MyCity » Ambulanta -> Arhiva Ambulante » :(

:(

Napisano na dan: 17.3.2009

:(

Sledeća strana

Pagination

Odgovori

smrdojko Poslao: 17 Mar 2009 12:50 Idi na vrh
offline smrdojko Novi MyCity građanin Pridružio: 17 Mar 2009 Poruke: 5 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! brljavi mi komp skroz .. kav mi prijavljuje " database load error" ....ne mogu da skeniram komp. ugasi mi se uvek scan.restartuje se ponekad. i sve sto upalim mi ugasi. Logfile of HijackThis v1.99.1 Scan saved at 12:39:30 PM, on 3/17/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe C:\Program Files\Winamp\winampa.exe C:\Documents and Settings\Pekyi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Curse\CurseClient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Tenable\Nessus\nessusd.exe C:\Documents and Settings\Pekyi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Pekyi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Pekyi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\Pekyi\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Pekyi\Desktop\Instalacije\HijackThis\tr3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.conduit.com?SearchSource=10&ctid=CT1700389 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = defaulthomepage.info R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll O1 - Hosts: 79.101.72.150 moonlight-wow.sytes.net O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Ulead Photo Express Calendar Checker] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe O4 - HKLM\..\Run: [Cimbaljevic Screenshot maker v1.5.exe] Cimbaljevic Screenshot maker v1.5.exe O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\DAEMON Tools SearchBar\whse.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t O4 - HKCU\..\Run: [Avi Player] "C:\Program Files\Avi Player\AviPlayer.exe" hmw O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pekyi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: Tenable Nessus - Tenable Network Security - C:\Program Files\Tenable\Nessus\nessusd.exe O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.10\bin\httpd.exe" -k runservice (file missing) O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe

Profil

argus Poslao: 17 Mar 2009 13:14 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! * Klikni desnim tasterom na Kaspersky ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Pause Protection. * U prozoru koji se otvori, izaberi By User Request. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

smrdojko Poslao: 17 Mar 2009 13:39 Idi na vrh
offline smrdojko Novi MyCity građanin Pridružio: 17 Mar 2009 Poruke: 5 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-03-15.01 - Pekyi 2009-03-17 13:25:49.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.586 [GMT 1:00] Running from: c:\documents and settings\Pekyi\Desktop\ComboFix.exe AV: Kaspersky Anti-Virus On-access scanning disabled (Updated) FW: Kaspersky Anti-Virus disabled * Created a new restore point . /wow section - STAGE 32 The system cannot find the path specified. The system cannot find the path specified. The system cannot find the path specified. The system cannot find the path specified. Could Not Find c:\combofix\temp03 ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\ADAPT_Installer.exe c:\windows\Readme.txt . ((((((((((((((((((((((((( Files Created from 2009-02-17 to 2009-03-17 ))))))))))))))))))))))))))))))) . 2009-03-07 11:35 . 2009-03-07 11:35 47,616 --a------ c:\windows\system32\drivers\Haspnt.sys 2009-03-07 11:35 . 2009-03-07 11:35 6,656 --a------ c:\windows\system32\haspvdd.dll 2009-03-07 11:35 . 2008-07-20 04:01 2,577 --a------ c:\windows\system32\config.hsp 2009-03-07 11:35 . 2009-03-07 11:35 383 --a------ c:\windows\system32\haspdos.sys 2009-03-07 11:34 . 2009-03-07 11:34 <DIR> d-------- c:\windows\Downloaded Installations 2009-03-07 11:34 . 2009-03-07 11:34 <DIR> d-------- c:\program files\SafeNet Sentinel 2009-03-07 11:34 . 2009-03-07 11:34 <DIR> d-------- c:\program files\Common Files\SafeNet Sentinel 2009-03-07 11:34 . 2004-07-14 12:54 676,864 --a------ c:\windows\system32\drivers\hardlock.sys 2009-03-07 11:19 . 2009-03-07 11:19 <DIR> d-------- c:\program files\ART Inc 2009-02-27 20:36 . 2008-02-07 17:10 <DIR> d--h----- C:\ckis . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-17 12:31 43,180,064 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-03-17 12:31 1,590,816 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-03-17 12:19 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-03-17 11:41 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-03-17 11:33 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-03-17 11:33 --------- d-----w c:\program files\SpeedBit Video Accelerator 2009-03-17 11:32 --------- d-----w c:\documents and settings\Pekyi\Application Data\Skype 2009-03-17 11:24 592,484 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-03-17 11:24 150,704 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-03-17 11:23 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-17 11:22 --------- d-----w c:\documents and settings\Pekyi\Application Data\skypePM 2009-03-17 11:15 --------- d-----w c:\program files\Counter-Strike 1.6 2009-03-17 05:32 --------- d-----w c:\program files\Mozilla Firefox 3 Beta 5 2009-03-16 12:25 --------- d-----w c:\program files\Warcraft III 2009-03-16 12:07 --------- d-----w c:\program files\Garena 2009-03-06 18:48 --------- d-----w c:\program files\Winamp 2009-03-04 13:43 --------- d-----w c:\program files\IsoBuster 2009-02-09 10:19 1,846,272 ----a-w c:\windows\system32\win32k.sys 2009-02-03 19:37 --------- d-----w c:\program files\PremiumSoft 2009-02-03 16:55 89,601 ----a-w c:\windows\system32\drivers\klick.dat 2009-02-03 16:55 101,287 ----a-w c:\windows\system32\drivers\klin.dat 2009-02-02 19:17 --------- d-----w c:\program files\ffdshow 2009-01-30 12:23 34 ----a-w c:\documents and settings\Pekyi\jagex_runescape_preferences.dat 2009-01-28 15:51 --------- d-----w c:\documents and settings\All Users\Application Data\Electronic Arts 2009-01-22 00:49 --------- d-----w c:\program files\VirtualDJ 2009-01-08 02:35 410,984 ----a-w c:\windows\system32\deploytk.dll 2008-11-26 15:57 35,488 ----a-w c:\documents and settings\Pekyi\Application Data\GDIPFONTCACHEV1.DAT 2008-08-24 14:58 251,392 ----a-w c:\program files\opera\program\plugins\dapop.dll . ------- Sigcheck ------- 2004-08-04 02:07 82944 2ed0b7f12a60f90092081c50fa0ec2b2 c:\windows\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\backup\ws2_32.dll 2004-08-04 02:07 82944 2ed0b7f12a60f90092081c50fa0ec2b2 c:\windows\system32\ws2_32.dll 2004-08-04 02:07 82944 2ed0b7f12a60f90092081c50fa0ec2b2 c:\windows\system32\dllcache\ws2_32.dll 2008-06-23 17:12 667136 611ace3f4201e9610af8452f7c268995 c:\windows\$hf_mig$\KB953838\SP2QFE\wininet.dll 2008-06-23 16:09 666112 f12fbb673de9cc802c5dc518fe99aa2f c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll 2008-06-23 15:54 666624 972299b7241ec325d8c7e5638c884925 c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll 2008-08-20 06:33 667648 c91e3a6ef094202f6b5ca8960dfcf243 c:\windows\$hf_mig$\KB956390\SP2QFE\wininet.dll 2008-08-20 06:30 666112 9af5f25124fbdc36e2b510729cba2674 c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll 2008-08-20 05:58 666624 94418f53d2612c26dbadc04dafbc197c c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll 2008-10-16 11:20 667648 93c9d0a216498ee14eb9b26119bb95ee c:\windows\$hf_mig$\KB958215\SP2QFE\wininet.dll 2008-10-16 02:00 666112 1576318bf08d28cc61d1278114ad8d5b c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll 2008-10-16 02:04 667136 e8fce58a470999350f64c591557f9e42 c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll 2004-08-04 02:07 656384 c0823fc5469663ba63e7db88f9919d70 c:\windows\$NtUninstallKB953838$\wininet.dll 2008-06-23 16:38 659456 9eea04bc4c3fa521d256d89940fab4db c:\windows\$NtUninstallKB956390$\wininet.dll 2008-08-20 06:38 659456 87e694d09893978f22024feeedf35342 c:\windows\$NtUninstallKB958215$\wininet.dll 2004-08-04 02:07 656384 c0823fc5469663ba63e7db88f9919d70 c:\windows\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\backup\wininet.dll 2008-10-16 11:37 659456 6f1e4bfd78c4e0d05ff3725d59b72925 c:\windows\system32\wininet.dll 2008-10-16 11:37 659456 6f1e4bfd78c4e0d05ff3725d59b72925 c:\windows\system32\dllcache\wininet.dll 2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys 2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys 2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys 2004-08-04 02:07 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB951748$\tcpip.sys 2004-08-04 02:07 359040 9f4b36614a0fc234525ba224957de55c c:\windows\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\backup\tcpip.sys 2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\system32\dllcache\tcpip.sys 2008-06-20 11:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\system32\drivers\tcpip.sys 2004-08-04 02:07 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\backup\ip6fw.sys 2004-08-04 02:07 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\dllcache\ip6fw.sys 2004-08-04 02:07 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\drivers\ip6fw.sys 2007-06-13 11:23 1033216 97bd6515465659ff8f3b7be375b2ea87 c:\windows\explorer.exe 2007-06-13 12:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe 2004-08-04 02:07 1032192 a0732187050030ae399b241436565e64 c:\windows\$NtUninstallKB938828$\explorer.exe 2004-08-04 09:56 993280 d55d558b7aaf6fabcf2adfb2291155b7 c:\windows\Aero11 Package V2\Goodies\English System Files\Windows\explorer.exe 2004-08-20 03:09 1808896 b5475d465050106f443dd7144908798f c:\windows\Aero11 Package V2\Goodies\French System Files\Windows\explorer.exe 2004-08-04 02:07 1032192 a0732187050030ae399b241436565e64 c:\windows\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\backup\explorer.exe 2007-06-13 11:23 1033216 97bd6515465659ff8f3b7be375b2ea87 c:\windows\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe 2007-06-13 12:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 c:\windows\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2qfe\explorer.exe 2007-06-13 11:23 1033216 97bd6515465659ff8f3b7be375b2ea87 c:\windows\system32\dllcache\explorer.exe 2004-08-04 02:07 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\backup\services.exe 2004-08-04 02:07 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\system32\services.exe 2004-08-04 02:07 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\system32\dllcache\services.exe 2004-08-04 02:07 110080 87ca7ce6469577f059297b9d6556d66d c:\windows\SoftwareDistribution\Download\0d3b5d19cc06db007bbe6584808bfa9e\backup\imm32.dll 2004-08-04 02:07 110080 87ca7ce6469577f059297b9d6556d66d c:\windows\system32\imm32.dll 2004-08-04 02:07 110080 87ca7ce6469577f059297b9d6556d66d c:\windows\system32\dllcache\imm32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{F4F10C1D-87C7-404A-B4B3-000000000000}"= "c:\progra~1\DAP\SBSearch.dll" [2008-08-24 32768] "{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-08-24 66912] "{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680] [HKEY_CLASSES_ROOT\clsid\{f4f10c1d-87c7-404a-b4b3-000000000000}] [HKEY_CLASSES_ROOT\SearchHook.SrchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}] [HKEY_CLASSES_ROOT\SearchHook.SrchHook] [HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}] [HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}] 2008-08-24 16:01 66912 --a------ c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}] 2008-07-27 21:11 1606680 --a------ c:\program files\IsoBuster\tbIsoB.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680] [HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"= "c:\program files\IsoBuster\tbIsoB.dll" [2008-07-27 1606680] [HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-05-30 21718312] "Google Update"="c:\documents and settings\Pekyi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-06 133104] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "CurseClient"="c:\program files\Curse\CurseClient.exe" [2008-10-10 4789760] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "Fraps"="c:\fraps\FRAPS.EXE" [2008-09-11 3305128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-08 136600] "Ulead Photo Express Calendar Checker"="c:\program files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe" [2004-01-12 69632] "SpeedBitVideoAccelerator"="c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2008-08-24 2705008] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-15 37376] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Warcraft III\\War3.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Curse\\CurseClient.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "c:\\Program Files\\Garena\\Garena.exe"= "c:\\Documents and Settings\\Pekyi\\Desktop\\WLM Lite 8.5.exe"= "c:\\Program Files\\Counter-Strike 1.6\\hl.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "c:\\Documents and Settings\\Pekyi\\Desktop\\WoW\\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe"= "c:\\Program Files\\SpeedBit Video Accelerator\\VideoAccelerator.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:ar "6112:TCP"= 6112:TCP:at "3306:TCP"= 3306:TCP:root R2 sbbotdi;sbbotdi;c:\progra~1\SPEEDB~1\sbbotdi.sys [2008-08-24 35584] R2 Tenable Nessus;Tenable Nessus;c:\program files\Tenable\Nessus\nessusd.exe [2008-07-31 13312] R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2007-12-13 24592] . Contents of the 'Scheduled Tasks' folder 2009-03-16 c:\windows\Tasks\At1.job - c:\program files\norton pc checkup\pc_checkup.exe [] 2009-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-842925246-839522115-1003.job - c:\documents and settings\Pekyi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-06 10:44] . - - - - ORPHANS REMOVED - - - - HKCU-Run-DriverUpdaterPro - c:\program files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe HKCU-Run-Avi Player - c:\program files\Avi Player\AviPlayer.exe HKLM-Run-Cmaudio - cmicnfg.cpl HKLM-Run-Cimbaljevic Screenshot maker v1.5.exe - Cimbaljevic Screenshot maker v1.5.exe . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1700389 IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\DAP\dapextie.htm IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll FF - ProfilePath - c:\documents and settings\Pekyi\Application Data\Mozilla\Firefox\Profiles\r13m2cum.default\ FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q= FF - component: c:\documents and settings\Pekyi\Application Data\Mozilla\Firefox\Profiles\r13m2cum.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - plugin: c:\documents and settings\Pekyi\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox 3 Beta 5\plugins\NPAskSBr.dll FF - plugin: c:\program files\Mozilla Firefox 3 Beta 5\plugins\npigl.dll FF - plugin: c:\program files\Opera\program\plugins\npigl.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-03-17 13:31:35 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1020) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\windows\system32\klogon.dll c:\windows\system32\l3codeca.acm - - - - - - - > 'lsass.exe'(1084) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\fssync.dll . Completion time: 2009-03-17 13:34:01 ComboFix-quarantined-files.txt 2009-03-17 12:33:58 Pre-Run: 18,386,796,544 bytes free Post-Run: 28,074,811,392 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 244 --- E O F --- 2009-03-11 02:01:10

Profil

argus Poslao: 17 Mar 2009 14:52 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kazi mi kakvo je sada stanje.

Profil

smrdojko Poslao: 17 Mar 2009 20:09 Idi na vrh
offline smrdojko Novi MyCity građanin Pridružio: 17 Mar 2009 Poruke: 5 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! e sad mi kav radi dobro vise ne prijavljuje ono sto je prijavljivao ranije... tek sam dosao kuci. pa cu da vidim ako mi se budu gasili programi x) fala

Profil

argus Poslao: 17 Mar 2009 22:03 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradi jos ovo Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore

Profil

smrdojko Poslao: 19 Mar 2009 00:14 Idi na vrh
offline smrdojko Novi MyCity građanin Pridružio: 17 Mar 2009 Poruke: 5 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! eee. opet mi ne radi komp. opet isto. :S sve se gasi... kad upalim komp napise mi "The system has recovered from a serious error" i tako stalno. upalim nesto malo zahtevnije restartuje se. pisem sa bratovog komp posto ne mogu da upali browser na onom odma se ugasi. nadam se da mozes da pomognes Dopuna: 18 Mar 2009 21:45 eo sedoh na moj komp. uspeo sam da upalim chrome kav nece da se upali. kad pokusam da ga upalim izbaci mi neki error avp.exe "The procedure entry point toupper coul not be located in the dynamic link libary MSVCR80.dll kad upalim komp izbaci mi i ovo Spooler SubSystem App.: "Spooler SubSystem App encountred a problem and needed to close" ... omg. raspada mi se komp ni msn mi ne radi vise. nece se upali :O Dopuna: 19 Mar 2009 0:14 sad ponekad prestane da mi radi Windows Explorer :S. i nesto sto ja ne znam sta je. "Generic process for win32 Services: Generic bla bla encourted a problem and needed to close." This error occured on 3/18/2009 at 10:05:04 PM ....

Profil

argus Poslao: 19 Mar 2009 19:43 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Tvoj problem je verovatno neke druge prirode, ja ne vidim malware u sistemu. Evenrualno mozemo da uradimo jos jednu proveru. Preuzmi Dr.Web CureIt (~12 MB). Restartuj kompjuter u Safe Mode (uputstvo za Safe Mode) Dvoklikom pokreni launch.exe, nakon čega će se pojaviti uvodni prozor - klikni Start Pojaviće se obaveštenje o započinjanju uvodnog skeniranja - klikni OK Sačekaj nekoliko minuta da Dr.Web CureIt izvrši Express Scan; ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju Klikni Options > Change settings F9; u prozoru koji će se otvoriti, dečekiraj opciju Heuristic Analysis a zatim klikni OK U glavnom prozoru obeleži opciju Complete scan a zatim klikni i Dr.Web CureIt će započeti skeniranje Ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju Kada skeniranje bude završeno, klikni Select all taster (ukoliko je dostupan), a zatim klikni Cure i, u meniju koji se otvori, klikni Move incurable: Po završetku procesa, klikni File > Save report list i sačuvaj log na Desktopu Iskopiraj sadržaj Dr.Web CureIt loga u temu na forumu.

Profil

smrdojko Poslao: 19 Mar 2009 21:03 Idi na vrh
offline smrdojko Novi MyCity građanin Pridružio: 17 Mar 2009 Poruke: 5 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! eee. ma nista od toga. restartovo mi se komp na pola skena aj videcu kako cu da resim ovo fala na trudu )

Profil

MyCity » Ambulanta -> Arhiva Ambulante » :(

Ko je trenutno na forumu

Ukupno su 978 korisnika na forumu :: 57 registrovanih, 6 sakrivenih i 915 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., anta, aramis s, Ben Roj, bestguarder, bigfoot, bladesu, BlekMen, bojankrstc, cemix, CHARLIE JA., cinoeye, darcaud, darios, darkojbn, dejina811, Djokislav, DragoslavS, drimer, Dukelander, dule10savic, havoc995, ikan, Ivica1102, kobaja77, Krvava Devetka, kubura91, ljuba, mercedesamg, Mercury, mgolub, Mi lao shu, milenko crazy north, moldway, Nemanja.M, nenooo, nikoladim, Nobunaga, NoOneEver Dreams, nuke92, opt1, pein, procesor, repac, savaskytec, shaja1, slonic_tonic, solic, Srle993, theNedjeljko, trajkoni018, uruk, vukovi, wolf431, YugoSlav, Zimbabwe, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by