MyCity » Ambulanta -> Arhiva Ambulante » USB problem

USB problem

Napisano na dan: 12.5.2009

USB problem

Sledeća strana

Pagination

Odgovori

b@d::::Luck Poslao: 12 Maj 2009 09:59 Idi na vrh
offline b@d::::Luck Ugledni građanin Pridružio: 14 Avg 2005 Poruke: 342	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam problem sa USB-om i otvorio sam temu ovde. Posto vec duze vreme ne uspevam da otklonim problem, sumnjam na neku gamad. Mozda i gresim ali vise ne znam sta da pokusam. Instalirao sam SP3 i prebacio se sa NOD-a na avast. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:55:18, on 12.5.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\admtray.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Mihaljev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\DynAdvance\DynAdvance Notifier\MailNotifier.Exe C:\Acer\Empowering Technology\admServ.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\DOCUME~1\Mihaljev\LOCALS~1\Temp\RtkBtMnt.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\TC PowerPack\totalcmd.exe C:\Documents and Settings\Mihaljev\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Mihaljev\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Mihaljev\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Mihaljev\Desktop\Tuga\TR3.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local O1 - Hosts: 91.121.97.18 mininova.org O1 - Hosts: 91.121.97.18 www.mininova.org O1 - Hosts: 91.121.97.18 thepiratebay.org O1 - Hosts: 91.121.97.18 www.thepiratebay.org O1 - Hosts: 91.121.97.18 demonoid.com O1 - Hosts: 91.121.97.18 www.demonoid.com O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Mihaljev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [DynAdvance Notifier] C:\Program Files\DynAdvance\DynAdvance Notifier\MailNotifier.Exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ?????? Google Update (gupdate1c9cb1375a4a974) (gupdate1c9cb1375a4a974) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 9412 bytes

Profil

dr_Bora Poslao: 12 Maj 2009 18:21 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav... Skini na Desktop i pokreni dvoklikom: https://www.mycity.rs/must-login.png Iskopiraj ovde tekst koji će biti prikazan u Notepad-u.

Profil

b@d::::Luck Poslao: 12 Maj 2009 18:49 Idi na vrh
offline b@d::::Luck Ugledni građanin Pridružio: 14 Avg 2005 Poruke: 342	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=dword:00000091 潎桴湩⹧⸮ഠ

Profil

dr_Bora Poslao: 12 Maj 2009 18:53 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Program settings.... U prozoru koji se otvori, pod Troubleshooting, čekiraj opciju Disable avast! self-defence i klikni OK. Takođe, klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection. Napomena: Ne zaboravi da uključiš ove opcije po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

b@d::::Luck Poslao: 12 Maj 2009 21:44 Idi na vrh
offline b@d::::Luck Ugledni građanin Pridružio: 14 Avg 2005 Poruke: 342	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-05-12.02 - Mihaljev 12.05.2009 21:18.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.201 [GMT 2:00] Running from: c:\documents and settings\Mihaljev\My Documents\Downloads\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090512-0] On-access scanning disabled (Updated) WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\ovfsthdjlapodaogetaigdyvpwmpdjmmndiibe.sys c:\windows\system32\ovfsthdxbqhespyputewmtkyxmxtdjgoifivra.db c:\windows\system32\ovfsthfjbhpbpomesfldqlpyojfftjubkiilwq.dat c:\windows\system32\ovfsthnsupssfndtumdynejrdsfkeorqowktju.dll c:\windows\system32\ovfsthnyoaobamnkctqvxndpjrplxfclcllbog.dat c:\windows\system32\ovfsthrnhjwvbdyvmyoykmtlfkdswybilpndmj.dll c:\windows\system32\ovfsthtkshbftmvbvkswkiiqvnqqxdhunptued.dll c:\windows\system32\ovfsthwvjooeddhkbevmnwkjargbgpulpmxlfx.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_ovfsthvxwyayeorowopxgoepaqlltugnpqiaoy ((((((((((((((((((((((((( Files Created from 2009-04-12 to 2009-05-12 ))))))))))))))))))))))))))))))) . 2009-05-12 07:16 . 2009-05-12 07:16 -------- d-----w c:\documents and settings\Mihaljev\Application Data\NetMedia Providers 2009-05-12 07:16 . 2009-05-12 07:16 -------- d-----w c:\documents and settings\Mihaljev\Application Data\Publish Providers 2009-05-12 07:16 . 2009-05-12 07:42 -------- d-----w c:\documents and settings\Mihaljev\Application Data\Sony 2009-05-12 07:09 . 2009-05-12 07:42 -------- d-----w c:\documents and settings\Mihaljev\Local Settings\Application Data\Sony 2009-05-12 07:03 . 2009-05-12 07:03 -------- d-----w c:\program files\Vstplugins 2009-05-12 07:02 . 2009-05-12 07:41 -------- d-----w c:\program files\Sony 2009-05-12 06:57 . 2009-05-12 06:59 -------- d-----w c:\windows\system32\drivers\UMDF 2009-05-12 06:57 . 2009-05-12 06:57 -------- d-----w c:\windows\system32\LogFiles 2009-05-12 06:55 . 2009-05-12 07:39 -------- d-----w c:\program files\Sony Setup 2009-05-11 05:35 . 2009-05-11 05:35 -------- d-----w c:\program files\Activision 2009-05-07 19:16 . 2009-05-07 19:16 -------- d-----w c:\documents and settings\All Users\Application Data\DynAdvance 2009-05-07 19:16 . 2009-05-07 19:16 -------- d-----w c:\documents and settings\Mihaljev\Local Settings\Application Data\DynAdvance 2009-05-07 19:14 . 2009-05-07 19:14 -------- d-----w c:\program files\DynAdvance 2009-05-06 07:19 . 2009-05-06 07:19 -------- d-----w c:\documents and settings\All Users\Application Data\ALM 2009-05-06 07:18 . 2009-05-06 07:18 -------- d-----w c:\program files\Bonjour 2009-05-05 15:10 . 2009-05-05 15:18 -------- d-----w c:\program files\RegistryFix7 2009-05-04 06:09 . 2008-04-13 22:10 5504 ----a-w c:\windows\system32\drivers\intelide.sys 2009-05-04 05:55 . 2009-05-05 14:10 -------- d-----w c:\program files\Driver Checker 2009-05-03 09:53 . 2009-05-03 09:53 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2009-05-02 22:01 . 2009-05-02 22:01 -------- d-----w c:\program files\CCleaner 2009-05-02 10:48 . 2009-05-02 10:48 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google 2009-05-02 10:46 . 2009-05-10 19:56 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-04-30 23:34 . 2009-04-30 23:34 -------- d-----w c:\documents and settings\Nenad 2009-04-30 22:49 . 2009-04-30 22:51 -------- d--h--w c:\windows\system32\GroupPolicy 2009-04-29 05:50 . 2009-04-29 05:50 -------- d-----w c:\program files\SystemRequirementsLab 2009-04-26 19:47 . 2009-04-26 19:47 -------- d-----w c:\program files\Adobe Media Player 2009-04-26 19:44 . 2009-04-26 19:44 -------- d-----w c:\program files\Common Files\Adobe AIR 2009-04-26 10:10 . 2009-04-26 10:10 -------- d-----w c:\documents and settings\Administrator.MARIJAN\Application Data\Malwarebytes 2009-04-23 18:13 . 2009-04-26 10:07 -------- d-----w c:\program files\Master Kick for Windows 2009-04-21 13:06 . 2009-04-21 13:13 -------- d-----w c:\program files\mp3DirectCut 2009-04-19 17:49 . 2009-04-19 17:49 131 ----a-w c:\documents and settings\Mihaljev\Local Settings\Application Data\fusioncache.dat 2009-04-19 17:48 . 2009-04-19 17:49 -------- d-----w c:\program files\Microsoft USB Flash Drive Manager 2009-04-18 20:31 . 2009-04-18 20:31 -------- d-s---w c:\documents and settings\Mihaljev\UserData 2009-04-18 20:10 . 2009-04-18 20:10 -------- d-----w c:\documents and settings\Mihaljev\Local Settings\Application Data\Apple Computer 2009-04-18 15:44 . 2008-04-14 03:42 221184 ----a-w c:\windows\system32\wmpns.dll 2009-04-18 15:33 . 2008-04-14 03:42 294912 -c----w c:\windows\system32\dllcache\dlimport.exe 2009-04-17 22:14 . 2009-04-17 22:15 110592 ----a-w c:\windows\system32\winsetup66.exe 2009-04-15 18:46 . 2009-04-19 17:53 -------- d-----w C:\robocode 2009-04-13 13:41 . 2003-06-25 14:05 266360 ----a-w c:\windows\system32\TweakUI.exe 2009-04-13 11:47 . 2009-04-30 22:55 -------- d-----w c:\windows\system32\NtmsData 2009-04-13 09:40 . 2009-04-13 09:40 -------- d-----w c:\program files\Neoretix 2009-04-13 09:40 . 2009-04-13 09:40 -------- d-----w c:\windows\Downloaded Installations 2009-04-13 08:53 . 2009-04-13 08:53 -------- d-----w C:\vbroker . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-12 06:44 . 2008-11-12 22:37 -------- d--h--w c:\program files\InstallShield Installation Information 2009-05-10 16:38 . 2009-03-25 14:13 -------- d-----w c:\program files\FlashGet 2009-05-10 14:33 . 2008-11-14 09:01 -------- d-----w c:\program files\AIMP2 2009-05-06 08:55 . 2008-11-12 23:14 118608 ----a-w c:\documents and settings\Mihaljev\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-06 07:17 . 2008-11-14 17:17 -------- d-----w c:\program files\Common Files\Adobe 2009-05-05 15:49 . 2009-02-11 14:04 929496 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-05-04 11:40 . 2006-01-17 09:21 539512 ----a-w c:\windows\system32\drivers\btaudio.sys 2009-05-02 10:48 . 2009-03-27 22:33 -------- d-----w c:\program files\Google 2009-04-30 23:35 . 2009-04-30 23:35 118608 ----a-w c:\documents and settings\Nenad\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-29 11:09 . 2009-01-26 21:09 -------- d-----w c:\program files\Turtix Rescue Adventure 2009-04-29 11:08 . 2009-01-04 22:44 -------- d-----w c:\program files\Mount&Blade 2009-04-18 15:39 . 2008-11-12 22:27 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-04-13 18:33 . 2009-04-05 15:13 -------- d-----w c:\program files\MagicISO 2009-04-11 10:57 . 2009-04-11 10:57 -------- d-----w c:\program files\CleanMyPC 2009-04-10 07:22 . 2009-04-10 07:22 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-08 19:13 . 2009-04-08 19:13 24576 ----a-w c:\documents and settings\Mihaljev\Local Settings\Application Data\cp_setup_assist.exe 2009-04-08 19:09 . 2009-04-08 19:09 -------- d-----w c:\program files\Common Files\Intuit 2009-04-08 19:09 . 2009-04-08 19:09 -------- d-----w c:\program files\Common Files\Palo Alto Software 2009-04-08 19:09 . 2009-04-08 19:09 -------- d-----w c:\program files\Palo Alto Software 2009-04-07 20:00 . 2009-04-07 19:58 -------- d-----w c:\program files\NetBeans 6.5.1 2009-04-07 19:56 . 2009-04-07 19:56 -------- d-----w c:\program files\Sun 2009-04-07 19:54 . 2009-03-26 20:07 -------- d-----w c:\program files\Java 2009-04-07 10:47 . 2009-02-27 16:03 664 ----a-w c:\windows\system32\d3d9caps.dat 2009-04-06 13:32 . 2009-04-10 07:22 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-06 13:32 . 2009-04-10 07:22 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-05 16:07 . 2009-04-05 16:07 -------- d-----w c:\program files\Xinox Software 2009-04-04 15:14 . 2009-04-04 15:14 -------- d-----w c:\program files\ESET 2009-04-01 10:22 . 2009-04-01 10:13 -------- d-----w c:\program files\Common Files\Borland Shared 2009-04-01 10:13 . 2009-04-01 10:13 -------- d-----w c:\program files\Borland 2009-04-01 07:41 . 2009-04-01 07:41 -------- d-----w c:\program files\GPLGS 2009-04-01 07:40 . 2009-04-01 07:40 -------- d-----w c:\program files\Acro Software 2009-03-29 21:49 . 2009-03-29 21:49 -------- d-----w c:\program files\TP 2009-03-26 20:08 . 2009-03-26 20:08 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-26 12:40 . 2009-03-26 12:40 -------- d-----w c:\program files\QuickTime Alternative 2009-03-25 15:27 . 2009-03-25 15:27 -------- d-----w c:\program files\uTorrent 2009-03-25 12:04 . 2009-03-25 12:04 -------- d-----w c:\program files\Apple Software Update 2009-03-23 18:18 . 2009-03-23 18:18 56 ---ha-w c:\windows\system32\ezsidmv.dat 2009-03-23 18:06 . 2009-03-23 18:06 -------- d-----r c:\program files\Skype 2009-03-23 18:06 . 2009-03-23 18:06 -------- d-----w c:\program files\Common Files\Skype . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Google Update"="c:\documents and settings\Mihaljev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-23 133104] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-16 24095528] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-02 39408] "DynAdvance Notifier"="c:\program files\DynAdvance\DynAdvance Notifier\MailNotifier.Exe" [2009-04-17 335872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-08-16 53248] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946] "ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-04-14 344064] "Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-20 3080192] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-08-16 16248320] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-08-16 2879488] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk] backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk] backup=c:\windows\pss\Bluetooth.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Palo Alto Software Update Manager 9.0.lnk] backup=c:\windows\pss\Palo Alto Software Update Manager 9.0.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Mihaljev^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Mihaljev^Start Menu^Programs^Startup^Total Organizer.lnk] backup=c:\windows\pss\Total Organizer.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5/7/2009 9:17 PM 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/7/2009 9:17 PM 20560] S4 Canieirvww;Canieirvww; [x] --- Other Services/Drivers In Memory --- Deregistered - gupdate1c9cb1375a4a974 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - e:\setup\rsrc\Autorun.exe \Shell\dinstall\command - e:\directx\dxsetup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] \Shell\AutoRun\command - I:\AutoRunLauncher.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5fa038ce-ba50-11dd-ab4a-801ebbc96233}] \Shell\AutoRun\command - vfjc8mxm.exe \Shell\explore\Command - vfjc8mxm.exe \Shell\open\Command - vfjc8mxm.exe . Contents of the 'Scheduled Tasks' folder 2009-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2009-05-12 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 10:46] 2009-05-12 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-02 10:47] 2009-05-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-790525478-682003330-1003.job - c:\documents and settings\Mihaljev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-23 17:38] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = local;.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-12 21:22 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(680) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . Completion time: 2009-05-12 21:24 ComboFix-quarantined-files.txt 2009-05-12 19:23 Pre-Run: 8.820.944.896 bytes free Post-Run: 8.894.906.368 bytes free 226

Profil

dr_Bora Poslao: 12 Maj 2009 21:52 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upload-uuj c:\windows\system32\winsetup66.exe preko ovog linka: http://www.mycity.rs/ambulanta-upload.php

Profil

b@d::::Luck Poslao: 12 Maj 2009 22:53 Idi na vrh
offline b@d::::Luck Ugledni građanin Pridružio: 14 Avg 2005 Poruke: 342	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upload-ovao fajl..

Profil

dr_Bora Poslao: 12 Maj 2009 23:27 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\winsetup66.exe Driver:: Canieirvww Registry: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5fa038ce-ba50-11dd-ab4a-801ebbc96233}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

b@d::::Luck Poslao: 13 Maj 2009 08:03 Idi na vrh
offline b@d::::Luck Ugledni građanin Pridružio: 14 Avg 2005 Poruke: 342	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-05-12.02 - Mihaljev 13.05.2009 7:48.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.109 [GMT 2:00] Running from: c:\documents and settings\Mihaljev\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Mihaljev\Desktop\CFScript.txt AV: avast! antivirus 4.8.1335 [VPS 090512-0] On-access scanning disabled (Updated) FILE :: c:\windows\system32\winsetup66.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\winsetup66.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CANIEIRVWW -------\Service_Canieirvww ((((((((((((((((((((((((( Files Created from 2009-04-13 to 2009-05-13 ))))))))))))))))))))))))))))))) . 2009-05-12 07:16 . 2009-05-12 07:16 -------- d-----w c:\documents and settings\Mihaljev\Application Data\NetMedia Providers 2009-05-12 07:16 . 2009-05-12 07:16 -------- d-----w c:\documents and settings\Mihaljev\Application Data\Publish Providers 2009-05-12 07:16 . 2009-05-12 07:42 -------- d-----w c:\documents and settings\Mihaljev\Application Data\Sony 2009-05-12 07:09 . 2009-05-12 07:42 -------- d-----w c:\documents and settings\Mihaljev\Local Settings\Application Data\Sony 2009-05-12 07:03 . 2009-05-12 07:03 -------- d-----w c:\program files\Vstplugins 2009-05-12 07:02 . 2009-05-12 07:41 -------- d-----w c:\program files\Sony 2009-05-12 06:57 . 2009-05-12 06:59 -------- d-----w c:\windows\system32\drivers\UMDF 2009-05-12 06:57 . 2009-05-12 06:57 -------- d-----w c:\windows\system32\LogFiles 2009-05-12 06:55 . 2009-05-12 07:39 -------- d-----w c:\program files\Sony Setup 2009-05-11 05:35 . 2009-05-11 05:35 -------- d-----w c:\program files\Activision 2009-05-07 19:16 . 2009-05-07 19:16 -------- d-----w c:\documents and settings\All Users\Application Data\DynAdvance 2009-05-07 19:16 . 2009-05-07 19:16 -------- d-----w c:\documents and settings\Mihaljev\Local Settings\Application Data\DynAdvance 2009-05-07 19:14 . 2009-05-07 19:14 -------- d-----w c:\program files\DynAdvance 2009-05-06 07:19 . 2009-05-06 07:19 -------- d-----w c:\documents and settings\All Users\Application Data\ALM 2009-05-06 07:18 . 2009-05-06 07:18 -------- d-----w c:\program files\Bonjour 2009-05-05 15:10 . 2009-05-05 15:18 -------- d-----w c:\program files\RegistryFix7 2009-05-04 06:09 . 2008-04-13 22:10 5504 ----a-w c:\windows\system32\drivers\intelide.sys 2009-05-04 05:55 . 2009-05-05 14:10 -------- d-----w c:\program files\Driver Checker 2009-05-03 09:53 . 2009-05-03 09:53 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2009-05-02 22:01 . 2009-05-02 22:01 -------- d-----w c:\program files\CCleaner 2009-05-02 10:48 . 2009-05-02 10:48 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google 2009-05-02 10:46 . 2009-05-13 05:35 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-04-30 23:34 . 2009-04-30 23:34 -------- d-----w c:\documents and settings\Nenad 2009-04-30 22:49 . 2009-04-30 22:51 -------- d--h--w c:\windows\system32\GroupPolicy 2009-04-29 05:50 . 2009-04-29 05:50 -------- d-----w c:\program files\SystemRequirementsLab 2009-04-26 19:47 . 2009-04-26 19:47 -------- d-----w c:\program files\Adobe Media Player 2009-04-26 19:44 . 2009-04-26 19:44 -------- d-----w c:\program files\Common Files\Adobe AIR 2009-04-26 10:10 . 2009-04-26 10:10 -------- d-----w c:\documents and settings\Administrator.MARIJAN\Application Data\Malwarebytes 2009-04-23 18:13 . 2009-04-26 10:07 -------- d-----w c:\program files\Master Kick for Windows 2009-04-21 13:06 . 2009-04-21 13:13 -------- d-----w c:\program files\mp3DirectCut 2009-04-19 17:49 . 2009-04-19 17:49 131 ----a-w c:\documents and settings\Mihaljev\Local Settings\Application Data\fusioncache.dat 2009-04-19 17:48 . 2009-04-19 17:49 -------- d-----w c:\program files\Microsoft USB Flash Drive Manager 2009-04-18 20:31 . 2009-04-18 20:31 -------- d-s---w c:\documents and settings\Mihaljev\UserData 2009-04-18 20:10 . 2009-04-18 20:10 -------- d-----w c:\documents and settings\Mihaljev\Local Settings\Application Data\Apple Computer 2009-04-18 15:44 . 2008-04-14 03:42 221184 ----a-w c:\windows\system32\wmpns.dll 2009-04-18 15:33 . 2008-04-14 03:42 294912 -c----w c:\windows\system32\dllcache\dlimport.exe 2009-04-15 18:46 . 2009-04-19 17:53 -------- d-----w C:\robocode 2009-04-13 13:41 . 2003-06-25 14:05 266360 ----a-w c:\windows\system32\TweakUI.exe 2009-04-13 11:47 . 2009-04-30 22:55 -------- d-----w c:\windows\system32\NtmsData 2009-04-13 09:40 . 2009-04-13 09:40 -------- d-----w c:\program files\Neoretix 2009-04-13 09:40 . 2009-04-13 09:40 -------- d-----w c:\windows\Downloaded Installations 2009-04-13 08:53 . 2009-04-13 08:53 -------- d-----w C:\vbroker . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-12 06:44 . 2008-11-12 22:37 -------- d--h--w c:\program files\InstallShield Installation Information 2009-05-10 16:38 . 2009-03-25 14:13 -------- d-----w c:\program files\FlashGet 2009-05-10 14:33 . 2008-11-14 09:01 -------- d-----w c:\program files\AIMP2 2009-05-06 08:55 . 2008-11-12 23:14 118608 ----a-w c:\documents and settings\Mihaljev\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-06 07:17 . 2008-11-14 17:17 -------- d-----w c:\program files\Common Files\Adobe 2009-05-05 15:49 . 2009-02-11 14:04 929496 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-05-04 11:40 . 2006-01-17 09:21 539512 ----a-w c:\windows\system32\drivers\btaudio.sys 2009-05-02 10:48 . 2009-03-27 22:33 -------- d-----w c:\program files\Google 2009-04-30 23:35 . 2009-04-30 23:35 118608 ----a-w c:\documents and settings\Nenad\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-29 11:09 . 2009-01-26 21:09 -------- d-----w c:\program files\Turtix Rescue Adventure 2009-04-29 11:08 . 2009-01-04 22:44 -------- d-----w c:\program files\Mount&Blade 2009-04-18 15:39 . 2008-11-12 22:27 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-04-13 18:33 . 2009-04-05 15:13 -------- d-----w c:\program files\MagicISO 2009-04-11 10:57 . 2009-04-11 10:57 -------- d-----w c:\program files\CleanMyPC 2009-04-10 07:22 . 2009-04-10 07:22 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-08 19:13 . 2009-04-08 19:13 24576 ----a-w c:\documents and settings\Mihaljev\Local Settings\Application Data\cp_setup_assist.exe 2009-04-08 19:09 . 2009-04-08 19:09 -------- d-----w c:\program files\Common Files\Intuit 2009-04-08 19:09 . 2009-04-08 19:09 -------- d-----w c:\program files\Common Files\Palo Alto Software 2009-04-08 19:09 . 2009-04-08 19:09 -------- d-----w c:\program files\Palo Alto Software 2009-04-07 20:00 . 2009-04-07 19:58 -------- d-----w c:\program files\NetBeans 6.5.1 2009-04-07 19:56 . 2009-04-07 19:56 -------- d-----w c:\program files\Sun 2009-04-07 19:54 . 2009-03-26 20:07 -------- d-----w c:\program files\Java 2009-04-07 10:47 . 2009-02-27 16:03 664 ----a-w c:\windows\system32\d3d9caps.dat 2009-04-06 13:32 . 2009-04-10 07:22 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-06 13:32 . 2009-04-10 07:22 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-05 16:07 . 2009-04-05 16:07 -------- d-----w c:\program files\Xinox Software 2009-04-04 15:14 . 2009-04-04 15:14 -------- d-----w c:\program files\ESET 2009-04-01 10:22 . 2009-04-01 10:13 -------- d-----w c:\program files\Common Files\Borland Shared 2009-04-01 10:13 . 2009-04-01 10:13 -------- d-----w c:\program files\Borland 2009-04-01 07:41 . 2009-04-01 07:41 -------- d-----w c:\program files\GPLGS 2009-04-01 07:40 . 2009-04-01 07:40 -------- d-----w c:\program files\Acro Software 2009-03-29 21:49 . 2009-03-29 21:49 -------- d-----w c:\program files\TP 2009-03-26 20:08 . 2009-03-26 20:08 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-26 12:40 . 2009-03-26 12:40 -------- d-----w c:\program files\QuickTime Alternative 2009-03-25 15:27 . 2009-03-25 15:27 -------- d-----w c:\program files\uTorrent 2009-03-25 12:04 . 2009-03-25 12:04 -------- d-----w c:\program files\Apple Software Update 2009-03-23 18:18 . 2009-03-23 18:18 56 ---ha-w c:\windows\system32\ezsidmv.dat 2009-03-23 18:06 . 2009-03-23 18:06 -------- d-----r c:\program files\Skype 2009-03-23 18:06 . 2009-03-23 18:06 -------- d-----w c:\program files\Common Files\Skype . ((((((((((((((((((((((((((((( SnapShot@2009-05-12_19.22.22 ))))))))))))))))))))))))))))))))))))))))) . + 2009-05-13 05:52 . 2009-05-13 05:52 16384 c:\windows\Temp\Perflib_Perfdata_5ac.dat + 2009-05-13 05:34 . 2009-05-13 05:34 16384 c:\windows\Temp\Perflib_Perfdata_58c.dat + 2009-05-13 05:53 . 2009-05-13 05:53 16384 c:\windows\Temp\Perflib_Perfdata_200.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Google Update"="c:\documents and settings\Mihaljev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-23 133104] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-16 24095528] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-02 39408] "DynAdvance Notifier"="c:\program files\DynAdvance\DynAdvance Notifier\MailNotifier.Exe" [2009-04-17 335872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-08-16 53248] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946] "ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-04-14 344064] "Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-20 3080192] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-08-16 16248320] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-08-16 2879488] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk] backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk] backup=c:\windows\pss\Bluetooth.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Palo Alto Software Update Manager 9.0.lnk] backup=c:\windows\pss\Palo Alto Software Update Manager 9.0.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Mihaljev^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Mihaljev^Start Menu^Programs^Startup^Total Organizer.lnk] backup=c:\windows\pss\Total Organizer.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5/7/2009 9:17 PM 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/7/2009 9:17 PM 20560] --- Other Services/Drivers In Memory --- Deregistered - gupdate1c9cb1375a4a974 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - e:\setup\rsrc\Autorun.exe \Shell\dinstall\command - e:\directx\dxsetup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] \Shell\AutoRun\command - I:\AutoRunLauncher.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5fa038ce-ba50-11dd-ab4a-801ebbc96233}] \Shell\AutoRun\command - vfjc8mxm.exe \Shell\explore\Command - vfjc8mxm.exe \Shell\open\Command - vfjc8mxm.exe . Contents of the 'Scheduled Tasks' folder 2009-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2009-05-13 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 10:46] 2009-05-13 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-02 10:47] 2009-05-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-790525478-682003330-1003.job - c:\documents and settings\Mihaljev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-23 17:38] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = local;.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-13 07:55 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(684) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll - - - - - - - > 'explorer.exe'(3120) c:\windows\system32\MSNChatHook.dll c:\windows\system32\sysenv.dll c:\windows\system32\MSVCR71.dll c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL c:\acer\Empowering Technology\ePower\SysHook.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\acer\Empowering Technology\admServ.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\igfxext.exe c:\windows\system32\igfxsrvc.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\unsecapp.exe c:\docume~1\Mihaljev\LOCALS~1\temp\RtkBtMnt.exe . ************************************************************************ . Completion time: 2009-05-13 7:59 - machine was rebooted ComboFix-quarantined-files.txt 2009-05-13 05:59 ComboFix2.txt 2009-05-12 19:24 Pre-Run: 9.067.864.064 bytes free Post-Run: 8.969.547.776 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 260

Profil

dr_Bora Poslao: 13 Maj 2009 16:23 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5fa038ce-ba50-11dd-ab4a-801ebbc96233}] File:: c:\documents and settings\Mihaljev\Local Settings\Application Data\cp_setup_assist.exe` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. ------------------------------------------------------------------------------------- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » USB problem

Ko je trenutno na forumu

Ukupno su 936 korisnika na forumu :: 19 registrovanih, 3 sakrivenih i 914 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: aleksmajstor, cenejac111, darkangel, dekan.m, djboj, doom83, FileFinder, Georgius, Koridor, Kubovac, laki_bb, mercedesamg, Oscar, Sir Budimir, Tvrtko I, vasa.93, vathra, Vlajman1957, yufighter

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by