MyCity » Ambulanta -> Arhiva Ambulante » Molom proveru-Verovatno zaraza

Molom proveru-Verovatno zaraza

Napisano na dan: 5.7.2009

Molom proveru-Verovatno zaraza

Sledeća strana

Pagination

Odgovori

lanmi1983 Poslao: 05 Jul 2009 10:41 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! MBAM mi je izbacio ovo: Malwarebytes' Anti-Malware 1.38 Verzija baze podataka: 2374 Windows 5.1.2600 Service Pack 3 7/5/2009 2:02:47 AM mbam-log-2009-07-05 (02-02-44).txt Tip skeniranja: Brzo Skeniranje Skeniranih objekata: 96212 Proteklo vreme: 7 minute(s), 58 second(s) Inficirani procesi u memoriji: 0 Inficirani moduli u memoriji: 0 Inficirani kljuèevi u registru: 2 Inficirane vrednosti u registru: 0 Inficirani podaci u registru: 0 Inficirane fascikle: 0 Inficirane datoteke: 0 Inficirani procesi u memoriji: (Maliciozne stavke nisu detektovane) Inficirani moduli u memoriji: (Maliciozne stavke nisu detektovane) Inficirani kljuèevi u registru: HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Trojan.BHO) -> No action taken. Inficirane vrednosti u registru: (Maliciozne stavke nisu detektovane) Inficirani podaci u registru: (Maliciozne stavke nisu detektovane) Inficirane fascikle: (Maliciozne stavke nisu detektovane) Inficirane datoteke: (Maliciozne stavke nisu detektovane) Evo i HT loga: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:30:32 AM, on 7/5/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\Magentic\bin\MgApp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Milan\Desktop\Pomoc\TR3.exe..exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O2 - BHO: (no name) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live pomagac za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: TBSB00982 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Antbar\Ant.com Toolbar\tbcore3.dll O3 - Toolbar: Ant.com Toolbar - {6CD56C02-CB4D-41B5-A0FE-B479061CCB41} - C:\Program Files\Antbar\Ant.com Toolbar\tbcore3.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - [Link mogu videti samo ulogovani korisnici] O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Update Service (gupdate1c98d25e3423983) (gupdate1c98d25e3423983) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 9690 bytes

Profil

helen1 Poslao: 05 Jul 2009 11:00 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8651 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Preuzmi sUBs-ov ComboFix sa jedne od sledećih adresa na Desktop: Bleeping Computer . . . . . Geeks to Go! Klikni desnim tasterom na neki od linkova i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: zatvori pokrenute programe; deaktiviraj zaštitni softver (uputstvo); dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

lanmi1983 Poslao: 05 Jul 2009 11:23 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-07-04.04 - Milan 07/05/2009 11:12.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.547 [GMT 2:00] Running from: c:\documents and settings\Milan\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Installer\1766a7.msp c:\windows\Installer\1766bd.msp c:\windows\Installer\1766d7.msp c:\windows\Installer\1766ee.msp c:\windows\Installer\176706.msp c:\windows\Installer\17671c.msp c:\windows\Installer\47011.msp c:\windows\Installer\4703c.msp c:\windows\Installer\47052.msp c:\windows\Installer\4706a.msp c:\windows\Installer\47085.msp c:\windows\Installer\6ebaf.msp c:\windows\Installer\6ebc6.msp . ((((((((((((((((((((((((( Files Created from 2009-06-05 to 2009-07-05 ))))))))))))))))))))))))))))))) . 2009-07-05 09:07 . 2009-07-04 22:39 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys 2009-07-05 09:07 . 2009-07-04 22:39 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll 2009-07-05 09:07 . 2009-07-04 22:39 906520 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe 2009-07-05 09:07 . 2009-07-04 22:39 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll 2009-07-05 09:07 . 2009-07-04 22:39 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe 2009-07-05 09:07 . 2009-07-04 22:39 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll 2009-07-05 09:07 . 2009-07-04 22:39 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe 2009-07-05 09:07 . 2009-07-04 22:38 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll 2009-07-05 09:07 . 2009-07-04 22:38 829208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll 2009-07-05 09:06 . 2009-07-04 22:35 1454360 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll 2009-07-05 09:06 . 2009-07-04 22:35 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe 2009-07-05 09:02 . 2009-07-05 09:02 -------- d-----w- c:\program files\Everstrike Software 2009-07-05 09:02 . 2009-07-05 09:02 -------- d-----w- c:\program files\Common Files\Everstrike Software 2009-07-04 22:40 . 2009-07-04 22:39 832144 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\AVGToolbarInstall.exe 2009-07-04 22:39 . 2009-06-14 14:07 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll 2009-07-04 22:39 . 2009-07-04 22:39 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-07-04 22:39 . 2009-07-04 22:39 -------- d-----w- c:\documents and settings\LocalService\Application Data\AVGTOOLBAR 2009-06-20 13:08 . 2009-06-20 14:57 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\ant.com 2009-06-20 13:06 . 2009-06-20 13:06 -------- d-----w- c:\program files\Antbar . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-05 09:07 . 2008-12-02 18:47 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-05 00:02 . 2008-12-02 18:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-04 22:39 . 2008-12-02 18:47 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-07-04 22:39 . 2008-12-02 18:47 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-07-04 22:35 . 2009-02-12 15:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-06-27 23:52 . 2008-12-04 04:14 40 ----a-w- c:\windows\popcinfo.dat 2009-06-21 14:47 . 2009-02-27 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-21 14:23 . 2008-12-03 22:45 3561743 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-06-17 09:27 . 2008-12-02 18:48 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 09:27 . 2008-12-02 18:48 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-13 12:03 . 2009-04-24 22:04 -------- d-----w- c:\program files\Look@LAN 2009-05-19 21:07 . 2009-02-12 15:21 -------- d-----w- c:\program files\Google 2009-05-13 09:03 . 2009-04-09 12:33 -------- d-----w- c:\documents and settings\Milan\Application Data\AdobeUM 2009-05-12 15:31 . 2009-02-24 20:40 -------- d-----w- c:\program files\AskBarDis 2009-05-10 21:16 . 2008-12-02 18:47 -------- d-----w- c:\documents and settings\Milan\Application Data\AVGTOOLBAR 2009-05-10 20:32 . 2009-05-10 20:32 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2009-05-10 20:32 . 2009-05-10 20:32 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2009-05-10 20:22 . 2009-05-10 20:20 -------- d-----w- c:\documents and settings\Milan\Application Data\Nokia 2009-05-10 20:22 . 2009-05-10 20:22 -------- d-----w- c:\documents and settings\Milan\Application Data\Nokia Multimedia Player 2009-05-10 20:20 . 2009-05-10 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2009-05-10 20:20 . 2009-05-10 20:20 -------- d-----w- c:\program files\Common Files\PCSuite 2009-05-10 20:20 . 2009-05-10 20:19 -------- d-----w- c:\program files\Common Files\Nokia 2009-05-10 20:19 . 2009-05-10 20:19 -------- d-----w- c:\program files\Nokia 2009-05-10 20:19 . 2009-05-10 20:19 -------- d-----w- c:\program files\DIFX 2009-05-10 20:19 . 2009-05-10 20:19 -------- d-----w- c:\documents and settings\Milan\Application Data\PC Suite 2009-05-10 20:19 . 2009-05-10 20:19 -------- d-----w- c:\program files\PC Connectivity Solution 2009-05-10 20:18 . 2009-05-10 20:18 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe 2009-05-10 20:18 . 2009-05-10 20:18 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe 2009-05-10 20:18 . 2009-05-10 20:18 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe 2009-05-10 20:18 . 2009-05-10 20:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-05-10 17:34 . 2008-12-02 18:47 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-05-10 17:29 . 2009-05-10 09:51 -------- d-----w- c:\program files\Yahoo! 2009-05-10 09:51 . 2009-05-10 09:51 -------- d-----w- c:\documents and settings\Milan\Application Data\Yahoo! 2009-04-26 20:16 . 2009-01-17 16:01 5443 ----a-w- c:\program files\Yurecnik.ini 2009-04-24 22:37 . 2009-04-24 22:33 4212 ---h--w- c:\windows\system32\zllictbl.dat 2009-04-24 22:03 . 2009-04-24 22:04 720896 ----a-w- c:\windows\iun6002.exe 2009-04-12 22:42 . 2009-04-12 22:43 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-04-12 22:42 . 2009-04-12 22:42 152576 ----a-w- c:\documents and settings\Milan\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-01-17 16:03 . 2009-01-17 16:03 258 ----a-w- c:\program files\Mini-YuRecnik.ini 2009-01-17 15:59 . 2009-01-17 15:59 1998 ----a-w- c:\program files\uninstal.log 2009-01-17 15:59 . 1999-01-25 04:27 28702 ----a-w- c:\program files\Uninstal.exe 1999-08-02 09:47 . 1999-08-02 09:47 387072 ----a-w- c:\program files\YuRecnik.exe 1999-08-02 09:40 . 1999-08-02 09:40 219648 ----a-w- c:\program files\MiniYuRecnik.exe 1999-08-02 09:35 . 1999-08-02 09:35 9559 ----a-w- c:\program files\YURECNIK.HLP 1999-08-02 09:35 . 1999-08-02 09:35 57 ----a-w- c:\program files\Yurecnik.CNT 1999-07-29 09:43 . 1999-07-29 09:43 2447472 ----a-w- c:\program files\Reci.dat 1996-09-06 12:08 . 1996-09-06 12:08 30070 ----a-w- c:\program files\Fb_deflt.dic 1996-02-23 15:26 . 1996-02-23 15:26 469504 ----a-w- c:\program files\Fb_11k8.dll 1996-02-23 14:59 . 1996-02-23 14:59 34816 ----a-w- c:\program files\Fb_spch.dll 1996-02-23 14:48 . 1996-02-23 14:48 4608 ----a-w- c:\program files\Fb_timer.dll 1996-02-23 14:46 . 1996-02-23 14:46 29184 ----a-w- c:\program files\Fb_ngn.exe 1996-02-23 14:21 . 1996-02-23 14:21 16896 ----a-w- c:\program files\Uraspec.exe 1996-02-23 14:17 . 1996-02-23 14:17 18432 ----a-w- c:\program files\Dictmgr.exe 1993-11-29 08:32 . 1993-11-29 08:32 16896 ----a-w- c:\program files\Monologw.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-06-14 14:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-03-31 251264] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-12 39408] "Magentic"="c:\progra~1\Magentic\bin\Magentic.exe" [2008-08-04 488808] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2004-12-20 33792] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-04 1948440] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-12 148888] "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-03 16841216] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088] c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-07-04 22:39 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\Magentic\\bin\\MgImp.exe"= "c:\\Program Files\\Magentic\\bin\\Magentic.exe"= "c:\\Program Files\\Magentic\\bin\\MgApp.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58459:TCP"= 58459:TCP:Pando Media Booster "58459:UDP"= 58459:UDP:Pando Media Booster R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/2/2008 8:47 PM 335752] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12/2/2008 8:47 PM 108552] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [12/28/2008 4:28 PM 907032] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [12/28/2008 4:28 PM 298776] R2 LF30FS;LF30FS;c:\program files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys [11/19/2004 6:07 PM 101488] S2 gupdate1c98d25e3423983;Google Update Service (gupdate1c98d25e3423983);c:\program files\Google\Update\GoogleUpdate.exe [2/12/2009 5:23 PM 133104] --- Other Services/Drivers In Memory --- NewlyCreated - LF30FS . Contents of the 'Scheduled Tasks' folder 2009-07-05 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-12 15:55] 2009-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 15:23] 2009-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 15:23] . - - - - ORPHANS REMOVED - - - - HKLM-Run-LFAgent - (no file) . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-07-05 11:17 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(696) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-07-05 11:18 ComboFix-quarantined-files.txt 2009-07-05 09:18 Pre-Run: 10,587,516,928 bytes free Post-Run: 10,906,791,936 bytes free 199

Profil

helen1 Poslao: 05 Jul 2009 11:40 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8651 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SearchSettings"=- Folder:: c:\program files\Search Settings` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

lanmi1983 Poslao: 05 Jul 2009 11:55 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-07-04.05 - Milan 07/05/2009 11:48.6 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.413 [GMT 2:00] Running from: c:\documents and settings\Milan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Milan\Desktop\CFScript.txt AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Milan\Application Data\.# c:\program files\Search Settings c:\program files\Search Settings\kb127\SearchSettings.dll c:\program files\Search Settings\kb127\SearchSettingsRes409.dll c:\program files\Search Settings\SearchSettings.exe . ((((((((((((((((((((((((( Files Created from 2009-06-05 to 2009-07-05 ))))))))))))))))))))))))))))))) . 2009-07-05 09:40 . 2009-07-05 09:40 180224 ----a-w- c:\windows\system32\WinVd32.sys 2009-07-05 09:40 . 2009-07-05 09:40 7680 ----a-w- c:\windows\system32\WinFLsrv.exe 2009-07-05 09:40 . 2009-07-05 09:40 10752 ----a-w- c:\windows\system32\WinFLdrv.sys 2009-07-05 09:39 . 2009-07-05 09:39 -------- d-----w- c:\program files\Folder Lock 6 2009-07-05 09:07 . 2009-07-04 22:39 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys 2009-07-05 09:07 . 2009-07-04 22:39 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll 2009-07-05 09:07 . 2009-07-04 22:39 906520 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe 2009-07-05 09:07 . 2009-07-04 22:39 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll 2009-07-05 09:07 . 2009-07-04 22:39 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe 2009-07-05 09:07 . 2009-07-04 22:39 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll 2009-07-05 09:07 . 2009-07-04 22:39 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe 2009-07-05 09:07 . 2009-07-04 22:38 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll 2009-07-05 09:07 . 2009-07-04 22:38 829208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll 2009-07-05 09:06 . 2009-07-04 22:35 1454360 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll 2009-07-05 09:06 . 2009-07-04 22:35 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe 2009-07-05 09:02 . 2009-07-05 09:38 -------- d-----w- c:\program files\Everstrike Software 2009-07-05 09:02 . 2009-07-05 09:02 -------- d-----w- c:\program files\Common Files\Everstrike Software 2009-07-04 22:40 . 2009-07-04 22:39 832144 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\AVGToolbarInstall.exe 2009-07-04 22:39 . 2009-06-14 14:07 1004800 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll 2009-07-04 22:39 . 2009-07-04 22:39 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-07-04 22:39 . 2009-07-04 22:39 -------- d-----w- c:\documents and settings\LocalService\Application Data\AVGTOOLBAR 2009-06-20 13:08 . 2009-06-20 14:57 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\ant.com 2009-06-20 13:06 . 2009-06-20 13:06 -------- d-----w- c:\program files\Antbar . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-05 09:07 . 2008-12-02 18:47 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-05 00:02 . 2008-12-02 18:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-04 22:39 . 2008-12-02 18:47 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-07-04 22:39 . 2008-12-02 18:47 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-07-04 22:35 . 2009-02-12 15:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-06-27 23:52 . 2008-12-04 04:14 40 ----a-w- c:\windows\popcinfo.dat 2009-06-21 14:47 . 2009-02-27 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-21 14:23 . 2008-12-03 22:45 3561743 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-06-17 09:27 . 2008-12-02 18:48 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 09:27 . 2008-12-02 18:48 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-13 12:03 . 2009-04-24 22:04 -------- d-----w- c:\program files\Look@LAN 2009-05-19 21:07 . 2009-02-12 15:21 -------- d-----w- c:\program files\Google 2009-05-13 09:03 . 2009-04-09 12:33 -------- d-----w- c:\documents and settings\Milan\Application Data\AdobeUM 2009-05-12 15:31 . 2009-02-24 20:40 -------- d-----w- c:\program files\AskBarDis 2009-05-10 21:16 . 2008-12-02 18:47 -------- d-----w- c:\documents and settings\Milan\Application Data\AVGTOOLBAR 2009-05-10 20:32 . 2009-05-10 20:32 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2009-05-10 20:32 . 2009-05-10 20:32 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2009-05-10 20:22 . 2009-05-10 20:20 -------- d-----w- c:\documents and settings\Milan\Application Data\Nokia 2009-05-10 20:22 . 2009-05-10 20:22 -------- d-----w- c:\documents and settings\Milan\Application Data\Nokia Multimedia Player 2009-05-10 20:20 . 2009-05-10 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2009-05-10 20:20 . 2009-05-10 20:20 -------- d-----w- c:\program files\Common Files\PCSuite 2009-05-10 20:20 . 2009-05-10 20:19 -------- d-----w- c:\program files\Common Files\Nokia 2009-05-10 20:19 . 2009-05-10 20:19 -------- d-----w- c:\program files\Nokia 2009-05-10 20:19 . 2009-05-10 20:19 -------- d-----w- c:\program files\DIFX 2009-05-10 20:19 . 2009-05-10 20:19 -------- d-----w- c:\documents and settings\Milan\Application Data\PC Suite 2009-05-10 20:19 . 2009-05-10 20:19 -------- d-----w- c:\program files\PC Connectivity Solution 2009-05-10 20:18 . 2009-05-10 20:18 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe 2009-05-10 20:18 . 2009-05-10 20:18 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe 2009-05-10 20:18 . 2009-05-10 20:18 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe 2009-05-10 20:18 . 2009-05-10 20:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-05-10 17:34 . 2008-12-02 18:47 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-05-10 17:29 . 2009-05-10 09:51 -------- d-----w- c:\program files\Yahoo! 2009-05-10 09:51 . 2009-05-10 09:51 -------- d-----w- c:\documents and settings\Milan\Application Data\Yahoo! 2009-04-26 20:16 . 2009-01-17 16:01 5443 ----a-w- c:\program files\Yurecnik.ini 2009-04-24 22:37 . 2009-04-24 22:33 4212 ---h--w- c:\windows\system32\zllictbl.dat 2009-04-24 22:03 . 2009-04-24 22:04 720896 ----a-w- c:\windows\iun6002.exe 2009-04-12 22:42 . 2009-04-12 22:43 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-04-12 22:42 . 2009-04-12 22:42 152576 ----a-w- c:\documents and settings\Milan\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-01-17 16:03 . 2009-01-17 16:03 258 ----a-w- c:\program files\Mini-YuRecnik.ini 2009-01-17 15:59 . 2009-01-17 15:59 1998 ----a-w- c:\program files\uninstal.log 2009-01-17 15:59 . 1999-01-25 04:27 28702 ----a-w- c:\program files\Uninstal.exe 1999-08-02 09:47 . 1999-08-02 09:47 387072 ----a-w- c:\program files\YuRecnik.exe 1999-08-02 09:40 . 1999-08-02 09:40 219648 ----a-w- c:\program files\MiniYuRecnik.exe 1999-08-02 09:35 . 1999-08-02 09:35 9559 ----a-w- c:\program files\YURECNIK.HLP 1999-08-02 09:35 . 1999-08-02 09:35 57 ----a-w- c:\program files\Yurecnik.CNT 1999-07-29 09:43 . 1999-07-29 09:43 2447472 ----a-w- c:\program files\Reci.dat 1996-09-06 12:08 . 1996-09-06 12:08 30070 ----a-w- c:\program files\Fb_deflt.dic 1996-02-23 15:26 . 1996-02-23 15:26 469504 ----a-w- c:\program files\Fb_11k8.dll 1996-02-23 14:59 . 1996-02-23 14:59 34816 ----a-w- c:\program files\Fb_spch.dll 1996-02-23 14:48 . 1996-02-23 14:48 4608 ----a-w- c:\program files\Fb_timer.dll 1996-02-23 14:46 . 1996-02-23 14:46 29184 ----a-w- c:\program files\Fb_ngn.exe 1996-02-23 14:21 . 1996-02-23 14:21 16896 ----a-w- c:\program files\Uraspec.exe 1996-02-23 14:17 . 1996-02-23 14:17 18432 ----a-w- c:\program files\Dictmgr.exe 1993-11-29 08:32 . 1993-11-29 08:32 16896 ----a-w- c:\program files\Monologw.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-06-14 14:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-03-31 251264] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-12 39408] "Magentic"="c:\progra~1\Magentic\bin\Magentic.exe" [2008-08-04 488808] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2004-12-20 33792] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-04 1948440] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-12 148888] "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-03 16841216] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088] c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-07-04 22:39 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\Magentic\\bin\\MgImp.exe"= "c:\\Program Files\\Magentic\\bin\\Magentic.exe"= "c:\\Program Files\\Magentic\\bin\\MgApp.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58459:TCP"= 58459:TCP:Pando Media Booster "58459:UDP"= 58459:UDP:Pando Media Booster R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/2/2008 8:47 PM 335752] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12/2/2008 8:47 PM 108552] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [12/28/2008 4:28 PM 907032] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [12/28/2008 4:28 PM 298776] R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [7/5/2009 11:40 AM 10752] RUnknown LF30FS;LF30FS; [x] S2 gupdate1c98d25e3423983;Google Update Service (gupdate1c98d25e3423983);c:\program files\Google\Update\GoogleUpdate.exe [2/12/2009 5:23 PM 133104] --- Other Services/Drivers In Memory --- NewlyCreated - LF30FS NewlyCreated - WINFLDRV NewlyCreated - WINVD32 . Contents of the 'Scheduled Tasks' folder 2009-07-05 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-12 15:55] 2009-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 15:23] 2009-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 15:23] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-07-05 11:51 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\windows\system32\sys_drv.dat 6024 bytes c:\windows\system32\sys_drv_2.dat 5020 bytes c:\documents and settings\Milan\Application Data\systemfl.$dk 990 bytes scan completed successfully hidden files: 3 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(696) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-07-05 11:52 ComboFix-quarantined-files.txt 2009-07-05 09:52 ComboFix2.txt 2009-07-05 09:18 Pre-Run: 10,898,538,496 bytes free Post-Run: 10,884,243,456 bytes free 199

Profil

helen1 Poslao: 05 Jul 2009 11:59 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8651 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ima li sada nekih problema?

Profil

lanmi1983 Poslao: 05 Jul 2009 12:09 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada je sve ok. Hvala puno.

Profil

helen1 Poslao: 05 Jul 2009 12:13 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8651 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Molom proveru-Verovatno zaraza

Ko je trenutno na forumu

Ukupno su 1017 korisnika na forumu :: 21 registrovanih, 2 sakrivenih i 994 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: boro975, brane2208, Burovnyak, d.arsenal321, draganl, gaga23, halkin gol, hellenic, K2, kybonacci, LostInSpaceandTime, LUDI, moldway, nemkea71, opt1, Petar888, Srki94, StrahinjicOgnjen, tomo2, VX1, Zorge

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by