmi\Google_Updater.exe 2007-05-19 08:06 6,337,564 ----a-w C:\Programmi\WebUpdaterForLegacyOperatingSystems_240.exe 2007-05-19 07:57 4,310,568 ----a-w C:\Programmi\WebUpdater_241 za navigator.exe 2007-05-06 17:17 17,938,288 ----a-w C:\Programmi\Install_Messenger.exe 2007-05-06 15:33 10,064,213 ----a-w C:\Programmi\POILoader_232.exe 2007-05-06 10:46 669,184 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_6_80_5_1_ita.msi 2007-05-06 10:45 658,432 ----a-w C:\Programmi\nokia_connectivity_cable_driver_rel_6_81_1_spa.msi 2007-05-06 10:07 2,372,760 ----a-w C:\Programmi\winzip90.exe 2007-05-06 10:05 13,185,024 ----a-w C:\Programmi\Nokia_DKU-5_1_24.exe 2007-05-06 08:45 273,229,544 ----a-w C:\Programmi\WindowsXP-KB835935-SP2-ITA.exe 2007-05-06 08:20 445,208 ----a-w C:\Programmi\windowsxp-kb838989-X86-ITA.exe 2007-05-06 08:08 5,034,240 ----a-w C:\Programmi\DriverDetective.exe 2007-05-06 08:04 829,577 ----a-w C:\Programmi\modem_it.chm 2007-05-05 22:32 994,304 ----a-w C:\Programmi\Setup.msi 2007-05-05 22:01 21,485,136 ----a-w C:\Programmi\Nokia_PC_Suite_683_rel_14_1_ita_web.exe 2007-05-05 21:29 23,785,680 ----a-w C:\Programmi\NokiaSoftwareUpdaterSetup_it.exe 2007-05-05 15:40 840,192 ----a-w C:\Programmi\Nokia_Connectivity_Cable_Driver_rel_6_83_9_0_eng.msi 2007-05-05 15:39 6,685 ----a-w C:\Programmi\Nokia6103_MS_BT.inf 2007-05-05 15:39 6,494 ----a-w C:\Programmi\Nokia6103BT.inf 2007-04-30 11:31 4,212,210 ----a-w C:\Programmi\Demo_SSTworld.exe 2007-04-30 11:27 4,064,518 ----a-w C:\Programmi\bettinggenius30.exe 2007-04-29 00:11 1,087,682 ----a-w C:\Programmi\subtitleworkshop251.zip 2007-04-24 16:09 10,451,656 ----a-w C:\Programmi\XLVIEWER.EXE 2007-04-24 16:05 28,508,368 ----a-w C:\Programmi\FileFormatConverters.exe 2007-04-24 16:01 1,321 ----a-w C:\Programmi\katalog18apr07.CSV 2007-04-24 15:51 4,792,136 ----a-w C:\Programmi\CX.EXE 2007-04-24 15:48 735,232 ----a-w C:\Programmi\katalog18Apr07.xls 2007-04-24 15:46 12,337,352 ----a-w C:\Programmi\WDVIEWER.EXE 2007-04-19 20:34 122,880 ----a-w C:\Programmi\Download_wma-mp3-converter.exe 2007-04-18 08:37 1,014,730 ----a-w C:\Programmi\PowerISO37.exe 2007-03-28 22:14 6,597,960 ----a-w C:\Programmi\audioconverter_wmf_setup.exe 2007-03-28 22:08 4,708,303 ----a-w C:\Programmi\mms1001.exe 2007-03-28 21:33 404,890 ----a-w C:\Programmi\switch.zip 2007-03-25 09:56 122,880 ----a-w C:\Programmi\Download_AliveWMAMP3Recorder.exe 2007-03-25 06:50 3,326,142 ----a-w C:\Programmi\DupKillerSetup081.zip 2007-03-20 22:19 4,107,201 ----a-w C:\Programmi\burn4free_setup.exe 2007-03-20 21:48 1,219,544 ----a-w C:\Programmi\mp3cddoctorlite.exe 2007-03-18 22:48 1,988,744 ----a-w C:\Programmi\trojanb6758.exe 2007-03-18 22:42 414,580 ----a-w C:\Programmi\Megamp3Split_2.0b.zip 2007-03-18 11:58 59,392 ----a-w C:\Programmi\Italian_Serie_A_06-07.mdb 2007-03-18 10:13 2,863,832 ----a-w C:\Programmi\DeepBurner1.exe 2007-03-18 08:37 15,342,568 ----a-w C:\Programmi\20070317-017-i32.exe 2007-03-18 08:31 13,445,912 ----a-w C:\Programmi\XPBP_ESD_IT.exe 2007-03-17 22:42 3,109,256 ----a-w C:\Programmi\LinkScannerProSetup_2_5_2_0052_9.exe 2007-03-16 18:05 402,208 ----a-w C:\Programmi\rainbow(zabranjeno)-1.2-win.zip 2007-03-16 15:22 652,560 ----a-w C:\Programmi\pdf2text.exe 2007-03-16 13:44 1,622,912 ----a-w C:\Programmi\CuteWriter.exe 2007-03-16 12:57 697,042 ----a-w C:\Programmi\Scan2PDF.zip 2007-03-16 10:12 934,479 ----a-w C:\Programmi\TE20Setup.exe 2007-03-13 15:34 71,737,595 ----a-w C:\Programmi\200301010000aib.zip 2007-03-13 15:17 3,519,074 ----a-w C:\Programmi\teach800.exe 2007-03-13 15:12 23,510,720 ----a-w C:\Programmi\dotnetfx.exe 2007-03-13 14:14 14,730,232 ----a-w C:\Programmi\DivXPlay.exe 2007-03-11 21:30 1,834,548 ----a-w C:\Programmi\tbrush35 slikanje.exe 2007-03-11 21:21 34,959,384 ----a-w C:\Programmi\5.05.18.00_ntune_winxp_international.exe 2007-03-11 21:19 9,590,117 ----a-w C:\Programmi\kmp.exe 2007-03-11 21:14 4,237,337 ----a-w C:\Programmi\RLSetup_Final.exe 2007-03-11 21:10 34,282,256 ----a-w C:\Programmi\AVSTVBox.exe 2007-03-11 20:58 24,836,360 ----a-w C:\Programmi\acdsee.exe 2008-01-04 04:29 0 --sh--r C:\WINDOWS\SMINST\NPC.sys 2007-03-11 00:56 56 --sh--r C:\WINDOWS\system32\590BA312D1.sys 2007-03-11 00:56 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys 2008-04-05 08:00 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Temporary Internet Files\Content.IE5\index.dat . ------- Sigcheck ------- 2004-09-07 06:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-09-07 06:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-09-07 06:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-09-07 06:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys . ((((((((((((((((((((((((((((( snapshot@2008-09-10_20.32.40.32 ))))))))))))))))))))))))))))))))))))))))) . + 2008-09-11 15:25:48 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_544.dat . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . Nota i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-27 15360] "H/PC Connection Agent"="C:\Programmi\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [X] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776] "mspwr"="C:\WINDOWS\system32\PuXpMan.exe" [2004-06-12 102400] "sclauncher"="C:\Programmi\SimpleCenter\bin\win\sclauncher.exe" [2007-09-07 94208] "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" [2008-03-09 2870784] "a-squared"="C:\Programmi\a-squared Anti-Malware\a2guard.exe" [2008-07-31 2131600] "SpySweeper"="C:\Programmi\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-01-04 5367664] "ftutil2"="ftutil2.dll" [2004-06-07 C:\WINDOWS\system32\ftutil2.dll] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoSecCPL"= 0 (0x0) "NoDevMgrPage"= 0 (0x0) "NoConfigPage"= 0 (0x0) "NoVirtMemPage"= 0 (0x0) "NoFileSysPage"= 0 (0x0) "NoNetSetup"= 0 (0x0) "NoNetSetupIDPage"= 0 (0x0) "NoNetSetupSecurityPage"= 0 (0x0) "NoWorkgroupContents"= 0 (0x0) "NoEntireNetwork"= 0 (0x0) "NoFileSharingControl"= 0 (0x0) "DisableChangePassword"= 0 (0x0) "DisableLockWorkstation"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoFileAssociate"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuPinnedList"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoPrinterTabs"= 0 (0x0) "NoDeletePrinter"= 0 (0x0) "NoAddPrinter"= 0 (0x0) "NoPrinters"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) "NoRecentDocsNetHood"= 0 (0x0) "NoChangeAnimation"= 0 (0x0) "NoChangeKeyboardNavigationIndicators"= 0 (0x0) "RestrictRun"= 0 (0x0) "NoResolveTrack"= 1 (0x1) "NoThumbnailCache"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoRun"= 0 (0x0) "NoLogOff"= 0 (0x0) "NoFind"= 0 (0x0) "NoClose"= 0 (0x0) "NoSetFolders"= 0 (0x0) "NoFavoritesMenu"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.audxacm"= audxacm.acm "msacm.ac3acm4audx"= AC3ACM4AUDX.acm "VIDC.ACDV"= ACDV.dll "vidc.yv12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "xmlprov"=3 (0x3) "WudfSvc"=3 (0x3) "ServiceLayer"=3 (0x3) "Fax"=3 (0x3) "BlueSoleil Hid Service"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe" "VoipStunt"="C:\Programmi\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized "DAEMON Tools"="C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "RegEasy.exe"=C:\Programmi\Registry Easy\RegEasy.exe "SpywareTerminator"="C:\Programmi\Spyware Terminator\SpywareTerminatorShield.exe" "ISUSPM Startup"=C:\PROGRA~1\FILECO~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup "ISUSScheduler"="C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Programmi\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Programmi\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\Programmi\Microsoft ActiveSync\rapimgr.exe"= C:\Programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"= C:\Programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Programmi\Microsoft ActiveSync\WCESMgr.exe"= C:\Programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Programmi\\uTorrent\\uTorrent.exe"= "C:\\Programmi\\eMule\\49\\emule.exe"= "C:\\Programmi\\Soulseek\\slsk.exe"= "C:\\Programmi\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"= "C:\\Programmi\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "4667:UDP"= 4667:UDP:emule "4661:TCP"= 4661:TCP:127.0.0.1/255.255.255.255:Enabled:emul "4672:UDP"= 4672:UDP:127.0.0.1/255.255.255.255:Enabled:emul "4673:UDP"= 4673:UDP:emila udp "22008:TCP"= 22008:TCP:souleks R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 35328] R2 a2AntiDialer;a-squared Anti-Dialer Service;C:\Programmi\a-squared Anti-Dialer\a2service.exe [2008-06-11 380016] R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Programmi\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432] R2 StudioPro;StudioPro webcam;C:\WINDOWS\system32\DRIVERS\StudioPro.sys [2006-12-03 124416] R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-09-07 14336] R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-02-15 2825088] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344] R3 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2007-08-24 135936] R3 usbstor;Driver archiviazione di massa USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-09-07 26496] R3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768] S3 BIOSCHK;BIOSCHK;C:\DOCUME~1\HP_ADM~1\IMPOST~1\Temp\TII15.tmp\disk1\BIOSCHK.SYS [ ] S3 usbscan;Driver scanner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] \Shell\AutoRun\command - K:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cc3187-cece-11db-821f-806d6172696f}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480 . Contenuto della cartella 'Scheduled Tasks' . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\HP_Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\wu4or4dd.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1055551&SearchSource=3&q= . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-11 21:46:00 Windows 5.1.2600 Service Pack 2 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************ . Ora fine scansione: 2008-09-11 21:47:16 ComboFix-quarantined-files.txt 2008-09-11 19:47:02 ComboFix2.txt 2008-09-11 16:15:28 ComboFix3.txt 2008-09-10 18:33:24 ComboFix4.txt 2008-03-16 16:48:49 ComboFix5.txt 2008-09-11 19:18:21 Pre-Run: 76,016,193,536 byte disponibili Post-Run: 75,996,897,280 byte disponibili 296 --- E O F --- 2007-10-07 01:25:16

Profil

helen1 Poslao: 12 Sep 2008 08:37 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sorry, moja greska u pisanju skripte. Iskljuci KAV, pa probaj ovako: Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: C:\Documents and Settings\HP_Administrator\Dati applicazioni\AntispywareBot DirLook:: C:\Programmi\Fighters` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » plavi ekran

Ko je trenutno na forumu

Ukupno su 932 korisnika na forumu :: 23 registrovanih, 2 sakrivenih i 907 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Alibaba1981, Ben Roj, Bobrock1, comi_pfc, Djokislav, Dukelander, havoc995, kunktator, Litostroton, Metanoja, milenko crazy north, nuke92, oldtimer, Rema000, repac, Rocky I, sabros, tubular, Vatreni Zmaj, VJ, WerWolf14, wolf431, 2001

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by