MyCity » Ambulanta -> Arhiva Ambulante » Restartovanje kompa

Restartovanje kompa

Napisano na dan: 25.2.2009
2

Restartovanje kompa
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 26 Feb 2009 21:38
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Gde se nalazi taj fajl ?

Poslao: 26 Feb 2009 21:51
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Poslednji USB flash koji si prikljucio na kompjuter, da bi skenirali sa USBNoRiskom, ima taj fajl, koji se zove:

Comment.htt

Njega je potrebno da otvoris sa Notepadom i da mi ga ovde iskopiras (sadrzaj fajla).

Poslao: 26 Feb 2009 22:04
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Nema na owu fleshku nigde...I search sam koristio...



-------------------------------------------------------------------------------------


E a sta je owo ???

Poslao: 26 Feb 2009 22:51
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Otvoriti Notepad i iskopirati sledeci tekst:

File::
C:\sys.exe
c:\recycler\S-1-5-21-2360512680-8165555793-455549005-6702\isl.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"windows service firewall"=-


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Poslao: 26 Feb 2009 23:18
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

ComboFix 09-02-26.01 - User 2009-02-26 23:09:55.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.255 [GMT 1:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Outdated)
* Created a new restore point
* Resident AV is active


FILE ::
c:\recycler\S-1-5-21-2360512680-8165555793-455549005-6702\isl.exe
C:\sys.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\sys.exe
h:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213
h:\recycler\S-1-6-21-2434476501-1644491937-600003330-1213\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-01-26 to 2009-02-26 )))))))))))))))))))))))))))))))
.

2009-02-26 21:13 . 2009-02-26 23:09 <DIR> d-------- c:\program files\ESET
2009-02-26 21:13 . 2009-02-26 21:13 512,096 --a------ c:\windows\system32\drivers\amon.sys
2009-02-26 21:13 . 2009-02-26 21:13 298,104 --a------ c:\windows\system32\imon.dll
2009-02-26 21:13 . 2009-02-26 21:13 15,424 --a------ c:\windows\system32\drivers\nod32drv.sys
2009-02-26 20:26 . 2009-02-26 20:26 <DIR> d-------- C:\USBNoRisk
2009-02-26 16:30 . 2009-02-26 16:30 <DIR> d-------- c:\documents and settings\Administrator\Application Data\URSoft
2009-02-26 16:18 . 2009-02-26 16:18 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-02-26 16:18 . 2009-02-26 18:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-26 14:09 . 2009-02-26 14:09 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Steinberg
2009-02-26 08:01 . 2009-02-26 08:01 49 --a------ c:\windows\bsclient.INI
2009-02-25 23:48 . 2009-02-26 16:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-25 23:48 . 2009-02-26 16:13 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-25 23:37 . 2009-02-26 14:28 <DIR> d-------- c:\program files\SensiveGuard
2009-02-25 22:02 . 2009-02-25 22:03 <DIR> d-------- c:\program files\Common Files\Macromedia
2009-02-25 22:00 . 2009-02-25 22:00 <DIR> d-------- c:\windows\Downloaded Installations
2009-02-25 21:55 . 2009-02-25 22:35 284 --a------ c:\windows\wcx_ftp.ini
2009-02-25 21:54 . 2009-02-25 22:29 <DIR> d-------- C:\totalcmd
2009-02-25 21:54 . 2009-02-25 22:35 816 --a------ c:\windows\wincmd.ini
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF
2009-02-25 16:58 . 2009-02-26 15:24 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-25 15:00 . 2009-02-25 15:00 <DIR> d-------- c:\program files\AVG
2009-02-25 15:00 . 2009-02-26 20:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-23 22:35 . 2009-02-25 21:58 <DIR> d-------- c:\program files\Common Files\Adobe
2009-02-23 14:18 . 2009-02-23 14:18 12,124 --a------ c:\windows\system32\rundll32.rar
2009-02-23 14:13 . 2000-05-22 22:58 608,448 --a------ c:\windows\system32\comctl32.ocx
2009-02-23 14:12 . 2009-02-23 14:14 <DIR> d-------- c:\program files\Total Video Converter
2009-02-23 13:57 . 2009-02-23 13:57 <DIR> d-------- c:\program files\DVDVideoSoft
2009-02-23 13:57 . 2009-02-23 13:57 <DIR> d-------- c:\program files\Common Files\DVDVideoSoft
2009-02-23 13:00 . 2009-02-23 13:00 <DIR> d-------- c:\program files\Alcohol Soft
2009-02-23 12:56 . 2009-02-23 12:56 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-02-22 23:17 . 2009-02-22 23:17 <DIR> d-------- c:\program files\FreeByte
2009-02-22 17:53 . 2009-02-25 15:00 <DIR> d-------- c:\documents and settings\Administrator
2009-02-22 11:01 . 2009-02-22 11:01 <DIR> d-------- C:\Team17
2009-02-22 10:38 . 2009-02-22 10:39 <DIR> d-------- c:\documents and settings\User\Application Data\Steinberg
2009-02-22 10:34 . 2005-06-04 09:08 487,936 --a------ c:\windows\system32\rmbe3260.dll
2009-02-22 10:34 . 2005-06-04 09:08 487,424 --a------ c:\windows\system32\msvcp70.dll
2009-02-22 10:34 . 2005-06-04 09:09 352,768 --a------ c:\windows\system32\pngu3263.dll
2009-02-22 10:34 . 2005-06-04 09:08 344,064 --a------ c:\windows\system32\msvcr70.dll
2009-02-22 10:34 . 2005-06-04 09:09 131,072 --a------ c:\windows\system32\pneng50.dll
2009-02-22 10:34 . 2005-06-04 09:09 130,560 --a------ c:\windows\system32\pnc3250.dll
2009-02-22 10:34 . 2005-06-04 09:08 87,040 --a------ c:\windows\system32\ra32sipr.dll
2009-02-22 10:34 . 2005-06-04 09:11 85,504 --a------ c:\windows\system32\encdnet.dll
2009-02-22 10:34 . 2005-06-04 09:09 81,920 --a------ c:\windows\system32\ra3214_4.dll
2009-02-22 10:34 . 2005-06-04 09:09 72,704 --a------ c:\windows\system32\ra3228_8.dll
2009-02-22 10:34 . 2005-06-04 09:09 61,952 --a------ c:\windows\system32\decdnet.dll
2009-02-22 10:34 . 2005-06-04 09:09 21,504 --a------ c:\windows\system32\ra32dnet.dll
2009-02-22 10:32 . 2009-02-26 16:06 <DIR> d-------- c:\program files\Steinberg
2009-02-22 01:38 . 2005-05-09 20:08 33,792 --a------ c:\windows\system32\drivers\cledx.sys
2009-02-22 01:37 . 2002-11-25 14:46 16,896 --a------ c:\windows\system32\drivers\synasUSB.sys
2009-02-21 19:05 . 2009-02-21 19:05 <DIR> d-------- c:\windows\Sun
2009-02-21 18:30 . 2009-02-25 13:19 3,036 --a------ C:\rollback.ini
2009-02-21 17:11 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-02-21 17:11 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-02-21 17:11 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-02-21 14:13 . 2009-02-22 10:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\MailFrontier
2009-02-21 13:09 . 2009-02-21 13:09 53,248 --a------ c:\windows\system32\suppdll.dll
2009-02-21 13:09 . 2009-02-21 13:09 35,363 --a------ c:\windows\system32\windrvNT.sys
2009-02-21 12:24 . 2009-02-23 13:14 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-02-21 12:13 . 2009-02-21 12:13 <DIR> d-------- c:\windows\system32\LogFiles
2009-02-21 12:13 . 2009-02-21 12:17 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-02-21 12:10 . 2008-04-14 05:42 221,184 --a------ c:\windows\system32\wmpns.dll
2009-02-21 12:02 . 2005-10-16 08:00 12,928 --a------ c:\windows\system32\drivers\filedisk.sys
2009-02-21 11:47 . 2009-02-21 11:47 <DIR> d-------- c:\program files\Java
2009-02-21 11:47 . 2009-02-21 11:47 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-21 11:47 . 2009-02-21 11:47 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-21 11:21 . 2009-02-21 11:21 <DIR> d-------- c:\program files\BitLord
2009-02-21 10:11 . 2009-02-21 10:11 <DIR> d---s---- c:\documents and settings\User\UserData
2009-02-21 03:06 . 2009-02-21 03:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\InstallShield
2009-02-21 03:06 . 2002-11-02 09:53 57,344 --a------ c:\windows\system32\WNASPINT.DLL
2009-02-21 03:05 . 2009-02-21 03:05 <DIR> d-------- c:\program files\Common Files\InstallShield Shared
2009-02-21 02:15 . 2006-09-28 13:10 11,648 --a------ c:\windows\system32\drivers\ggsemc.sys
2009-02-21 02:15 . 2006-09-28 13:10 11,648 --a------ c:\windows\system32\drivers\gggen.sys
2009-02-21 01:17 . 2009-02-21 01:20 <DIR> d-------- c:\program files\Your Uninstaller 2008
2009-02-21 01:17 . 2009-02-21 01:17 <DIR> d-------- c:\documents and settings\User\Application Data\URSoft
2009-02-21 01:17 . 2009-02-26 20:47 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-02-20 21:57 . 2009-02-26 21:46 <DIR> d-------- c:\documents and settings\User\Tracing
2009-02-20 21:56 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-02-20 21:56 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Microsoft
2009-02-20 21:55 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Windows Live
2009-02-20 21:47 . 2009-02-20 21:47 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\windows\system32\Nexus Radio
2009-02-20 21:10 . 2009-02-25 14:17 <DIR> d-------- c:\program files\Nexus Radio
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\program files\AskSearch
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\program files\AskBarDis
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- C:\My Saved Files
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- C:\My Recorded Files
2009-02-20 21:02 . 2009-02-20 21:02 <DIR> d-------- c:\program files\Opera
2009-02-20 20:24 . 2008-06-13 12:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-02-20 20:21 . 2008-10-16 02:00 1,499,136 -----c--- c:\windows\system32\dllcache\shdocvw.dll
2009-02-20 20:21 . 2008-10-16 02:00 666,112 -----c--- c:\windows\system32\dllcache\wininet.dll
2009-02-20 20:21 . 2008-10-16 02:00 619,520 -----c--- c:\windows\system32\dllcache\urlmon.dll
2009-02-20 20:20 . 2008-08-14 11:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-20 20:20 . 2008-08-14 11:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-20 20:20 . 2008-08-14 10:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-20 20:20 . 2008-08-14 10:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-20 20:20 . 2008-09-15 13:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-02-20 20:19 . 2008-12-12 18:01 3,067,904 -----c--- c:\windows\system32\dllcache\mshtml.dll
2009-02-20 20:19 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-20 20:19 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-02-20 20:19 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-02-20 20:18 . 2008-09-04 18:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-02-20 20:18 . 2008-04-11 20:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-02-20 20:18 . 2008-10-15 17:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-02-20 20:18 . 2008-05-01 15:33 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-02-20 20:13 . 2009-02-25 11:12 <DIR> d--h----- c:\windows\$hf_mig$
2009-02-20 19:40 . 2009-02-25 18:10 <DIR> d-------- c:\windows\system32\ZoneLabs
2009-02-20 19:40 . 2009-02-22 17:47 4,212 -rah----- c:\windows\system32\zllictbl.dat
2009-02-20 19:17 . 2009-02-20 19:20 <DIR> d-------- c:\program files\Avanquest update
2009-02-20 19:17 . 2009-02-20 19:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\BVRP Software
2009-02-20 19:16 . 2009-02-21 02:15 <DIR> d-------- c:\program files\Sony Ericsson
2009-02-20 19:16 . 2009-02-20 19:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-02-20 19:15 . 2009-02-20 19:15 <DIR> d-------- c:\windows\system32\scripting
2009-02-20 19:15 . 2009-02-20 19:15 <DIR> d-------- c:\documents and settings\User\Application Data\InstallShield
2009-02-20 19:12 . 2009-02-20 19:15 <DIR> d-------- c:\windows\ServicePackFiles
2009-02-20 19:12 . 2008-04-14 05:42 294,912 -----c--- c:\windows\system32\dllcache\dlimport.exe
2009-02-20 19:07 . 2007-08-10 20:46 26,488 --a------ c:\windows\system32\spupdsvc.exe
2009-02-20 18:48 . 2009-02-25 18:10 <DIR> d-------- c:\windows\Internet Logs
2009-02-20 18:39 . 2009-02-20 18:39 0 --a------ c:\windows\nsreg.dat
2009-02-20 18:36 . 2008-04-14 05:41 21,504 --a------ c:\windows\system32\hidserv.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 15:14 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-25 13:35 163,501 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_35_13_small.dmp.zip
2009-02-25 13:34 137,673 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_32_42_small.dmp.zip
2009-02-25 13:28 131,088 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_27_48_small.dmp.zip
2009-02-25 13:27 146,190 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_27_09_small.dmp.zip
2009-02-25 13:26 149,349 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_24_40_small.dmp.zip
2009-02-25 12:50 173,339 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_13_49_32_small.dmp.zip
2009-02-20 08:22 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-19 16:13 --------- d-----w c:\program files\VIA
2009-02-19 16:07 --------- d-----w c:\program files\Mv2Player
2009-02-19 16:06 --------- d-----w c:\program files\ffdshow
2009-02-19 16:06 --------- d-----w c:\program files\Analog Devices
2009-02-19 15:51 --------- d-----w c:\program files\microsoft frontpage
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-02-26_18.34.39.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-26 19:44:53 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_77c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-11-23 203720]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-16 7569408]
"SW24"="c:\windows\system32\sw24.exe" [2006-05-17 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-16 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-02-26 949376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
VIA RAID TOOL.lnk - c:\program files\VIA\RAID\raid_tool.exe [2009-02-19 565248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= c:\program files\ffdshow\ffdshow.ax

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-10-09 11:28 139264 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2008-04-14 05:42 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2009-02-06 18:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 16:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 20:24 32768 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
--------- 2008-06-18 17:15 393216 c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20]
-ra------ 2006-05-18 02:15 208896 c:\windows\system32\sw20.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2004-06-29 09:06 88363 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-04-16 15:51 1519616 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Valve\\hl.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\Garena\\Garena.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2009-02-19 77312]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-02-26 15424]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp --> c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp [?]
S3 gggen;Generic USB Flash Driver;c:\windows\system32\drivers\gggen.sys [2009-02-21 11648]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\yf03em3y.default\
FF - prefs.js: browser.startup.homepage - google.rs
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-26 23:12:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\sccfg.sys 20 bytes

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(672)
c:\windows\system32\imon.dll
.
Completion time: 2009-02-26 23:14:04
ComboFix-quarantined-files.txt 2009-02-26 22:14:01
ComboFix2.txt 2009-02-26 17:35:46

Pre-Run: 17,949,323,264 bytes free
Post-Run: 17,942,298,624 bytes free

259

Poslao: 26 Feb 2009 23:27
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Uploaduj mi:
c:\qoobox\quarantine

preko:

http://www.mycity.rs/ambulanta-upload.php

Poslao: 26 Feb 2009 23:37
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Uploadowao sam...Sta sad ? Very Happy

Poslao: 26 Feb 2009 23:43
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Kako radi komp sada?

Poslao: 26 Feb 2009 23:47
Idi na vrh
offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Pa za sad radi super...Da kucnem u drwo....

Poslao: 26 Feb 2009 23:49
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Proveri da li ti radi realplayer?

MyCity » Ambulanta -> Arhiva Ambulante » Restartovanje kompa

Ko je trenutno na forumu
 

Ukupno su 1079 korisnika na forumu :: 38 registrovanih, 6 sakrivenih i 1035 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., ArmyBoss, babaroga, Bobrock1, bojank, bokisha253, Brana01, cavatina, Futurama, gomago, Grond, havoc995, Insan, ivan979, Karla, kinez88, krkalon, Kubovac, mačković, Metanoja, milenko crazy north, milimoj, Motocar, nebkv, nenad81, novator, Prašinar, predragc, raptorsi, sevenino, Sir Budimir, Sirius, sombrero, Srle993, Viktor Petrenko, vukovi, Webb, x9