|
Poslao: 19 Apr 2009 09:57
|
offline
- CucaG7
- Novi MyCity građanin
- Pridružio: 19 Apr 2009
- Poruke: 3
|
Ovako, vech duzhe vreme me neshto maltretira, neche nishta normalno da se otvori, mislim kad kliknem odmah, nego se sve neshto razvlachi, chekam tako par sekundi pa nishta, pa desni klik i Open, i onda kao posle nekog vremena hoche.
Skinula sam neki dan FaceOnBody i poshto je naravno istekao trial, ishla sam na Add/Remove i komp se sam zagasio(zatvorivshi Skype i ostalo pre toga)!
I sad ja svaki dan otvorim Mozillu, pa neke strane u tabovima otvara druge malo chekaju(loading) i onda Page cannot be diosplayed, odem par puta na refresh i onda se pojavi, i tako u krug.
Skinula sam svashta neshto juche, skenirala, ali nigde nishta...??
S'toga, treba mi pomoch...shta da radim?
Hvala unapred!
|
|
|
|
|
|
|
|
|
Poslao: 19 Apr 2009 10:25
|
offline
- CucaG7
- Novi MyCity građanin
- Pridružio: 19 Apr 2009
- Poruke: 3
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:59, on 19-Apr-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Vesna mama tata\Desktop\Forum\Forum.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c9b450ba1f790) (gupdate1c9b450ba1f790) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Realtek CI Service (RtlNiService) - Unknown owner - C:\WINDOWS\system32\rtlni.exe
--
End of file - 4794 bytes
BTW...skinula sam i to, al mi nishta nije bilo jasno, tako da sad sam ponovo odradila, pa ako neshto vredi ... Hvala.
|
|
|
|
|
|
|
Poslao: 19 Apr 2009 11:08
|
rip
- argus
- Anti Malware Fighter
Rank 2
- Pridružio: 27 Apr 2008
- Poruke: 9160
- Gde živiš: Prokuplje
|
* Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin :
Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje).
* Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora;
* Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection.
* Na sledece pitanje klikni Yes.
Napomena: Ne zaboravi da ukljuciš ovu opciju po završetku cišcenja.
Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.
|
|
|
|
|
|
|
Poslao: 19 Apr 2009 12:28
|
offline
- CucaG7
- Novi MyCity građanin
- Pridružio: 19 Apr 2009
- Poruke: 3
|
ComboFix 09-04-19.04 - Vesna mama tata 19-Apr-09 11:30.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.239.59 [GMT 2:00]
Running from: c:\documents and settings\Vesna mama tata\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated)
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\install.exe
.
((((((((((((((((((((((((( Files Created from 2009-03-19 to 2009-04-19 )))))))))))))))))))))))))))))))
.
2009-04-18 14:15 . 2009-03-09 19:06 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-04-18 13:05 . 2009-04-18 13:05 -------- dc----w c:\windows\system32\DRVSTORE
2009-04-18 13:05 . 2009-03-09 19:06 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-04-18 13:01 . 2009-04-18 13:01 -------- dc-h--w c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-18 13:00 . 2009-04-18 13:05 -------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-04-18 12:29 . 2006-06-19 11:01 69632 ----a-w c:\windows\system32\ztvcabinet.dll
2009-04-18 12:29 . 2006-05-25 13:52 162304 ----a-w c:\windows\system32\ztvunrar36.dll
2009-04-18 12:29 . 2005-08-25 23:50 77312 ----a-w c:\windows\system32\ztvunace26.dll
2009-04-18 12:29 . 2003-02-02 18:06 153088 ----a-w c:\windows\system32\UNRAR3.dll
2009-04-18 12:29 . 2002-03-05 23:00 75264 ----a-w c:\windows\system32\unacev2.dll
2009-04-18 12:28 . 2009-04-18 12:28 -------- d-----w c:\documents and settings\Vesna mama tata\Application Data\Simply Super Software
2009-04-18 12:28 . 2009-04-18 12:28 -------- d-----w c:\documents and settings\All Users\Application Data\Simply Super Software
2009-04-17 15:53 . 2009-04-17 15:54 13588 ----a-w c:\windows\system32\wpa.dbl
2009-04-17 08:38 . 2009-04-17 08:38 -------- d-----w C:\PC HugWare
2009-04-15 10:52 . 2009-04-15 10:52 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-04-11 07:02 . 1999-07-02 00:19 188928 ------w c:\windows\system32\swflash.ocx
2009-04-11 07:02 . 1999-07-02 00:19 13824 ------w c:\windows\system32\dslite.dll
2009-04-11 07:02 . 1999-07-02 00:19 137728 ------w c:\windows\system32\amn21e.dll
2009-04-11 07:02 . 1999-07-02 00:19 97792 ------w c:\windows\system32\am21e.dll
2009-04-11 07:01 . 2009-04-11 07:01 -------- d-----w c:\documents and settings\Vesna mama tata\Local Settings\Application Data\ESET
2009-04-07 19:50 . 2009-04-07 19:50 -------- d-----w c:\windows\Sun
2009-04-07 15:03 . 2009-04-17 15:54 13588 ----a-w c:\windows\system32\wpa.bak
2009-04-04 16:53 . 2009-04-04 16:53 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-04-03 11:34 . 2009-04-03 11:34 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-04-03 11:33 . 2009-04-03 11:41 -------- d-----w c:\documents and settings\Vesna mama tata\Local Settings\Application Data\Google
2009-03-30 18:32 . 2006-10-26 17:56 32592 ----a-w c:\windows\system32\msonpmon.dll
2009-03-30 18:18 . 2009-03-30 18:19 -------- d-----w c:\windows\SHELLNEW
2009-03-30 18:17 . 2009-03-30 18:17 -------- d-----w c:\documents and settings\Vesna mama tata\Local Settings\Application Data\Microsoft Help
2009-03-30 18:17 . 2009-04-02 19:09 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-30 15:44 . 2009-03-30 16:49 754 ----a-w c:\windows\WORDPAD.INI
2009-03-27 16:20 . 2009-03-27 16:20 -------- d--h--r C:\MSOCache
2009-03-27 14:02 . 2009-03-27 14:01 73728 ----a-w c:\windows\system32\javacpl.cpl
2009-03-27 14:02 . 2009-03-27 14:01 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-25 11:33 . 2009-03-25 11:41 -------- d-----w c:\documents and settings\Vesna mama tata\Local Settings\Application Data\RcIncidents
2009-03-25 10:46 . 2009-03-25 10:46 -------- d-----w c:\documents and settings\Vesna mama tata\Local Settings\Application Data\Identities
2009-03-20 11:20 . 2009-03-20 11:20 0 ----a-w c:\windows\nsreg.dat
2009-03-20 11:20 . 2009-03-20 11:20 -------- d-----w c:\documents and settings\Vesna mama tata\Local Settings\Application Data\Mozilla
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-19 09:30 . 2009-04-19 09:24 1095 ----a-w C:\Bug.txt
2009-04-19 09:25 . 2009-03-09 14:30 -------- d-----w c:\documents and settings\Vesna mama tata\Application Data\Skype
2009-04-19 08:52 . 2009-03-09 12:20 36552 ----a-w c:\documents and settings\Vesna mama tata\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-19 07:34 . 2009-04-18 16:59 444 ----a-w C:\aaw7boot.log
2009-04-18 22:25 . 2009-03-19 17:25 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-18 20:16 . 2009-04-18 20:16 -------- d-----w c:\program files\Trend Micro
2009-04-18 18:22 . 2009-04-18 18:22 -------- d-----w c:\program files\ESET
2009-04-18 18:22 . 2009-03-19 12:07 -------- d-----w c:\documents and settings\All Users\Application Data\ESET
2009-04-18 14:29 . 2009-04-18 14:29 -------- d-----w c:\program files\CCleaner
2009-04-18 13:00 . 2009-04-18 13:00 -------- d-----w c:\program files\Lavasoft
2009-04-18 12:29 . 2009-04-18 12:28 -------- d-----w c:\program files\Trojan Remover
2009-04-17 15:53 . 2009-04-16 20:28 -------- d-----w c:\program files\FaceOnBody
2009-04-17 15:00 . 2009-03-19 17:25 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-16 20:26 . 2009-03-18 19:03 -------- d-----w c:\documents and settings\Vesna mama tata\Application Data\uTorrent
2009-04-14 07:00 . 2009-03-20 13:21 -------- d-----w c:\documents and settings\Vesna mama tata\Application Data\Winamp
2009-04-11 07:04 . 2009-04-11 07:01 -------- d-----w c:\program files\Microsoft Encarta
2009-04-10 12:53 . 2009-03-19 09:59 2068 ----a-w c:\windows\system32\d3d9caps.dat
2009-04-06 08:07 . 2009-04-06 08:06 -------- d-----w c:\program files\Freeware PDF Unlocker
2009-04-03 11:40 . 2009-04-03 11:33 -------- d-----w c:\program files\Google
2009-04-01 07:53 . 2009-04-01 07:38 -------- d-----w c:\program files\Canon
2009-03-31 07:38 . 2009-03-31 07:38 -------- d-----w c:\program files\Microsoft
2009-03-30 18:28 . 2009-03-30 18:28 -------- d-----w c:\program files\Microsoft Works
2009-03-27 14:00 . 2009-03-27 14:00 -------- d-----w c:\program files\Java
2009-03-20 13:28 . 2009-03-20 13:21 -------- d-----w c:\program files\Winamp
2009-03-19 16:52 . 2009-03-19 16:00 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-03-19 12:17 . 2009-03-19 12:17 -------- d-----w c:\documents and settings\Vesna mama tata\Application Data\ESET
2009-03-19 11:46 . 2009-03-19 07:43 -------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-03-19 11:46 . 2009-03-19 07:43 -------- d-----w c:\program files\NOS
2009-03-19 11:46 . 2009-03-18 17:21 -------- d-----w c:\documents and settings\All Users\Application Data\Norton
2009-03-19 08:09 . 2009-03-19 08:09 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-03-19 08:06 . 2009-03-09 13:10 -------- d-----w c:\program files\Common Files\Adobe
2009-03-18 19:04 . 2009-03-18 19:04 -------- d-----w c:\program files\uTorrent
2009-03-18 17:10 . 2009-03-18 17:10 -------- d-----w c:\documents and settings\All Users\Application Data\NortonInstaller
2009-03-18 16:32 . 2009-03-09 14:29 -------- d-----r c:\program files\Skype
2009-03-18 16:31 . 2009-03-09 14:27 -------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-03-18 09:26 . 2009-03-18 09:25 -------- d-----w c:\program files\SiSLan
2009-03-11 16:35 . 2009-03-09 12:05 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-11 16:15 . 2009-03-09 14:32 -------- d-----w c:\documents and settings\Vesna mama tata\Application Data\skypePM
2009-03-09 12:07 . 2009-03-09 12:07 -------- d-----w c:\program files\microsoft frontpage
2009-03-09 12:01 . 2009-03-09 12:01 21640 ----a-w c:\windows\system32\emptyregdb.dat
2009-03-06 14:44 . 2007-07-27 12:00 283648 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:18 . 2007-07-27 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 18:09 . 2007-07-27 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 10:20 . 2007-07-27 12:00 723456 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:20 . 2007-07-27 12:00 399360 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:20 . 2007-07-27 12:00 714752 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:20 . 2007-07-27 12:00 616960 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:19 . 2007-07-27 12:00 1846272 ----a-w c:\windows\system32\win32k.sys
2009-02-06 17:24 . 2007-07-27 12:00 2180480 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-06 17:14 . 2007-07-27 12:00 110592 ----a-w c:\windows\system32\services.exe
2009-02-06 16:54 . 2007-07-27 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-06 16:49 . 2004-08-03 22:59 2057728 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-03 20:08 . 2007-07-27 12:00 55808 ----a-w c:\windows\system32\secur32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-11 24095528]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2007-07-27 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-27 148888]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-09 515416]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TrojanScanner"=c:\program files\Trojan Remover\Trjscan.exe /boot
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 gupdate1c9b450ba1f790;Google Update Service (gupdate1c9b450ba1f790);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-03 133104]
R2 RtlNiService;Realtek CI Service;c:\windows\system32\rtlni.exe [1998-09-11 36352]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-03-09 64160]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
S3 SiS630;SiS630;c:\windows\system32\DRIVERS\sis630p.sys [2003-01-23 164608]
.
Contents of the 'Scheduled Tasks' folder
2009-04-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 19:06]
2009-04-19 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-03 11:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: ms-its51 - {F6F1E82D-DE4D-11D2-875C-0000F8105754} - c:\program files\Common Files\Microsoft Shared\Information Retrieval\itss51.dll
FF - ProfilePath - c:\documents and settings\Vesna mama tata\Application Data\Mozilla\Firefox\Profiles\a59wu2ek.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-04-19 11:34
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-04-19 11:36
ComboFix-quarantined-files.txt 2009-04-19 09:36
Pre-Run: 9,965,989,888 bytes free
Post-Run: 9,957,695,488 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
177 --- E O F --- 2009-04-16 21:36
|
|
|
|
|
|
|
|
