provera loga

provera loga

offline
  • Nihlist
  • Pridružio: 28 Maj 2009
  • Poruke: 725
  • Gde živiš: Beograd

Napisano: 17 Apr 2010 23:59

DDS (Ver_10-03-17.01) - NTFSx86
Run by AMAR at 14:26:35.26 on Sat 04/17/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1232 [GMT -7:00]

AV: ESET NOD32 Antivirus 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\PixArt\PAP7501\GUCI_AVS.exe
C:\WINDOWS\PixArt\PAP7501\PACTray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FCleaner\FCleaner.exe
C:\Documents and Settings\AMAR\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\AMAR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AMAR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\AMAR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AMAR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AMAR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AMAR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dumprep.exe
C:\Documents and Settings\AMAR\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://mystart.incredimail.com/
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\amar\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [FTweakFCleaner] c:\program files\fcleaner\FCleaner.exe -a
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [GUCI_AVS] c:\windows\pixart\pap7501\GUCI_AVS.exe
mRun: [PACTray] c:\windows\pixart\pap7501\PACTray.exe
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
StartupFolder: c:\docume~1\amar\startm~1\programs\startup\gamera~1.lnk - c:\documents and settings\amar\application data\gameranger\gameranger\GameRanger.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1266376055140
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\amar\applic~1\mozilla\firefox\profiles\of6hvb2r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\amar\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2009-11-29 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2009-11-29 5248]
R0 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [2009-12-6 159616]
R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [2009-12-6 5248]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-3-23 224808]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-3-3 25160]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-2-22 114984]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-2-22 95872]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-3-23 967888]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-2-22 810120]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-4-12 54752]
R2 RtNdPt5x;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt5x.sys [2009-11-26 22016]
R2 StarWindService;StarWind iSCSI Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindService.exe [2005-4-2 217600]
R3 ham50;Intel V92 HaM Data Fax Voice;c:\windows\system32\drivers\IntelH51.sys [2009-11-27 454815]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-26 1684736]
S3 fsssvc;Usluga Windows Live Porodicna bezbednost;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 GUCI_AVS;USB2.0 VGA Video Device;c:\windows\system32\drivers\GUCI_AVS.sys [2010-3-26 595840]
S3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys [2010-1-2 53921]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features;c:\windows\system32\drivers\RTLTEAMING.SYS [2009-11-26 29440]
S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [2009-11-26 17536]
S3 WFIOCTL;WFIOCTL;c:\program files\winfast\wftvfm\WFIOCTL.sys [2009-11-27 9446]

=============== Created Last 30 ================

2010-04-12 18:41:04 0 d-----w- c:\documents and settings\amar\Tracing
2010-04-12 18:40:32 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2010-04-12 18:39:00 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-04-12 18:37:05 0 d-----w- c:\program files\Windows Live SkyDrive
2010-04-12 16:26:43 0 d-----w- c:\docume~1\amar\applic~1\FTWeak
2010-04-12 16:26:36 0 d-----w- c:\docume~1\alluse~1\applic~1\FTWeak
2010-04-12 16:26:33 0 d-----w- c:\program files\FCleaner
2010-04-12 15:32:22 0 d-----w- c:\program files\NRadioBox
2010-04-11 19:10:58 0 d-----w- c:\docume~1\amar\applic~1\Mount&Blade Warband
2010-04-11 18:41:41 0 d-----w- c:\program files\Mount&Blade Warband
2010-04-10 08:50:42 0 d-----w- c:\docume~1\amar\applic~1\GameRanger
2010-04-10 07:45:05 0 d-----w- c:\docume~1\amar\applic~1\Malwarebytes
2010-04-10 07:44:53 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-10 07:44:50 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-10 07:44:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-04-10 07:44:48 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-10 07:36:15 0 d-----w- c:\docume~1\alluse~1\applic~1\Comodo Downloader
2010-04-10 07:34:47 0 d-----w- c:\docume~1\alluse~1\applic~1\COMODO
2010-04-10 07:31:37 0 d-----w- c:\program files\COMODO
2010-04-10 06:40:11 0 d-----w- c:\program files\SpeedFan
2010-04-10 06:40:09 45 ----a-w- c:\windows\system32\initdebug.nfo
2010-04-09 12:54:04 0 d-----w- c:\program files\common files\Windows Live
2010-04-09 12:53:27 0 d-----w- c:\program files\Trend Micro
2010-04-09 12:53:13 0 d-----w- c:\program files\Microsoft
2010-04-09 12:44:09 0 d-----w- c:\docume~1\amar\applic~1\Windows Search
2010-04-09 12:43:57 0 d-----w- c:\docume~1\amar\applic~1\Windows Desktop Search
2010-04-09 12:43:18 0 d-----w- c:\windows\system32\GroupPolicy
2010-04-09 12:43:18 0 d-----w- c:\program files\Windows Desktop Search
2010-04-09 12:42:29 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-04-09 12:42:29 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-04-09 12:42:29 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-04-09 12:42:00 0 d-----w- c:\program files\Windows Media Connect 2
2010-04-09 12:41:24 0 d-----w- c:\docume~1\alluse~1\applic~1\PhotoMail
2010-04-09 12:41:22 0 d-----w- c:\program files\PhotoMail Maker
2010-04-09 12:40:12 0 d-----w- c:\program files\IncrediMail
2010-04-09 12:40:12 0 d-----w- c:\docume~1\alluse~1\applic~1\IncrediMail
2010-04-09 12:40:12 0 d-----w- c:\docume~1\alluse~1\applic~1\IM
2010-04-09 12:38:16 0 d-----w- c:\windows\system32\URTTEMP
2010-04-09 11:20:26 0 d-----w- c:\windows\system32\scripting
2010-04-09 11:20:26 0 d-----w- c:\windows\l2schemas
2010-04-09 11:20:25 0 d-----w- c:\windows\system32\en
2010-04-09 11:20:25 0 d-----w- c:\windows\system32\bits
2010-04-09 11:15:11 0 d-----w- c:\windows\network diagnostic
2010-04-09 10:54:42 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2010-04-09 10:19:17 0 d-----w- c:\program files\ESET
2010-03-31 09:00:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2010-03-26 16:56:51 7168 ----a-w- c:\windows\system32\COINST_080603.dll
2010-03-26 16:56:51 595840 ----a-w- c:\windows\system32\drivers\GUCI_AVS.sys
2010-03-26 16:56:51 2207 ----a-w- c:\windows\system32\GUCI_AVS.ini
2010-03-26 16:56:50 114688 ----a-w- c:\windows\system32\PixArt.ax
2010-03-26 16:56:48 180736 ----a-w- c:\windows\system32\GUCI_AVS.ax
2010-03-26 16:56:48 14336 ----a-w- c:\windows\system32\GUCI_AVS.dll
2010-03-26 16:56:48 0 d-----w- c:\windows\PixArt
2010-03-26 16:56:48 0 d-----w- c:\program files\common files\PAP7501
2010-03-26 16:56:06 60032 ----a-w- c:\windows\system32\drivers\usbaudio.sys
2010-03-26 16:55:36 20992 ----a-w- c:\windows\system32\dshowext.ax
2010-03-26 16:55:36 121984 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-03-26 16:55:31 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-03-25 21:34:43 0 d-sh--w- c:\documents and settings\amar\PrivacIE
2010-03-25 03:58:51 94208 ----a-w- c:\windows\amcap.exe
2010-03-24 01:40:00 224808 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-03-22 02:29:28 0 d-sh--w- c:\documents and settings\amar\IECompatCache

==================== Find3M ====================

2010-04-10 18:33:00 5430 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-04-10 09:18:45 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-04-10 09:18:38 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-04 00:54:42 276648 ----a-w- c:\windows\system32\guard32.dll
2010-03-04 00:54:14 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-03-04 00:54:12 15376 ----a-w- c:\windows\system32\drivers\cmderd.sys
2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11:07 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-22 23:51:10 95872 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2010-02-22 23:50:06 114984 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-02-22 23:47:20 139192 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-02-16 14:08:49 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25:04 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll

============= FINISH: 14:28:36.31 ===============

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 18 Apr 2010 0:00

uh zaboravi,komp mi se sam restartovo nekoliko puta i pri startovanju windowsa javlja mi eror>ako nije do virusa otvoricu temu u windows

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Nece biti da je do virusa.

Ko je trenutno na forumu
 

Ukupno su 948 korisnika na forumu :: 35 registrovanih, 6 sakrivenih i 907 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., ajo baba, antonije64, babaroga, bojcistv, bokisha253, Boris90, Brana01, Cassius Clay, Dorcolac, DPera, Georgius, hooraay, Karla, Krvava Devetka, Metanoja, milimoj, milos.cbr, milutin134, Misirac, Mixelotti, procesor, S2M, sasa87, Srle993, Steeeefan, stegonosa, theNedjeljko, vathra, vladulns, Yugol33, zbazin, zlaya011, |_MeD_|, 79693