task menager problem..

1

task menager problem..

offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

Nece da se startuje nikako...




mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

jockyy1 ::Nece da se startuje nikako...




https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Zdravo,

Zakacio si nam dva ista fajla. A, i fale GMER logovi koji su obavezni.

offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

ne kontam ...sta sad treba da radim??

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Oba fajla koja si mi okacio su ista.

offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

mycity.rs/must-login.png

mycity.rs/must-login.png


jel sad ok?


DDS (Ver_09-07-30.01) - NTFSx86
Run by XPPRESP3 at 17:21:25,10 on pet 25.09.2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.2046.1142 [GMT 2:00]


============== Running Processes ===============

F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
F:\WINDOWS\System32\svchost.exe -k netsvcs
F:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\acs.exe
F:\Program Files\Avira\AntiVir Desktop\sched.exe
F:\Program Files\Avira\AntiVir Desktop\avguard.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\Java\jre6\bin\jqs.exe
f:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
F:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp155.exe
F:\WINDOWS\system32\svchost.exe -k imgsvc
F:\WINDOWS\system32\SearchIndexer.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\SeekappSrch\seekappsrch.exe
F:\Program Files\TP-LINK\TWCU\TWCU.exe
F:\WINDOWS\PixArt\PAC7302\Monitor.exe
F:\WINDOWS\system32\CTHELPER.EXE
F:\Program Files\Google\Google Talk\googletalk.exe
F:\Program Files\Avira\AntiVir Desktop\avgnt.exe
F:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
F:\WINDOWS\system32\fpplock.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe
F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Winamp\winampa.exe
F:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
F:\WINDOWS\system32\kxmixer.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Skype\Phone\Skype.exe
F:\Program Files\DNA\btdna.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
F:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\Program Files\HDD Thermometer\HDD Thermometer.exe
F:\Program Files\Picasa2\PicasaMediaDetector.exe
F:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
F:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
F:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\XPPRESP3\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://search.live.com/sphome.aspx
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - f:\program files\winamp toolbar\winamptb.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - f:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - f:\progra~1\spybot~1\SDHelper.dll
{5c255c8a-e604-49b4-9d64-90988571cecb}
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - f:\progra~1\micros~1\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - f:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AE7CD045-E861-484f-8273-0445EE161910} - No File
BHO: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - f:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - f:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - f:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - f:\program files\winamp toolbar\winamptb.dll
TB: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - f:\program files\ask.com\GenericAskToolbar.dll
EB: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File
uRun: [CTFMON.EXE] f:\windows\system32\ctfmon.exe
uRun: [Skype] "f:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [BitTorrent DNA] "f:\program files\dna\btdna.exe"
uRun: [Google Update] "f:\documents and settings\xppresp3\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [DriverUpdaterPro] f:\program files\ixi tools\driver updater pro\DriverUpdaterPro.exe -t
uRun: [msnmsgr] "f:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Sony Ericsson PC Suite] "f:\program files\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon
uRun: [PC Suite Tray] "f:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [SpybotSD TeaTimer] f:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [RSD_HDDThermo] f:\program files\hdd thermometer\HDD Thermometer.exe
uRun: [Picasa Media Detector] f:\program files\picasa2\PicasaMediaDetector.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "f:\program files\common files\ahead\lib\NMBgMonitor.exe"
mRun: [TWCU] "f:\program files\tp-link\twcu\TWCU.exe" -nogui
mRun: [PAC7302_Monitor] f:\windows\pixart\pac7302\Monitor.exe
mRun: [WINDVDPatch] CTHELPER.EXE
mRun: [googletalk] f:\program files\google\google talk\googletalk.exe /autostart
mRun: [avgnt] "f:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [AppleSyncNotifier] f:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [<NO NAME>]
mRun: [StatusClient] f:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /auto
mRun: [TomcatStartup] f:\program files\hewlett-packard\toolbox2.0\hpbpsttp.exe
mRun: [NeroFilterCheck] f:\windows\system32\NeroCheck.exe
mRun: [GrooveMonitor] "f:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "f:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [ISUSPM Startup] f:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [ISUSScheduler] "f:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [CheckPoint Cleanup] f:\docume~1\xppresp3\locals~1\temp\cpes_clean_launcher.exe f:\docume~1\xppresp3\locals~1\temp\cpes_clean.exe -restarted -s -noreboot
mRun: [Warning: do not remove it!] fpplock.exe
mRun: [SunJavaUpdateSched] "f:\program files\java\jre6\bin\jusched.exe"
mRun: [BVRPLiveUpdate] f:\program files\avanquest update\engine\setup.exe -s /patch,/srcupdatef:\docume~1\alluse~1\applic~1\sonyer~1\sonyer~1\liveup~1\LISTOF~1.DAT
mRun: [QuickTime Task] "f:\program files\k-lite codec pack\quicktime\QTTask.exe" -atboottime
mRun: [StartCCC] "f:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [TkBellExe] "f:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [WinampAgent] "f:\program files\winamp\winampa.exe"
mRun: [NokiaMusic FastStart] "f:\program files\nokia\nokia music\NokiaMusic.exe" /command:faststart
mRun: [NokiaMServer] f:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles
mRun: [MultiScreen] f:\program files\multiscreen\MultiScreen.exe
mRun: [kX Mixer] f:\windows\system32\kxmixer.exe --startup
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "f:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [CTFMON.EXE] f:\windows\system32\ctfmon.exe
StartupFolder: f:\docume~1\xppresp3\startm~1\programs\startup\foldin~1.lnk - f:\docume~1\xppresp3\applic~1\microsoft\installer\{6a90c837-054e-44ae-b9bd-1b1f87986bbc}\_98830A63A82EB98D7BA198.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - f:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - f:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\bdarem~1.lnk - f:\program files\usb tv\em28xx\BDARemote.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - f:\program files\windows desktop search\WindowsSearch.exe
dPolicies-explorer: NoSMHelp = 1 (0x1)
IE: &Winamp Search - f:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: Download by VersalSoft Internet Download
IE: E&xport to Microsoft Excel - f:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - f:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - f:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - f:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - f:\progra~1\spybot~1\SDHelper.dll
DPF: 
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - f:\progra~1\micros~1\office12\GR99D3~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - f:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - f:\progra~1\micros~1\office12\GRA8E1~1.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - f:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - f:\docume~1\xppresp3\applic~1\mozilla\firefox\profiles\n48befew.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2010429&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.com
FF - component: f:\documents and settings\xppresp3\application data\mozilla\firefox\profiles\n48befew.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: f:\documents and settings\xppresp3\application data\mozilla\firefox\profiles\n48befew.default\extensions\{52f2b999-2724-4693-b1a5-86d167ba79a6}\components\FFExternalAlert.dll
FF - component: f:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: f:\documents and settings\xppresp3\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: f:\documents and settings\xppresp3\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: f:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: f:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin.dll
FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin2.dll
FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin3.dll
FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin4.dll
FF - plugin: f:\program files\k-lite codec pack\quicktime\plugins\npqtplugin5.dll
FF - plugin: f:\program files\microsoft\office live\npOLW.dll
FF - plugin: f:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: f:\program files\opera\program\plugins\np_gp.dll
FF - plugin: f:\program files\picasa2\npPicasa2.dll
FF - plugin: f:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
f:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
f:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
f:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
f:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
f:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
f:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
f:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
f:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
f:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
f:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
f:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;f:\program files\avira\antivir desktop\avgio.sys [2009-5-22 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;f:\program files\avira\antivir desktop\sched.exe [2009-5-22 108289]
R2 AntiVirService;Avira AntiVir Guard;f:\program files\avira\antivir desktop\avguard.exe [2009-5-22 185089]
R2 avgntflt;avgntflt;f:\windows\system32\drivers\avgntflt.sys [2009-4-15 55656]
R2 SeekappSrch Service;SeekappSrch Service;f:\documents and settings\all users\application data\seekappsrch\seekapp155.exe [2009-9-23 54760]
R3 kxwdmdrv;kX WDM Driver Service;f:\windows\system32\drivers\kx.sys [2004-2-17 571776]
R3 PAC7302;Eye 312;f:\windows\system32\drivers\PAC7302.SYS [2007-4-30 449664]
S2 gupdate1c9cc30383a82e8;Google Update Service (gupdate1c9cc30383a82e8-);f:\program files\google\update\GoogleUpdate.exe [2009-5-3 133104]
S3 Nmwdpapfrwwr;Nmwdpapfrwwr;f:\windows\system32\drivers\atmuni.sys [2004-8-4 352256]

=============== Created Last 30 ================

2009-09-24 23:10 <DIR> --d----- f:\program files\Folding@home
2009-09-24 23:10 <DIR> --d----- f:\docume~1\xppresp3\applic~1\Folding@home-gpu
2009-09-24 22:14 38,224 a------- f:\windows\system32\drivers\mbamswissarmy.sys
2009-09-24 22:14 19,160 a------- f:\windows\system32\drivers\mbam.sys
2009-09-24 22:14 <DIR> --d----- f:\program files\Malwarebytes' Anti-Malware
2009-09-23 22:37 <DIR> --d----- f:\program files\VersalSoft
2009-09-23 22:37 <DIR> --d----- f:\program files\Universal
2009-09-22 00:32 <DIR> --d----- f:\docume~1\xppresp3\applic~1\Windows Search
2009-09-22 00:19 <DIR> --d----- f:\docume~1\xppresp3\applic~1\Windows Desktop Search
2009-09-22 00:19 <DIR> --d----- f:\program files\Windows Desktop Search
2009-09-22 00:18 192,000 -c------ f:\windows\system32\dllcache\offfilt.dll
2009-09-22 00:18 98,304 -c------ f:\windows\system32\dllcache\nlhtml.dll
2009-09-22 00:18 29,696 -c------ f:\windows\system32\dllcache\mimefilt.dll
2009-09-22 00:18 <DIR> --d-h--- f:\windows\$hf_mig$
2009-09-21 20:50 <DIR> --d----- f:\program files\MultiScreen
2009-09-18 22:04 54,156 a---h--- f:\windows\QTFont.qfn
2009-09-18 22:04 1,409 a------- f:\windows\QTFont.for
2009-09-17 21:42 <DIR> --d----- f:\program files\common files\xing shared
2009-09-15 23:28 <DIR> --d----- f:\program files\Ask.com
2009-09-14 18:15 <DIR> --d----- f:\program files\common files\ATI Technologies
2009-09-14 18:15 <DIR> --d----- f:\program files\USB TV
2009-09-07 22:10 <DIR> --d----- f:\docume~1\xppresp3\applic~1\MozillaControl
2009-09-07 22:10 <DIR> --d----- f:\program files\Mozilla ActiveX Control v1.7.12
2009-09-07 22:07 <DIR> --d----- f:\program files\Graboid
2009-09-06 21:43 66,082 a------- f:\windows\system32\c_21025.nls
2009-09-05 10:49 <DIR> --d----- F:\Dev-Cpp
2009-09-04 17:43 <DIR> --d----- f:\program files\DS Clock
2009-08-26 23:07 <DIR> --d----- f:\program files\Sony
2009-08-26 22:30 <DIR> --d----- f:\program files\Avanquest update
2009-08-26 22:30 98,856 a------- f:\windows\system32\drivers\s117unic.sys
2009-08-26 22:30 22,952 a------- f:\windows\system32\drivers\s117nd5.sys
2009-08-26 22:30 10,792 a------- f:\windows\system32\drivers\s117cr.sys
2009-08-26 22:29 <DIR> --d----- f:\program files\Sony Ericsson
2009-08-26 22:29 <DIR> --d----- f:\docume~1\alluse~1\applic~1\Sony Ericsson
2009-08-26 22:28 100,264 a----r-- f:\windows\system32\drivers\s117mgmt.sys
2009-08-26 22:27 98,344 a----r-- f:\windows\system32\drivers\s117obex.sys
2009-08-26 22:27 108,456 a----r-- f:\windows\system32\drivers\s117mdm.sys
2009-08-26 22:27 14,888 a----r-- f:\windows\system32\drivers\s117mdfl.sys
2009-08-26 22:27 12,200 a----r-- f:\windows\system32\drivers\s117cmnt.sys
2009-08-26 22:27 12,200 a----r-- f:\windows\system32\drivers\s117cm.sys
2009-08-26 22:26 82,984 a----r-- f:\windows\system32\drivers\s117bus.sys
2009-08-26 22:26 12,200 a----r-- f:\windows\system32\drivers\s117whnt.sys
2009-08-26 22:26 12,200 a----r-- f:\windows\system32\drivers\s117wh.sys

==================== Find3M ====================

2009-09-15 23:35 87,608 a------- f:\docume~1\xppresp3\applic~1\inst.exe
2009-09-15 23:35 47,360 a------- f:\docume~1\xppresp3\applic~1\pcouffin.sys
2009-09-14 19:26 2,516 a--sh--- f:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2009-09-14 19:26 88 ---shr-- f:\docume~1\alluse~1\applic~1\4353A6A8EB.sys
2009-09-07 21:15 348,160 a------- f:\windows\system32\msvcr71.dll
2009-08-22 12:49 4,212 a---h--- f:\windows\system32\zllictbl.dat
2009-08-05 12:03 55,656 a------- f:\windows\system32\drivers\avgntflt.sys
2009-07-25 05:23 411,368 a------- f:\windows\system32\deploytk.dll
2003-12-06 22:12 121,856 a--sh--- f:\windows\system32\fpplock.exe

============= FINISH: 17:22:02,54 ===============

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Sad je OK postavljeno.


Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

Napisano: 25 Sep 2009 20:40

ComboFix 09-09-24.01 - XPPRESP3 25.09.2009 20:30.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.2046.1406 [GMT 2:00]
Running from: f:\documents and settings\XPPRESP3\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

f:\documents and settings\All Users\Application Data\SeekappSrch
f:\documents and settings\All Users\Application Data\SeekappSrch\seekapp155.exe
f:\documents and settings\XPPRESP3\Application Data\inst.exe
f:\program files\SeekappSrch
f:\program files\SeekappSrch\seekapp.dll
f:\program files\SeekappSrch\seekappsrch.exe
f:\program files\SeekappSrch\uninstall.exe
f:\windows\system32\msconfig.exe

.
((((((((((((((((((((((((( Files Created from 2009-08-25 to 2009-09-25 )))))))))))))))))))))))))))))))
.

2009-09-24 21:10 . 2009-09-24 21:10 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Folding@home-gpu
2009-09-24 21:10 . 2009-09-24 21:10 -------- d-----w- f:\program files\Folding@home
2009-09-24 20:14 . 2009-09-10 12:54 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2009-09-24 20:14 . 2009-09-24 20:14 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
2009-09-24 20:14 . 2009-09-10 12:53 19160 ----a-w- f:\windows\system32\drivers\mbam.sys
2009-09-23 20:37 . 2009-09-24 21:11 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\AskToolbar
2009-09-23 20:37 . 2009-09-23 20:37 -------- d-----w- f:\program files\VersalSoft
2009-09-23 20:37 . 2009-09-23 20:37 -------- d-----w- f:\program files\Universal
2009-09-21 22:32 . 2009-09-21 22:32 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Windows Search
2009-09-21 22:19 . 2009-09-21 22:19 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Windows Desktop Search
2009-09-21 22:19 . 2009-09-22 15:36 -------- d-----w- f:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2009-09-21 22:19 . 2009-09-21 22:19 -------- d-----w- f:\program files\Windows Desktop Search
2009-09-21 22:18 . 2008-03-07 16:56 98304 -c----w- f:\windows\system32\dllcache\nlhtml.dll
2009-09-21 22:18 . 2008-03-07 16:56 29696 -c----w- f:\windows\system32\dllcache\mimefilt.dll
2009-09-21 22:18 . 2008-03-07 16:56 192000 -c----w- f:\windows\system32\dllcache\offfilt.dll
2009-09-21 22:18 . 2009-09-21 22:18 -------- d--h--w- f:\windows\$hf_mig$
2009-09-21 18:50 . 2009-09-21 18:50 -------- d-----w- f:\program files\MultiScreen
2009-09-17 19:42 . 2009-09-17 19:42 -------- d-----w- f:\program files\Common Files\xing shared
2009-09-05 08:49 . 2009-09-05 09:04 -------- d-----w- F:\Dev-Cpp
2009-09-04 15:43 . 2009-09-05 08:37 -------- d-----w- f:\program files\DS Clock
2009-08-26 21:09 . 2009-08-26 21:09 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Sony
2009-08-26 21:09 . 2009-08-26 21:09 -------- d-----w- f:\documents and settings\All Users\Application Data\Sony
2009-08-26 21:08 . 2009-08-26 21:08 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Sony
2009-08-26 21:07 . 2009-08-26 21:07 -------- d-----w- f:\program files\Sony
2009-08-26 21:06 . 2009-08-26 21:06 -------- d-----w- f:\program files\QuickTime
2009-08-26 20:31 . 2009-08-26 20:31 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Sony Ericsson
2009-08-26 20:30 . 2009-08-26 20:33 -------- d-----w- f:\program files\Avanquest update
2009-08-26 20:30 . 2009-08-26 20:30 -------- d-----w- f:\documents and settings\All Users\Application Data\BVRP Software
2009-08-26 20:30 . 2007-06-25 09:43 10792 ----a-w- f:\windows\system32\drivers\s117cr.sys
2009-08-26 20:30 . 2007-06-25 09:43 98856 ----a-w- f:\windows\system32\drivers\s117unic.sys
2009-08-26 20:30 . 2007-06-25 09:43 22952 ----a-w- f:\windows\system32\drivers\s117nd5.sys
2009-08-26 20:29 . 2009-08-26 21:07 -------- d-----w- f:\program files\Sony Ericsson
2009-08-26 20:29 . 2009-08-26 20:29 -------- d-----w- f:\documents and settings\All Users\Application Data\Sony Ericsson
2009-08-26 20:28 . 2007-06-25 09:43 100264 ----a-r- f:\windows\system32\drivers\s117mgmt.sys
2009-08-26 20:27 . 2007-06-25 09:43 98344 ----a-r- f:\windows\system32\drivers\s117obex.sys
2009-08-26 20:27 . 2007-06-25 09:43 108456 ----a-r- f:\windows\system32\drivers\s117mdm.sys
2009-08-26 20:27 . 2007-06-25 09:43 14888 ----a-r- f:\windows\system32\drivers\s117mdfl.sys
2009-08-26 20:27 . 2007-06-25 09:43 12200 ----a-r- f:\windows\system32\drivers\s117cmnt.sys
2009-08-26 20:27 . 2007-06-25 09:43 12200 ----a-r- f:\windows\system32\drivers\s117cm.sys
2009-08-26 20:26 . 2007-06-25 09:43 12200 ----a-r- f:\windows\system32\drivers\s117whnt.sys
2009-08-26 20:26 . 2007-06-25 09:43 12200 ----a-r- f:\windows\system32\drivers\s117wh.sys
2009-08-26 20:26 . 2007-06-25 09:43 82984 ----a-r- f:\windows\system32\drivers\s117bus.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-25 18:34 . 2009-04-14 17:38 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Skype
2009-09-25 18:28 . 2009-04-18 16:15 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\DNA
2009-09-25 15:08 . 2009-06-06 11:28 -------- d-----w- f:\documents and settings\All Users\Application Data\HDD Thermometer
2009-09-25 15:08 . 2009-04-18 16:15 -------- d-----w- f:\program files\DNA
2009-09-21 21:48 . 2009-04-30 20:25 -------- d-----w- f:\program files\Opera
2009-09-21 19:02 . 2009-07-06 19:46 -------- d-----w- f:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-19 21:32 . 2009-09-07 21:00 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\vlc
2009-09-19 05:20 . 2009-04-21 17:36 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\BitTorrent
2009-09-17 19:42 . 2009-04-18 15:53 -------- d-----w- f:\program files\Common Files\Real
2009-09-15 21:35 . 2009-06-17 21:19 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Vso
2009-09-15 21:35 . 2009-06-17 21:20 47360 ----a-w- f:\documents and settings\XPPRESP3\Application Data\pcouffin.sys
2009-09-15 21:34 . 2009-09-15 21:33 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
2009-09-15 21:28 . 2009-09-15 21:28 -------- d-----w- f:\program files\Ask.com
2009-09-15 10:00 . 2009-04-15 18:57 -------- d-----w- f:\program files\Spybot - Search & Destroy
2009-09-14 19:29 . 2009-04-17 18:21 -------- d-----w- f:\documents and settings\All Users\Application Data\Installations
2009-09-14 19:29 . 2009-04-28 16:38 -------- d-----w- f:\program files\Common Files\Nokia
2009-09-14 19:29 . 2009-04-17 18:21 -------- d-----w- f:\program files\Nokia
2009-09-14 17:26 . 2009-07-12 20:23 2516 --sha-w- f:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2009-09-14 17:26 . 2009-07-12 20:23 88 --sh--r- f:\documents and settings\All Users\Application Data\4353A6A8EB.sys
2009-09-14 16:15 . 2009-09-14 16:15 -------- d-----w- f:\program files\Common Files\ATI Technologies
2009-09-14 16:15 . 2009-09-14 16:15 -------- d-----w- f:\program files\USB TV
2009-09-14 16:15 . 2009-04-14 12:51 -------- d--h--w- f:\program files\InstallShield Installation Information
2009-09-13 19:42 . 2009-09-13 19:42 -------- d-----w- f:\documents and settings\All Users\Application Data\ATI
2009-09-13 19:40 . 2009-04-15 02:07 -------- d-----w- f:\program files\ATI Technologies
2009-09-07 20:10 . 2009-09-07 20:10 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\MozillaControl
2009-09-07 20:10 . 2009-09-07 20:10 -------- d-----w- f:\program files\Mozilla ActiveX Control v1.7.12
2009-09-07 20:10 . 2009-09-07 20:07 -------- d-----w- f:\program files\Graboid
2009-09-07 19:15 . 2003-02-21 08:42 348160 ----a-w- f:\windows\system32\msvcr71.dll
2009-09-05 18:16 . 2009-04-14 19:20 -------- d-----w- f:\program files\Microsoft Silverlight
2009-09-05 10:15 . 2009-06-22 21:16 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Dev-Cpp
2009-09-04 16:07 . 2009-07-15 14:33 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\BITRAR
2009-08-27 14:51 . 2009-06-03 13:31 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Apple Computer
2009-08-26 21:13 . 2009-06-06 16:03 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Ahead
2009-08-25 19:25 . 2009-06-02 09:46 -------- d-----w- f:\program files\Java
2009-08-22 11:28 . 2009-08-22 11:28 -------- d-----w- f:\program files\Folder Password Expert
2009-08-22 11:09 . 2009-08-22 11:09 -------- d-----w- f:\documents and settings\All Users\Application Data\ZA_PreservedFiles
2009-08-22 10:49 . 2009-08-22 10:44 4212 ---ha-w- f:\windows\system32\zllictbl.dat
2009-08-21 16:24 . 2009-04-13 16:13 -------- d-----w- f:\program files\K-Lite Codec Pack
2009-08-21 12:12 . 2009-04-13 16:13 -------- d-----w- f:\documents and settings\All Users\Application Data\Apple Computer
2009-08-17 19:09 . 2009-05-31 12:34 10 ----a-w- f:\windows\popcinfo.dat
2009-08-10 20:26 . 2009-07-25 19:58 2680 ----a-w- f:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-08-08 18:55 . 2009-04-14 17:55 1324 ----a-w- f:\windows\system32\d3d9caps.dat
2009-08-05 10:03 . 2009-04-15 19:14 55656 ----a-w- f:\windows\system32\drivers\avgntflt.sys
2009-08-01 17:11 . 2009-04-17 11:19 -------- d-----w- f:\program files\Picasa2
2009-08-01 07:50 . 2009-08-01 07:50 -------- d-----w- f:\program files\MagicTune
2009-07-25 21:12 . 2009-04-14 18:44 87560 ----a-w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-25 03:23 . 2009-06-01 20:15 411368 ----a-w- f:\windows\system32\deploytk.dll
2003-12-06 20:12 . 2003-12-06 20:12 121856 --sha-w- f:\windows\system32\fpplock.exe
.

------- Sigcheck -------

[-] 2005-07-13 . 0601F83F6784C220EE302F03F702316E . 360448 . . [5.1.2600.2688] . . f:\windows\system32\drivers\tcpip.sys


f:\windows\system32\wscntfy.exe ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-04-02 17:50 809864 ----a-w- f:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "f:\program files\Ask.com\GenericAskToolbar.dll" [2009-04-02 809864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "f:\program files\Ask.com\GenericAskToolbar.dll" [2009-04-02 809864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="f:\program files\Skype\Phone\Skype.exe" [2009-03-27 24103720]
"BitTorrent DNA"="f:\program files\DNA\btdna.exe" [2009-04-18 321344]
"Google Update"="f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-16 133104]
"msnmsgr"="f:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Sony Ericsson PC Suite"="f:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"PC Suite Tray"="f:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"RSD_HDDThermo"="f:\program files\HDD Thermometer\HDD Thermometer.exe" [2004-05-30 213504]
"Picasa Media Detector"="f:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="f:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-12-16 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="f:\windows\system32\dumprep 0 -u" [X]
"NokiaMServer"="f:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"TWCU"="f:\program files\TP-LINK\TWCU\TWCU.exe" [2006-10-17 380928]
"PAC7302_Monitor"="f:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"googletalk"="f:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"avgnt"="f:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"AppleSyncNotifier"="f:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-20 177472]
"StatusClient"="f:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="f:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"ISUSPM Startup"="f:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"ISUSScheduler"="f:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"SunJavaUpdateSched"="f:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"QuickTime Task"="f:\program files\K-Lite Codec Pack\QuickTime\QTTask.exe" [2007-10-19 286720]
"StartCCC"="f:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-27 61440]
"TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-17 198160]
"NokiaMusic FastStart"="f:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-22 2331936]
"kX Mixer"="f:\windows\system32\kxmixer.exe" [2004-02-16 438784]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"Malwarebytes Anti-Malware (reboot)"="f:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"WINDVDPatch"="CTHELPER.EXE" - f:\windows\system32\CTHELPER.EXE [2002-07-02 24576]
"Warning: do not remove it!"="fpplock.exe" - f:\windows\system32\fpplock.exe [2003-12-06 121856]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="f:\windows\system32\ctfmon.exe" [2004-08-04 15360]

f:\documents and settings\XPPRESP3\Start Menu\Programs\Startup\
Folding@home-gpu.lnk - f:\documents and settings\XPPRESP3\Application Data\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_98830A63A82EB98D7BA198.exe [2009-9-24 98477]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "f:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"f:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"f:\\Program Files\\DNA\\btdna.exe"=
"f:\\Program Files\\BitTorrent\\bittorrent.exe"=
"f:\\Documents and Settings\\XPPRESP3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"f:\\Documents and Settings\\XPPRESP3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\ed2kcontrol.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\BITRAR.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\ed2k.exe"=
"f:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"f:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"f:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"f:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"f:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"f:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;f:\program files\Avira\AntiVir Desktop\sched.exe [22.5.2009 22:34 108289]
R3 kxwdmdrv;kX WDM Driver Service;f:\windows\system32\drivers\kx.sys [17.2.2004 0:19 571776]
R3 PAC7302;Eye 312;f:\windows\system32\drivers\PAC7302.SYS [30.4.2007 13:26 449664]
S2 gupdate1c9cc30383a82e8;Google Update Service (gupdate1c9cc30383a82e8-);f:\program files\Google\Update\GoogleUpdate.exe [3.5.2009 22:46 133104]
S2 SeekappSrch Service;SeekappSrch Service;"f:\documents and settings\All Users\Application Data\SeekappSrch\seekapp155.exe" "f:\program files\SeekappSrch\seekapp.dll" Service --> f:\documents and settings\All Users\Application Data\SeekappSrch\seekapp155.exe [?]
S3 Nmwdpapfrwwr;Nmwdpapfrwwr;f:\windows\system32\drivers\atmuni.sys [4.8.2004 18:00 352256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00
.
Contents of the 'Scheduled Tasks' folder

2009-09-16 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-09-25 f:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 20:46]

2009-09-25 f:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 20:46]

2009-09-25 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-583907252-682003330-1001Core.job
- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 06:26]

2009-09-25 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-583907252-682003330-1001UA.job
- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 06:26]

2009-09-25 f:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- f:\program files\Ask.com\UpdateTask.exe [2009-04-02 17:50]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - f:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download
IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
DPF: 
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - ProfilePath - f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2010429&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.com
FF - component: f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\extensions\{52f2b999-2724-4693-b1a5-86d167ba79a6}\components\FFExternalAlert.dll
FF - component: f:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: f:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: f:\documents and settings\XPPRESP3\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: f:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: f:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: f:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: f:\program files\Picasa2\npPicasa2.dll
FF - plugin: f:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-DriverUpdaterPro - f:\program files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe
HKLM-Run-BVRPLiveUpdate - f:\program files\Avanquest update\Engine\Setup.exe
HKLM-Run-MultiScreen - f:\program files\MultiScreen\MultiScreen.exe
AddRemove-SeekappSrch - f:\program files\SeekappSrch\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-09-25 20:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
"value"="?\07\03\0f\0e!/?"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(524)
f:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-09-25 20:36
ComboFix-quarantined-files.txt 2009-09-25 18:36

Pre-Run: 47.886.704.640 bytes free
Post-Run: 48.177.778.688 bytes free

295

Dopuna: 25 Sep 2009 20:42

evo ti vidi pa javi sta i kako dalje..

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Imas li instalacioni CD od Windowsa?

offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

Napisano: 25 Sep 2009 21:38

imam...????

Dopuna: 25 Sep 2009 21:39

e proradio je task menager....sad sam probao i proradio...al mi je malopre avira prijavila neki virus mora da ga je otkrila...??????

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Koji virus, verovatno prijavljuje nesto od ComboFixa?

Ko je trenutno na forumu
 

Ukupno su 1003 korisnika na forumu :: 54 registrovanih, 10 sakrivenih i 939 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., Alibaba1981, Apok, avijacija, bestguarder, bokisha253, bufanje, ccoogg123, darkojbn, Dežurni pod palubom, Dogma21, Dorcolac, DPera, Faki-Valjevo, FOX, HogarStrashni, ikan, JOntra, kalens021, Kibice, Komentator, Koridor, Kubovac, Leonov, Magistar78, Metanoja, mile23, milenko crazy north, Millennium, mkukoleca, Naum T, nenad81, Neutral-M, Nikolaa11, panzerwaffe, Petica, Prometeus, raketaš, ruma, sasa87, Shinobi, solic, strelac07, Tas011, tomigun, tubular, Tvrtko I, vargas, Viktor Petrenko, Wrangler, zafon031, 2001, 79693