Početna Vista i isključuje vrlo sporo-ne znam što učiniti

**HistoryGirl** · #1 29. ožujak 2009, 08:59

Prvo sam pretpostavljiv ovo je pravo mjesto za ovaj put.

I uđe u Control Panel i izvođenja i našao par problema rekavši:

Startup programi uzrokuju prozora za početak polako
Programi su uzrok za zatvaranje prozora polako

Pojedinosti ovih su:

Početna Polako:

http://i7.photobucket.com/albums/y27...tartslowly.jpg

Isključuje:

http://i7.photobucket.com/albums/y27...downslowly.jpg

Također sam išla hijackthis i dobio ovu poruku:

http://i7.photobucket.com/albums/y27...rormessage.jpg

To je vjerojatno stvarno glupo pitanje ali kako mogu popraviti ovo? Ako dečki mogli point me u pravom smjeru da bi se odlično.

**evilfantasy** · #2 29. ožujak 2009, 11:19

Sa Vidik imate pravo na HJT kliknite na ikonu i odaberite 'Pokreni kao administrator.

Si učinio bilo koji održavanja zadnje vrijeme? Disk Cleanup, prevariti?

**HistoryGirl** · #3 30. ožujak 2009, 10:11

Da li sam ja trčanje Disk Cleanup i prevariti nedavno da bi se što je uzrokuje probleme?

Novi HijackThis log:

Quote:

Logfile of Trend Micro HijackThis v2.0.2
Scan spremljena u 18:25:00, dana 30/03/2009
Platforma: Windows Vista SP1 (Winnt 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Pokretanje procesa:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ Explorer.exe
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ Bin \ AsGHost.exe
C: \ Windows \ system32 \ taskeng.exe
C: \ Program Files \ ASUS \ ASUS Live Update \ ALU.exe
C: \ Windows \ ASScrPro.exe
C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe
C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Program Files \ RocketDock \ RocketDock.exe
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Program Files \ Infineon \ Security Platform Software \ PSDrt.exe
C: \ Program Files \ Infineon \ Security Platform Software \ SpTna.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.asus.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = *. lokalne
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O1 - Hosts::: 1 localhost
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download i Record Plugin za Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AVG Sigurnost Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ programa ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O2 - BHO: (no name) - (AA58ED58-01DD-4d91-8333-CF10577473F7) - (no file)
O2 - BHO: ASUS Security Manager Protect - (DF21F1DB-80C6-11D3-9483-B03D0EC10000) - C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ Bin \ ItIEAddIn.dll
O3 - Toolbar: (no name) - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - (no file)
O3 - Toolbar: AVG Sigurnost Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ programa ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O4 - HKLM \ .. \ Run: [ASUS Screen Saver protektor] C: \ Windows \ ASScrPro.exe
O4 - HKLM \ .. \ Run: [IFXSPMGT] C: \ Windows \ system32 \ ifxspmgt.exe / NotifyLogon
O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKCU \ .. \ Run: [RocketDock] "C: \ Program Files \ RocketDock \ RocketDock.exe"
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / background
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ programa ~ 1 \ Java \ JRE16 ~ 4.0_0 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ programa ~ 1 \ Java \ JRE16 ~ 4.0_0 \ bin \ ssv.dll
O9 - Extra button: Ovaj Blog - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' MENUITEM: & Blog Ovaj Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O13 - smolastoga Prefiks:
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: APSHook.dll, avgrsstx.dll
O22 - SharedTaskScheduler: Windows DreamScene - (E31004D1-A431-826F-41B8-E902F9D95C81) - C: \ Windows \ System32 \ DreamScene.dll
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown vlasnika - C: \ Program Files \ ATK brza tipka \ ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown vlasnika - C: \ Program Files \ ATKGFNEX \ GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Planer - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ programa ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG Free8 upozoravanje (avg8wd) - AVG Technologies CZ, sro - C: \ programa ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect usluga (CLTNetCnService) - Unknown vlasnika - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe (file missing)
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Izdavač \ FNPLicensingService.exe
O23 - Service: HDDlife HDD Access Service - BinarySense, Inc - C: \ Program Files \ BinarySense \ HDDlife 3 \ hldasvc.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe
O23 - Service: Security Management Service Platform (IFXSpMgtSrv) - Infineon Technologies AG - C: \ Windows \ system32 \ ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C: \ Windows \ system32 \ ifxtcs.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ programa ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: NMIndexingService - Unknown vlasnika - C: \ Program Files \ Common Files \ ispred \ Lib \ NMIndexingService.exe (file missing)
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C: \ Windows \ system32 \ IfxPsdSv.exe
O23 - Service: ProtexisLicensing - Unknown vlasnika - C: \ Windows \ system32 \ PSIService.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd - C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe
O23 - Service: spmgr - Unknown vlasnika - C: \ Program Files \ ASUS \ NB provjeru \ SPM \ spmgr.exe
O23 - Service: Syntek AVStream USB2.0 Webcam Service (StkSSrv) - Syntek America Inc - C: \ Windows \ System32 \ StkCSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C: \ Windows \ System32 \ ZoneLabs \ vsmon.exe

--

**evilfantasy** · #4 30. ožujak 2009, 10:30

Otvori HijackThis i odaberite Da li je sustav skenirati samo.

Stavite oznaku uz sljedeće stavke: (ako postoji)

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O3 - Toolbar: (no name) - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - (no file)

Važno: Zatvori sve prozore osim HijackThis, a zatim kliknite Fix checked.

Izlaz HijackThis.

----------

Download ComboFix © by sUBs jedan od linkova ispod. Budite sigurni da ste na vrhu u Desktop.

Link # 1
Link # 2

** Napomena: Važno je da se sprema izravno na svoj Desktop

Zatvori otvoriti bilo koju web preglednicima. (Firefox, Internet Explorer, etc) prije početka ComboFix.

Privremeno onemogućiti tvoj AntiVirus, A svaka protušpijunskih Zaštita u stvarnom vremenu prije obavlja scan. Kliknite ovaj link da biste vidjeli popis sigurnosne programe, koji bi trebao biti onemogućen i kako onemogućiti ih.

Dvaput kliknite combofix.exe i slijedite upute.
Kada završite ComboFix će proizvesti prijava za vas.
Objaviti ComboFix log u sljedećem odgovoru.

Važno: Ne mouseclick ComboFix's prozor dok je pokrenut. Svibanj uzrokovati da ga zatajiti.

Ne zaboravite ponovo uključili vaš protuvirusni i protušpijunski ComboFix zaštita kada je završeno.

Ako imate problema s ComboFix upotrebe, pogledajte Kako koristiti ComboFix

**HistoryGirl** · #5 30. ožujak 2009, 11:37

Prvo hvala za pomoć i savjet. Ja sam učinio ono što je rekao HJT i da je u redu. Ipak sam učinio kako se navodi u vezi link onemogućivanju AVG rezidentni štit, ali pored toga, kada JA probati i pokrenuti combofix ga, i dalje kaže AVG anti-virus se izvodi tako da nisam sasvim siguran zašto.

Biste li možda predložiti ponovnog moj sistem?

**evilfantasy** · #6 30. ožujak 2009, 13:39

AVG i Combofix imati taj problem. Dovoljno je pokrenuti ComboFix anyway. Ako AVG pokušava blokirati onda samo dopustiti Internet to trčanje.

**HistoryGirl** · #7 30. ožujak 2009, 14:21

Right ok sve učinio. Prijavite se na zahtjev.

Quote:

ComboFix 09-03-29.04 - CHLOE 2009-03-30 21:54:30.1 - NTFSx86
Microsoft ® Windows Vista ™ Ultimate 6.0.6001.1.1252.1.1033.18.2046.967 [GMT 1:00]
Running from: C: \ Users \ CHLOE \ Desktop \ ComboFix.exe
AV: AVG Anti-Virus Free * On-omogućen pristup skeniranju * (Ažurirano)
FW: ZoneAlarm Firewall omoguæi * *
* Created novu točku vraćanja
.

Ostali ((((((((((((((((((((((((((((((((((((((( brisanja ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

c: \ windows \ system32 \ acovcnt.exe

.
((((((((((((((((((((((((( Files Created from 2009/02/28 da 2009/03/30 ))))))))))) ))))))))))))))))))))
.

2009-03-29 16:23. 2008-06-20 02:14 781.344 - a ------ C: \ Windows \ System32 \ PresentationNative_v0300.dll
2009-03-29 16:23. 2008-06-20 02:14 622.080 - a ------ C: \ Windows \ System32 \ icardagt.exe
2009-03-29 16:23. 2008-06-20 02:14 326.160 - a ------ C: \ Windows \ System32 \ PresentationHost.exe
2009-03-29 16:23. 2008-06-20 02:14 105.016 - a ------ C: \ Windows \ System32 \ PresentationCFFRasterizerNativ e_v0300.dll
2009-03-29 16:23. 2008-06-20 02:14 97.800 - a ------ C: \ Windows \ System32 \ infocardapi.dll
2009-03-29 16:23. 2008-06-20 02:14 43.544 - a ------ C: \ Windows \ System32 \ PresentationHostProxy.dll
2009-03-29 16:23. 2008-06-20 02:14 37.384 - a ------ C: \ Windows \ System32 \ infocardcpl.cpl
2009-03-29 16:23. 2008-06-20 02:14 11.264 - a ------ C: \ Windows \ System32 \ icardres.dll
2009-03-29 16:15. 2008-07-27 19:03 282.112 - a ------ C: \ Windows \ System32 \ mscoree.dll
2009-03-29 16:15. 2008-07-27 19:03 96.760 - a ------ C: \ Windows \ System32 \ dfshim.dll
2009-03-29 16:15. 2008-07-27 19:03 41.984 - a ------ C: \ Windows \ System32 \ netfxperf.dll
2009-03-29 16:14. 2008-07-27 19:03 158.720 - a ------ C: \ Windows \ System32 \ mscorier.dll
2009-03-29 16:14. 2008-07-27 19:03 83.968 - a ------ C: \ Windows \ System32 \ mscories.dll
2009-03-29 13:52. 2009-03-29 13:53 <DIR> d -------- C: \ Program Files \ Defraggler
2009-03-29 13:26. 2008-02-23 05:38 170.496 - a ------ C: \ Windows \ System32 \ tcpipcfg.dll
2009-03-29 13:26. 2008-02-23 03:41 22.528 - a ------ C: \ Windows \ System32 \ netiougc.exe
2009-03-29 13:25. 2009-02-16 00:10 1.221.512 - a ------ C: \ Windows \ System32 \ zpeng25.dll
2009-03-17 21:57. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Microsoft
2009-03-17 21:56. 2009-03-17 21:56 <DIR> d -------- C: \ Windows \ PCHEALTH
2009-03-16 22:43. 2009-03-28 22:36 <DIR> d - h ----- C: \ $ $ AVG8.VAULT
2009-03-16 20:59. 2009-03-16 20:59 25 - a ------ C: \ Windows \ cdplayer.ini
2009-03-14 00:34. 2008-12-05 05:32 428.544 - a ------ C: \ Windows \ System32 \ EncDec.dll
2009-03-14 00:34. 2008-12-05 05:32 293.376 - a ------ C: \ Windows \ System32 \ psisdecd.dll
2009-03-14 00:34. 2008-12-05 05:31 217.088 - a ------ C: \ Windows \ System32 \ psisrndr.ax
2009-03-14 00:34. 2008-12-05 05:31 177.664 - a ------ C: \ Windows \ System32 \ mpg2splt.ax
2009-03-14 00:34. 2008-12-05 05:31 80.896 - a ------ C: \ Windows \ System32 \ MSNP.ax
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ programdata \ (00D89592-F643-4D8D-8F0F-AFAE0F14D4C3)
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iTunes
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iPod
2009-03-14 00:29. 2008-04-17 13:12 107.368 - a ------ C: \ Windows \ System32 \ GEARAspi.dll
2009-03-14 00:29. 2009-01-15 13:19 23.848 - a ------ C: \ Windows \ System32 \ Drivers \ GEARAspiWDM.sys
2009-03-14 00:26. 2009-03-14 00:27 <DIR> d -------- C: \ Program Files \ QuickTime
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ programdata \ Kontiki
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Kontiki
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Channel4
2009-03-12 23:38. 2009-03-12 23:38 <DIR> d -------- C: \ programdata \ Channel4
2009-03-11 22:33. 2009-03-30 21:10 <DIR> d -------- C: \ Users \ CHLOE \ Odličja
2009-03-11 22:22. 2009-03-11 22:22 <DIR> d -------- C: \ Program Files \ Windows Live SkyDrive
2009-03-11 22:22. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Windows Live
2009-03-11 21:57. 2009-03-11 21:57 <DIR> d -------- C: \ Program Files \ Common Files \ Windows Live
2009-03-11 13:13. 2009-03-11 21:47 <DIR> d -------- C: \ Program Files \ Amazon
2009-03-11 13:13. 2009-03-11 13:13 107.272 - a ------ C: \ Windows \ System32 \ Drivers \ avgtdix.sys
2009-03-11 02:09. 2009-01-15 04:36 1.383.424 - a ------ C: \ Windows \ System32 \ mshtml.tlb
2009-03-11 02:09. 2009-01-15 07:11 827.392 - a ------ C: \ Windows \ System32 \ Wininet.dll
2009-03-11 02:05. 2008-12-16 04:29 8.147.456 - a ------ C: \ Windows \ System32 \ wmploc.DLL
2009-03-11 02:05. 2008-12-16 06:31 7.680 - a ------ C: \ Windows \ System32 \ spwmp.dll
2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ msdxm.ocx
2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ dxmasf.dll
2009-03-11 02:03. 2008-12-16 03:42 288.768 - a ------ C: \ Windows \ System32 \ Drivers \ srv.sys
2009-03-11 02:03. 2008-11-27 05:43 268.288 - a ------ C: \ Windows \ System32 \ schannel.dll
2009-03-11 02:02. 2009-02-09 04:10 2.033.152 - a ------ C: \ Windows \ System32 \ Win32k.sys
2009-02-06 19:52. 2009-02-06 19:52 49.504 - a ------ C: \ Windows \ System32 \ sirenacm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-30 21:07 350.195 ha ----w C: \ Windows \ System32 \ Drivers \ vsconfig.xml
2009-03-30 21:07 --------- d --- AW c: \ programdata \ Temp
2009-03-29 14:42 --------- d ----- wc: \ programdata \ Spybot - Search & Destroy
2009-03-29 14:42 --------- d ----- wc: \ Program Files \ Spybot - Search & Destroy
2009-03-29 14:42 --------- d ----- wc: \ Program Files \ CCleaner
2009-03-19 16:48 --------- d ----- wc: \ Users \ CHLOE \ AppData \ Roaming \ uTorrent
2009-03-16 19:58 --------- d ----- wc: \ Program Files \ Common Files \ Real
2009-03-13 23:29 --------- d ----- wc: \ programdata \ Apple Computer
2009-03-13 23:29 --------- d ----- wc: \ Program Files \ Common Files \ Apple
2009-03-13 23:27 --------- d ----- wc: \ Program Files \ Bonjour
2009-03-12 22:24 --------- d ----- wc: \ Program Files \ Google
2009-03-11 23:07 --------- d ----- wc: \ Program Files \ Microsoft Silverlight
2009-03-11 23:05 --------- d ----- wc: \ Program Files \ Windows Mail
2009-03-11 12:13 325.128 AW ---- C: \ Windows \ System32 \ Drivers \ avgldx86.sys
2009-03-11 11:52 --------- d ----- wc: \ programdata \ avg8
2009-02-15 23:11 293.528 AW ---- C: \ Windows \ System32 \ Drivers \ vsdatant.sys
2009-01-14 20:20 55.232 AW ---- C: \ Users \ CHLOE \ AppData \ Roaming \ GDIPFONTCACHEV1.DAT
2008-12-31 21:51 13.025 AW ---- C: \ Users \ CHLOE \ AppData \ Roaming \ nvModes.dat
2008-12-31 14:32 174 - SHA-w C: \ Program Files \ desktop.ini
2008-11-19 15:31 81.920 AW ---- C: \ Users \ CHLOE \ AppData \ Roaming \ ezpinst.exe
2008-11-19 15:31 47.360 AW ---- C: \ Users \ CHLOE \ AppData \ Roaming \ pcouffin.sys
2007-05-31 18:23 77.160 AW ---- C: \ Users \ CHLOE \ DSETUP.dll
2007-05-31 18:23 503.144 AW ---- C: \ Users \ CHLOE \ DXSETUP.exe
2007-05-31 18:23 1.673.576 AW ---- C: \ Users \ CHLOE \ dsetup32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & čitljiv default unose se ne prikazuju
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"RocketDock" = "C: \ Program Files \ RocketDock \ RocketDock.exe" [2007-09-02 495616]
"msnmsgr" = "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" [2009-02-06 3885408]
"WMPNSCFG" = "C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"ASUS Screen Saver protektor" = "C: \ Windows \ ASScrPro.exe" [2007-05-15 33136]
"IFXSPMGT" = "c: \ windows \ system32 \ ifxspmgt.exe" [2007-02-26 677408]
"ZoneAlarm Client" = "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" [2009-02-16 981384]
"SynTPEnh" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe" [2007-03-01 857648]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ policies \ system]
"EnableUIADesktopToggle" = 0 (0x0)

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ windows]
"AppInit_DLLs" = APSHook.dll avgrsstx.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.ac3filter" = ac3filter.acm

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKLM \ ~ \ startupfolder \ C: ^ ^ ProgramData Microsoft Wind ows ^ ^ Start Menu ^ Programs ^ Startup ^ WinZip Quick Pick.lnk]
path = C: \ programdata \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ WinZip Quick Pick.lnk
backup = C: \ Windows \ PSS \ WinZip Quick Pick.lnk.CommonStartup
backupExtension =. CommonStartup

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ 4oD]
- a ------ 2007-04-23 12:23 1032640 C: \ Program Files \ Kontiki \ KHost.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Adobe Reader Speed Launcher]
- a ------ 2008-06-12 02:38 34672 d: \ program files \ Reader \ reader_sl.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ASUS Kamera Screensaver]
- a ------ 2007-05-15 05:12 37232 C: \ Windows \ ASScrProlog.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ATKMEDIA]
- a ------ 2006-11-02 16:27 61440 C: \ Program Files \ ASUS \ ATK Media \ DMedia.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ AVG8_TRAY]
- a ------ 2009-03-11 13:13 1601304 C: \ programa ~ 1 \ AVG \ AVG8 \ avgtray.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ CognizanceTS]
-RA ------ 2003-12-21 22:11 17920 C: \ programa ~ 1 \ ASUSSE ~ 1 \ ASUSSE ~ 1 \ Bin \ ASTSVCC.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ehTray.exe]
- a ------ 2008-01-19 08:33 125952 C: \ Windows \ ehome \ ehtray.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Google Update]
- A ---- t-2009-03-17 22:06 133104 C: \ Users \ CHLOE \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ iTunesHelper]
- a ------ 2009-03-11 14:52 342312 C: \ Program Files \ iTunes \ iTunesHelper.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ msnmsgr]
- a ------ 2009-02-06 19:51 3885408 C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvCplDaemon]
- a ------ 2007-04-04 12:40 8429568 C: \ Windows \ System32 \ nvcpl.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvMediaCenter]
- a ------ 2007-04-04 12:40 81920 C: \ Windows \ System32 \ nvmctray.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvSvc]
- a ------ 2007-04-04 12:40 86016 C: \ Windows \ System32 \ nvsvc.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ QuickTime Task]
- a ------ 2009-01-05 17:18 413696 C: \ Program Files \ QuickTime \ QTTask.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ RocketDock]
- a ------ 2007-09-02 13:58 495616 C: \ Program Files \ RocketDock \ RocketDock.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SpybotSD TeaTimer]
-rahs ---- 2009-03-05 16:07 2260480 C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SunJavaUpdateSched]
- a ------ 2008-06-10 04:27 144784 C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ TkBellExe]
- a ------ 2009-03-16 20:58 198160 C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Windows Defender]
- a ------ 2008-01-19 08:38 1008184 C: \ Program Files \ Windows Defender \ MSASCui.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ WMPNSCFG]
- a ------ 2008-01-19 08:33 202240 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ (0228e555-4f9c-4e35-a3ec-b109a192b4c2)]
- a ------ 2005-07-15 22:48 479232 C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ RtHDVCpl]
- a ------ 2007-02-15 10:07 4390912 C: \ Windows \ RtHDVCpl.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje \ SymantecAntiVirus]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje \ SymantecFirewall]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje \ ZoneLabsFirewall]
"DisableMonitoring" = dword: 00000001

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ DomainProfile]
"EnableFirewall" = 0 (0x0)

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ FirewallRules]
"(71E74FA5-D1FA-4A82-9121-AE2CACB2ED04)" = = Profil Privatne | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(2FE2345B-5C77-485E-9855-FC6024DE75EC)" = = Profil Privatne | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(CC9CFD37-6799-47CF-9AEE-1063F21C5548)" = = Profil Privatne | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(3D44E6E8-68F3-42F0-B97E-1081F1354874)" = UDP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15
"(B2393435-26B3-4482-A391-C964F3370D66)" = TCP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15
"(1B1039C9-3AEF-4B2E-85CA-DA79FB7CDBD3)" = Onemogućene: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(F9EC3544-5A35-4D84-A067-E7167563791A)" = Onemogućene: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(A9CE85F3-F9BA-4875-B169-9DEF59911C8A)" = Onemogućene: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"Upita TCP Korisničke (0FAAFA32-F5A3-4C35-9AFD-A648E4B3016E) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent
"UDP upit Korisničke (CDC85196-C503-4F00-82DC-B95F8D021895) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent
"Upita TCP Korisničke (5D761702-BEB7-4B94-B693-1A7EF8E441ED) c: \ \ program files \ \ lako webtv radio & \ \ easywebtv.exe" = UDP: C: \ Program Files \ lako webtv & radio \ easywebtv.exe : Web TV \ radio \ Media
"UDP upit Korisničke (A7E2F9B1-976E-49B1-960A-8FE671DECB26) c: \ \ program files \ \ lako webtv radio & \ \ easywebtv.exe" = TCP: C: \ Program Files \ lako webtv & radio \ easywebtv.exe : Web TV \ radio \ Media
"(978D57EE-8CEF-4E88-B3CC-472590D8A602)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(038AD6DB-57BA-4294-B6BE-DC5AC329D87A)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"Upita TCP Korisničke (20F3997A-2406-9A96-42BC-17DBA8717938) c: \ \ program files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"UDP upit Korisničke (EBEDABDC-8DFA-4EA4-83A0-5D79C8A2BE45) c: \ \ program files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"Upita TCP Korisničke (A2D20908-089C-441B-B9C8-C8811AFCAB9E) c: \ \ program files \ \ limewire \ \ limewire.exe" = UDP: C: \ Program Files \ limewire \ limewire.exe: LimeWire
"UDP upit Korisničke (0B6B64F6-D6E9-4D1D-B83A-E6E85E360C05) c: \ \ program files \ \ limewire \ \ limewire.exe" = TCP: C: \ Program Files \ limewire \ limewire.exe: LimeWire
"(2E890455-237D-4ABA-BE37-B5E6E1862834)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(DDAAC8F6-7557-495A-82B3-EBFF9330A2CC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(5131D757-BC24-44C9-8EA5-E268DFC6DCAC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"Upita TCP Korisničke (4C52E1A6-D998-8E99-41D5-27F21E3CA7CB) c: \ \ program files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"UDP upit Korisničke (80235B6B-4AC3-2462-8A59-7534841DE76B) c: \ \ program files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"Upita TCP Korisničke (049DD1E6-8191-4983-A59D-240E79B46042) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent
"UDP upit Korisničke (9A00A32D-A675-4425-8F5E-1528AAB521FB) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent
"Upita TCP Korisničke (348698D9-5A1D-4E1C-AC00-DBDC43BE0ACF) c: \ \ program files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"UDP upit Korisničke (60AFF659-3A7C-488C-9CCA-0A8589DD32FA) c: \ \ program files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"Upita TCP Korisničke (3EF98A58-7B3C-42B1-8A5A-CF7DEF59C2A7) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Glavna Application
"UDP upit Korisničke (D8A0735D-6D19-4482-A90A-35A9D023DEBE) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Glavna Application
"Upita TCP Korisničke (7B392C25-D64F-4897-B5CC-5C9B83106BB0) c: \ \ program files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"UDP upit Korisničke 9990806D (-9198-4760-93E7-C65D44E1FE8A) c: \ \ program files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"Upita TCP Korisničke (9998DAB7-D775-4620-A491-D752230551A3) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"UDP upit Korisničke (B9293167-A4DC-43ED-893B-B5B1B89F9988) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"Upita TCP Korisničke (B04F6C2B-953A-469D-AFD8-4F3AE27A4941) c: \ \ Users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: C: \ Users \ chloe \ appdata \ roaming \ sopcast \ adv \ SOP adver.exe: sopadver.exe
"UDP upit Korisničke (914B6A2A-9A2A-43A8-B4EA-BB1EEDC476B5) c: \ \ Users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: C: \ Users \ chloe \ appdata \ roaming \ sopcast \ adv \ SOP adver.exe: sopadver.exe
"Upita TCP Korisničke (69F8C35B-6614-4033-B40E-59012B10975A) c: \ \ program files \ \ bearflix \ \ bearflix.exe" = UDP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix
"UDP upit Korisničke (89ABF64F-F79E-456D-9136-82A8675A3E17) c: \ \ program files \ \ bearflix \ \ bearflix.exe" = TCP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix
"(8D76BC83-ABC9-406B-8945-366EA3B7074B)" = UDP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client
"(9FC79C86-3E66-4A61-AA2A-FAB0C61E0453)" = TCP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client
"Upita TCP Korisničke (9FF9F89E-5323-45DB-89F0-BA37B84180EE) c: \ \ program files \ \ tvants \ \ tvants.exe" = UDP: C: \ Program Files \ tvants \ tvants.exe: TVAnts
"UDP upit Korisničke (C10505B7-BDD4-49BB-93E6-E73B8E6C4E33) c: \ \ program files \ \ tvants \ \ tvants.exe" = TCP: C: \ Program Files \ tvants \ tvants.exe: TVAnts
"Upita TCP Korisničke (A9E241F3-D69C-4E67-938B-33C91AB576A1) c: \ \ program files \ \ tvuplayer \ \ tvuplayer.exe" = UDP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player Komponenta
"UDP upit Korisničke (D3542B64-2CF9-4C20-B6CB-1D9096FF27EB) c: \ \ program files \ \ tvuplayer \ \ tvuplayer.exe" = TCP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player Komponenta
"(F8B68D6E-3A24-4B31-8261-FB3CA92B5740)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"Upita TCP Korisničke (4E95BA55-EDF5-491D-9059-F11FF353A128) c: \ \ Users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: C: \ Users \ chloe \ appdata \ roaming \ sopcast \ adv \ SOP adver.exe: sopadver.exe
"UDP upit Korisničke (55C79E39-F1AC-45C7-8F99-995A835F089A) c: \ \ Users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: C: \ Users \ chloe \ appdata \ roaming \ sopcast \ adv \ SOP adver.exe: sopadver.exe
"Upita TCP Korisničke (A3EF2380-6740-4FD5-913E-D67F54A54B11) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Glavna Application
"UDP upit Korisničke (E9C164FD-CB41-4D08-9DBA-BDDB929D1C86) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Glavna Application
"Upita TCP Korisničke (C1148110-2D5B-4810-8651-98FBFD3A6751) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"UDP upit Korisničke (F15683E5-A578-47EE-BEB1-4541978254F4) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"Upita TCP Korisničke (CCA39E89-B85B-41BA-9A33-CA6DB37579E4) D: \ \ program files \ \ clue.exe" = UDP: d: \ program files \ clue.exe: trag
"UDP upit Korisničke (39F3C83F-DCF0-43B4-B149-19F3630B3078) D: \ \ program files \ \ clue.exe" = TCP: d: \ program files \ clue.exe: trag
"(01834D55-82B5-480D-BEFF-52EDB82BB8B5)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(90ECB35B-6897-4166-A35A-04BC39978BA9)" = C: \ Program Files \ AVG \ AVG8 \ avgemc.exe: avgemc.exe
"(504F647E-1476-4948-AA42-DC1DF85CA9A8)" = C: \ Program Files \ AVG \ AVG8 \ avgupd.exe: avgupd.exe
"(CC411EBB-9ACA-4217-9994-ABB961E83B3C)" = UDP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (TCP-In)
"(031AA3B5-F93B-4E4B-9ED7-66C6B9FFF3E8)" = TCP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (UDP-In)
"(1D54F818-ABAC-418F-8F39-17EA7664FABE)" = UDP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour
"(3C9FFAF4-40EA-450F-A906-D34D3E2EFA72)" = TCP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour
"(6AC9F5D1-C3AC-4878-8740-8A3E10F857E2)" = UDP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes
"(77045B5E-EC2E-4749-AC23-32130CD39567)" = TCP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes
"(00BE12C0-42CB-4B64-AA07-80A45C05B97C)" = Onemogućene: UDP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008
"(0A529C81-B8E4-4809-A54B-B5141A997A78)" = Onemogućene: TCP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ PublicProfile]
"EnableFirewall" = 0 (0x0)

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ StandardProfile]
"EnableFirewall" = 0 (0x0)

R1 AvgLdx86; AVG Free AVI Loader Driver x86, c: \ Windows \ System32 \ Drivers \ avgldx86.sys [2008-12-24 325128]
R1 AvgTdiX; AVG8 Network preusmjerivač; c: \ Windows \ System32 \ Drivers \ avgtdix.sys [2009-03-11 107272]
R1 ItSDisk; ItSDisk; c: \ Windows \ System32 \ Drivers \ itsdis k.sys [2006-05-16 23496]
R1 PersonalSecureDrive; PersonalSecureDrive; c: \ Windows \ System32 \ Drivers \ psd.sys [2007-01-23 39080]
R2 ASBroker; Logon Session Broker; C: \ Windows \ System32 \ Svchost.exe-k suđenje [2008-08-07 21504]
R2 ASChannel; Lokalni komunikacijski kanal; C: \ Windows \ System32 \ Svchost.exe-k suđenje [2008-08-07 21504]
R2 avg8emc; Free8 AVG E-mail Scanner, c: \ programa ~ 1 \ AVG \ AVG8 \ avgemc.exe [2009-03-11 903960]
R2 avg8wd; AVG Free8 Watchdog, c: \ programa ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2009-03-11 298264]
R2 HDDlife HDD Access usluge; HDDlife HDD Pristup usluzi, c: \ program files \ BinarySense \ HDDlife 3 \ hldasvc.exe [2007-08-09 816376]
R2 SBSDWSCService; SBSD Security Center Service; C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe [2007-07-15 1153368]
R2 StkSSrv; Syntek AVStream USB2.0 Webcam Service; C: \ Windows \ System32 \ StkCSrv.exe [2007-02-07 24576]
R3 AtcL001; NDIS Miniport Driver za Attansic L1 Gigabit Ethernet Controller; c: \ Windows \ System32 \ Drivers \ atl01v32.sy s [2007-03-15 48128]
R3 StkCMini; Syntek AVStream USB2.0 1.3M Webcam, c: \ Windows \ System32 \ Drivers \ StkCMini.sys [2007-02-13 1245056]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Svchost]
bthsvcs REG_MULTI_SZ BthServ
Spoznaja REG_MULTI_SZ ASBroker ASChannel

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ E]
\ shell \ autorun \ naredbu - E: \ Start.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ H]
\ shell \ autorun \ naredbu - H: \ LaunchU3.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (1a4a90a1-32d4-11dc-aa3d-001bfc03310e)]
\ shell \ autorun \ naredbu - H: \ LaunchU3.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (c1865685-0291-11dc-b943-806e6f6e6963)]
\ shell \ autorun \ naredbu - E: \ Autorun.exe
.
Sadržaj je 'Scheduled Tasks' folder

2009/01/11 C: \ Windows \ Tasks \ prevariti Job # 00.job
- C: \ Program Files \ DiskTrix \ UltimateDefrag \ UDefrag.exe []

2009/03/26 C: \ Windows \ Tasks \ GoogleUpdateTaskUserS-1-5-21-3600620296-2450975610-132854369-1000.job
- C: \ Users \ CHLOE \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [2009-03-17 22:06]

2009/03/30 C: \ Windows \ Tasks \ User_Feed_Synchronization-5963E371 (-2796-42F4-9A54-042DA9F406BC). Posao
- C: \ windows \ system32 \ msfeedssync.exe [2008-01-19 08:33]
.
.
------- Supplementary Scan -------
.
Page uStart = hxxp: / / www.google.co.uk/
uInternet Postavke, ProxyOverride = *. lokalne
IE: E & zvezi u Microsoft Excel - C: \ programa ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000
FF - ProfilePath - C: \ Users \ CHLOE \ AppData \ Roaming \ Mozilla \ Firefox \ Pro files \ ppnzryw9.default \
FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? Ctid = CT1178131 & SearchSource = 3 & q =
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp: / / www.google.co.uk/
FF - komponentu: c: \ program files \ AVG \ AVG8 \ Firefox \ components \ avgssff.dll
FF - komponentu: c: \ program files \ AVG \ AVG8 \ ToolbarFF \ components \ vmAVGConnector. Dll
FF - komponentu: c: \ Program Files \ Real \ RealPlayer \ browserrecord \ components \ npr. pbrowserrecordplugin.dll
FF - komponentu: c: \ Users \ CHLOE \ AppData \ Roaming \ Mozilla \ Firefox \ Pro files \ ppnzryw9.default \ ekstenzije \ (463F6CA5-EE3C-4be1-B7E6-7FEE11953374) \ platforma \ WINNT \ components \ FoxyTunes. dll
FF - čep: C: \ Program Files \ Mozilla Firefox \ plugins \ NP-mswmp.dll
FF - čep: c: \ Users \ CHLOE \ AppData \ Local \ Google \ Update \ 1.2.141 .5 \ npGoogleOneClick7.dll
FF - čep: d: \ program files \ Reader \ preglednik \ nppdf32.dll

---- ---- FireFox POLITIKE
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref (general.useragent.extra.zencast, Creative ZENcast v2.00.07.

************************************************** ************************

catchme 0.3.1375 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2009-03-30 22:08:49
Windows 6.0.6001 Service Pack 1 NTFS

skeniranja skrivenih procesa ...

skeniranja skrivenih autostart entries ...

skeniranja skrivenih datoteka ...

scan uspješno završena
skrivenih datoteka: 0

************************************************** ************************
.
--------------------- Loaded DLL datoteke koje Under Running Processes ---------------------

- - - - - - -> 'Lsass.exe "(696)
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ bin \ ASWLNPkg.dll
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ bin \ ItMsg.dll

- - - - - - -> "Explorer.exe" (5000)
C: \ Program Files \ RocketDock \ RocketDock.dll
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ Bin \ SFSShell.dll
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ Bin \ ItMsg.dll
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Windows \ System32 \ audiodg.exe
c: \ windows \ system32 \ ZoneLabs \ vsmon.exe
C: \ Windows \ System32 \ wlanext.exe
C: \ Program Files \ ATK brza tipka \ ASLDRSrv.exe
C: \ Program Files \ ATKGFNEX \ GFNEXSrv.exe
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ Bin \ asghost.exe
C: \ Program Files \ ATK brza tipka \ HControl.exe
C: \ Program Files \ ATKOSD2 \ ATKOSD2.exe
C: \ Program Files \ Wireless Console 2 \ wcourier.exe
C: \ Program Files \ ASUS \ Splendid \ ACMON.exe
C: \ Program Files \ P4G \ BatteryLife.exe
C: \ Windows \ System32 \ ACEngSvr.exe
C: \ Program Files \ ATK brza tipka \ ATKOSD.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
c: \ programa ~ 1 \ AVG \ AVG8 \ avgrsx.exe
c: \ programa ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ IAANTmon.exe
C: \ Windows \ System32 \ IFXTCS.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Windows \ System32 \ IfxPsdSv.exe
C: \ Windows \ System32 \ PSIService.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ Program Files \ ASUS \ NB provjeru \ SPM \ spmgr.exe
C: \ Program Files \ AVG \ AVG8 \ avgcsrvx.exe
C: \ Windows \ System32 \ IfxUAGUI.exe
C: \ Program Files \ Infineon \ Security Platform Software \ PSDrt.exe
C: \ Program Files \ Infineon \ Security Platform Software \ SpTNA.exe
C: \ Windows \ System32 \ rundll32.exe
.
************************************************** ************************
.
Completion time: 2009-03-30 22:16:25 - machine je ponovno podizanje sustava
ComboFix-u karanteni-files.txt 2009-03-30 21:15:12

Pre-Run: 38800285696 bytes free
Post-Run: 38307028992 bytes free

Current = 1 Default = 1 Failed = 0 LastKnownGood = 41 Kompleti = 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35, 36,37,38,39,40,41
354 --- EOF --- 2009-03-29 15:30:34

Još jedno pitanje brzo krijesnica Čini se kako se izvodi nešto sporije nego obično i kad zatvorite ga i idite na start it up a kasnije. Internet dogoditi se gore sa poruka kazivanje krijesnica se trenutno prikazuju, ali ne reagira. Molimo Vas da zatvorite sve verzije prije pokussavaju ponovo ili nešto uz one linije. Kamo sreće da se prijavite ukazati / prikazati bilo kojeg razloga za to? Žao nam je, ako taj glupo pitanje.

**evilfantasy** · #8 30. ožujak 2009, 15:17

Izbriši ove datoteke / mape, kako slijedi:

1. Idi na Početak > Pokrenuti > Tip Notepad.exe i kliknite U redu otvoriti Notepad.
To morati biti Notepad, WordPad ne.
2. Kopiraj tekst ispod u okvir code by označavanje svih tekstualnih i pritiskom na Ctrl + C

Code:

KillAll:: Registry: [-HKEY_LOCAL_MACHINE \ Software \ Microsoft \ sigurnosni centar \ Praćenje \ SymantecAntiVirus] [-HKEY_LOCAL_MACHINE \ Software \ Microsoft \ sigurnosni centar \ Praćenje \ SymantecFirewall] [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ E] [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ (c1865685-0291-11dc-b943-806e6f6e6963)] Firefox:: FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? ctid = CT1178131 & SearchSource = 3 & q = FF - prefs.js: browser.search.selectedEngine - Web Search

3. Idi na Notepad prozor i kliknite na Uredi > Zalijepi
4. Zatim kliknite na Datoteka > Spremiti
5. Ime datoteke CFScript.txt - Spremi datoteku na svoj Desktop
6. Zatim povucite CFScript (držite lijevu tipku miša dok povučete datoteku), a pad je (otpustite lijevu tipku miša) u ComboFix.exe kao što vidite na sliki ispod. Važno: Obavi ovo uputstvo pažljivo!

ComboFix će se početi izvršavati, samo slijedite upute.
Nakon što ponovno podizanje sustava (u slučaju da ga zatraži ponovno podizanje sustava), on će proizvesti prijava za vas.
Pošta koja log (Combofix.txt) u sljedeći odgovor.

Napomena: Ne mouseclick ComboFix's prozor dok je pokrenut. To svibanj nanijeti tvoj sistem za zamrzavanje

----------

Download Norton Removal Tool (SymNRT) na svoj Desktop.

Jednom preuzete zatvorite sve otvorene preglednici, također ste kakav posao, jer je ova svibanj zahtijevaju restart.

Idite na svoju radnu površinu i dvostrukim klikom na uklanjanje alat i kliknite Setup.
Nakon što otvorite Kliknite Dalje
Prihvatili licencni ugovor i kliknite Dalje
Upišite slova / brojeva koje ste vidjeli u okvir za tekst, a onda kliknite Dalje.
Zatim kliknite na Dalje a alat će se početi prikazivati.
Kada završite, ponovo pokrenite računalo.
Izbriši Nortonremoval alata na računalu.

----------

Vaš Java je zastarjela.

Starije verzije imaju propusta koji zlonamjernim web stranice možete koristiti za zaraziti sustav.

Prvo instalirajte novi Nedjelja Java Runtime Environment

Budite sigurni da zatvorite sve prozore preglednika prije nego počnu instalirati.

Izvadite staru verziju (s)

Preuzimanje JavaRa

Otvoriti rajsfešlus datoteku i otvorite je JavaRa.exe
Kliknite Ukloni Starije verzije
JavaRa će traľiti i uklonite sve zastarjela verzija Java i ukloniti sve koji su pronađeni.
Kliknite Dodatni zadaci
Upišite potvrdni pored Remove Files beskorisnih JRE i kliknite Ići
Izlaz JavaRa
Brisanje datoteke iz JavaRa Desktop

Dodatna Napomena: Taj Quick Početničkog Java (JQS.exe) dodaje kako bi poboljšala uslugu početno vrijeme za pokretanje Java appleta i aplikacija. Da biste onemogućili JQS uslugu ako ne želite koristiti, idite na Start> Control Panel> Java> Advanced> Razno i UnOznačite okvir za Java Quick Starter. Kliknite na OK i ponovno podizanje sustava tvoj računalo.

----------

Preuzimanje ATF čistiju by Atribune na svoj Desktop.

Alternate download link

Napomena: Vista korisnici moraju koristiti Pokreni kao administrator

Pod Main: Odaberite Delete Files u odaberite: Odaberi Sve.
Kliknite Prazan Izdvojeno gumb.
Ako koristite Firefox preglednik klikni Firefox na vrhu i odaberite: Odaberi Sve
Kliknite Prazan Izdvojeno gumb.
Ako želite zadržati svoje spremljene lozinke kliknite Ne na redak.
Ako koristite Opera browser klikni Opera na vrhu i odaberite: Odaberi Sve
Kliknite Prazan Izdvojeno gumb.
Ako želite zadržati svoje spremljene lozinke kliknite Ne na redak.
Kliknite Izlaz na glavnom izborniku za zatvaranje programa.

Imajte na umu da vaš sustav će se pokrenuti sporiji za pokretanje ili dva nakon što koristiti ovaj alat kako ne paničari.

Važno: Ponovo pokrenite računalo prije nego što nastavite.

----------

Kako je na računalu pokrenut sad?

**HistoryGirl** · #9 31. ožujak 2009, 09:25

Novi ComboFix Log:

ComboFix 09-03-29.04 - CHLOE 2009-03-31 16:37:20.2 - NTFSx86
Microsoft ® Windows Vista ™ Ultimate 6.0.6001.1.1252.1.1033.18.2046.1173 [GMT 1:00]
Running from: C: \ Users \ CHLOE \ Desktop \ ComboFix.exe
Naredba prekidači koji se koriste:: C: \ Users \ CHLOE \ Desktop \ CFScript.txt
AV: AVG Anti-Virus Free * On-omogućen pristup skeniranju * (Ažurirano)
FW: ZoneAlarm Firewall omoguæi * *
* Created novu točku vraćanja
.

((((((((((((((((((((((((( Files Created from 2009/02/28 da 2009/03/31 ))))))))))) ))))))))))))))))))))
.

2009-03-31 17:15. 2009-03-31 17:15 45.056 - a ------ C: \ Windows \ System32 \ acovcnt.exe
2009-03-30 22:26. 2009-03-30 22:26 <DIR> d -------- C: \ Program Files \ MediaMonkey
2009-03-29 16:23. 2008-06-20 02:14 781.344 - a ------ C: \ Windows \ System32 \ PresentationNative_v0300.dll
2009-03-29 16:23. 2008-06-20 02:14 622.080 - a ------ C: \ Windows \ System32 \ icardagt.exe
2009-03-29 16:23. 2008-06-20 02:14 326.160 - a ------ C: \ Windows \ System32 \ PresentationHost.exe
2009-03-29 16:23. 2008-06-20 02:14 105.016 - a ------ C: \ Windows \ System32 \ PresentationCFFRasterizerNativ e_v0300.dll
2009-03-29 16:23. 2008-06-20 02:14 97.800 - a ------ C: \ Windows \ System32 \ infocardapi.dll
2009-03-29 16:23. 2008-06-20 02:14 43.544 - a ------ C: \ Windows \ System32 \ PresentationHostProxy.dll
2009-03-29 16:23. 2008-06-20 02:14 37.384 - a ------ C: \ Windows \ System32 \ infocardcpl.cpl
2009-03-29 16:23. 2008-06-20 02:14 11.264 - a ------ C: \ Windows \ System32 \ icardres.dll
2009-03-29 16:15. 2008-07-27 19:03 282.112 - a ------ C: \ Windows \ System32 \ mscoree.dll
2009-03-29 16:15. 2008-07-27 19:03 96.760 - a ------ C: \ Windows \ System32 \ dfshim.dll
2009-03-29 16:15. 2008-07-27 19:03 41.984 - a ------ C: \ Windows \ System32 \ netfxperf.dll
2009-03-29 16:14. 2008-07-27 19:03 158.720 - a ------ C: \ Windows \ System32 \ mscorier.dll
2009-03-29 16:14. 2008-07-27 19:03 83.968 - a ------ C: \ Windows \ System32 \ mscories.dll
2009-03-29 13:52. 2009-03-29 13:53 <DIR> d -------- C: \ Program Files \ Defraggler
2009-03-29 13:26. 2008-02-23 05:38 170.496 - a ------ C: \ Windows \ System32 \ tcpipcfg.dll
2009-03-29 13:26. 2008-02-23 03:41 22.528 - a ------ C: \ Windows \ System32 \ netiougc.exe
2009-03-29 13:25. 2009-02-16 00:10 1.221.512 - a ------ C: \ Windows \ System32 \ zpeng25.dll
2009-03-17 21:57. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Microsoft
2009-03-17 21:56. 2009-03-17 21:56 <DIR> d -------- C: \ Windows \ PCHEALTH
2009-03-16 22:43. 2009-03-28 22:36 <DIR> d - h ----- C: \ $ $ AVG8.VAULT
2009-03-16 20:59. 2009-03-16 20:59 25 - a ------ C: \ Windows \ cdplayer.ini
2009-03-14 00:34. 2008-12-05 05:32 428.544 - a ------ C: \ Windows \ System32 \ EncDec.dll
2009-03-14 00:34. 2008-12-05 05:32 293.376 - a ------ C: \ Windows \ System32 \ psisdecd.dll
2009-03-14 00:34. 2008-12-05 05:31 217.088 - a ------ C: \ Windows \ System32 \ psisrndr.ax
2009-03-14 00:34. 2008-12-05 05:31 177.664 - a ------ C: \ Windows \ System32 \ mpg2splt.ax
2009-03-14 00:34. 2008-12-05 05:31 80.896 - a ------ C: \ Windows \ System32 \ MSNP.ax
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ programdata \ (00D89592-F643-4D8D-8F0F-AFAE0F14D4C3)
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iTunes
2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iPod
2009-03-14 00:29. 2008-04-17 13:12 107.368 - a ------ C: \ Windows \ System32 \ GEARAspi.dll
2009-03-14 00:29. 2009-01-15 13:19 23.848 - a ------ C: \ Windows \ System32 \ Drivers \ GEARAspiWDM.sys
2009-03-14 00:26. 2009-03-14 00:27 <DIR> d -------- C: \ Program Files \ QuickTime
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ programdata \ Kontiki
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Kontiki
2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Channel4
2009-03-12 23:38. 2009-03-12 23:38 <DIR> d -------- C: \ programdata \ Channel4
2009-03-11 22:33. 2009-03-31 17:16 <DIR> d -------- C: \ Users \ CHLOE \ Odličja
2009-03-11 22:22. 2009-03-11 22:22 <DIR> d -------- C: \ Program Files \ Windows Live SkyDrive
2009-03-11 22:22. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Windows Live
2009-03-11 21:57. 2009-03-11 21:57 <DIR> d -------- C: \ Program Files \ Common Files \ Windows Live
2009-03-11 13:13. 2009-03-11 21:47 <DIR> d -------- C: \ Program Files \ Amazon
2009-03-11 13:13. 2009-03-11 13:13 107.272 - a ------ C: \ Windows \ System32 \ Drivers \ avgtdix.sys
2009-03-11 02:09. 2009-01-15 04:36 1.383.424 - a ------ C: \ Windows \ System32 \ mshtml.tlb
2009-03-11 02:09. 2009-01-15 07:11 827.392 - a ------ C: \ Windows \ System32 \ Wininet.dll
2009-03-11 02:05. 2008-12-16 04:29 8.147.456 - a ------ C: \ Windows \ System32 \ wmploc.DLL
2009-03-11 02:05. 2008-12-16 06:31 7.680 - a ------ C: \ Windows \ System32 \ spwmp.dll
2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ msdxm.ocx
2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ dxmasf.dll
2009-03-11 02:03. 2008-12-16 03:42 288.768 - a ------ C: \ Windows \ System32 \ Drivers \ srv.sys
2009-03-11 02:03. 2008-11-27 05:43 268.288 - a ------ C: \ Windows \ System32 \ schannel.dll
2009-03-11 02:02. 2009-02-09 04:10 2.033.152 - a ------ C: \ Windows \ System32 \ Win32k.sys
2009-02-06 19:52. 2009-02-06 19:52 49.504 - a ------ C: \ Windows \ System32 \ sirenacm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-31 16:15 --------- d --- AW c: \ programdata \ Temp
2009-03-31 16:14 350.195 ha ----w C: \ Windows \ System32 \ Drivers \ vsconfig.xml
2009-03-29 14:42 --------- d ----- wc: \ programdata \ Spybot - Search & Destroy
2009-03-29 14:42 --------- d ----- wc: \ Program Files \ Spybot - Search & Destroy
2009-03-29 14:42 --------- d ----- wc: \ Program Files \ CCleaner
2009-03-19 16:48 --------- d ----- wc: \ Users \ CHLOE \ AppData \ Roaming \ uTorrent
2009-03-16 19:58 --------- d ----- wc: \ Program Files \ Common Files \ Real
2009-03-13 23:29 --------- d ----- wc: \ programdata \ Apple Computer
2009-03-13 23:29 --------- d ----- wc: \ Program Files \ Common Files \ Apple
2009-03-13 23:27 --------- d ----- wc: \ Program Files \ Bonjour
2009-03-12 22:24 --------- d ----- wc: \ Program Files \ Google
2009-03-11 23:07 --------- d ----- wc: \ Program Files \ Microsoft Silverlight
2009-03-11 23:05 --------- d ----- wc: \ Program Files \ Windows Mail
2009-03-11 12:13 325.128 AW ---- C: \ Windows \ System32 \ Drivers \ avgldx86.sys
2009-03-11 11:52 --------- d ----- wc: \ programdata \ avg8
2009-02-15 23:11 293.528 AW ---- C: \ Windows \ System32 \ Drivers \ vsdatant.sys
2009-01-14 20:20 55.232 AW ---- C: \ Users \ CHLOE \ AppData \ Roaming \ GDIPFONTCACHEV1.DAT
2008-12-31 21:51 13.025 AW ---- C: \ Users \ CHLOE \ AppData \ Roaming \ nvModes.dat
2008-12-31 14:32 174 - SHA-w C: \ Program Files \ desktop.ini
2008-11-19 15:31 81.920 AW ---- C: \ Users \ CHLOE \ AppData \ Roaming \ ezpinst.exe
2008-11-19 15:31 47.360 AW ---- C: \ Users \ CHLOE \ AppData \ Roaming \ pcouffin.sys
2007-05-31 18:23 77.160 AW ---- C: \ Users \ CHLOE \ DSETUP.dll
2007-05-31 18:23 503.144 AW ---- C: \ Users \ CHLOE \ DXSETUP.exe
2007-05-31 18:23 1.673.576 AW ---- C: \ Users \ CHLOE \ dsetup32.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-03-30_22.13.33.29 )))))))))) )))))))))))))))))))))))))))))))
.
+ 2009-03-31 16:14:31 2.048 - SHA-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ cal Lo \ lastalive0.dat
+ 2009-03-31 16:14:31 2.048 - SHA-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ cal Lo \ lastalive1.dat
- 2009-03-30 21:07:56 1.048.576 - SHA-w C: \ Windows \ ServiceProfiles \ LocalService \ NTUSER.DAT
+ 2009-03-31 16:15:44 1.048.576 - SHA-w C: \ Windows \ ServiceProfiles \ LocalService \ NTUSER.DAT
- 2009-03-30 21:07:56 1.048.576 - SHA-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT
+ 2009-03-31 16:15:44 1.048.576 - SHA-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT
- 2009-03-30 21:07:06 16.384 - SHA-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Povijest \ History.IE5 \ index.d na
+ 2009-03-31 16:14:35 16.384 - SHA-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Povijest \ History.IE5 \ index.d na
- 2009-03-30 21:07:06 32.768 - SHA-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ Index.dat
+ 2009-03-31 16:14:35 32.768 - SHA-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ Index.dat
- 2009-03-30 21:07:06 16.384 - SHA-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ R oaming \ Microsoft \ Windows \ Cookies \ Index.dat
+ 2009-03-31 16:14:35 16.384 - SHA-w C: \ Windows \ System32 \ Config \ systemprofile \ AppData \ R oaming \ Microsoft \ Windows \ Cookies \ Index.dat
- 2009-03-30 19:05:35 126.818 AW ---- C: \ Windows \ System32 \ perfc007.dat
+ 2009-03-31 15:21:23 126.818 AW ---- C: \ Windows \ System32 \ perfc007.dat
- 2009-03-30 19:05:35 119.076 AW ---- C: \ Windows \ System32 \ perfc009.dat
+ 2009-03-31 15:21:23 119.076 AW ---- C: \ Windows \ System32 \ perfc009.dat
- 2009-03-30 19:05:35 127.578 AW ---- C: \ Windows \ System32 \ perfc00C.dat
+ 2009-03-31 15:21:23 127.578 AW ---- C: \ Windows \ System32 \ perfc00C.dat
- 2009-03-30 19:05:35 124.352 AW ---- C: \ Windows \ System32 \ perfc010.dat
+ 2009-03-31 15:21:23 124.352 AW ---- C: \ Windows \ System32 \ perfc010.dat
- 2009-03-30 19:05:35 130.866 AW ---- C: \ Windows \ System32 \ perfc013.dat
+ 2009-03-31 15:21:23 130.866 AW ---- C: \ Windows \ System32 \ perfc013.dat
- 2009-03-30 19:05:35 130.272 AW ---- C: \ Windows \ System32 \ perfc019.dat
+ 2009-03-31 15:21:23 130.272 AW ---- C: \ Windows \ System32 \ perfc019.dat
- 2009-03-30 19:05:35 620.942 AW ---- C: \ Windows \ System32 \ perfh007.dat
+ 2009-03-31 15:21:23 620.942 AW ---- C: \ Windows \ System32 \ perfh007.dat
- 2009-03-30 19:05:35 644.794 AW ---- C: \ Windows \ System32 \ perfh009.dat
+ 2009-03-31 15:21:23 644.794 AW ---- C: \ Windows \ System32 \ perfh009.dat
- 2009-03-30 19:05:35 672.380 AW ---- C: \ Windows \ System32 \ perfh00C.dat
+ 2009-03-31 15:21:23 672.380 AW ---- C: \ Windows \ System32 \ perfh00C.dat
- 2009-03-30 19:05:35 666.234 AW ---- C: \ Windows \ System32 \ perfh010.dat
+ 2009-03-31 15:21:23 666.234 AW ---- C: \ Windows \ System32 \ perfh010.dat
- 2009-03-30 19:05:35 669.852 AW ---- C: \ Windows \ System32 \ perfh013.dat
+ 2009-03-31 15:21:23 669.852 AW ---- C: \ Windows \ System32 \ perfh013.dat
- 2009-03-30 19:05:35 657.990 AW ---- C: \ Windows \ System32 \ perfh019.dat
+ 2009-03-31 15:21:23 657.990 AW ---- C: \ Windows \ System32 \ perfh019.dat
- 2009-03-30 19:03:55 17.414 AW ---- C: \ Windows \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin
+ 2009-03-31 16:17:14 18.026 AW ---- C: \ Windows \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin
- 2009-03-30 19:03:55 81.750 AW ---- C: \ Windows \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin
+ 2009-03-31 16:17:14 81.884 AW ---- C: \ Windows \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin
- 2009-03-30 19:03:54 68.204 AW ---- C: \ Windows \ System32 \ WDI \ ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2009-03-31 15:15:30 68.346 AW ---- C: \ Windows \ System32 \ WDI \ ShutdownPerformanceDiagnos tics_SystemData.bin
.
- Kratki pregled resetirati na trenutni datum --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & čitljiv default unose se ne prikazuju
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"RocketDock" = "C: \ Program Files \ RocketDock \ RocketDock.exe" [2007-09-02 495616]
"msnmsgr" = "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" [2009-02-06 3885408]
"WMPNSCFG" = "C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"ASUS Screen Saver protektor" = "C: \ Windows \ ASScrPro.exe" [2007-05-15 33136]
"IFXSPMGT" = "c: \ windows \ system32 \ ifxspmgt.exe" [2007-02-26 677408]
"ZoneAlarm Client" = "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" [2009-02-16 981384]
"SynTPEnh" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe" [2007-03-01 857648]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ policies \ system]
"EnableUIADesktopToggle" = 0 (0x0)

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ windows]
"AppInit_DLLs" = APSHook.dll avgrsstx.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.ac3filter" = ac3filter.acm

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKLM \ ~ \ startupfolder \ C: ^ ^ ProgramData Microsoft Wind ows ^ ^ Start Menu ^ Programs ^ Startup ^ WinZip Quick Pick.lnk]
path = C: \ programdata \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ WinZip Quick Pick.lnk
backup = C: \ Windows \ PSS \ WinZip Quick Pick.lnk.CommonStartup
backupExtension =. CommonStartup

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ 4oD]
- a ------ 2007-04-23 12:23 1032640 C: \ Program Files \ Kontiki \ KHost.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Adobe Reader Speed Launcher]
- a ------ 2008-06-12 02:38 34672 d: \ program files \ Reader \ reader_sl.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ASUS Kamera Screensaver]
- a ------ 2007-05-15 05:12 37232 C: \ Windows \ ASScrProlog.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ATKMEDIA]
- a ------ 2006-11-02 16:27 61440 C: \ Program Files \ ASUS \ ATK Media \ DMedia.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ AVG8_TRAY]
- a ------ 2009-03-11 13:13 1601304 C: \ programa ~ 1 \ AVG \ AVG8 \ avgtray.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ CognizanceTS]
-RA ------ 2003-12-21 22:11 17920 C: \ programa ~ 1 \ ASUSSE ~ 1 \ ASUSSE ~ 1 \ Bin \ ASTSVCC.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ehTray.exe]
- a ------ 2008-01-19 08:33 125952 C: \ Windows \ ehome \ ehtray.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Google Update]
- A ---- t-2009-03-17 22:06 133104 C: \ Users \ CHLOE \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ iTunesHelper]
- a ------ 2009-03-11 14:52 342312 C: \ Program Files \ iTunes \ iTunesHelper.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ msnmsgr]
- a ------ 2009-02-06 19:51 3885408 C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvCplDaemon]
- a ------ 2007-04-04 12:40 8429568 C: \ Windows \ System32 \ nvcpl.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvMediaCenter]
- a ------ 2007-04-04 12:40 81920 C: \ Windows \ System32 \ nvmctray.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvSvc]
- a ------ 2007-04-04 12:40 86016 C: \ Windows \ System32 \ nvsvc.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ QuickTime Task]
- a ------ 2009-01-05 17:18 413696 C: \ Program Files \ QuickTime \ QTTask.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ RocketDock]
- a ------ 2007-09-02 13:58 495616 C: \ Program Files \ RocketDock \ RocketDock.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SpybotSD TeaTimer]
-rahs ---- 2009-03-05 16:07 2260480 C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SunJavaUpdateSched]
- a ------ 2008-06-10 04:27 144784 C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ TkBellExe]
- a ------ 2009-03-16 20:58 198160 C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Windows Defender]
- a ------ 2008-01-19 08:38 1008184 C: \ Program Files \ Windows Defender \ MSASCui.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ WMPNSCFG]
- a ------ 2008-01-19 08:33 202240 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ (0228e555-4f9c-4e35-a3ec-b109a192b4c2)]
- a ------ 2005-07-15 22:48 479232 C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ RtHDVCpl]
- a ------ 2007-02-15 10:07 4390912 C: \ Windows \ RtHDVCpl.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje \ ZoneLabsFirewall]
"DisableMonitoring" = dword: 00000001

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ DomainProfile]
"EnableFirewall" = 0 (0x0)

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ FirewallRules]
"(71E74FA5-D1FA-4A82-9121-AE2CACB2ED04)" = = Profil Privatne | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(2FE2345B-5C77-485E-9855-FC6024DE75EC)" = = Profil Privatne | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(CC9CFD37-6799-47CF-9AEE-1063F21C5548)" = = Profil Privatne | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(3D44E6E8-68F3-42F0-B97E-1081F1354874)" = UDP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15
"(B2393435-26B3-4482-A391-C964F3370D66)" = TCP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15
"(1B1039C9-3AEF-4B2E-85CA-DA79FB7CDBD3)" = Onemogućene: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(F9EC3544-5A35-4D84-A067-E7167563791A)" = Onemogućene: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(A9CE85F3-F9BA-4875-B169-9DEF59911C8A)" = Onemogućene: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"Upita TCP Korisničke (0FAAFA32-F5A3-4C35-9AFD-A648E4B3016E) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent
"UDP upit Korisničke (CDC85196-C503-4F00-82DC-B95F8D021895) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent
"Upita TCP Korisničke (5D761702-BEB7-4B94-B693-1A7EF8E441ED) c: \ \ program files \ \ lako webtv radio & \ \ easywebtv.exe" = UDP: C: \ Program Files \ lako webtv & radio \ easywebtv.exe : Web TV \ radio \ Media
"UDP upit Korisničke (A7E2F9B1-976E-49B1-960A-8FE671DECB26) c: \ \ program files \ \ lako webtv radio & \ \ easywebtv.exe" = TCP: C: \ Program Files \ lako webtv & radio \ easywebtv.exe : Web TV \ radio \ Media
"(978D57EE-8CEF-4E88-B3CC-472590D8A602)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(038AD6DB-57BA-4294-B6BE-DC5AC329D87A)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"Upita TCP Korisničke (20F3997A-2406-9A96-42BC-17DBA8717938) c: \ \ program files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"UDP upit Korisničke (EBEDABDC-8DFA-4EA4-83A0-5D79C8A2BE45) c: \ \ program files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"Upita TCP Korisničke (A2D20908-089C-441B-B9C8-C8811AFCAB9E) c: \ \ program files \ \ limewire \ \ limewire.exe" = UDP: C: \ Program Files \ limewire \ limewire.exe: LimeWire
"UDP upit Korisničke (0B6B64F6-D6E9-4D1D-B83A-E6E85E360C05) c: \ \ program files \ \ limewire \ \ limewire.exe" = TCP: C: \ Program Files \ limewire \ limewire.exe: LimeWire
"(2E890455-237D-4ABA-BE37-B5E6E1862834)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(DDAAC8F6-7557-495A-82B3-EBFF9330A2CC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(5131D757-BC24-44C9-8EA5-E268DFC6DCAC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"Upita TCP Korisničke (4C52E1A6-D998-8E99-41D5-27F21E3CA7CB) c: \ \ program files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"UDP upit Korisničke (80235B6B-4AC3-2462-8A59-7534841DE76B) c: \ \ program files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"Upita TCP Korisničke (049DD1E6-8191-4983-A59D-240E79B46042) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent
"UDP upit Korisničke (9A00A32D-A675-4425-8F5E-1528AAB521FB) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent
"Upita TCP Korisničke (348698D9-5A1D-4E1C-AC00-DBDC43BE0ACF) c: \ \ program files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"UDP upit Korisničke (60AFF659-3A7C-488C-9CCA-0A8589DD32FA) c: \ \ program files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek
"Upita TCP Korisničke (3EF98A58-7B3C-42B1-8A5A-CF7DEF59C2A7) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Glavna Application
"UDP upit Korisničke (D8A0735D-6D19-4482-A90A-35A9D023DEBE) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Glavna Application
"Upita TCP Korisničke (7B392C25-D64F-4897-B5CC-5C9B83106BB0) c: \ \ program files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"UDP upit Korisničke 9990806D (-9198-4760-93E7-C65D44E1FE8A) c: \ \ program files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox
"Upita TCP Korisničke (9998DAB7-D775-4620-A491-D752230551A3) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"UDP upit Korisničke (B9293167-A4DC-43ED-893B-B5B1B89F9988) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"Upita TCP Korisničke (B04F6C2B-953A-469D-AFD8-4F3AE27A4941) c: \ \ Users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: C: \ Users \ chloe \ appdata \ roaming \ sopcast \ adv \ SOP adver.exe: sopadver.exe
"UDP upit Korisničke (914B6A2A-9A2A-43A8-B4EA-BB1EEDC476B5) c: \ \ Users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: C: \ Users \ chloe \ appdata \ roaming \ sopcast \ adv \ SOP adver.exe: sopadver.exe
"Upita TCP Korisničke (69F8C35B-6614-4033-B40E-59012B10975A) c: \ \ program files \ \ bearflix \ \ bearflix.exe" = UDP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix
"UDP upit Korisničke (89ABF64F-F79E-456D-9136-82A8675A3E17) c: \ \ program files \ \ bearflix \ \ bearflix.exe" = TCP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix
"(8D76BC83-ABC9-406B-8945-366EA3B7074B)" = UDP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client
"(9FC79C86-3E66-4A61-AA2A-FAB0C61E0453)" = TCP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client
"Upita TCP Korisničke (9FF9F89E-5323-45DB-89F0-BA37B84180EE) c: \ \ program files \ \ tvants \ \ tvants.exe" = UDP: C: \ Program Files \ tvants \ tvants.exe: TVAnts
"UDP upit Korisničke (C10505B7-BDD4-49BB-93E6-E73B8E6C4E33) c: \ \ program files \ \ tvants \ \ tvants.exe" = TCP: C: \ Program Files \ tvants \ tvants.exe: TVAnts
"Upita TCP Korisničke (A9E241F3-D69C-4E67-938B-33C91AB576A1) c: \ \ program files \ \ tvuplayer \ \ tvuplayer.exe" = UDP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player Komponenta
"UDP upit Korisničke (D3542B64-2CF9-4C20-B6CB-1D9096FF27EB) c: \ \ program files \ \ tvuplayer \ \ tvuplayer.exe" = TCP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player Komponenta
"(F8B68D6E-3A24-4B31-8261-FB3CA92B5740)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"Upita TCP Korisničke (4E95BA55-EDF5-491D-9059-F11FF353A128) c: \ \ Users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: C: \ Users \ chloe \ appdata \ roaming \ sopcast \ adv \ SOP adver.exe: sopadver.exe
"UDP upit Korisničke (55C79E39-F1AC-45C7-8F99-995A835F089A) c: \ \ Users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: C: \ Users \ chloe \ appdata \ roaming \ sopcast \ adv \ SOP adver.exe: sopadver.exe
"Upita TCP Korisničke (A3EF2380-6740-4FD5-913E-D67F54A54B11) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Glavna Application
"UDP upit Korisničke (E9C164FD-CB41-4D08-9DBA-BDDB929D1C86) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Glavna Application
"Upita TCP Korisničke (C1148110-2D5B-4810-8651-98FBFD3A6751) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"UDP upit Korisničke (F15683E5-A578-47EE-BEB1-4541978254F4) c: \ \ Program Files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Program Files \ Internet Explorer \ iexplore.exe: Internet Explorer
"Upita TCP Korisničke (CCA39E89-B85B-41BA-9A33-CA6DB37579E4) D: \ \ program files \ \ clue.exe" = UDP: d: \ program files \ clue.exe: trag
"UDP upit Korisničke (39F3C83F-DCF0-43B4-B149-19F3630B3078) D: \ \ program files \ \ clue.exe" = TCP: d: \ program files \ clue.exe: trag
"(01834D55-82B5-480D-BEFF-52EDB82BB8B5)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone)
"(90ECB35B-6897-4166-A35A-04BC39978BA9)" = C: \ Program Files \ AVG \ AVG8 \ avgemc.exe: avgemc.exe
"(504F647E-1476-4948-AA42-DC1DF85CA9A8)" = C: \ Program Files \ AVG \ AVG8 \ avgupd.exe: avgupd.exe
"(CC411EBB-9ACA-4217-9994-ABB961E83B3C)" = UDP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (TCP-In)
"(031AA3B5-F93B-4E4B-9ED7-66C6B9FFF3E8)" = TCP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (UDP-In)
"(1D54F818-ABAC-418F-8F39-17EA7664FABE)" = UDP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour
"(3C9FFAF4-40EA-450F-A906-D34D3E2EFA72)" = TCP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour
"(6AC9F5D1-C3AC-4878-8740-8A3E10F857E2)" = UDP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes
"(77045B5E-EC2E-4749-AC23-32130CD39567)" = TCP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes
"(00BE12C0-42CB-4B64-AA07-80A45C05B97C)" = Onemogućene: UDP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008
"(0A529C81-B8E4-4809-A54B-B5141A997A78)" = Onemogućene: TCP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ PublicProfile]
"EnableFirewall" = 0 (0x0)

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ StandardProfile]
"EnableFirewall" = 0 (0x0)

R1 AvgLdx86; AVG Free AVI Loader Driver x86, c: \ Windows \ System32 \ Drivers \ avgldx86.sys [2008-12-24 325128]
R1 AvgTdiX; AVG8 Network preusmjerivač; c: \ Windows \ System32 \ Drivers \ avgtdix.sys [2009-03-11 107272]
R1 ItSDisk; ItSDisk; c: \ Windows \ System32 \ Drivers \ itsdis k.sys [2006-05-16 23496]
R1 PersonalSecureDrive; PersonalSecureDrive; c: \ Windows \ System32 \ Drivers \ psd.sys [2007-01-23 39080]
R2 ASBroker; Logon Session Broker; C: \ Windows \ System32 \ Svchost.exe-k suđenje [2008-08-07 21504]
R2 ASChannel; Lokalni komunikacijski kanal; C: \ Windows \ System32 \ Svchost.exe-k suđenje [2008-08-07 21504]
R2 avg8emc; Free8 AVG E-mail Scanner, c: \ programa ~ 1 \ AVG \ AVG8 \ avgemc.exe [2009-03-11 903960]
R2 avg8wd; AVG Free8 Watchdog, c: \ programa ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2009-03-11 298264]
R2 HDDlife HDD Access usluge; HDDlife HDD Pristup usluzi, c: \ program files \ BinarySense \ HDDlife 3 \ hldasvc.exe [2007-08-09 816376]
R2 SBSDWSCService; SBSD Security Center Service; C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe [2007-07-15 1153368]
R2 StkSSrv; Syntek AVStream USB2.0 Webcam Service; C: \ Windows \ System32 \ StkCSrv.exe [2007-02-07 24576]
R3 AtcL001; NDIS Miniport Driver za Attansic L1 Gigabit Ethernet Controller; c: \ Windows \ System32 \ Drivers \ atl01v32.sy s [2007-03-15 48128]
R3 StkCMini; Syntek AVStream USB2.0 1.3M Webcam, c: \ Windows \ System32 \ Drivers \ StkCMini.sys [2007-02-13 1245056]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Svchost]
bthsvcs REG_MULTI_SZ BthServ
Spoznaja REG_MULTI_SZ ASBroker ASChannel

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ H]
\ shell \ autorun \ naredbu - H: \ LaunchU3.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (1a4a90a1-32d4-11dc-aa3d-001bfc03310e)]
\ shell \ autorun \ naredbu - H: \ LaunchU3.exe
.
Sadržaj je 'Scheduled Tasks' folder

2009/01/11 C: \ Windows \ Tasks \ prevariti Job # 00.job
- C: \ Program Files \ DiskTrix \ UltimateDefrag \ UDefrag.exe []

2009/03/26 C: \ Windows \ Tasks \ GoogleUpdateTaskUserS-1-5-21-3600620296-2450975610-132854369-1000.job
- C: \ Users \ CHLOE \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [2009-03-17 22:06]

2009/03/30 C: \ Windows \ Tasks \ User_Feed_Synchronization-5963E371 (-2796-42F4-9A54-042DA9F406BC). Posao
- C: \ windows \ system32 \ msfeedssync.exe [2008-01-19 08:33]
.
.
------- Supplementary Scan -------
.
Page uStart = hxxp: / / www.google.co.uk/
uInternet Postavke, ProxyOverride = *. lokalne
IE: E & zvezi u Microsoft Excel - C: \ programa ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000
FF - ProfilePath - C: \ Users \ CHLOE \ AppData \ Roaming \ Mozilla \ Firefox \ Pro files \ ppnzryw9.default \
FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? Ctid = CT1178131 & SearchSource = 3 & q =
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp: / / www.google.co.uk/
FF - komponentu: c: \ program files \ AVG \ AVG8 \ Firefox \ components \ avgssff.dll
FF - komponentu: c: \ program files \ AVG \ AVG8 \ ToolbarFF \ components \ vmAVGConnector. Dll
FF - komponentu: c: \ Program Files \ Real \ RealPlayer \ browserrecord \ components \ npr. pbrowserrecordplugin.dll
FF - komponentu: c: \ Users \ CHLOE \ AppData \ Roaming \ Mozilla \ Firefox \ Pro files \ ppnzryw9.default \ ekstenzije \ (463F6CA5-EE3C-4be1-B7E6-7FEE11953374) \ platforma \ WINNT \ components \ FoxyTunes. dll
FF - čep: C: \ Program Files \ Mozilla Firefox \ plugins \ NP-mswmp.dll
FF - čep: c: \ Users \ CHLOE \ AppData \ Local \ Google \ Update \ 1.2.141 .5 \ npGoogleOneClick7.dll
FF - čep: d: \ program files \ Reader \ preglednik \ nppdf32.dll

---- ---- FireFox POLITIKE
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref (general.useragent.extra.zencast, Creative ZENcast v2.00.07.

************************************************** ************************

catchme 0.3.1375 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2009-03-31 17:16:10
Windows 6.0.6001 Service Pack 1 NTFS

skeniranja skrivenih procesa ...

"10ûÿét0ûÿ3ö9sHu [1166747253] 0x75636F44
"10ûÿét0ûÿ3ö9sHu [1166747253] 0x6F6D6D6F
skeniranja skrivenih autostart entries ...

skeniranja skrivenih datoteka ...

scan uspješno završena
skrivenih datoteka: 0

************************************************** ************************
.
--------------------- Loaded DLL datoteke koje Under Running Processes ---------------------

- - - - - - -> 'Lsass.exe "(704)
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ bin \ ASWLNPkg.dll
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ bin \ ItMsg.dll

- - - - - - -> "Explorer.exe" (3304)
C: \ Program Files \ RocketDock \ RocketDock.dll
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ Bin \ SFSShell.dll
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ Bin \ ItMsg.dll
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Windows \ System32 \ audiodg.exe
c: \ windows \ system32 \ ZoneLabs \ vsmon.exe
C: \ Windows \ System32 \ wlanext.exe
C: \ Program Files \ ATK brza tipka \ ASLDRSrv.exe
C: \ Program Files \ ATKGFNEX \ GFNEXSrv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
c: \ programa ~ 1 \ AVG \ AVG8 \ avgrsx.exe
c: \ programa ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ IAANTmon.exe
C: \ Windows \ System32 \ IFXTCS.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Windows \ System32 \ IfxPsdSv.exe
C: \ Windows \ System32 \ PSIService.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ Program Files \ ASUS \ NB provjeru \ SPM \ spmgr.exe
C: \ Program Files \ AVG \ AVG8 \ avgcsrvx.exe
C: \ Program Files \ Security Center ASUS \ ASUS Protect Security Manager \ Bin \ asghost.exe
C: \ Program Files \ ATK brza tipka \ HControl.exe
C: \ Program Files \ ATKOSD2 \ ATKOSD2.exe
C: \ Program Files \ Wireless Console 2 \ wcourier.exe
C: \ Program Files \ ASUS \ Splendid \ ACMON.exe
C: \ Program Files \ P4G \ BatteryLife.exe
C: \ Windows \ System32 \ ACEngSvr.exe
C: \ Program Files \ ATK brza tipka \ ATKOSD.exe
C: \ Windows \ System32 \ IfxUAGUI.exe
C: \ Program Files \ Infineon \ Security Platform Software \ PSDrt.exe
C: \ Program Files \ Infineon \ Security Platform Software \ SpTNA.exe
C: \ Windows \ System32 \ wbem \ WMIADAP.exe
C: \ Windows \ System32 \ dllhost.exe
.
************************************************** ************************
.
Completion time: 2009-03-31 17:23:29 - machine je ponovno podizanje sustava
ComboFix-u karanteni-files.txt 2009-03-31 16:23:16
ComboFix2.txt 2009-03-30 21:16:26

Pre-Run: 39213060096 bytes free
Post-Run: 38632595456 bytes free

Current = 1 Default = 1 Failed = 0 LastKnownGood = 41 Kompleti = 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35, 36,37,38,39,40,41
396 --- EOF --- 2009-03-29 15:30:34

**HistoryGirl** · #10 31. ožujak 2009, 09:48

Što se tiče Norton uklanjanje nikad nisam instalira na sjever ovdje tako zašto je Symantec navedena?

Slične teme
Nit	Temu Započeo	Forum	Odgovori	Zadnji Post
Grafička kartica problem može biti Zaustavljanje Vista Početna normalno.	Jonmal	General Hardware Chat	1	5. studeni 2009 11:21
XP Running Polako, bez Malware ...	mbonwick	Windows Operating Systems	3	24 kolovoz 2009 07:52
Dell Laptop - Trouble Početna Windows - vodi Shutting Off	jazker	Prijenosna računala, Mobiles i PDA uređaji	4	25. ožujak 2009 06:59
Zašto McAfee scan tako sporo?	stevescholes	Virus, Spyware i sigurnost	3	29. prosinac 2008 15:48
Moj Vista Freezes ubrzo nakon starta.	Jyan29	General Hardware Chat	2	30. studeni 2008 16:40