manji kapital -

Magazine
Go Back   Computer soka > Computer Software > Virus, Spyware i sigurnost
Reload this Page

Čudna Registry Fix?

Registracija Mapa Spy Member List Donacije Pretraživanje Today's Posts Označi Sve Forume Kao Pročitane Forum Rules

Register


 Default 

Čudna Registry Fix?




Reply
 
Thread Tools
  #1  
Old 14. studenog 2008, 20:55
Member Group
  
Default Čudna Registry Fix?

Ok tako sam i Spybot search uništiti i Avast AntiVirus,

Nedavno sam bio događaj papira (otvoreni ured, cuz moj MS Office 07 suđenja ran out). I otkrio sam da je moj Explorer delujući gore. [zadatak bar] je reappearing i nestaju, i pripisuje ga otvoriti ured quick start, jer čim bih ga zatvorite, zadatak bi bar nestane i opet se pojavi. I ran Spybot i pronašao neke stvari i sam ubio ga i činilo da će taj problem, ali onda sam dobio neke zbunjujuće izvješća postojao je promjenu registra (to sam morao odobriti) da nisam imao pojma, ne na sve od njih, ja pogledao u njih i oni gdje svi isti, i stavi ga na referendumu odbacili svaki put. i to ide samo zadržao, isto jedan više. u nekom trenutku reporter dobio je tako popunio to morao prekinuti pa ja dont znati ako je to dozvoljeno ili ne. Također sam deinstaliran Open Office, tako da može biti što je bilo. Ali to je vrlo čudno.
  #2  
Old 15. studenog 2008, 04:23
Štetni sadržaj grupe
  
Default Čudna Registry Fix?

Bok

Koji je bio Registry change? Imate li kakvih informacija? Da li koristite Spybot's Tea Timer?
__________________

My System: To je sve moje ...

Procesor (i):
C2D E6750 2.66Ghz
Matične ploče:
Gigabajt P35C-DS3R
RAM memorija:
2 x 1GB gusar DDR2 XMS2 PC26400
Grafička kartica (e):
GeForce 8600GT
Sound Card:
Creative X-Fi
Tvrdi disk (i):
Maxtor 320Gb
Optički pogon (e):
Pioneer DVD-RW
Case / PSU:
Antec 900 / Antec TruPower Trio 650
Hlađenje:
Razne Antec + Zalman 92mm
Network / Internet:
ASUS Router / VirginMedia
Monitor (e):
LGL226WQ 22 "Široki zaslon
Operacijski sustav (e):
XP Pro SP3
  #3  
Old 15. studenog 2008, 10:00
Member Group
  
Default Čudna Registry Fix?

Heresu zapisnik iz špijun bot.

Quote:
11/13/2008 8:54:14 PM odbijen (na temelju korisničkog odluka) vrijednost "113B425F (-07A5-4CD3-A2B1-93D69702F3CD)" (nove podatke: "") dodano u Browser Helper Object!
11/13/2008 8:54:28 PM dozvoljen (na temelju korisničkog odluka) vrijednost "(6FFB535C-6932-407B-8912-BE51CF38F12F)" (nove podatke: "") izbrisano u Browser Helper Object!
11/13/2008 8:54:31 PM dozvoljen (na temelju korisničkog odluka) vrijednost "113B425F (-07A5-4CD3-A2B1-93D69702F3CD)" (nove podatke: "") dodano u Browser Helper Object!
11/13/2008 8:54:33 PM dozvoljen (na temelju authenticode whitelist) vrijednost "Spybot - Search & Destroy" (nove podatke: "" C: \ Program Files \ Spybot - Search & Destroy \ SpybotSD.exe "/ autocheck ") dodano u pokretanju sustava globalnih unos!
11/13/2008 11:03:02 PM dozvoljen (na temelju korisničkog odluka) vrijednost "Spybot - Search & Destroy" (nove podatke: "") izbrisano System Startup u globalnom unos!
11/14/2008 3:16:58 PM dozvoljen (na temelju korisničkog odluka) vrijednost "(3B1ADA04-E3A8-43C4-82E9-3C63307A6F23)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:40:40 PM odbijen (na temelju korisničkog odluka) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:40:44 PM odbijen (na temelju korisničkog odluka) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:40:46 PM odbijen (na temelju korisničkog odluka) vrijednost "(fd0f06cf-8567-46fc-a0f8-a5a99b4f0641)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:40:58 PM dozvoljen (na temelju korisničkog odluka) vrijednost "(06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)" (nove podatke: "") izbrisano u Browser Helper Object!
11/14/2008 4:41:02 PM dozvoljen (na temelju korisničkog odluka) vrijednost "(72853161-30C5-4D22-B7F9-0BBC1D38A37E)" (nove podatke: "") izbrisano u Browser Helper Object!
11/14/2008 4:41:07 PM odbijen (na temelju korisničkog odluka) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:41:09 PM odbijen (na temelju korisničkog crnu) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:41:10 PM odbijen (na temelju korisničkog crnu) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:41:11 PM odbijen (na temelju korisničkog crnu) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:41:13 PM odbijen (na temelju korisničkog crnu) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:41:14 PM odbijen (na temelju korisničkog crnu) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:41:16 PM odbijen (na temelju korisničkog crnu) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:41:17 PM odbijen (na temelju korisničkog crnu) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 4:41:19 PM odbijen (na temelju korisničkog crnu) vrijednost "(772F682F-1AF2-496F-B479-1186F117855A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:24:48 PM dozvoljen (na temelju korisničkog odluka) vrijednost "(CE979544-743A-463D-B22E-05E39CD9F885)" (nove podatke: "") izbrisano u Browser Helper Object!
11/14/2008 8:25:16 PM odbijen (na temelju korisničkog odluka) vrijednost "load" (nove podatke: "") izbrisano u pokretanju NT!
11/14/2008 8:26:41 PM odbijen (na temelju korisničkog odluka) vrijednost "8c7116c0" (nove podatke: "rundll32.exe" C: \ WINDOWS \ system32 \ uqdvrcwj.dll "b") dodano u System Startup global unos!
11/14/2008 8:27:09 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:27:10 PM odbijen (na temelju korisničkog odluka) vrijednost "(fb871f9a-19c8-4ca8-8525-325f0bcadd4f)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:27:12 PM dozvoljen (na temelju korisničkog odluka) vrijednost "(3B1ADA04-E3A8-43C4-82E9-3C63307A6F23)" (nove podatke: "") izbrisano u Browser Helper Object!
11/14/2008 8:27:15 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:27:16 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:27:29 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:27:31 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:27:33 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:27:44 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:28:04 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:28:07 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:28:10 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:28:38 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:29:45 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:29:56 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:29:59 PM odbijen (na temelju korisničkog odluka) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:00 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:01 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:02 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:03 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:04 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:05 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:06 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:07 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:09 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:22 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:36 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:39 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:41 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:42 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:43 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:44 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:45 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:50 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:52 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:53 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:55 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:56 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:57 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:58 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/14/2008 8:30:59 PM odbijen (na temelju korisničkog crnu) vrijednost "(5CE2C2FE-2B2F-4650-96EC-37E61AFBB03A)" (nove podatke: "") dodano u Browser Helper Object!
11/15/2008 9:49:39 AM odbijen (na temelju korisničkog odluka) vrijednost "(b656419b-254a-4087-b98e-d36f66bf813e)" (nove podatke: "") dodano u Browser Helper Object!
11/15/2008 9:49:46 AM odbijen (na temelju korisničkog odluka) vrijednost "8c7116c0" (nove podatke: "rundll32.exe" C: \ WINDOWS \ system32 \ jhnkvojh.dll "b") dodano u System Startup global unos!
Tu je i pop up:

Quote:
PAŽNJA! Ako je vaše računalo od spyware udario, mogli pretrpjeti gubitak podataka, luta PC ponašanja, PC freezes i creahes.

Otkriti i ukloniti viruse prije nego oni štetu Vašem računalu!
Antivirus 2009 izvest će 100% BESPLATNO i brzo skeniranje računala za viruse, Spyware i adware.

Želite li instalirati antivirusni 2009 za skeniranje vašeg računala za štetne sadržaje sada? (Preporučeno)
Popup kaže svojim iz "http://proffesionalscan.com"
Odaberete li ga odjavite se pomiče vas da: "http://proffesionalscan.com/2009/1/en/freescan.php?id=770522154349"

Avast pozivi virus čim je stranica 'loaded "kao" JS: Agent-DE [Trj]

Ja sam jedan Spybot skenirati i Avast boot scan preko noći, a ja ga se ukloniti sve viruse automatski.

Njegova također prikazuje da ja dont imati automatskog ažuriranja. Ali mi je činiti.
  #4  
Old 15. studenog 2008, 12:15
Member Group
  
Default Čudna Registry Fix?

OOPS! Ok dont vas mrze kada post nešto pokušavaju dobiti pomoć, a zatim da zapamtite stari post na drugom forumu? Onda idi i zaštita od zlonamjernih programa Download ugriza i problem riješen?

Pa taj što sam učinio. Bilo je jedan sat i 20 minuta na mojoj 120 gb hd i čini se da imaju fiksne problem.

Oprostite ako sam vas profućkan vrijeme!
  #5  
Old 15. studenog 2008, 12:38
Donatorska Grupa
  
Default Čudna Registry Fix?

To mi zvuči kao te moć ištanje to preuzimanje datoteka i trčanje štetni sadržaji ugriza .............. To će vjerojatno trajati oko sat i dvadeset minuta će se prikazivati na reci 120 GB hard disk ..............

LOL Sorry, nisam mogao odoljeti.

EDIT: The post iznad je pokušaj šaljivost i ne znači ponuditi savjet. Ja ni na koji način ponuditi kvalificiranom savjetovati za bilo problema štetnih sadržaja u ovom trenutku. Ako i dalje imate problema, post ponovo i pričekajte Glaswegian ili Zlo Fantastika odgovoriti.
  #6  
Old 15. studenog 2008, 13:10
Štetni sadržaj grupe
  
Default Čudna Registry Fix?

Bok

Drago mi je da ste bili u mogućnosti koristiti MBAM. Međutim, zlonamjernih programa kao što je ovaj često pozivaju prijatelje da se pridruže u, pa mi ovdje humor i neka je pokrenuti specijalizirani alat to ček za bilo koji ostaci.

Preuzimanje ComboFix iz jedne od tih lokacija:

Link 1
Link 2
Link 3

* VAŽNO! Spremi ComboFix.exe na svoj Desktop
  • Onemogući protuvirusni i protušpijunski aplikacija, obično preko desni klik na programskoj traci ikonu. Oni svibanj drugi način ometati naše alati
  • Dvaput kliknite na ComboFix.exe i slijedite upute.
  • Kao dio je procesa, ComboFix će provjeriti da li je u sustavu Microsoft Windows Recovery Console je instaliran. Kod infekcija kao zlonamjernih programa kao što su oni danas, preporučuje se da na ovo prethodno instaliran na vašem računalu prije nego što bilo koji uklanjanje zlonamjernih programa. To će Vam omogućiti da čizma gore u posebnim recovery / popraviti način koji će nam omogućiti da lakše pomoć svoje računalo, trebali biste imati problema nakon pokussala uklanjanje zlonamjernih programa.
  • Slijedite upute da biste dopustili ComboFix skinuti i instalirati Microsoft Windows Recovery Console, a kad se od vas zatraži, slažem se s End-User License Agreement za instalaciju sustava Microsoft Windows Recovery Console.
** Napomena: Ukoliko je Microsoft Windows Recovery Console je već instaliran, ComboFix nastavit će se procedura za uklanjanje zlonamjernih programa.




Nakon što je Microsoft Windows Recovery Console je instaliran korištenjem ComboFix, trebali biste vidjeti slijedeću poruku:




Kliknite na Da, Da i dalje skeniranje za štetne sadržaje.

Kada završite, ComboFix će proizvoditi dnevnik za vas. Molimo uključite C: \ ComboFix.txt u sljedećem odgovoru.
  #7  
Old 15. studenog 2008, 14:04
Member Group
  
Default Čudna Registry Fix?

Evo ga
Quote:
ComboFix 08-11-13.02 - Ian Bertolacci 2008-11-15 13:55:38.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.609 [GMT -7:00]
Running from: C: \ Documents and Settings \ Ian Bertolacci \ Desktop \ ComboFix.exe
.

Ostali ((((((((((((((((((((((((((((((((((((((( brisanja ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

C: \ Documents and Settings \ All Users \ Application Data \ Microsoft \ Network \ Downloader \ qmgr0.dat
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft \ Network \ Downloader \ qmgr1.dat
C: \ Documents and Settings \ Ian Bertolacci \ Application Data \ Adobe \ crc.dat
C: \ Documents and Settings \ Ian Bertolacci \ Application Data \ Adobe \ Player.exe.bak
c: \ windows \ system32 \ EKUEeMoq.ini
c: \ windows \ system32 \ EKUEeMoq.ini2
c: \ windows \ system32 \ rbpsgkiw.ini
c: \ windows \ system32 \ rrlqulwa.ini
c: \ windows \ system32 \ rwkkhtrh.ini
c: \ windows \ system32 \ setup_.exe
c: \ windows \ system32 \ soympvqw.ini
c: \ windows \ system32 \ StCcJkkj.ini
c: \ windows \ system32 \ StCcJkkj.ini2
c: \ windows \ system32 \ SvuDdMoq.ini
c: \ windows \ system32 \ SvuDdMoq.ini2
c: \ windows \ system32 \ ugxqrkdu.ini
c: \ windows \ system32 \ vmjqhhsb.ini
C: \ Windows \ Tasks \ ttlmcxjl.job

----- BITS: Mogući zaražene web stranice -----

hxxp: / / 78.157.143.163
hxxp: / / bobscash.wewillhostit.com
hxxp: / / childhe.com
.
((((((((((((((((((((((((( Files Created from 2008/10/15 da 2008/11/15 ))))))))))) ))))))))))))))))))))
.

2008-11-15 12:46. 2008-11-15 12:46 <DIR> d -------- C: \ Program Files \ OpenOffice.org 3
2008-11-15 12:46. 2008-11-15 12:46 <DIR> d -------- C: \ Program Files \ JRE
2008-11-15 12:08. 2008-11-15 12:08 <DIR> d -------- C: \ Windows \ system32 \ Catroot2
2008-11-15 10:09. 2008-11-15 10:09 <DIR> d -------- C: \ Program Files \ Malwarebytes' Anti-zaštita od zlonamjernih programa
2008-11-15 10:09. 2008-11-15 10:09 <DIR> d -------- C: \ Documents and Settings \ Ian Bertolacci \ Application Data \ Malwarebytes
2008-11-15 10:09. 2008-11-15 10:09 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-15 10:09. 2008-10-22 16:10 38.496 - a ------ C: \ Windows \ System32 \ Drivers \ mbamswissarmy.sys
2008-11-15 10:09. 2008-10-22 16:10 15.504 - a ------ C: \ Windows \ System32 \ Drivers \ mbam.sys
2008-11-13 22:55. 2008-11-13 22:55 95 - a ------ C: \ Windows \ wininit.ini
2008-11-13 19:26. 2008-11-13 19:26 <DIR> d -------- C: \ Documents and Settings \ Ian Bertolacci \ Application Data \ OpenOffice.org
2008-11-13 15:46. 2008-11-13 15:46 <DIR> d -------- C: \ Documents and Settings \ Ian Bertolacci \ Application Data \ IObit
2008-11-13 15:29. 2008-11-13 15:29 <DIR> d -------- C: \ Program Files \ IObit
2008-11-13 15:28. 2008-11-13 15:32 <DIR> d -------- C: \ Documents and Settings \ Ian Bertolacci \ Application Data \ Sammsoft
2008-11-12 20:04. 2008-11-12 21:03 <DIR> d -------- C: \ Program Files \ Common Files \ Mećava Zabava
2008-11-11 18:03. 2008-11-11 18:03 60.240 - ah ----- C: \ Windows \ system32 \ mlfcache.dat
2008-11-11 15:12. 2008-11-11 15:12 <DIR> d -------- C: \ Program Files \ MSXML 4.0
2008-11-11 15:09. 2008-10-24 04:21 455.296 ----- --- c c: \ windows \ system32 \ dllcache \ mrxsmb.sys
2008-11-11 15:08. 2008-09-04 10:15 1.106.944 ----- --- c c: \ windows \ system32 \ dllcache \ msxml3.dll
2008-11-09 10:47. 2008-11-09 10:48 <DIR> d -------- C: \ Windows \ system32 \ NtmsData
2008-11-07 07:17. 2008-11-07 07:17 <DIR> d -------- C: \ MicroProse
2008-11-04 21:14. 2008-11-04 21:19 115.771 - a ------ C: \ Windows \ system32 \ Air
2008-11-04 17:35. 2008-11-04 17:35 <DIR> d -------- C: \ Program Files \ demon Alati Toolbar
2008-11-04 17:34. 2008-11-04 17:35 <DIR> d -------- C: \ Program Files \ demon Tools Lite
2008-11-04 17:25. 2008-11-04 17:46 78 - a ------ C: \ Windows \ t biti smješten
2008-11-04 05:58. 2008-11-04 05:58 <DIR> d -------- C: \ Program Files \ Recuva
2008-11-04 05:44. 2008-11-04 17:21 <DIR> d -------- C: \ Program Files \ Defraggler
2008-10-31 05:44. 2007-09-18 15:24 676.224 - a ------ C: \ Windows \ system32 \ OGACheckControl.dll
2008-10-30 21:31. 2008-10-30 21:31 <DIR> d -------- C: \ Windows \ Kreativnost za produženje Autodesk 3ds Max 2009
2008-10-29 19:35. 2006-10-26 18:56 32.592 - a ------ C: \ Windows \ system32 \ msonpmon.dll
2008-10-29 19:29. 2008-10-29 19:29 <DIR> d -------- C: \ Program Files \ Microsoft Works
2008-10-29 19:18. 2008-10-29 19:18 <DIR> d -------- C: \ Program Files \ Microsoft Visual Studio 8
2008-10-28 19:17. 2008-11-10 18:41 <DIR> d -------- C: \ Program Files \ Yahoo!
2008-10-23 14:23. 2008-10-15 09:34 337.408 ----- --- c c: \ windows \ system32 \ dllcache \ netapi32.dll
2008-10-22 06:00. 2008-10-24 10:44 <DIR> d -------- C: \ GTK
2008-10-19 14:37. 2008-10-19 14:37 <DIR> d -------- C: \ ProgramData
2008-10-19 14:36. 2008-10-19 14:48 2.994 - a ------ C: \ Windows \ system32 \ ealregsnapshot1.reg
2008-10-18 20:00. 2004-03-29 15:23 90.112 - a ------ C: \ Windows \ unvise32.exe
2008-10-18 19:58. 2008-10-18 19:59 <DIR> d -------- C: \ Program Files \ The Rosetta Stone
2008-10-18 19:51. 2008-10-18 19:51 <DIR> d -------- C: \ Program Files \ uTorrent SpeedUp Pro
2008-10-16 18:54. 2008-10-16 18:54 <DIR> d -------- C: \ Program Files \ EA Games
2008-10-16 18:35. 2008-04-13 11:47 25.856 - a ------ C: \ Windows \ System32 \ Drivers \ usbprint.sys
2008-10-16 18:35. 2008-04-13 11:47 25.856 - A - C --- c: \ windows \ system32 \ dllcache \ usbprint.sys
2008-10-16 18:34. 2008-04-13 11:45 15.104 - a ------ C: \ Windows \ System32 \ Drivers \ usbscan.sys
2008-10-16 18:34. 2008-04-13 11:45 15.104 - A - C --- c: \ windows \ system32 \ dllcache \ usbscan.sys
2008-10-16 18:28. 2008-10-16 18:28 <DIR> d - h ----- C: \ Windows \ system32 \ CanonIJ Uninstaller Informacije
2008-10-16 18:28. 2008-10-16 18:28 <DIR> d - h ----- C: \ Program Files \ CanonBJ
2008-10-16 18:28. 2008-10-16 18:28 <DIR> d - h ----- C: \ Documents and Settings \ All Users \ Application Data \ CanonBJ
2008-10-16 18:28. 2006-09-13 13:00 197.632 - a ------ C: \ Windows \ system32 \ CNMLM7R.DLL
2008-10-16 18:28. 2006-09-26 17:08 194.560 - a ------ C: \ Windows \ system32 \ CNCC530.DLL
2008-10-16 18:28. 2005-11-01 19:17 143.360 - a ------ C: \ Windows \ system32 \ CNCL530.DLL
2008-10-16 18:28. 2006-09-29 22:28 130.048 - a ------ C: \ Windows \ system32 \ CNCF2La.DLL
2008-10-16 18:28. 2006-06-29 22:29 106.496 - a ------ C: \ Windows \ system32 \ cncisco.dll
2008-10-16 18:28. 2006-09-29 22:28 49.152 - a ------ C: \ Windows \ system32 \ CNCFMSa.EXE
2008-10-16 18:28. 2006-09-13 19:49 37.888 - a ------ C: \ Windows \ system32 \ CNCI530.DLL
2008-10-16 18:28. 2006-09-29 22:28 3.072 - a ------ C: \ Windows \ system32 \ CNCFLaUS.DLL
2008-10-16 18:28. 2006-09-29 22:28 2.560 - a ------ C: \ Windows \ system32 \ CNCFLaJP.DLL
2008-10-16 15:52. 2008-10-17 21:07 <DIR> d -------- C: \ Program Files \ All Emulators
2008-10-15 19:00. 2008-09-08 03:41 333.824 ----- --- c c: \ windows \ system32 \ dllcache \ srv.sys
2008-10-15 18:57. 2008-08-14 03:11 2.189.184 ----- --- c c: \ windows \ system32 \ dllcache \ ntoskrnl.exe
2008-10-15 18:57. 2008-08-14 03:09 2.145.280 ----- --- c c: \ windows \ system32 \ dllcache \ Ntkrnlmp.exe
2008-10-15 18:57. 2008-08-14 02:33 2.066.048 ----- --- c c: \ windows \ system32 \ dllcache \ Ntkrnlpa.exe
2008-10-15 18:57. 2008-08-14 02:33 2.023.936 ----- --- c c: \ windows \ system32 \ dllcache \ Ntkrpamp.exe
2008-10-15 18:57. 2008-09-15 05:12 1.846.400 ----- --- c c: \ windows \ system32 \ dllcache \ Win32k.sys
2008-10-15 13:03. 2008-11-06 15:55 <DIR> d -------- C: \ Program Files \ Wavosaur

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-15 19:59 --------- d ----- wc: \ Program Files \ Mozilla Thunderbird
2008-11-15 19:49 --------- d --- AW c: \ Documents and Settings \ All Users \ Application Data \ Temp
2008-11-15 02:32 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Google Updater
2008-11-14 04:05 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Spybot - Search & Destroy
2008-11-14 02:01 --------- d ----- wc: \ Documents and Settings \ Ian Bertolacci \ Application Data \ uTorrent
2008-11-14 01:45 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Microsoft Pomoć
2008-11-13 04:31 --------- d ----- wc: \ Program Files \ Maxis
2008-11-11 04:22 --------- d - h - wc: \ Program Files \ InstallShield Installation Information
2008-11-11 04:17 --------- d ----- wc: \ Program Files \ MySpace
2008-11-11 01:42 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Skype
2008-11-11 01:41 --------- d ----- wc: \ Program Files \ YafRay
2008-11-09 17:58 --------- d ----- wc: \ Program Files \ MagicDisc
2008-11-08 22:18 --------- d ----- wc: \ Program Files \ Common Files \ Autodesk Shared
2008-11-08 22:18 --------- d ----- wc: \ Program Files \ Autodesk
2008-11-08 22:18 --------- d ----- wc: \ Documents and Settings \ Ian Bertolacci \ Application Data \ Autodesk
2008-11-08 17:59 --------- d ----- wc: \ Program Files \ Microsoft Games
2008-11-08 01:22 --------- d ----- wc: \ Program Files \ Common Files \ Adobe
2008-11-05 04:11 --------- d ----- wc: \ Program Files \ Bonjour
2008-11-04 04:28 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Autodesk
2008-10-30 02:29 --------- d ----- wc: \ Program Files \ MSBuild
2008-10-29 04:10 --------- d ----- wc: \ Program Files \ Gmax
2008-10-24 11:21 455.296 AW ---- C: \ Windows \ System32 \ Drivers \ mrxsmb.sys
2008-10-22 02:31 --------- d ----- wc: \ Documents and Settings \ Ian Bertolacci \ Application Data \ IcoFX
2008-10-20 21:40 --------- d ----- wc: \ Program Files \ Microsoft Silverlight
2008-10-15 17:54 --------- d ----- wc: \ Program Files \ FlightGear
2008-10-14 23:33 --------- d ----- wc: \ Program Files \ Spybot - Search & Destroy
2008-10-14 23:31 --------- d ----- wc: \ Program Files \ CCleaner
2008-10-14 22:17 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ NexonUS
2008-10-10 03:24 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ doba carstva 3
2008-10-09 22:56 --------- d ----- wc: \ Program Files \ Crvena Oluja Zabava
2008-10-08 03:11 --------- d ----- wc: \ Program Files \ Phun
2008-10-06 04:28 --------- d ----- wc: \ Program Files \ Abacus
2008-10-06 01:26 107.888 AW ---- c: \ windows \ system32 \ CmdLineExt.dll
2008-10-06 01:26 --------- d - h - rc: \ Documents and Settings \ Ian Bertolacci \ Application Data \ SecuROM
2008-10-05 17:22 --------- d ----- wc: \ Program Files \ MagicISO
2008-10-05 15:08 --------- d ----- wc: \ Program Files \ uTorrent
2008-10-04 01:10 --------- d ----- wc: \ Program Files \ GameSpy Arcade
2008-10-03 23:53 --------- d ----- wc: \ Program Files \ iTunes
2008-10-03 23:53 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-10-03 23:52 --------- d ----- wc: \ Program Files \ iPod
2008-10-02 23:43 62.208-c - AW c: \ windows \ iun1401.exe
2008-10-02 23:43 1.409-c - AW c: \ windows \ Fontovi \ MAIDWORD.fot
2008-09-30 23:43 1.286.152 ---- AW c: \ windows \ system32 \ msxml4.dll
2008-09-23 02:32 --------- d ----- wc: \ Program Files \ pecati
2008-09-23 02:32 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ SpeedBit
2008-09-21 21:53 --------- d ----- wc: \ Documents and Settings \ Ian Bertolacci \ Application Data \ U3
2008-09-21 16:57 118.784-c - AW c: \ windows \ GREUninstall.exe
2008-09-20 14:35 --------- d ----- wc: \ Documents and Settings \ Ian Bertolacci \ Application Data \ NCH Swift Sound
2008-09-19 22:00 --------- d ----- wc: \ Program Files \ TI Obrazovanje
2008-09-15 12:12 1.846.400 ---- AW c: \ windows \ system32 \ Win32k.sys
2008-09-10 01:14 1.307.648 ---- AW c: \ windows \ system32 \ msxml6.dll
2008-09-04 17:15 1.106.944 ---- AW c: \ windows \ system32 \ msxml3.dll
2008-08-31 20:46 24-c - AW c: \ Documents and Settings \ Ian Bertolacci \ jagex_runescape_preferences.dat
2008-08-29 16:18 87.336 ---- AW c: \ windows \ system32 \ DNS-sd.exe
2008-08-29 15:53 61.440 ---- AW c: \ windows \ system32 \ dnssd.dll
2008-08-20 05:30 666.112 AW ---- c: \ windows \ system32 \ Wininet.dll
2008-08-16 15:55 86.016 ---- AW c: \ windows \ system32 \ OpenAL32.dll
2008-08-16 15:55 262.144 AW ---- c: \ windows \ system32 \ wrap_oal.dll
2008-01-07 00:43 32-c - AW c: \ Documents and Settings \ All Users \ Application Data \ ezsid.dat
2008-01-03 19:58 90 - sh - WC: \ windows \ cnerolf.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & čitljiv default unose se ne prikazuju
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks]
"(F4F10C1D-87C7-404A-B4B3-000000000000)" = "c: \ programa ~ 1 \ pecati \ SBSearch.dll" [2008-02-26 32768]

[HKEY_CLASSES_ROOT \ CLSID \ (f4f10c1d-404a-87c7-b4b3-000000000000)]
[HKEY_CLASSES_ROOT \ SearchHook.SrchHook.1]
[HKEY_CLASSES_ROOT \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6)]
[HKEY_CLASSES_ROOT \ SearchHook.SrchHook]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"SpybotSD TeaTimer" = "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe" [2008-01-28 2097488]
"Ctfmon.exe" = "c: \ windows \ system32 \ Ctfmon.exe" [2008-04-13 15360]
"Start WingMan Profiler" = "C: \ Program Files \ Logitech \ Profiler \ lwemon.exe" [2004-04-23 77824]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"QT4HPOT" = "C: \ Program Files \ HPQ \ One-Touch \ OneTouch.EXE" [2003-01-30 106496]
"SynTPLpr" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPLpr.exe" [2003-05-22 110592]
"SynTPEnh" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe" [2003-05-22 610304]
"ATIPTA" = "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe" [2003-06-25 335872]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784]
"TkBellExe" = "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe" [2008-06-09 185896]
"avast!" = "c: \ programa ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp. exe" [2008-07-19 78008]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
"GrooveMonitor" = "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe" [2007-08-24 33648]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" [2008-10-15 39792]
"CARPService" = "carpserv.exe" [2003/11/08 c: \ windows \ system32 \ carpserv.exe]
"ATIModeChange" = "Ati2mdxx.exe" [2001/09/04 c: \ windows \ system32 \ Ati2mdxx.exe]
"BluetoothAuthenticationAgent" = "bthprops.cpl" [2008/04/13 c: \ windows \ system32 \ bthprops.cpl]

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
MagicDisc.lnk - C: \ Program Files \ MagicDisc \ MagicDisc.exe [2008-10-06 575488]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ windows]
"AppInit_DLLs" = zwfgxk.dll liofyh.dll llkdbr.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"MSVideo" = CSvidcap.dll

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"c: \ \ Program Files \ \ Microsoft Games \ \ Halo \ \ halo.exe" =
"c: \ \ Program Files \ \ Microsoft Games \ \ Flight Simulator 9 \ \ fs9.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ dpnsvr.exe" =
"c: \ \ Program Files \ \ pecati \ \ DAP.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ ftp.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ dplaysvr.exe" =
"c: \ \ Program Files \ \ GameSpy Arcade \ \ Aphex.exe" =
"c: \ \ Program Files \ \ Microsoft Games \ \ Programs \ \ FSHost \ \ FSHost32.exe" =
"c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ dpvsetup.exe" =
"c: \ \ Program Files \ \ Microsoft Games \ \ Combat Flight Simulator 3 \ \ cfs3.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"c: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" =
"c: \ \ Program Files \ \ Autodesk \ \ Backburner \ \ monitor.exe" =
"c: \ \ Program Files \ \ Autodesk \ \ Backburner \ \ manager.exe" =
"c: \ \ Program Files \ \ Autodesk \ \ Backburner \ \ server.exe" =
"c: \ \ Program Files \ \ Autodesk \ \ 3ds Max 2009 \ \ 3dsmax.exe" =
"c: \ \ Documents and Settings \ \ All Users \ \ Application Data \ \ NexonUS \ \ NGM \ \ NGM.exe" =
"c: \ \ Program Files \ \ Microsoft Games \ \ Halo Custom Edition \ \ haloce.exe" =
"c: \ \ Program Files \ \ EA Games \ \ potrebu za Speed Hot Pursuit 2 \ \ NfsHP2.ori" =
"c: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ OUTLOOK.EXE" =
"c: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ GROOVE.EXE" =
"c: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ ONENOTE.EXE" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"19708: TCP" = 19708: TCP: Utorrent

R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-09 78416]
R2 aswFsBlk; aswFsBlk; c: \ Windows \ System32 \ Drivers \ aswF sBlk.sys [2008-07-09 20560]
R2 mi-raysat_3dsMax2009_32; mentalnog ray 3,6 Satelitski za Autodesk 3ds Max 2009 32-bit 32-bit; "C: \ Program Files \ Autodesk \ 3ds Max 2009 \ mentalray \ satellite \ raysat_3dsMax2009_32serve r.exe" [2008-03-09 65536 ]
R3 CALIAUD; Conexant AMC 3D ENVIRONMENTAL AUDIO, c: \ windows \ system32 \ drivers \ caliaud.sys [2008-01-02 291328]
R3 CALIHALA; CALIHALA; c: \ windows \ system32 \ drivers \ Cali hal.sys [2008-01-02 244608]
R3 FA312; NETGEAR Fast Ethernet adapter FA330/FA312/FA311 Driver, c: \ Windows \ System32 \ Drivers \ FA312nd5.sys [2008-01-02 16074]
R3 WPC54Gv3; Linksys Wireless Notebook Adapter WPC54Gv3 Vozač; c: \ Windows \ System32 \ Drivers \ WPC54Gv3.SYS [2006-11-30 610816]
S3 CBTNDIS5; CBTNDIS5 NDIS Driver Protocol; \? \ C: \ Windows \ System32 \ CBTNDIS5.SYS [2008-01-02 17142]
S3 odysseyIM4; Odyssey Network Agent Miniport; c: \ Windows \ System32 \ Drivers \ odysseyIM4.sy s [2005-05-18 173056]
S3 TiglUsb; TiglUsb.sys TI-graf / izravnu vezu USB driver, c: \ Windows \ System32 \ Drivers \ TiglUsb.sys []
S4 hpt3xx; hpt3xx; []

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (d5cd27ee-877c-11dd-90f8-0018f8b3f09c)]
\ Shell \ autorun \ naredbu - E: \ LaunchU3.exe-a

* Nedavno Created Service * - CATCHME
* Nedavno Created Service * - PROCEXP90
* Nedavno Created Service * - WUAUSERV
.
Sadržaj je 'Scheduled Tasks' folder

2008/11/07 C: \ Windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]

2008/11/09 C: \ Windows \ Tasks \ Defraggler Volume C Task.job
- C: \ Program Files \ Defraggler \ df.exe [2008-10-29 07:13]
.
- - - - Orphans Odstranjena - - - --

BHO-(0FE1A32E-47E6-42CA-AA24-B64CD9262E15) - (no file)
BHO-113B425F (-07A5-4CD3-A2B1-93D69702F3CD) - (no file)
BHO-(5282CECF-B3F2-409F-BB2A-C699CAE31F83) - (no file)
BHO-(9060A69F-4E99-95E6-838D-9B895E1445AF) - (no file)
BHO-(C43C06F4-B665-46D2-8A16-03773B144F6C) - c: \ windows \ system32 \ qoMeEUKE.dll
BHO-(F701BE8D-4EB3-426A-8675-F235D88A5A86) - (no file)
Obavijesti-pmnnLBtr - pmnnLBtr.dll


.
------- Supplementary Scan -------
.
FireFox -: Profil - C: \ Documents and Settings \ Ian Bertolacci \ Application Data \ Mozilla \ Firefox \ Profiles \ 8ku76zxa.default \
FF -: plugin - C: \ Documents and Settings \ All Users \ Application Data \ NexonUS \ NGM \ npNxGameUS.dll
FF -: plugin - C: \ Program Files \ Google \ Google Updater \ 2.4.1368.5602 \ npCIDetect13.dll
FF -: plugin - C: \ Program Files \ iTunes \ Mozilla Plugins \ npitunes.dll
FF -: plugin - C: \ Program Files \ Microsoft Silverlight \ 2.0.31005.0 \ npctrl.1.0.30716.0.dll
FF -: plugin - C: \ Program Files \ Microsoft Silverlight \ 2.0.31005.0 \ npctrl.dll
FF -: plugin - C: \ Program Files \ Yahoo! \ Common \ npyaxmpb.dll
FF -: plugin - C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.5 \ Windows Presentation Foundation \ NPWPF.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2008-11-15 13:59:08
5/1/2600 Windows Service Pack 3 NTFS

skeniranja skrivenih procesa ...

skeniranja skrivenih autostart entries ...

skeniranja skrivenih datoteka ...

scan uspješno završena
skrivenih datoteka: 0

************************************************** ************************
.
Completion time: 2008-11-15 14:01:13
ComboFix-u karanteni-files.txt 2008-11-15 21:00:50

Pre-Run: 43771293696 bytes free
Post-Run: 43973505024 bytes free

282 --- EOF --- 2008-11-11 22:21:06
  #8  
Old 16. studenog 2008, 14:01
Štetni sadržaj grupe
  
Default Čudna Registry Fix?

Bok ponovo

Kao što možete vidjeti iz prve sekcije zapisnik, postoji nekoliko stvari koje su još preostali na vaš sustav.

Molimo vas da pažljivo pročitate ove upute, a zatim ispisati ili kopirati ovu stranicu da biste je Notepad kako bi vam pomoći pri provođenju popraviti. Ne biste trebali imati otvoren internet preglednicima ili žive veze kada ste sljedeće postupke u nastavku.


Combofix
  • Zatvori bilo koji otvoreni preglednicima.
  • Otvoriti Notepad i copy / paste tekst u okvir ispod u nju:
Code:
  Folder:
  C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
   
  DirLook:
  c: \ windows \ t biti smješten
  C: \ ProgramData
   
  Registra:
  [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows] "AppInit_DLLs" =-
Gledajući sliku ispod kao primjer



Spremi kao CFScript.txt, Na istom mjestu kao ComboFix.exe




Osvrchuchi se na slici gore, povucite CFScript na ComboFix.exe.

Kada završite, on će proizvesti prijava za Vas "C: \ ComboFix.txt"

Ne mouseclick combofix's prozor dok je pokrenut. Ovaj svibanj uzrokovati da se zatajiti.

OPREZ! Bilo tko drukčije misli koristeći gore original to čini na vlastitu odgovornost - vi svibanj kraj gore što nećete morati ponovo instalirati sustav Windows?


Molimo, prijavite se post C: \ ComboFix.txt za daljnje razmatranje.
Reply

Register

Bookmarks

Slične teme
Nit Temu Započeo Forum Odgovori Zadnji Post
Registry Editor. Sigurnosna kopija potrebna. Promijenjen Fontovi u Registry pete21 Windows Operating Systems 7 15. ožujak 2009 13:32
Registry čistiju? Mooseknuckle Općenito Software Chat 12 31. ožujak 2008 12:44
Znate svoj Matični? Rob8UrChips Općenito Software Chat 1 8. listopad 2007 14:21
Čistači Registry DC31 Virus, Spyware i sigurnost 11 13. srpnja 2007 06:26
XP Registry DrWatson Općenito Software Chat 7 4. travanj 2007 11:29
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer soka.
Kontakt -- Privatnost -- Sitemap -- Vrh

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by vBSEO © 2009, Crawlability, Inc