Možda tražite i:
Provera loga
Provera racunara da li je zarazen
Provera
Provera ispravnosti grejaca na boljeru

MyCity » Ambulanta -> Arhiva Ambulante » Provera

Provera

Napisano na dan: 6.9.2008

Provera

Sledeća strana

Pagination

Odgovori

vasa.93 Poslao: 06 Sep 2008 00:37 Idi na vrh
offline vasa.93 Moderator foruma Milan Pridružio: 17 Dec 2007 Poruke: 14811 Gde živiš: Niš	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Komp mi u poslednje vreme sporije radi Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:32:08, on 6.9.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\WINDOWS\RTHDCPL.EXE E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe E:\Program Files\Opera\opera.exe E:\Program Files\Valve\hl.exe C:\Documents and Settings\Mr.Vasa\Desktop\New Folder (2)\TR3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - E:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live pomagač za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file) O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Sys32] c:\WINDOWS\Sys32.exe O4 - HKLM\..\Run: [HService] c:\WINDOWS\msservice.exe O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Download by Orbit - res://E:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://E:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Append to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Do&wnload selected by Orbit - res://E:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://E:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{94046C65-F5DC-47B0-B0AD-C7ABFC3728E6}: NameServer = 10.1.1.10,10.1.1.11 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 9065 bytes

Profil

bobby Poslao: 06 Sep 2008 00:39 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

vasa.93 Poslao: 06 Sep 2008 00:45 Idi na vrh
offline vasa.93 Moderator foruma Milan Pridružio: 17 Dec 2007 Poruke: 14811 Gde živiš: Niš	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-09-04.09 - Mr.Vasa 2008-09-06 0:39:21.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.1568 [GMT 2:00] Running from: C:\Documents and Settings\Mr.Vasa\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Mr.Vasa\Application Data\.# C:\WINDOWS\backup.dll C:\WINDOWS\msservice.exe C:\WINDOWS\sys32.exe . ((((((((((((((((((((((((( Files Created from 2008-08-05 to 2008-09-05 ))))))))))))))))))))))))))))))) . 2008-09-04 22:56 . 2008-09-04 22:56 <DIR> d-------- C:\WINDOWS\system32\QuickTime 2008-09-04 22:56 . 2001-09-27 21:41 4,206,080 --a------ C:\WINDOWS\system32\QuickTime.qts 2008-09-04 22:56 . 2001-09-27 21:41 2,017,280 --a------ C:\WINDOWS\system32\QuickTimeMusicalInstruments.qtx 2008-09-04 22:56 . 1997-08-21 14:44 345,600 --a------ C:\WINDOWS\system32\Qtim32.dll 2008-09-04 22:56 . 2001-09-27 20:41 287,232 --a------ C:\WINDOWS\system32\QuickTime.cpl 2008-09-04 22:56 . 1996-08-26 04:12 93,696 --a------ C:\WINDOWS\system32\Qtole32.dll 2008-09-04 22:56 . 2001-11-28 16:43 53,985 --a------ C:\WINDOWS\system32\QuickTime.qtp 2008-09-04 15:27 . 2008-09-04 15:44 <DIR> d-------- C:\Documents and Settings\Mr.Vasa\Application Data\TypingMaster7 2008-09-02 23:31 . 2008-09-02 23:31 <DIR> d-------- C:\Program Files\SweetIM 2008-09-02 23:31 . 2008-09-02 23:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SweetIM 2008-09-02 18:44 . 2008-04-14 05:41 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2008-09-02 18:44 . 2008-04-14 05:41 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll 2008-09-02 18:44 . 2008-04-14 00:09 14,592 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2008-09-02 18:44 . 2008-04-14 00:09 14,592 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys 2008-09-02 18:44 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-09-02 18:44 . 2001-08-17 13:48 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys 2008-08-31 15:15 . 2008-08-31 15:15 0 --a------ C:\WINDOWS\nsreg.dat 2008-08-23 12:23 . 2008-05-01 16:33 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll 2008-08-23 12:10 . 2008-04-11 21:04 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll 2008-08-22 19:58 . 2001-08-17 13:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS 2008-08-22 19:58 . 2001-08-17 13:56 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys 2008-08-10 14:53 . 2008-08-10 14:53 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy 2008-08-10 14:21 . 2008-08-10 14:21 <DIR> d-------- C:\Documents and Settings\Mr.Vasa\Application Data\ACD Systems 2008-08-10 14:20 . 2008-08-10 14:20 <DIR> d-------- C:\Program Files\Common Files\ACD Systems 2008-08-10 14:20 . 2008-08-10 14:20 <DIR> d-------- C:\Program Files\ACD Systems 2008-08-10 14:20 . 2008-08-10 14:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-08-09 21:04 . 2008-08-09 21:04 268 --ah----- C:\sqmdata11.sqm 2008-08-09 21:04 . 2008-08-09 21:04 244 --ah----- C:\sqmnoopt11.sqm 2008-08-09 20:21 . 2008-08-09 20:21 268 --ah----- C:\sqmdata10.sqm 2008-08-09 20:21 . 2008-08-09 20:21 244 --ah----- C:\sqmnoopt10.sqm 2008-08-09 20:20 . 2005-05-03 12:43 69,632 -r------- C:\WINDOWS\Alcmtr.exe 2008-08-09 13:59 . 2008-08-09 13:59 268 --ah----- C:\sqmdata09.sqm 2008-08-09 13:59 . 2008-08-09 13:59 244 --ah----- C:\sqmnoopt09.sqm 2008-08-07 16:33 . 2008-08-07 16:39 921,632 --a------ C:\PA7302.DAT 2008-08-07 16:31 . 2008-08-07 16:31 <DIR> d-------- C:\WINDOWS\PixArt 2008-08-07 16:31 . 2008-08-07 16:31 <DIR> d-------- C:\Program Files\Common Files\Pac7302 2008-08-07 16:31 . 2008-08-07 16:31 <DIR> d-------- C:\Program Files\Common Files\i-Look 317 2008-08-07 16:31 . 2007-06-14 18:34 457,856 --a------ C:\WINDOWS\system32\drivers\PAC7302.SYS 2008-08-07 16:31 . 2007-05-17 15:50 129,024 --a------ C:\WINDOWS\system32\SP7302.ax 2008-08-07 16:31 . 2006-10-12 11:57 14,336 --a------ C:\WINDOWS\system32\P7302USD.dll 2008-08-07 16:31 . 2006-11-20 09:04 6,656 --a------ C:\WINDOWS\system32\CoInst_070614.dll 2008-08-07 16:31 . 2007-07-05 10:37 566 --a------ C:\WINDOWS\system32\SP7302.ini 2008-08-07 16:31 . 2008-05-31 15:31 302 --a------ C:\WINDOWS\system32\Remover.ini 2008-08-07 16:23 . 2008-04-14 00:15 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys 2008-08-07 16:23 . 2008-04-14 00:15 60,032 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys 2008-08-07 16:22 . 2008-04-14 00:15 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-08-07 16:22 . 2008-04-14 00:15 32,128 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-04 21:02 --------- d-----w C:\Documents and Settings\Mr.Vasa\Application Data\Orbit 2008-08-23 13:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-08-09 18:20 --------- d-----w C:\Program Files\Realtek 2008-08-07 14:31 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-07 09:50 --------- d-----w C:\Program Files\Windows Live 2008-08-07 09:44 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller 2008-08-01 11:23 --------- d-----w C:\Program Files\Java 2008-08-01 11:19 --------- d-----w C:\Program Files\Common Files\Java 2008-07-26 22:03 --------- d-----w C:\Program Files\Valve 2008-07-26 12:50 --------- d-----w C:\Documents and Settings\Mr.Vasa\Application Data\Avira 2008-07-23 16:13 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-07-23 12:29 --------- d-----w C:\Program Files\Sierra On-Line 2008-07-23 10:27 --------- d-----w C:\Program Files\Common Files\Adobe 2008-07-20 11:47 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-07-20 10:29 20 ----a-w C:\sccfg.sys 2008-07-19 17:28 --------- d-----w C:\Documents and Settings\Mr.Vasa\Application Data\Xilisoft Corporation 2008-07-19 12:09 --------- d-----w C:\Documents and Settings\Mr.Vasa\Application Data\Xfire 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll 2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll 2008-07-15 13:54 --------- d-----w C:\Documents and Settings\Mr.Vasa\Application Data\GrabPro 2008-07-12 12:22 --------- d-----w C:\Documents and Settings\Mr.Vasa\Application Data\Winamp 2008-07-11 15:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-07-11 15:16 --------- d-----w C:\Program Files\Common Files\Macrovision Shared 2008-07-11 11:44 --------- d-----w C:\Program Files\NCH Software 2008-07-11 11:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\NCH Swift Sound 2008-07-09 18:18 --------- d-----w C:\Documents and Settings\Mr.Vasa\Application Data\Media Player Classic 2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-07-01 15:45 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-06-26 20:09 42,320 ----a-w C:\WINDOWS\system32\xfcodec.dll 2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-23 15:09 666,112 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-03-27 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-03-27 14:12 1164600 --a------ C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 8466432] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 81920] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [2008-07-17 266497] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "PAC7302_Monitor"="C:\WINDOWS\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488] "GrooveMonitor"="E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2008-03-27 111928] "nwiz"="nwiz.exe" [2007-06-29 C:\WINDOWS\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-11-14 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-07-23 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll "VIDC.XFR1"= xfcodec.dll "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] --a------ 2008-01-11 19:54 623992 E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 22:16 39792 E:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2007-08-24 07:00 33648 E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegDoctor] --a------ 2008-05-23 20:56 178688 E:\Program Files\RegDoctor\RegDoctor.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "E:\\Program Files\\Orbitdownloader\\orbitdm.exe"= "E:\\Program Files\\Orbitdownloader\\orbitnet.exe"= "E:\\Program Files\\Valve\\hl.exe"= "E:\\Program Files\\Xfire\\xfire.exe"= "E:\\SIERRA\\Half-Life\\hl.exe"= "E:\\Program Files\\Valve\\hlds.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "E:\\Program Files\\NFS Underground 2\\speed2.exe"= R2 AntiVirMailService;AntiVir PersonalEdition Premium MailGuard;C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe [2008-07-17 164097] R2 antivirwebservice;Avira AntiVir Premium WebGuard;C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE [2008-07-17 258305] R2 AVEService;AntiVir PersonalEdition Premium MailGuard helper service;C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe [2008-07-17 41217] R3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 30336] R3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 FT3296;USB FORCE RACER;C:\WINDOWS\system32\DRIVERS\FT3296.sys [ ] S3 PAC7302;i-Look 317;C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856] Newly Created Service - CATCHME Newly Created Service - PROCEXP90 . - - - - ORPHANS REMOVED - - - - HKLM-Run-Sys32 - c:\WINDOWS\Sys32.exe HKLM-Run-HService - c:\WINDOWS\msservice.exe MSConfigStartUp-MsnMsgr - C:\Program Files\MSN Messenger\msnmsgr.exe MSConfigStartUp-Spyware Doctor - E:\Program Files\Spyware Doctor\swdoctor.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Mr.Vasa\Application Data\Mozilla\Firefox\Profiles\31a88j0h.default\ FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll FF -: plugin - E:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll FF -: plugin - E:\Program Files\Firefox\plugins\npnul32.dll FF -: plugin - E:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF -: plugin - E:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF -: plugin - E:\Program Files\Opera\program\plugins\npdsplay.dll FF -: plugin - E:\Program Files\Opera\program\plugins\NPOFF12.DLL FF -: plugin - E:\Program Files\Opera\program\plugins\NPSWF32.dll FF -: plugin - E:\Program Files\Opera\program\plugins\npwmsdrm.dll . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-06 00:40:30 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-09-06 0:41:13 ComboFix-quarantined-files.txt 2008-09-05 22:41:03 Pre-Run: 2,867,494,912 bytes free Post-Run: 2,859,737,088 bytes free 217 --- E O F --- 2008-08-23 13:39:59

Profil

bobby Poslao: 06 Sep 2008 00:48 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakva je sada situacija?

Profil

vasa.93 Poslao: 06 Sep 2008 00:51 Idi na vrh
offline vasa.93 Moderator foruma Milan Pridružio: 17 Dec 2007 Poruke: 14811 Gde živiš: Niš	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mislim da je malo bolje.

Profil

bobby Poslao: 06 Sep 2008 00:58 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to. Nema ovde vise malwarea. Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore

Profil

vasa.93 Poslao: 06 Sep 2008 01:05 Idi na vrh
offline vasa.93 Moderator foruma Milan Pridružio: 17 Dec 2007 Poruke: 14811 Gde živiš: Niš	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Definitivno bolje radi! HVALA puno!!!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera

Ko je trenutno na forumu

Ukupno su 768 korisnika na forumu :: 45 registrovanih, 7 sakrivenih i 716 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., antonije64, cavatina, ccoogg123, CikaKURE, comi_pfc, crnitrn, darkangel, deLacy, Dorcolac, dushan, Georgius, HogarStrashni, hologram, Jahorina, JOntra, Krusarac, Krvava Devetka, Kubovac, kuntalo, kybonacci, ljuba, loon123, madza, mercedesamg, Mi lao shu, MiroslavD, mnn2, NoOneEver Dreams, panzerwaffe, procesor, raptorsi, repac, Smiljke, Srle993, StepskiVuk, TheBeastOfMG, uruk, vathra, VJ, vlajkox, wolf431, xaver, YugoSlav, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by