MyCity » Ambulanta -> Arhiva Ambulante » internet non-stop

internet non-stop

Napisano na dan: 15.1.2008

internet non-stop

Sledeća strana

Pagination

Odgovori

gishkakg Poslao: 15 Jan 2008 08:49 Idi na vrh
offline gishkakg Novi MyCity građanin Pridružio: 15 Jan 2008 Poruke: 1	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zamolio bih vas za pomoc, naime internet mi je non stop aktivan i neznam sta da radim, verovatno mi se uvukao neki trojanac koga sam bezuspesno otklonio. u prilog saljem log file Logfile of HijackThis v1.99.1 Scan saved at 7:10:11 AM, on 1/16/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\_avgas.exe C:\Program Files\DAEMON Tools\daemon .exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\totalcmd\TOTALCMD.EXE F:\install\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = crawler.com/search/ie.aspx?tb_id=60327 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = dnl.crawler.com/support/sa_customize.aspx?TbId=60327 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = winamp.com/support/help/50/ R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\_avgas.exe" /minimized O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon .exe" -lang 1033 O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?864652db6ba549eaa2a2026b08534435 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?864652db6ba549eaa2a2026b08534435 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: yvjjeduc - C:\WINDOWS\ O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe Dopuna: 15 Jan 2008 7:50 evo saljem log file combo fix-a mozda ce vam biti od pomoci ComboFix 08-01-15.4 - Gilera 2008-01-16 7:31:07.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.925 [GMT 1:00] Running from: F:\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\storageprotector C:\Documents and Settings\All Users\Application Data\storageprotector\Data\em C:\Documents and Settings\All Users\Application Data\storageprotector\Data\oid C:\Documents and Settings\All Users\Application Data\storageprotector\Data\user C:\WINDOWS\system32\egjlm.ini2 C:\WINDOWS\system32\jbfkqfds.dll C:\WINDOWS\system32\pqstv.ini C:\WINDOWS\system32\pqstv.ini2 C:\WINDOWS\system32\vbxpdwyn.dll C:\WINDOWS\system32\yvjjeduc.dllbox . ((((((((((((((((((((((((( Files Created from 2007-12-16 to 2008-01-16 ))))))))))))))))))))))))))))))) . 2008-01-16 07:30 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-16 02:11 . 2003-09-24 09:44 1,230,336 -ra------ C:\WINDOWS\system32\MSXML4.dll 2008-01-16 02:11 . 2003-09-24 09:43 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll 2008-01-16 02:11 . 2003-09-24 09:43 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll 2008-01-16 02:11 . 2003-09-24 09:43 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll 2008-01-16 02:11 . 2003-09-24 09:44 82,432 -ra------ C:\WINDOWS\system32\MSXML4r.dll 2008-01-16 02:11 . 2003-09-24 09:44 44,544 -ra------ C:\WINDOWS\system32\MSXML4a.dll 2008-01-16 01:33 . 2008-01-16 01:33 82,380 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS 2008-01-16 01:32 . 2008-01-16 01:32 <DIR> d-------- C:\Program Files\HP 2008-01-16 01:32 . 2008-01-16 01:33 <DIR> d-------- C:\Program Files\Hewlett-Packard 2008-01-16 01:32 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-01-16 01:31 . 2008-01-16 01:34 236,082 --a------ C:\WINDOWS\hpdj5100.his 2008-01-16 01:31 . 2008-01-16 01:34 11,975 --a------ C:\WINDOWS\hpdj5100.ini 2008-01-16 01:27 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2008-01-16 01:27 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys 2008-01-16 00:58 . 2008-01-16 00:58 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\Nokia 2008-01-16 00:56 . 2008-01-16 00:57 <DIR> d-------- C:\Program Files\Nokia 2008-01-16 00:56 . 2008-01-16 00:56 <DIR> d-------- C:\Program Files\DIFX 2008-01-16 00:56 . 2008-01-16 00:56 <DIR> d-------- C:\Program Files\Common Files\PCSuite 2008-01-16 00:56 . 2008-01-16 00:56 <DIR> d-------- C:\Program Files\Common Files\Nokia 2008-01-16 00:56 . 2008-01-16 00:56 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\PC Suite 2008-01-16 00:56 . 2008-01-16 00:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite 2008-01-16 00:56 . 2006-05-29 08:26 127,488 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2008-01-16 00:56 . 2006-05-29 08:26 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll 2008-01-16 00:56 . 2006-05-29 08:26 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2008-01-16 00:56 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2008-01-16 00:56 . 2006-05-29 08:26 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys 2008-01-16 00:56 . 2006-05-29 08:26 8,704 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2008-01-16 00:56 . 2006-05-29 08:26 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll 2008-01-16 00:55 . 2008-01-16 00:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-01-15 19:28 . 2008-01-15 19:28 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\Grisoft 2008-01-15 19:27 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-01-15 16:25 . 2008-01-15 16:25 <DIR> d-------- C:\WINDOWS\ERUNT 2008-01-15 16:17 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-01-15 16:17 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-01-15 16:17 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-01-15 16:17 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-01-15 16:17 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-01-15 16:17 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-01-15 15:49 . 2008-01-15 15:53 5,400,054 --a------ C:\WINDOWS\ACD Wallpaper.bmp 2008-01-15 15:32 . 2008-01-15 16:17 2,346 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-15 15:02 . 2008-01-15 15:02 <DIR> d-------- C:\Program Files\Lavasoft 2008-01-15 15:02 . 2008-01-15 15:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-01-15 07:02 . 2008-01-15 14:29 <DIR> d-------- C:\Program Files\Trojan Remover 2008-01-15 07:02 . 2008-01-15 07:02 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\Simply Super Software 2008-01-15 06:50 . 2008-01-15 14:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-01-15 05:36 . 2008-01-16 04:40 <DIR> d-------- C:\Program Files\WinClamAVShield 2008-01-15 05:33 . 2008-01-15 05:33 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2008-01-15 05:12 . 2008-01-15 15:59 <DIR> d-------- C:\Program Files\Spyware Terminator 2008-01-15 05:12 . 2008-01-15 05:12 <DIR> d-------- C:\Program Files\Crawler 2008-01-15 05:12 . 2008-01-16 04:35 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\Spyware Terminator 2008-01-15 05:12 . 2008-01-15 15:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2008-01-14 19:27 . 2008-01-14 20:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2008-01-14 19:27 . 2008-01-15 15:02 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-01-14 19:27 . 2008-01-14 19:27 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\SUPERAntiSpyware.com 2008-01-14 19:27 . 2008-01-14 19:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-01-14 19:22 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll 2008-01-14 19:16 . 2008-01-15 19:23 <DIR> d-------- C:\Program Files\Enigma Software Group 2008-01-14 18:29 . 2008-01-15 19:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-01-14 17:57 . 2008-01-15 06:48 <DIR> d-------- C:\Program Files\Advanced Spyware Remover Pro 2008-01-14 17:57 . 2008-01-14 17:58 10,048 --a------ C:\WINDOWS\system32\mspriv32.dll 2008-01-14 17:48 . 2008-01-14 17:48 <DIR> d-------- C:\Program Files\Error Repair Professional 2008-01-14 17:19 . 2008-01-14 17:19 <DIR> d-------- C:\Program Files\TimeAdjuster 2008-01-13 16:26 . 2008-01-13 16:26 <DIR> d-------- C:\Program Files\Windows Live Favorites 2008-01-13 16:25 . 2008-01-13 16:25 <DIR> d-------- C:\Program Files\Real 2008-01-13 16:25 . 2008-01-13 16:25 <DIR> d-------- C:\Documents and Settings\Gilera\Contacts 2008-01-13 16:24 . 2008-01-13 16:26 <DIR> d-------- C:\Program Files\Windows Live Toolbar 2008-01-13 16:24 . 2008-01-13 16:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar 2008-01-13 16:23 . 2008-01-16 00:56 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-01-13 16:23 . 2008-01-15 05:21 <DIR> d-------- C:\Program Files\MSN Messenger 2008-01-13 00:41 . 2008-01-13 00:41 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7 2008-01-13 00:41 . 2008-01-15 16:37 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\AVG7 2008-01-13 00:39 . 2008-01-13 00:39 155,648 --a------ C:\WINDOWS\system32\NeroCheck .exe 2008-01-13 00:16 . 2008-01-14 20:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7 2008-01-12 23:24 . 2008-01-12 23:24 <DIR> d-------- C:\Program Files\uTorrent 2008-01-12 23:24 . 2008-01-16 07:08 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\uTorrent 2008-01-12 23:11 . 2008-01-12 23:11 1,158 --a------ C:\WINDOWS\mozver.dat 2008-01-12 23:03 . 2008-01-12 23:03 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2008-01-12 21:39 . 2008-01-12 21:39 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire 2008-01-12 21:32 . 2008-01-16 04:35 <DIR> d-------- C:\Program Files\Xfire 2008-01-12 21:32 . 2008-01-16 06:53 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\Xfire 2008-01-12 21:05 . 2008-01-12 21:05 0 --a------ C:\WINDOWS\nsreg.dat 2008-01-12 21:02 . 2008-01-12 21:02 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-01-12 21:02 . 2008-01-16 04:56 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-01-12 21:02 . 2008-01-12 21:39 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-01-12 21:02 . 2008-01-16 04:57 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-01-12 21:02 . 2008-01-12 21:02 22,328 --a------ C:\Documents and Settings\Gilera\Application Data\PnkBstrK.sys 2008-01-12 21:01 . 2008-01-12 21:01 311 --a------ C:\WINDOWS\game.ini 2008-01-12 20:52 . 2008-01-12 20:52 <DIR> d--hs---- C:\WINDOWS\ftpcache 2008-01-12 20:12 . 2008-01-12 20:12 <DIR> d-------- C:\Documents and Settings\Gilera\Application Data\ACD Systems 2008-01-12 20:00 . 2004-08-04 01:56 74,240 --a------ C:\WINDOWS\system32\usbui.dll 2008-01-12 20:00 . 2008-01-12 19:27 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-01-11 01:29 . 2008-01-11 01:29 54,608 --a------ C:\WINDOWS\system32\xfcodec.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-14 17:24 158,208 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\MSConfig .exe 2008-01-12 23:39 --------- d-----w C:\Program Files\DAEMON Tools 2008-01-12 20:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-12 18:54 --------- d-----w C:\Program Files\Winamp 2008-01-12 18:54 --------- d-----w C:\Program Files\DFX 2008-01-12 18:53 --------- d-----w C:\Program Files\Microsoft ActiveSync 2008-01-12 18:50 223,128 ----a-w C:\WINDOWS\system32\drivers\dtscsi.sys 2008-01-12 18:48 --------- d-----w C:\Program Files\Nero 2008-01-12 18:48 --------- d-----w C:\Program Files\Common Files\Ahead 2008-01-12 18:48 --------- d-----w C:\Documents and Settings\Gilera\Application Data\Ahead 2008-01-12 18:47 --------- d-----w C:\Program Files\Java 2008-01-12 18:46 --------- d-----w C:\Program Files\Common Files\Java 2008-01-12 18:44 262,883 ----a-w C:\WINDOWS\IPUI_DivXG400.exe 2008-01-12 18:44 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-01-12 18:39 65,856 ----a-w C:\WINDOWS\system32\drivers\snapman.sys 2008-01-12 18:39 --------- d-----w C:\Program Files\Common Files\Acronis 2008-01-12 18:39 --------- d-----w C:\Program Files\Acronis 2008-01-12 18:35 639,224 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-01-12 18:35 --------- d-----w C:\Program Files\MozBackup 2008-01-12 18:34 --------- d-----w C:\Program Files\MainConcept 2008-01-12 18:34 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-01-12 18:33 --------- d-----w C:\Program Files\Common Files\ACD Systems 2008-01-12 18:33 --------- d-----w C:\Program Files\ACD Systems 2008-01-12 18:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-01-12 18:27 --------- d-----w C:\Program Files\Realtek 2008-01-12 18:08 --------- d-----w C:\Program Files\microsoft frontpage . `<pre> ----a-w 133,016 2008-01-12 23:39:12 C:\Program Files\DAEMON Tools\daemon .exe ----a-w 36,975 2008-01-12 23:39:11 C:\Program Files\Java\jre1.5.0_06\bin\jusched .exe ----a-w 158,208 2008-01-14 17:24:32 C:\WINDOWS\pchealth\helpctr\binaries\MSConfig .exe ----a-w 155,648 2008-01-12 23:39:11 C:\WINDOWS\system32\NeroCheck .exe </pre>` ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 16:21 1449984] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 02:07 110592 C:\WINDOWS\system32\bthprops.cpl] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-07-23 03:34 8466432] "nwiz"="nwiz.exe" [2007-07-23 03:34 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-07-23 03:34 81920] "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 07:54 16248320 C:\WINDOWS\RTHDCPL.exe] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-14 20:24 579072] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-01-15 05:16 2834432] "AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53 88024] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\_avgas.exe" [2008-01-15 19:34 6731312] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon .exe" [2008-01-13 00:39 133016] "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-06-15 12:36 229376] "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 11:24 49152] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 19:51 233472] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 14:43 188416] "DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 18:37 229437] "Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe" [2007-08-28 19:03 4579328] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-14 20:24 219136] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yvjjeduc] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] C:\WINDOWS\system32\mljge.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UGES_0001_N122M2111] C:\DOCUME~1\Gilera\LOCALS~1\Temp\qrjatydi.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] -r------- 2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wuauserv"=2 (0x2) "wscsvc"=2 (0x2) R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-15 05:33] . Contents of the 'Scheduled Tasks' folder "2008-01-16 06:05:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE "2008-01-16 01:21:01 C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#deskjet5100#MY44S4P0JD7A.job" - C:\Program Files\HP\hpcoretech\comp\hpdarc.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-01-16 07:41:12 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . Completion time: 2008-01-16 7:42:04 ComboFix-quarantined-files.txt 2008-01-16 06:41:56 Dopuna: 15 Jan 2008 8:14 inace koristim sbb flat internet konekciju Dopuna: 15 Jan 2008 8:49 e ljudi mnogo sam dosadan, al sta da radim,odgovotite pleaseeeeee posto sam na flat-u dosta koristim torrente i od velike mi je vaznosti da resim ovaj problem jer mi neko sr* vuce dosta download pozzzzz

Profil

dr_Bora Poslao: 15 Jan 2008 23:47 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Samo strpljivo... Mi ponekada i spavamo, radimo i sl. OK? Skini sledeci program: http://files.thespykiller.co.uk/catchme.exe Pokreni ga i pređi na Script tab. U prozor programa kopiraj tekst koji se nalazi unutar kod polja: `files: C:\Program Files\DAEMON Tools\daemon .exe C:\Program Files\Java\jre1.5.0_06\bin\jusched .exe C:\WINDOWS\pchealth\helpctr\binaries\MSConfig .exe C:\WINDOWS\system32\NeroCheck .exe` Klikni Run. Uploaduj mi file catchme.zip koji će se nalaziti na desktopu preko sledeće forme: http://www.mycity.rs/ambulanta-upload.php Javi kada odradiš upload... Dopuna: 15 Jan 2008 23:47 Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yvjjeduc] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UGES_0001_N122M2111]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Takođe, reci mi kakvo je sada stanje.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » internet non-stop

Ko je trenutno na forumu

Ukupno su 619 korisnika na forumu :: 10 registrovanih, 1 sakriven i 608 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bojank, darkojbn, draggan, dragoljub11987, Koridor, Milometer, MilosKop, Mixelotti, Shilok, slonic_tonic

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by