Imao sam skoro problem, jer kad kucam desava mi se da se komp na sekundu ukoci i onda ispise ono sto sam otkucao ali unazad... Isto se desavalo i cimeru, on i dalje ima problema... Ako mozete da mi pregledate ove logfilove i kazete sta da radim da bi komp radio kako treba'. Hvala unapred!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:26:54 AM, on 6/12/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
D:\instalacije\instalacijeBosko\blabla.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6B76796-52C0-4213-9EE7-9926577899D9}: NameServer = 172.16.0.35
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3BFD0A0-99D1-4F08-89C2-161DCB136187}: NameServer = 62.240.12.1 62.240.12.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 5074 bytes
I kad pokrenem Combofix imam sledeci izlazni file:
ComboFix 10-06-10.06 - Ana Djurdjevic 06/12/2010 4:14.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1015.657 [GMT 2:00]
Running from: c:\documents and settings\Ana Djurdjevic\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
C:\twhvna.exe
C:\Win
c:\win\lsass.exe
c:\win\names.txt
c:\windows\system32\oem18.inf
D:\Autorun.inf
D:\rfg.exe
D:\twhvna.exe
D:\yqq8eqil.exe
.
((((((((((((((((((((((((( Files Created from 2010-05-12 to 2010-06-12 )))))))))))))))))))))))))))))))
.
2010-06-12 00:34 . 2010-06-12 00:34 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Local Settings\Application Data\ESET
2010-06-12 00:33 . 2010-06-12 00:33 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-06-11 23:40 . 2010-06-11 23:40 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-11 23:40 . 2010-06-12 00:09 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\DAEMON Tools Lite
2010-06-11 23:39 . 2010-06-11 23:40 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-06-11 19:20 . 2001-08-17 20:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-06-11 19:20 . 2004-08-03 22:56 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-06-11 19:20 . 2004-08-03 20:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-06-11 19:20 . 2004-08-03 20:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-06-10 16:52 . 2010-06-10 16:52 -------- d-----w- c:\windows\Sun
2010-06-10 16:50 . 2010-06-10 16:50 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Local Settings\Application Data\Macromedia
2010-06-10 09:39 . 2010-06-10 09:39 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-06-08 22:30 . 2010-06-08 22:30 -------- d-----w- c:\program files\bfgclient
2010-06-08 22:29 . 2010-06-08 22:30 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2010-06-08 22:29 . 2010-06-08 22:30 3085800 ----a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\Unpack\bfgsetup_s1_l1.exe
2010-06-08 17:31 . 2010-06-08 17:31 -------- d-----w- c:\program files\DX-Ball
2010-06-07 11:39 . 2010-06-07 11:39 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Local Settings\Application Data\Google
2010-06-07 11:39 . 2010-06-07 14:08 -------- d-----w- c:\program files\Google
2010-06-06 12:19 . 2010-06-06 12:19 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\Panda Security
2010-06-06 12:18 . 2010-06-06 12:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2010-05-31 19:28 . 2010-05-31 19:29 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Local Settings\Application Data\Adobe
2010-05-31 02:28 . 2010-05-31 02:28 4096 ----a-w- c:\windows\d3dx.dat
2010-05-31 02:28 . 2010-05-31 21:54 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\Wildfire
2010-05-31 02:27 . 2010-05-31 02:27 -------- d-----w- c:\program files\Tumblebugs 2
2010-05-29 17:35 . 2004-08-03 21:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-05-29 01:02 . 2010-05-29 01:02 -------- d-----w- c:\windows\ServicePackFiles
2010-05-29 01:01 . 2004-08-03 22:56 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-05-28 18:38 . 2010-05-28 18:38 -------- d-----w- c:\documents and settings\Ana Djurdjevic\.netbeans-derby
2010-05-28 18:37 . 2010-05-28 18:37 -------- d-----w- c:\documents and settings\Ana Djurdjevic\.netbeans
2010-05-28 18:30 . 2010-05-28 18:30 -------- d-----w- c:\program files\AVG
2010-05-28 17:59 . 2010-05-28 17:59 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\DivX
2010-05-28 12:31 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-05-28 12:31 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-05-28 12:27 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-05-28 12:26 . 2010-02-16 13:17 2137088 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-05-28 12:26 . 2010-02-16 13:19 2181376 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-05-28 12:26 . 2010-02-16 12:39 2016768 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-05-28 12:26 . 2010-02-16 12:39 2058368 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-05-28 02:44 . 2010-06-09 01:03 -------- d--h--w- c:\windows\$hf_mig$
2010-05-27 22:05 . 2010-05-27 22:05 503808 ----a-w- c:\documents and settings\Ana Djurdjevic\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7ed0d6fb-n\msvcp71.dll
2010-05-27 22:05 . 2010-05-27 22:05 499712 ----a-w- c:\documents and settings\Ana Djurdjevic\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7ed0d6fb-n\jmc.dll
2010-05-27 22:05 . 2010-05-27 22:05 348160 ----a-w- c:\documents and settings\Ana Djurdjevic\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7ed0d6fb-n\msvcr71.dll
2010-05-27 22:05 . 2010-05-27 22:05 61440 ----a-w- c:\documents and settings\Ana Djurdjevic\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-19dc4665-n\decora-sse.dll
2010-05-27 22:05 . 2010-05-27 22:05 12800 ----a-w- c:\documents and settings\Ana Djurdjevic\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-19dc4665-n\decora-d3d.dll
2010-05-27 22:04 . 2010-05-27 22:04 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-27 21:40 . 2006-12-13 12:51 69120 ------w- c:\windows\system32\agrsmdel.exe
2010-05-27 21:40 . 2010-05-27 21:40 -------- d-----w- c:\windows\Options
2010-05-27 21:40 . 2010-05-27 21:40 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\Hewlett Packard
2010-05-27 21:37 . 2010-05-27 21:37 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-05-27 21:30 . 2010-05-27 21:30 -------- d-----w- c:\windows\system32\QuickTime
2010-05-27 21:28 . 2010-05-27 21:30 -------- d-----w- c:\program files\Macromedia
2010-05-27 21:28 . 2010-05-27 21:29 -------- d-----w- c:\program files\Common Files\Macromedia
2010-05-27 21:27 . 2010-05-27 21:29 -------- d-----w- c:\windows\Downloaded Installations
2010-05-27 21:26 . 2010-05-27 21:26 -------- d-----w- c:\program files\uTorrent
2010-05-27 21:26 . 2010-06-11 22:09 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\uTorrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-12 00:19 . 2010-05-27 20:15 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-30 22:48 . 2010-05-27 20:51 -------- d-----w- c:\program files\glassfish-v2ur1
2010-05-28 21:44 . 2010-05-27 19:14 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-28 18:38 . 2010-05-27 20:49 -------- d-----w- c:\program files\NetBeans 6.0.1
2010-05-28 00:52 . 2010-05-27 19:46 68456 ----a-w- c:\documents and settings\Ana Djurdjevic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-27 22:06 . 2010-05-27 20:47 -------- d-----w- c:\program files\Common Files\Java
2010-05-27 22:04 . 2010-05-27 20:47 -------- d-----w- c:\program files\Java
2010-05-27 21:27 . 2010-05-27 19:32 -------- d-----w- c:\program files\Common Files\InstallShield
2010-05-27 20:52 . 2010-05-27 20:52 -------- d-----w- c:\program files\Apache Software Foundation
2010-05-27 20:45 . 2010-05-27 20:45 -------- d-----w- c:\program files\Ahead
2010-05-27 20:45 . 2010-05-27 20:45 -------- d-----w- c:\program files\Common Files\Ahead
2010-05-27 20:41 . 2010-05-27 20:41 0 ----a-w- c:\windows\nsreg.dat
2010-05-27 20:35 . 2010-05-27 20:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-05-27 20:35 . 2010-05-27 20:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-05-27 20:33 . 2010-05-27 20:33 -------- d-----w- c:\program files\Microsoft Works
2010-05-27 20:33 . 2010-05-27 20:33 -------- d-----w- c:\program files\MSBuild
2010-05-27 20:31 . 2010-05-27 20:31 -------- d-----w- c:\program files\Microsoft.NET
2010-05-27 20:29 . 2010-05-27 20:29 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-05-27 20:14 . 2010-05-27 20:14 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\ACD Systems
2010-05-27 20:14 . 2010-05-27 20:14 -------- d-----w- c:\program files\Yahoo!
2010-05-27 20:14 . 2010-05-27 20:14 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-05-27 20:14 . 2010-05-27 20:14 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2010-05-27 20:14 . 2010-05-27 20:14 -------- d-----w- c:\program files\ACD Systems
2010-05-27 20:12 . 2010-05-27 20:12 -------- d-----w- c:\program files\DivX
2010-05-27 20:12 . 2010-05-27 20:12 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-05-27 20:12 . 2010-05-27 20:10 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\Winamp
2010-05-27 20:10 . 2010-05-27 20:10 -------- d-----w- c:\program files\Winamp
2010-05-27 20:10 . 2010-05-27 20:10 -------- d-----w- c:\program files\Winamp Detect
2010-05-27 20:05 . 2010-05-27 20:05 -------- d-----w- c:\program files\Webteh
2010-05-27 19:53 . 2010-05-27 19:53 -------- d-----w- c:\program files\Analog Devices
2010-05-27 19:53 . 2010-05-27 19:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-27 19:51 . 2010-05-27 19:51 -------- d-----w- c:\program files\Broadcom
2010-05-27 19:51 . 2010-05-27 19:51 87328 ----a-w- c:\windows\system32\bcmwlcoi.dll
2010-05-27 19:51 . 2010-05-27 19:51 1123328 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS
2010-05-27 19:47 . 2010-05-27 19:42 -------- d-----w- c:\program files\Hewlett-Packard
2010-05-27 19:45 . 2010-05-27 19:45 -------- d-----w- c:\program files\WIDCOMM
2010-05-27 19:43 . 2010-05-27 19:43 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2010-05-27 19:43 . 2010-05-27 19:43 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-05-27 19:42 . 2010-05-27 19:42 -------- d-----w- c:\documents and settings\Ana Djurdjevic\Application Data\InstallShield
2010-05-27 19:32 . 2010-05-27 19:32 -------- d-----w- c:\program files\Synaptics
2010-05-27 19:15 . 2010-05-27 19:15 -------- d-----w- c:\program files\microsoft frontpage
2010-05-27 19:11 . 2010-05-27 19:11 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-05-02 05:56 . 2004-08-03 21:17 1850880 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:51 . 2004-08-03 22:56 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-16 15:36 . 2004-08-03 22:56 662016 ----a-w- c:\windows\system32\wininet.dll
2010-04-16 15:36 . 2004-08-03 22:56 81920 ----a-w- c:\windows\system32\ieencode.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-24 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-24 137752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-12 581693]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre1.6.0\\bin\\java.exe"=
"c:\\Program Files\\Java\\jdk1.6.0\\bin\\java.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jdk1.6.0\\jre\\bin\\java.exe"=
"d:\\instalacije\\instalacijeBosko\\utorrent.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6/12/2010 1:40 AM 691696]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [5/27/2010 9:42 PM 193840]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\ANADJU~1\LOCALS~1\Temp\FQK1.tmp --> c:\docume~1\ANADJU~1\LOCALS~1\Temp\FQK1.tmp [?]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: {D6B76796-52C0-4213-9EE7-9926577899D9} = 172.16.0.35
FF - ProfilePath - c:\documents and settings\Ana Djurdjevic\Application Data\Mozilla\Firefox\Profiles\6mekjxai.default\
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
HKLM-Run-run32 - c:\win\lsass.exe
HKLM-Run-USBScan.exe - c:\program files\USBScan\USBScan.exe
AddRemove-HijackThis - d:\instalacije\instalacijeBosko\HijackThis.exe
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\ANADJU~1\LOCALS~1\Temp\FQK1.tmp"
.
Completion time: 2010-06-12 04:18:03
ComboFix-quarantined-files.txt 2010-06-12 02:18
Pre-Run: 15,255,912,448 bytes free
Post-Run: 15,309,705,216 bytes free
- - End Of File - - 36D564D04554BCBBEF25691683AA44F1
Hvala unapred,
Bosko