MyCity » Ambulanta -> Arhiva Ambulante » task menager problem..

task menager problem..

Napisano na dan: 24.9.2009
3

task menager problem..
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 28 Sep 2009 16:11
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

ComboFix 09-09-25.01 - XPPRESP3 28.09.2009 15:56.4.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.2046.1362 [GMT 2:00]
Running from: f:\documents and settings\XPPRESP3\Desktop\ComboFix.exe
Command switches used :: f:\documents and settings\XPPRESP3\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SEEKAPPSRCH_SERVICE
-------\Service_SeekappSrch Service


((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-28 )))))))))))))))))))))))))))))))
.

2009-09-24 21:10 . 2009-09-24 21:10 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Folding@home-gpu
2009-09-24 21:10 . 2009-09-24 21:10 -------- d-----w- f:\program files\Folding@home
2009-09-24 20:14 . 2009-09-10 12:54 38224 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2009-09-24 20:14 . 2009-09-24 20:14 -------- d-----w- f:\program files\Malwarebytes' Anti-Malware
2009-09-24 20:14 . 2009-09-10 12:53 19160 ----a-w- f:\windows\system32\drivers\mbam.sys
2009-09-23 20:37 . 2009-09-24 21:11 -------- d-----w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\AskToolbar
2009-09-23 20:37 . 2009-09-23 20:37 -------- d-----w- f:\program files\VersalSoft
2009-09-23 20:37 . 2009-09-23 20:37 -------- d-----w- f:\program files\Universal
2009-09-21 22:32 . 2009-09-21 22:32 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Windows Search
2009-09-21 22:19 . 2009-09-21 22:19 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Windows Desktop Search
2009-09-21 22:19 . 2009-09-22 15:36 -------- d-----w- f:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2009-09-21 22:19 . 2009-09-21 22:19 -------- d-----w- f:\program files\Windows Desktop Search
2009-09-21 22:18 . 2008-03-07 16:56 98304 -c----w- f:\windows\system32\dllcache\nlhtml.dll
2009-09-21 22:18 . 2008-03-07 16:56 29696 -c----w- f:\windows\system32\dllcache\mimefilt.dll
2009-09-21 22:18 . 2008-03-07 16:56 192000 -c----w- f:\windows\system32\dllcache\offfilt.dll
2009-09-21 22:18 . 2009-09-21 22:18 -------- d--h--w- f:\windows\$hf_mig$
2009-09-21 18:50 . 2009-09-21 18:50 -------- d-----w- f:\program files\MultiScreen
2009-09-17 19:42 . 2009-09-17 19:42 -------- d-----w- f:\program files\Common Files\xing shared
2009-09-05 08:49 . 2009-09-05 09:04 -------- d-----w- F:\Dev-Cpp
2009-09-04 15:43 . 2009-09-05 08:37 -------- d-----w- f:\program files\DS Clock

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-28 14:03 . 2009-04-18 16:15 -------- d-----w- f:\program files\DNA
2009-09-28 14:03 . 2009-04-18 16:15 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\DNA
2009-09-28 13:48 . 2009-04-14 17:38 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Skype
2009-09-28 13:09 . 2009-06-06 11:28 -------- d-----w- f:\documents and settings\All Users\Application Data\HDD Thermometer
2009-09-25 19:55 . 2009-04-21 17:36 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\BitTorrent
2009-09-21 21:48 . 2009-04-30 20:25 -------- d-----w- f:\program files\Opera
2009-09-21 19:02 . 2009-07-06 19:46 -------- d-----w- f:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-19 21:32 . 2009-09-07 21:00 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\vlc
2009-09-17 19:42 . 2009-04-18 15:53 -------- d-----w- f:\program files\Common Files\Real
2009-09-15 21:35 . 2009-06-17 21:19 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Vso
2009-09-15 21:35 . 2009-06-17 21:20 47360 ----a-w- f:\documents and settings\XPPRESP3\Application Data\pcouffin.sys
2009-09-15 21:34 . 2009-09-15 21:33 -------- d---a-w- f:\documents and settings\All Users\Application Data\TEMP
2009-09-15 21:28 . 2009-09-15 21:28 -------- d-----w- f:\program files\Ask.com
2009-09-15 10:00 . 2009-04-15 18:57 -------- d-----w- f:\program files\Spybot - Search & Destroy
2009-09-14 19:29 . 2009-04-17 18:21 -------- d-----w- f:\documents and settings\All Users\Application Data\Installations
2009-09-14 19:29 . 2009-04-28 16:38 -------- d-----w- f:\program files\Common Files\Nokia
2009-09-14 19:29 . 2009-04-17 18:21 -------- d-----w- f:\program files\Nokia
2009-09-14 17:26 . 2009-07-12 20:23 2516 --sha-w- f:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2009-09-14 17:26 . 2009-07-12 20:23 88 --sh--r- f:\documents and settings\All Users\Application Data\4353A6A8EB.sys
2009-09-14 16:15 . 2009-09-14 16:15 -------- d-----w- f:\program files\Common Files\ATI Technologies
2009-09-14 16:15 . 2009-09-14 16:15 -------- d-----w- f:\program files\USB TV
2009-09-14 16:15 . 2009-04-14 12:51 -------- d--h--w- f:\program files\InstallShield Installation Information
2009-09-13 19:42 . 2009-09-13 19:42 -------- d-----w- f:\documents and settings\All Users\Application Data\ATI
2009-09-13 19:40 . 2009-04-15 02:07 -------- d-----w- f:\program files\ATI Technologies
2009-09-07 20:10 . 2009-09-07 20:10 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\MozillaControl
2009-09-07 20:10 . 2009-09-07 20:10 -------- d-----w- f:\program files\Mozilla ActiveX Control v1.7.12
2009-09-07 20:10 . 2009-09-07 20:07 -------- d-----w- f:\program files\Graboid
2009-09-07 19:15 . 2003-02-21 08:42 348160 ----a-w- f:\windows\system32\msvcr71.dll
2009-09-05 18:16 . 2009-04-14 19:20 -------- d-----w- f:\program files\Microsoft Silverlight
2009-09-05 10:15 . 2009-06-22 21:16 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Dev-Cpp
2009-09-04 16:07 . 2009-07-15 14:33 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\BITRAR
2009-08-27 14:51 . 2009-06-03 13:31 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Apple Computer
2009-08-26 21:13 . 2009-06-06 16:03 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Ahead
2009-08-26 21:09 . 2009-08-26 21:09 -------- d-----w- f:\documents and settings\XPPRESP3\Application Data\Sony
2009-08-26 21:09 . 2009-08-26 21:09 -------- d-----w- f:\documents and settings\All Users\Application Data\Sony
2009-08-26 21:07 . 2009-08-26 21:07 -------- d-----w- f:\program files\Sony
2009-08-26 21:07 . 2009-08-26 20:29 -------- d-----w- f:\program files\Sony Ericsson
2009-08-26 21:06 . 2009-08-26 21:06 -------- d-----w- f:\program files\QuickTime
2009-08-26 20:33 . 2009-08-26 20:30 -------- d-----w- f:\program files\Avanquest update
2009-08-26 20:30 . 2009-08-26 20:30 -------- d-----w- f:\documents and settings\All Users\Application Data\BVRP Software
2009-08-26 20:29 . 2009-08-26 20:29 -------- d-----w- f:\documents and settings\All Users\Application Data\Sony Ericsson
2009-08-25 19:25 . 2009-06-02 09:46 -------- d-----w- f:\program files\Java
2009-08-22 11:28 . 2009-08-22 11:28 -------- d-----w- f:\program files\Folder Password Expert
2009-08-22 11:09 . 2009-08-22 11:09 -------- d-----w- f:\documents and settings\All Users\Application Data\ZA_PreservedFiles
2009-08-22 10:49 . 2009-08-22 10:44 4212 ---ha-w- f:\windows\system32\zllictbl.dat
2009-08-21 16:24 . 2009-04-13 16:13 -------- d-----w- f:\program files\K-Lite Codec Pack
2009-08-21 12:12 . 2009-04-13 16:13 -------- d-----w- f:\documents and settings\All Users\Application Data\Apple Computer
2009-08-17 19:09 . 2009-05-31 12:34 10 ----a-w- f:\windows\popcinfo.dat
2009-08-10 20:26 . 2009-07-25 19:58 2680 ----a-w- f:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-08-08 18:55 . 2009-04-14 17:55 1324 ----a-w- f:\windows\system32\d3d9caps.dat
2009-08-05 10:03 . 2009-04-15 19:14 55656 ----a-w- f:\windows\system32\drivers\avgntflt.sys
2009-08-01 17:11 . 2009-04-17 11:19 -------- d-----w- f:\program files\Picasa2
2009-08-01 07:50 . 2009-08-01 07:50 -------- d-----w- f:\program files\MagicTune
2009-07-25 21:12 . 2009-04-14 18:44 87560 ----a-w- f:\documents and settings\XPPRESP3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-25 03:23 . 2009-06-01 20:15 411368 ----a-w- f:\windows\system32\deploytk.dll
2003-12-06 20:12 . 2003-12-06 20:12 121856 --sha-w- f:\windows\system32\fpplock.exe
.

------- Sigcheck -------

[-] 2005-07-13 . 0601F83F6784C220EE302F03F702316E . 360448 . . [5.1.2600.2688] . . f:\windows\system32\drivers\tcpip.sys


f:\windows\system32\wscntfy.exe ... is missing !!
.
((((((((((((((((((((((((((((( SnapShot@2009-09-25_18.34.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-28 14:02 . 2009-09-28 14:02 16384 f:\windows\system32\config\systemprofile\Local Settings\temp\Perflib_Perfdata_6ac.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-04-02 17:50 809864 ----a-w- f:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "f:\program files\Ask.com\GenericAskToolbar.dll" [2009-04-02 809864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "f:\program files\Ask.com\GenericAskToolbar.dll" [2009-04-02 809864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="f:\program files\Skype\Phone\Skype.exe" [2009-03-27 24103720]
"BitTorrent DNA"="f:\program files\DNA\btdna.exe" [2009-04-18 321344]
"Google Update"="f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-16 133104]
"msnmsgr"="f:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Sony Ericsson PC Suite"="f:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"PC Suite Tray"="f:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"RSD_HDDThermo"="f:\program files\HDD Thermometer\HDD Thermometer.exe" [2004-05-30 213504]
"Picasa Media Detector"="f:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="f:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-12-16 94208]
"ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="f:\windows\system32\dumprep 0 -u" [X]
"NokiaMServer"="f:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"TWCU"="f:\program files\TP-LINK\TWCU\TWCU.exe" [2006-10-17 380928]
"PAC7302_Monitor"="f:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"googletalk"="f:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"avgnt"="f:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"AppleSyncNotifier"="f:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-20 177472]
"StatusClient"="f:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="f:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="f:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"ISUSPM Startup"="f:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"ISUSScheduler"="f:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"SunJavaUpdateSched"="f:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"QuickTime Task"="f:\program files\K-Lite Codec Pack\QuickTime\QTTask.exe" [2007-10-19 286720]
"StartCCC"="f:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-27 61440]
"TkBellExe"="f:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-17 198160]
"NokiaMusic FastStart"="f:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-22 2331936]
"kX Mixer"="f:\windows\system32\kxmixer.exe" [2004-02-16 438784]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"Malwarebytes Anti-Malware (reboot)"="f:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"WINDVDPatch"="CTHELPER.EXE" - f:\windows\system32\CTHELPER.EXE [2002-07-02 24576]
"Warning: do not remove it!"="fpplock.exe" - f:\windows\system32\fpplock.exe [2003-12-06 121856]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="f:\windows\system32\ctfmon.exe" [2004-08-04 15360]

f:\documents and settings\XPPRESP3\Start Menu\Programs\Startup\
Folding@home-gpu.lnk - f:\documents and settings\XPPRESP3\Application Data\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_98830A63A82EB98D7BA198.exe [2009-9-24 98477]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "f:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"f:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"f:\\Program Files\\DNA\\btdna.exe"=
"f:\\Program Files\\BitTorrent\\bittorrent.exe"=
"f:\\Documents and Settings\\XPPRESP3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"f:\\Documents and Settings\\XPPRESP3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\ed2kcontrol.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\BITRAR.exe"=
"f:\\Program Files\\GlobalNetProjects\\BITRARFREE\\ed2k.exe"=
"f:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"f:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"f:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"f:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"f:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"f:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;f:\program files\Avira\AntiVir Desktop\sched.exe [22.5.2009 22:34 108289]
R3 kxwdmdrv;kX WDM Driver Service;f:\windows\system32\drivers\kx.sys [17.2.2004 0:19 571776]
R3 PAC7302;Eye 312;f:\windows\system32\drivers\PAC7302.SYS [30.4.2007 13:26 449664]
S2 gupdate1c9cc30383a82e8;Google Update Service (gupdate1c9cc30383a82e8-);f:\program files\Google\Update\GoogleUpdate.exe [3.5.2009 22:46 133104]
S3 Nmwdpapfrwwr;Nmwdpapfrwwr;f:\windows\system32\drivers\atmuni.sys [4.8.2004 18:00 352256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00
.
Contents of the 'Scheduled Tasks' folder

2009-09-16 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-09-28 f:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 20:46]

2009-09-28 f:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- f:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 20:46]

2009-09-25 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-583907252-682003330-1001Core.job
- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 06:26]

2009-09-28 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-583907252-682003330-1001UA.job
- f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-16 06:26]

2009-09-25 f:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- f:\program files\Ask.com\UpdateTask.exe [2009-04-02 17:50]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - f:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download
IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
DPF: 
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - ProfilePath - f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2010429&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.com
FF - component: f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: f:\documents and settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\n48befew.default\extensions\{52f2b999-2724-4693-b1a5-86d167ba79a6}\components\FFExternalAlert.dll
FF - component: f:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: f:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: f:\documents and settings\XPPRESP3\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: f:\documents and settings\XPPRESP3\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: f:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: f:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: f:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: f:\program files\Picasa2\npPicasa2.dll
FF - plugin: f:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-09-28 16:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
"value"="?\07\03\0f\0e!/?"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(524)
f:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3004)
f:\program files\Windows Media Player\wmpband.dll
f:\program files\Windows Desktop Search\deskbar.dll
f:\program files\Windows Desktop Search\en-us\dbres.dll.mui
f:\program files\Windows Desktop Search\dbres.dll
f:\program files\Windows Desktop Search\wordwheel.dll
f:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
f:\program files\Windows Desktop Search\msnlExtRes.dll
f:\windows\system32\msi.dll
f:\windows\system32\WPDShServiceObj.dll
f:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
f:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
f:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCP80.dll
f:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
f:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
f:\windows\system32\PortableDeviceTypes.dll
f:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
f:\windows\system32\ati2evxx.exe
f:\windows\system32\ati2evxx.exe
f:\windows\system32\acs.exe
f:\program files\Avira\AntiVir Desktop\avguard.exe
f:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
f:\program files\Bonjour\mDNSResponder.exe
f:\program files\Java\jre6\bin\jqs.exe
f:\program files\Common Files\Protexis\License Service\PsiService_2.exe
f:\windows\system32\searchindexer.exe
f:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
f:\program files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
f:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
f:\program files\USB TV\EM28XX\BDARemote.exe
f:\program files\Windows Desktop Search\WindowsSearch.exe
f:\program files\iPod\bin\iPodService.exe
f:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
f:\program files\PC Connectivity Solution\ServiceLayer.exe
f:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
f:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
f:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Completion time: 2009-09-28 16:07 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-28 14:07
ComboFix2.txt 2009-09-26 10:18
ComboFix3.txt 2009-09-25 18:36

Pre-Run: 47.887.171.584 bytes free
Post-Run: 47.754.620.928 bytes free

322

Poslao: 28 Sep 2009 17:28
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Uploaduj mi:

f:\windows\system32\drivers\atmuni.sys

preko sledeceg linka:

http://www.mycity.rs/ambulanta-upload.php

Poslao: 28 Sep 2009 17:48
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

uradjeno kako si rekao..

Poslao: 28 Sep 2009 19:08
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

To bi bilo to. Uradi sledece:

Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

combofix /u

Primeti da postoji razmak između "ComboFix" i "/u".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.



Pozz

Poslao: 28 Sep 2009 22:17
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

e znaci sad bi trebalo biti sve ok??a sta mi je sad sa msconfig kad ga kuzam u run nece da se open???ako gresim sa ovim pitanjem u ovoj temi postavicu ga posebno...??

Poslao: 28 Sep 2009 22:42
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

jockyy1 ::e znaci sad bi trebalo biti sve ok??a sta mi je sad sa msconfig kad ga kuzam u run nece da se open???ako gresim sa ovim pitanjem u ovoj temi postavicu ga posebno...??

Ne mozes da otvoris msconfig?

Jesi pre pocetka ciscenja mogao?

Poslao: 28 Sep 2009 22:44
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska

jesam,...al sada nista ??

Poslao: 28 Sep 2009 22:46
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Raspitacu se.

Poslao: 28 Sep 2009 22:55
Idi na vrh
offline
  • Pridružio: 21 Maj 2008
  • Poruke: 154
  • Gde živiš: Gradiska



evo sta mi izbaci..??

Poslao: 29 Sep 2009 12:35
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Nisam licno imao takvih problema, mozda ti ovo pomogne:

http://www.raymond.cc/blog/archives/2008/01/11/how.....n-command/

Pogledaj da li je msconfig u tom folderu.

MyCity » Ambulanta -> Arhiva Ambulante » task menager problem..

Ko je trenutno na forumu
 

Ukupno su 1121 korisnika na forumu :: 53 registrovanih, 10 sakrivenih i 1058 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amstel, babaroga, bobomicek, Bobrock1, bokisha253, cavatina, cemix, cinoeye, Dannyboy, Denaya, Djokkinen, Dovla, DPera, dragan_mig31, draganl, goranperović66, goxsys, h8propaganda, HrcAk47, hyla, ikan, ivan1973, kovinacc, Krusarac, Kubovac, kybonacci, Leonov, ljuba, lord sir giga, maiden6657, mean_machine, Mi lao shu, MiGac, Mihajlo, mikrimaus, milenko crazy north, MrNo, Neutral-M, nick79, nikoladim, Parker, Romibrat, solic, Stanlio, suponik, tmanda323, vathra, vlad4, Volkhov-M, vukovi, wolverined4, zillbg