MyCity » Ambulanta -> Arhiva Ambulante » ....

....

Napisano na dan: 10.9.2009

Strana:
1
2

....

Sledeća strana

Pagination

Odgovori

Strana:
1
2

nemamIme:P Poslao: 10 Sep 2009 23:20 Idi na vrh
offline nemamIme:P Novi MyCity građanin Pridružio: 10 Sep 2009 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Izvinjavam se za ovo malo pre ... ne procitah uputstvo nije mi bila namera... ovako ... problem je u stvari oko lokalnih diskova ne mogu otvoriti ni (C ni (D dvoklikom...nego mi se pojavi lista nekih programa koje imam u kompu a pri tom mi ne pomazu ... ne radi ni kada idem desni klik pa explore ... znaci nemoguce je doci do dokumenata u lokalnim diskovima vec par dana ... nazalost ne znam kako da otklonim problem zato vam se i obracam za pomoc.Da li je ikako moguce otkloniti nastali problem da ne obaram sistem dzabe ako resenja ima ... to izgleda ovako .... DDS (Ver_09-07-30.01) - NTFSx86 Run by Admin at 22:27:09,93 on źet 10.09.2009 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.894.419 [GMT 2:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\explorer.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\mmc.exe C:\WINDOWS\system32\DfrgNtfs.exe C:\Documents and Settings\Admin\My Documents\Downloads\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.bearshare.com/intl/ uInternet Connection Wizard,ShellNext = iexplore mSearchAssistant = hxxp://search.live.com/sphome.aspx BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [BitComet] "c:\program files\bitcomet\BitComet.exe" /tray uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe" uRun: [amva] c:\windows\system32\amvo.exe uRun: [Microsoft Update Machine] yhncsag.exe uRun: [vga type] c:\docume~1\admin\applic~1\vcfive~1\joy jugs.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [RTHDCPL] RTHDCPL.EXE mRun: [SkyTel] SkyTel.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [Microsoft Update Machine] yhncsag.exe mRun: [track monitor] c:\program files\msn track monitor\msntrack.exe mRun: [Amok web bash obj] c:\documents and settings\all users\application data\seek film amok web\Info Plus.exe mRunServices: [Microsoft Update Machine] yhncsag.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uPolicies-explorer: NoInstrumentation = 1 (0x1) IE: Download with GetRight - c:\program files\getright\GRdownload.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Open with GetRight Browser - c:\program files\getright\GRbrowse.htm IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://msn.worldwinner.com/games/v47/shared/FunGamesLoader.cab DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} - hxxp://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab Name-Space Handler: ftp\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\getright\xx2gr.dll Name-Space Handler: http\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\getright\xx2gr.dll AppInit_DLLs: mslbuisys.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\admin\applic~1\mozilla\firefox\profiles\ta7mzuo1.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava11.dll FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava12.dll FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava13.dll FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava14.dll FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava32.dll FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJPI150_04.dll FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPOJI610.dll FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2008-9-1 13696] R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [2008-9-3 8192] R1 jibgc;jibgc;c:\windows\system32\drivers\jibgc.sys [2009-5-4 195832] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-6-1 34064] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-3-16 24652] R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\msn messenger\usnsvc.exe [2007-1-19 97136] S2 D0F9FD24;D0F9FD24;c:\windows\system32\ade7c0.exe -k --> c:\windows\system32\ADE7C0.EXE -k [?] S2 gupdate1c9f63d12986eec;Google Update Service (gupdate1c9f63d12986eec);c:\program files\google\update\GoogleUpdate.exe [2009-6-26 133104] S3 BS_Flash;BS_Flash;c:\program files\bios\bios flash\BS_Flash.sys [2008-9-3 3604] =============== Created Last 30 ================ 2009-09-10 21:57 100,791 ---shr-- C:\v.cmd 2009-09-10 21:57 100,791 ---shr-- c:\windows\system32\amvo.exe 2009-09-10 21:57 72,192 ---shr-- c:\windows\system32\amvo0.dll 2009-09-10 21:41 <DIR> --d----- c:\windows\system32\wbem\Repository 2009-09-10 21:40 <DIR> --d----- C:\games 2009-09-10 21:40 <DIR> --d----- c:\program files\Solsoft 2009-09-10 21:36 <DIR> --d----- c:\program files\VC FIVE WARN 2009-09-10 21:32 54,156 a---h--- c:\windows\QTFont.qfn 2009-09-10 21:32 1,409 a------- c:\windows\QTFont.for 2009-09-09 12:35 55,656 a------- c:\windows\system32\drivers\avgntflt.sys 2009-09-09 12:24 124,688 a------- c:\windows\system32\MSWINSCK.OCX 2009-09-09 12:05 153,088 -c------ c:\windows\system32\dllcache\triedit.dll 2009-09-08 22:55 <DIR> --d----- c:\program files\Multi Password Recovery 2009-09-08 22:41 786 ---sh--- c:\windows\system\actualspystart.lnk 2009-09-08 18:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\seek film amok web 2009-09-08 18:50 <DIR> --d----- c:\docume~1\admin\applic~1\VC FIVE WARN 2009-09-08 16:04 <DIR> --d----- c:\docume~1\admin\applic~1\TeamViewer 2009-09-08 16:04 <DIR> --d----- c:\program files\TeamViewer 2009-09-08 16:04 <DIR> --d----- c:\documents and settings\admin\temp 2009-09-08 15:58 2,859,008 a------- C:\setup.exe 2009-09-07 22:02 <DIR> --d----- c:\program files\Polyhedric Software 2009-09-07 22:02 299,520 a------- c:\windows\uninst.exe 2009-09-07 22:02 <DIR> --d----- c:\documents and settings\admin\WINDOWS 2009-09-07 21:59 <DIR> --d----- c:\docume~1\admin\applic~1\fltk.org 2009-09-06 12:54 <DIR> --d----- c:\program files\NetTVPlus Player 2009-08-24 00:06 498 ---shr-- C:\autorun.inf 2009-08-16 09:59 1,089,601 -c------ c:\windows\system32\dllcache\ntprint.cat 2009-08-15 10:45 <DIR> --d----- c:\windows\system32\XPSViewer 2009-08-15 10:45 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-15 10:45 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-15 10:45 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-15 10:45 575,488 -------- c:\windows\system32\xpsshhdr.dll 2009-08-15 10:45 117,760 -------- c:\windows\system32\prntvpt.dll 2009-08-15 10:44 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll 2009-08-15 10:44 1,676,288 -------- c:\windows\system32\xpssvcs.dll 2009-08-15 10:42 <DIR> --d----- c:\program files\MSXML 6.0 2009-08-13 09:00 221,184 a------- c:\windows\system32\wmpns.dll 2009-08-13 08:58 <DIR> --d----- c:\windows\ServicePackFiles 2009-08-12 09:36 128,512 -c------ c:\windows\system32\dllcache\dhtmled.ocx 2009-08-12 09:24 1,315,328 -c------ c:\windows\system32\dllcache\msoe.dll 2009-08-12 09:23 655,872 -c------ c:\windows\system32\dllcache\mstscax.dll ==================== Find3M ==================== 2009-08-05 11:11 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-24 14:34 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-07-24 14:34 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-07-17 20:55 58,880 a------- c:\windows\system32\atl.dll 2009-07-13 02:18 233,472 a------- c:\windows\system32\wmpdxm.dll 2009-06-26 18:18 659,456 a------- c:\windows\system32\wininet.dll 2009-06-26 18:18 81,920 a------- c:\windows\system32\ieencode.dll 2009-06-25 20:36 661,504 a------- c:\windows\system32\mqqm.dll 2009-06-25 20:36 517,120 a------- c:\windows\system32\mqsnap.dll 2009-06-25 20:36 471,552 a------- c:\windows\system32\mqutil.dll 2009-06-25 20:36 225,280 a------- c:\windows\system32\mqoa.dll 2009-06-25 20:36 186,880 a------- c:\windows\system32\mqtrig.dll 2009-06-25 20:36 177,152 a------- c:\windows\system32\mqrt.dll 2009-06-25 20:36 138,240 a------- c:\windows\system32\mqad.dll 2009-06-25 20:36 123,392 a------- c:\windows\system32\mqrtdep.dll 2009-06-25 20:36 95,744 a------- c:\windows\system32\mqsec.dll 2009-06-25 20:36 48,640 a------- c:\windows\system32\mqupgrd.dll 2009-06-25 20:36 47,104 a------- c:\windows\system32\mqdscli.dll 2009-06-25 20:36 16,896 a------- c:\windows\system32\mqise.dll 2009-06-22 13:49 117,248 a------- c:\windows\system32\mqtgsvc.exe 2009-06-22 13:49 19,968 a------- c:\windows\system32\mqbkup.exe 2009-06-22 13:49 4,608 a------- c:\windows\system32\mqsvc.exe 2009-06-16 16:55 119,808 a------- c:\windows\system32\t2embed.dll 2009-06-16 16:55 82,432 a------- c:\windows\system32\fontsub.dll 2008-03-12 17:12 100,791 ---shr-- c:\windows\system32\amvo.exe ============= FINISH: 22:27:50,98 =============== mycity.rs/must-login.png

Profil

diarno Poslao: 10 Sep 2009 23:46 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav i dobrodosao na forum Uradi sledece : Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

nemamIme:P Poslao: 11 Sep 2009 12:33 Idi na vrh
offline nemamIme:P Novi MyCity građanin Pridružio: 10 Sep 2009 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 11 Sep 2009 0:04 Hvala na uputstvu i na dobrodoslici ... evo ovo dobih .... ComboFix 09-09-10.01 - Admin 10.09.2009 23:53.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.894.412 [GMT 2:00] Running from: c:\documents and settings\Admin\My Documents\Downloads\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\autorun.inf c:\documents and settings\Admin\Local Settings\Temporary Internet Files\tpg.ico c:\documents and settings\All Users\Start Menu\Programs\Internet Explorer.lnk c:\program files\driver C:\Recycle c:\recycle\D-0-060-0000000000-1111111-2222222\Desktop.ini c:\recycler\k-1-3542-4232123213-7676767-8888886 c:\recycler\S-1-5-21-0819939304-7611142662-040463155-9153 c:\recycler\S-1-5-21-1427122975-2375212089-641966684-1406 c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013 c:\recycler\S-1-5-21-4734057806-9202005833-626361159-7668 c:\recycler\S-1-5-21-515967899-2139871995-682003330-1003 c:\recycler\S-1-5-21-8656960904-0792492849-237097146-0427 C:\setup.exe C:\System C:\v.cmd c:\windows\Installer\117d69c.msp c:\windows\Installer\1777f80.msi c:\windows\Installer\1ed71.msp c:\windows\Installer\d0659.msp c:\windows\system32\amvo.exe c:\windows\system32\amvo0.dll c:\windows\system32\msvcrt2.dll E:\Autorun.inf E:\v.cmd . ((((((((((((((((((((((((( Files Created from 2009-08-10 to 2009-09-10 ))))))))))))))))))))))))))))))) . 2009-09-10 19:41 . 2009-09-10 19:41 -------- d-----w- c:\windows\system32\wbem\Repository 2009-09-10 19:40 . 2009-09-10 19:40 -------- d-----w- C:\games 2009-09-10 19:40 . 2009-09-10 19:40 -------- d-----w- c:\program files\Solsoft 2009-09-08 16:50 . 2009-09-10 19:35 483328 ----a-w- c:\documents and settings\Admin\Application Data\VC FIVE WARN\joy jugs.exe 2009-09-08 14:04 . 2009-09-08 14:04 -------- d-----w- c:\documents and settings\Admin\Application Data\TeamViewer 2009-09-08 14:04 . 2009-09-08 14:05 -------- d-----w- c:\program files\TeamViewer 2009-09-08 14:04 . 2009-09-08 14:04 -------- d-----w- c:\documents and settings\Admin\temp 2009-09-07 20:02 . 2009-09-07 20:02 -------- d-----w- c:\program files\Polyhedric Software 2009-09-07 20:02 . 1998-02-06 19:37 299520 ----a-w- c:\windows\uninst.exe 2009-09-07 20:02 . 2009-09-07 20:02 -------- d-----w- c:\documents and settings\Admin\WINDOWS 2009-09-07 19:59 . 2009-09-07 19:59 -------- d-----w- c:\documents and settings\Admin\Application Data\fltk.org 2009-09-06 10:54 . 2009-09-06 11:07 -------- d-----w- c:\program files\NetTVPlus Player 2009-08-15 08:45 . 2009-08-15 08:45 -------- d-----w- c:\windows\system32\XPSViewer 2009-08-15 08:45 . 2009-08-15 08:45 -------- d-----w- c:\program files\MSBuild 2009-08-15 08:45 . 2009-08-15 08:45 -------- d-----w- c:\program files\Reference Assemblies 2009-08-15 08:45 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-15 08:45 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-15 08:45 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-08-15 08:45 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-08-15 08:45 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-15 08:44 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-15 08:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-08-15 08:42 . 2009-08-15 08:42 -------- d-----w- c:\program files\MSXML 6.0 2009-08-13 07:00 . 2002-12-31 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll 2009-08-13 06:58 . 2009-08-13 06:58 -------- d-----w- c:\windows\ServicePackFiles 2009-08-12 07:24 . 2009-07-10 13:42 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll 2009-08-12 07:23 . 2009-06-05 07:42 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-10 21:53 . 2009-04-21 17:45 -------- d-----w- c:\documents and settings\Admin\Application Data\DNA 2009-09-10 20:37 . 2005-10-03 19:44 -------- d-----w- c:\program files\Google 2009-09-10 20:02 . 2009-01-28 14:35 -------- d-----w- c:\program files\Valve 2009-09-10 19:43 . 2009-04-21 17:45 -------- d-----w- c:\program files\DNA 2009-09-10 19:36 . 2008-12-08 17:28 -------- d-----w- c:\documents and settings\Admin\Application Data\Desktopicon 2009-09-10 19:36 . 2009-09-08 16:50 -------- d-----w- c:\documents and settings\Admin\Application Data\VC FIVE WARN 2009-09-10 19:36 . 2009-09-08 16:51 327680 ----a-w- c:\documents and settings\Admin\Application Data\VC FIVE WARN\DELETE FILM PLATFORM.exe 2009-09-10 19:36 . 2009-09-08 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\seek film amok web 2009-09-10 19:36 . 2009-09-10 19:36 765952 ----a-w- c:\documents and settings\Admin\Application Data\VC FIVE WARN\yslnxone.exe 2009-09-10 19:36 . 2009-09-10 19:36 -------- d-----w- c:\program files\VC FIVE WARN 2009-09-09 10:01 . 2009-01-31 16:23 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-08 20:57 . 2009-09-08 20:55 -------- d-----w- c:\program files\Multi Password Recovery 2009-08-18 22:28 . 2009-04-21 17:45 -------- d-----w- c:\documents and settings\Admin\Application Data\BitTorrent 2009-08-17 13:12 . 2005-10-03 20:53 39464 ----a-w- c:\documents and settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-05 09:11 . 2002-12-31 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-28 14:33 . 2009-09-09 10:35 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-07-26 09:42 . 2008-12-08 17:28 -------- d-----w- c:\program files\VDOWNLOADER 2009-07-26 09:37 . 2009-07-26 09:37 -------- d-----w- c:\program files\WinPcap 2009-07-24 12:39 . 2009-07-24 12:33 -------- d-----w- c:\documents and settings\Admin\Application Data\Nokia 2009-07-24 12:34 . 2009-07-24 12:33 -------- d-----w- c:\documents and settings\Admin\Application Data\PC Suite 2009-07-24 12:34 . 2009-07-24 12:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-07-24 12:34 . 2009-07-24 12:34 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-07-24 12:33 . 2009-07-24 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2009-07-24 12:33 . 2008-09-03 03:05 -------- d-----w- c:\program files\DIFX 2009-07-24 12:32 . 2009-07-24 12:32 -------- d-----w- c:\program files\PC Connectivity Solution 2009-07-24 12:31 . 2009-07-24 12:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-07-17 18:55 . 2002-12-31 12:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 00:18 . 2002-12-31 12:00 233472 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-06 15:33 . 2008-10-04 11:29 41 ----a-w- c:\windows\popcinfo.dat 2009-06-26 16:18 . 2002-12-31 12:00 659456 ----a-w- c:\windows\system32\wininet.dll 2009-06-26 16:18 . 2002-12-31 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-06-25 18:36 . 2002-12-31 12:00 95744 ----a-w- c:\windows\system32\mqsec.dll 2009-06-25 18:36 . 2002-12-31 12:00 661504 ----a-w- c:\windows\system32\mqqm.dll 2009-06-25 18:36 . 2002-12-31 12:00 517120 ----a-w- c:\windows\system32\mqsnap.dll 2009-06-25 18:36 . 2002-12-31 12:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll 2009-06-25 18:36 . 2002-12-31 12:00 471552 ----a-w- c:\windows\system32\mqutil.dll 2009-06-25 18:36 . 2002-12-31 12:00 47104 ----a-w- c:\windows\system32\mqdscli.dll 2009-06-25 18:36 . 2002-12-31 12:00 225280 ----a-w- c:\windows\system32\mqoa.dll 2009-06-25 18:36 . 2002-12-31 12:00 186880 ----a-w- c:\windows\system32\mqtrig.dll 2009-06-25 18:36 . 2002-12-31 12:00 177152 ----a-w- c:\windows\system32\mqrt.dll 2009-06-25 18:36 . 2002-12-31 12:00 16896 ----a-w- c:\windows\system32\mqise.dll 2009-06-25 18:36 . 2002-12-31 12:00 138240 ----a-w- c:\windows\system32\mqad.dll 2009-06-25 18:36 . 2002-12-31 12:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll 2009-06-23 14:17 . 2009-06-23 14:17 0 ----a-w- c:\windows\nsreg.dat 2009-06-22 11:49 . 2002-12-31 12:00 19968 ----a-w- c:\windows\system32\mqbkup.exe 2009-06-22 11:49 . 2002-12-31 12:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe 2009-06-22 11:49 . 2002-12-31 12:00 4608 ----a-w- c:\windows\system32\mqsvc.exe 2009-06-22 11:48 . 2002-12-31 12:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys 2009-06-16 14:55 . 2002-12-31 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:55 . 2002-12-31 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-04-21 321344] "vga type"="c:\docume~1\Admin\APPLIC~1\VCFIVE~1\joy jugs.exe" [2009-09-10 483328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "Amok web bash obj"="c:\documents and settings\All Users\Application Data\seek film amok web\Info Plus.exe" [2009-09-10 765952] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-10-16 16855552] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-10-11 1826816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2002-12-31 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\WINDOWS\\system32\\rtcshare.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\WINDOWS\\system32\\ftp.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP::Disabled:@xpsp2res.dll,-22009 "19199:TCP"= 19199:TCP:BitComet 19199 TCP "19199:UDP"= 19199:UDP:BitComet 19199 UDP R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [1.9.2008 19:15 13696] R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [3.9.2008 23:50 8192] R1 jibgc;jibgc;c:\windows\system32\drivers\jibgc.sys [4.5.2009 11:37 195832] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1.6.2008 9:13 34064] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [16.3.2009 12:54 24652] R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [19.1.2007 13:54 97136] S2 D0F9FD24;D0F9FD24;c:\windows\system32\ADE7C0.EXE -k --> c:\windows\system32\ADE7C0.EXE -k [?] S3 BS_Flash;BS_Flash;c:\program files\BIOS\BIOS Flash\BS_Flash.sys [3.9.2008 5:00 3604] --- Other Services/Drivers In Memory --- NewlyCreated* - WBYAFAKJ Deregistered - wbyafakj . Contents of the 'Scheduled Tasks' folder 2009-09-10 c:\windows\Tasks\A62FFAED91846F69.job - c:\docume~1\admin\applic~1\vcfive~1\DELETE FILM PLATFORM.exe [2009-09-08 19:36] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.bearshare.com/intl/ uInternet Connection Wizard,ShellNext = iexplore IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm Name-Space Handler: ftp\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\GetRight\xx2gr.dll Name-Space Handler: http\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\GetRight\xx2gr.dll FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\ta7mzuo1.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJPI150_04.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-BitComet - c:\program files\BitComet\BitComet.exe HKLM-Run-track monitor - c:\program files\MSN Track Monitor\msntrack.exe ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-10 23:58 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\ACPI\PNP0F13\3&2411e6fe&0\LogConf] @DACL=(02 0000) "BasicConfigVector"=hex(a):48,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00, 00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,01,00,01,00,00,00,00,02,\ "BootConfig"=hex(:01,00,00,00,0f,00,00,00,00,00,00,00,01,00,01,00,01,00,00, 00,02,01,01,00,0c,00,00,00,0c,00,00,00,ff,ff,ff,ff . Completion time: 2009-09-10 23:59 ComboFix-quarantined-files.txt 2009-09-10 21:59 Pre-Run: 2.240.241.664 bytes free Post-Run: 4.771.033.088 bytes free 213 --- E O F --- 2009-09-10 07:47 Dopuna: 11 Sep 2009 12:33 ja se izvinjavam ali da ne bih otvarala nove teme ... imam jos dva mozda sitna problemcica... ovako kada upalim kompjuter blokira mi ceo desktop i moram da restartujem... i drugi jedan sitan ... kada downladujem nesto sa neta .pdf fajl isto nece da mi otvori nego mi se pojavljuju neke brojke i kockice ...

Profil

diarno Poslao: 11 Sep 2009 17:17 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ok..to cemo na kraju..idemo korak po korak Uradi sledece : Preuzmi Lop S&D na Desktop. Dvoklikom pokreni LopSD.exe Na prvom ekranu odaberi jezik kucajući E i Enter a zatim klikni OK Odaberi opciju 1 - Search kucajući 1 i Enter Sačekaj nekoliko minuta da program završi skeniranje Na kraju procesa, log C:\LopR.txt će se otvoriti u Notepad-u Iskopiraj dobijeni log u temu na forumu.

Profil

nemamIme:P Poslao: 11 Sep 2009 17:35 Idi na vrh
offline nemamIme:P Novi MyCity građanin Pridružio: 10 Sep 2009 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4600+ ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : Admin ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go) D:\ (CD or DVD) E:\ (Local Disk) - NTFS - Total:54 Go (Free:40 Go) "C:\Lop SD" ( MAJ : 19-12-2008\|23:40 ) Option : [1] ( pet 11.09.2009\|17:28 ) --------------------\\ Listing folders in APPLIC~1 [03.10.2005\|22:14] C:\DOCUME~1\Admin\APPLIC~1\ACD Systems [20.01.2009\|13:07] C:\DOCUME~1\Admin\APPLIC~1\Adobe [03.10.2005\|21:45] C:\DOCUME~1\Admin\APPLIC~1\AdobeUM [03.09.2008\|04:15] C:\DOCUME~1\Admin\APPLIC~1\Ahead [19.08.2009\|00:28] C:\DOCUME~1\Admin\APPLIC~1\BitTorrent [06.10.2008\|20:13] C:\DOCUME~1\Admin\APPLIC~1\Chessmaster Challenge [03.10.2005\|22:06] C:\DOCUME~1\Admin\APPLIC~1\CyberLink [10.09.2009\|21:36] C:\DOCUME~1\Admin\APPLIC~1\Desktopicon [04.09.2008\|17:09] C:\DOCUME~1\Admin\APPLIC~1\DisplayTune [11.09.2009\|01:30] C:\DOCUME~1\Admin\APPLIC~1\DNA [23.06.2009\|16:17] C:\DOCUME~1\Admin\APPLIC~1\Flock [07.09.2009\|21:59] C:\DOCUME~1\Admin\APPLIC~1\fltk.org [10.01.2009\|22:53] C:\DOCUME~1\Admin\APPLIC~1\funkitron [10.01.2009\|21:49] C:\DOCUME~1\Admin\APPLIC~1\GameHouse [23.02.2009\|19:25] C:\DOCUME~1\Admin\APPLIC~1\GetRightToGo [11.08.2009\|18:10] C:\DOCUME~1\Admin\APPLIC~1\Google [30.10.2008\|22:16] C:\DOCUME~1\Admin\APPLIC~1\Help [12.10.2008\|13:30] C:\DOCUME~1\Admin\APPLIC~1\Identities [01.09.2008\|19:20] C:\DOCUME~1\Admin\APPLIC~1\InstallShield [21.01.2009\|12:36] C:\DOCUME~1\Admin\APPLIC~1\LimeWire [10.01.2009\|21:50] C:\DOCUME~1\Admin\APPLIC~1\Macromedia [24.04.2009\|14:25] C:\DOCUME~1\Admin\APPLIC~1\Malwarebytes [03.10.2005\|22:12] C:\DOCUME~1\Admin\APPLIC~1\Media Player Classic [16.02.2009\|15:08] C:\DOCUME~1\Admin\APPLIC~1\Microsoft [10.09.2009\|21:03] C:\DOCUME~1\Admin\APPLIC~1\Mozilla [16.02.2009\|14:47] C:\DOCUME~1\Admin\APPLIC~1\MozillaControl [06.06.2009\|17:00] C:\DOCUME~1\Admin\APPLIC~1\Netscape [24.07.2009\|14:39] C:\DOCUME~1\Admin\APPLIC~1\Nokia [19.01.2009\|15:06] C:\DOCUME~1\Admin\APPLIC~1\Opera [24.07.2009\|14:34] C:\DOCUME~1\Admin\APPLIC~1\PC Suite [06.06.2009\|17:00] C:\DOCUME~1\Admin\APPLIC~1\Photodex [21.04.2009\|19:32] C:\DOCUME~1\Admin\APPLIC~1\PlayFirst [19.01.2009\|23:28] C:\DOCUME~1\Admin\APPLIC~1\Real [15.04.2009\|14:53] C:\DOCUME~1\Admin\APPLIC~1\skypePM [07.09.2008\|10:35] C:\DOCUME~1\Admin\APPLIC~1\Sun [08.09.2009\|16:04] C:\DOCUME~1\Admin\APPLIC~1\TeamViewer [22.05.2009\|01:02] C:\DOCUME~1\Admin\APPLIC~1\Uniblue [10.09.2009\|21:36] C:\DOCUME~1\Admin\APPLIC~1\VC FIVE WARN [16.02.2009\|15:08] C:\DOCUME~1\Admin\APPLIC~1\vlc [16.03.2009\|19:04] C:\DOCUME~1\Admin\APPLIC~1\Windows Live Writer [08.09.2009\|15:47] C:\DOCUME~1\Admin\APPLIC~1\WinRAR [24.10.2008\|11:56] C:\DOCUME~1\Admin\APPLIC~1\zweitgeist [03.10.2005\|22:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems [26.07.2009\|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [16.03.2009\|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL [16.03.2009\|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads [16.03.2009\|12:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP [11.09.2009\|00:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [06.10.2008\|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chessmaster Challenge [03.10.2005\|22:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [22.05.2009\|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner [28.01.2009\|15:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET [21.01.2009\|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FunGames [10.09.2009\|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [16.02.2009\|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Graboid Inc [24.07.2009\|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations [24.04.2009\|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [16.03.2009\|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [14.09.2008\|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir [12.01.2009\|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [10.01.2009\|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9 [03.09.2008\|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA [11.05.2009\|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [10.01.2009\|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media [24.07.2009\|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [21.04.2009\|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [03.10.2005\|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real [10.09.2009\|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web [15.04.2009\|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [09.09.2009\|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [16.03.2009\|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tencent [04.10.2008\|13:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [16.03.2009\|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint [10.07.2009\|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [16.03.2009\|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [12.10.2008\|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ACD Systems [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Media Player Classic [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Mozilla [16.10.2005\|11:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real [09.09.2009\|12:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [02.10.2005\|09:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [02.10.2005\|09:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [11.09.2009 17:00][--ah-----] C:\WINDOWS\tasks\A62FFAED91846F69.job [11.09.2009 16:18][--ah-----] C:\WINDOWS\tasks\SA.DAT [31.12.2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( A62FFAED91846F69.job )=( c:\docume~1\admin\applic~1\vcfive~1\DELETEFILMPLATFORM.exe ) --------------------\\ Listing Folders in C:\Program Files [09.07.2009\|13:22] C:\Program Files\3D Live Pool [03.10.2005\|22:14] C:\Program Files\AC3Filter [03.10.2005\|22:03] C:\Program Files\ACD Systems [03.09.2008\|23:19] C:\Program Files\Adobe [21.01.2009\|12:36] C:\Program Files\Adobe Media Player [03.10.2005\|22:27] C:\Program Files\Ahead [14.12.2008\|19:53] C:\Program Files\Alwil Software [18.01.2009\|21:44] C:\Program Files\Anime Bowling Babes [11.09.2009\|00:06] C:\Program Files\Avira [16.11.2008\|15:48] C:\Program Files\Bengal - Game of Gods [03.09.2008\|05:00] C:\Program Files\BIOS [08.04.2009\|23:56] C:\Program Files\BitComet [21.04.2009\|19:45] C:\Program Files\BitTorrent [16.10.2005\|11:00] C:\Program Files\CCleaner [13.03.2009\|12:47] C:\Program Files\Chessware [10.09.2009\|23:55] C:\Program Files\Common Files [02.10.2005\|09:48] C:\Program Files\ComPlus Applications [03.10.2005\|22:21] C:\Program Files\Customizer XP [03.10.2005\|22:05] C:\Program Files\CyberLink [24.07.2009\|14:33] C:\Program Files\DIFX [03.10.2005\|22:13] C:\Program Files\DivX [03.10.2005\|22:13] C:\Program Files\DivXCodec [10.09.2009\|21:43] C:\Program Files\DNA [18.01.2009\|19:44] C:\Program Files\Dr Blobs Organism [09.07.2009\|13:48] C:\Program Files\Flock [11.05.2009\|15:10] C:\Program Files\FruityLoops3 [08.06.2009\|18:03] C:\Program Files\Full Circle [26.01.2009\|15:01] C:\Program Files\GameHouse [15.12.2008\|21:49] C:\Program Files\GetRight [22.10.2008\|15:46] C:\Program Files\Global Star Software [08.06.2009\|18:03] C:\Program Files\Glow Worm [10.09.2009\|22:37] C:\Program Files\Google [16.02.2009\|16:37] C:\Program Files\Graboid [15.12.2008\|21:49] C:\Program Files\HW Monitor [23.04.2009\|21:56] C:\Program Files\Image-Line [22.10.2008\|15:12] C:\Program Files\Inca Ball [07.06.2009\|10:48] C:\Program Files\InstallShield Installation Information [15.08.2009\|10:43] C:\Program Files\Internet Explorer [03.10.2005\|22:20] C:\Program Files\Java [08.06.2009\|18:04] C:\Program Files\Jeez [17.04.2009\|22:54] C:\Program Files\Kiran's Typing Tutor [21.10.2008\|22:26] C:\Program Files\KONAMI [21.01.2009\|12:36] C:\Program Files\LimeWire [18.01.2009\|21:44] C:\Program Files\Luxor [03.10.2005\|22:11] C:\Program Files\Media Player Classic [15.12.2008\|21:49] C:\Program Files\Messenger off [03.10.2005\|22:39] C:\Program Files\Microsoft ActiveSync [02.10.2005\|09:52] C:\Program Files\microsoft frontpage [03.10.2005\|22:39] C:\Program Files\Microsoft Office [10.07.2009\|02:01] C:\Program Files\Microsoft Works [03.10.2005\|22:39] C:\Program Files\Microsoft.NET [02.10.2005\|09:49] C:\Program Files\Movie Maker [11.09.2009\|16:26] C:\Program Files\Mozilla Firefox [15.08.2009\|10:45] C:\Program Files\MSBuild [02.10.2005\|09:48] C:\Program Files\MSN Gaming Zone [16.03.2009\|19:11] C:\Program Files\MSN Messenger [15.08.2009\|10:42] C:\Program Files\MSXML 6.0 [08.09.2009\|22:57] C:\Program Files\Multi Password Recovery [15.12.2008\|21:49] C:\Program Files\Mv2Player [02.10.2005\|09:49] C:\Program Files\NetMeeting [06.09.2009\|13:07] C:\Program Files\NetTVPlus Player [01.09.2008\|19:23] C:\Program Files\NVIDIA Corporation [23.06.2009\|16:26] C:\Program Files\Opera [13.08.2009\|09:00] C:\Program Files\Outlook Express [30.03.2009\|20:27] C:\Program Files\Outsim [01.02.2009\|21:27] C:\Program Files\Passware [24.07.2009\|14:32] C:\Program Files\PC Connectivity Solution [11.05.2009\|15:22] C:\Program Files\Photo Pos Pro [06.06.2009\|17:00] C:\Program Files\Photodex [07.09.2009\|22:02] C:\Program Files\Polyhedric Software [15.12.2008\|21:49] C:\Program Files\QuickTime Alternative [03.05.2009\|15:20] C:\Program Files\Ragdoll Masters [15.12.2008\|21:49] C:\Program Files\Real Alternative [07.06.2009\|10:48] C:\Program Files\Realtek [15.08.2009\|10:45] C:\Program Files\Reference Assemblies [12.10.2008\|21:13] C:\Program Files\ReflexiveArcade [10.09.2009\|21:40] C:\Program Files\Solsoft [03.04.2009\|16:29] C:\Program Files\Sony Setup [10.05.2009\|00:04] C:\Program Files\Steinberg [04.04.2009\|21:54] C:\Program Files\Sweetopia [08.09.2009\|16:05] C:\Program Files\TeamViewer [16.03.2009\|12:57] C:\Program Files\Tencent [02.10.2005\|10:51] C:\Program Files\Totalcmd [17.05.2009\|15:32] C:\Program Files\Tripper-IT [15.04.2009\|17:31] C:\Program Files\TypingMaster [21.10.2008\|22:52] C:\Program Files\Ubisoft [14.09.2008\|10:14] C:\Program Files\UIU [02.10.2005\|09:58] C:\Program Files\Uninstall Information [10.09.2009\|22:02] C:\Program Files\Valve [02.06.2009\|18:40] C:\Program Files\vanBasco's Karaoke Player [10.09.2009\|21:36] C:\Program Files\VC FIVE WARN [26.07.2009\|11:42] C:\Program Files\VDOWNLOADER [16.03.2009\|12:54] C:\Program Files\Viewpoint [23.04.2009\|21:55] C:\Program Files\VstPlugins [03.10.2005\|22:04] C:\Program Files\Webteh [11.05.2009\|14:51] C:\Program Files\Winamp [02.10.2005\|09:52] C:\Program Files\Windows Media Player [02.10.2005\|09:48] C:\Program Files\Windows NT [02.10.2005\|09:50] C:\Program Files\WindowsUpdate [26.07.2009\|11:37] C:\Program Files\WinPcap [08.09.2009\|15:47] C:\Program Files\WinRAR [03.10.2005\|22:29] C:\Program Files\WinZip [03.10.2005\|21:32] C:\Program Files\xerox [03.10.2005\|22:01] C:\Program Files\Xing [03.10.2005\|22:14] C:\Program Files\XviD [14.10.2008\|17:47] C:\Program Files\Zylom Games --------------------\\ Listing Folders in C:\Program Files\Common Files [03.10.2005\|22:03] C:\Program Files\Common Files\ACD Systems [03.10.2005\|23:08] C:\Program Files\Common Files\Adobe [20.01.2009\|13:07] C:\Program Files\Common Files\Adobe AIR [03.10.2005\|22:27] C:\Program Files\Common Files\Ahead [16.03.2009\|13:00] C:\Program Files\Common Files\AOL [03.10.2005\|22:39] C:\Program Files\Common Files\DESIGNER [01.09.2008\|19:23] C:\Program Files\Common Files\InstallShield [03.10.2005\|22:20] C:\Program Files\Common Files\Java [03.10.2005\|22:39] C:\Program Files\Common Files\L&H [11.09.2009\|00:05] C:\Program Files\Common Files\Microsoft Shared [02.10.2005\|09:49] C:\Program Files\Common Files\MSSoap [02.10.2005\|11:40] C:\Program Files\Common Files\ODBC [02.10.2005\|09:49] C:\Program Files\Common Files\Services [02.10.2005\|11:40] C:\Program Files\Common Files\SpeechEngines [03.10.2005\|22:39] C:\Program Files\Common Files\System [23.02.2009\|21:49] C:\Program Files\Common Files\Windows Live [03.10.2005\|22:01] C:\Program Files\Common Files\Xing Shared --------------------\\ Process ( 24 Processes ) ... OK ! --------------------\\ Searching with S_Lop No Lop folder found ! --------------------\\ Searching for Lop Files - Folders C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web\32 intra.dat C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web\Info Plus.dat C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web\Info Plus.exe C:\DOCUME~1\Admin\APPLIC~1\vcfive~1 C:\DOCUME~1\Admin\APPLIC~1\vcfive~1\DELETE FILM PLATFORM.exe C:\DOCUME~1\Admin\APPLIC~1\vcfive~1\joy jugs.exe C:\DOCUME~1\Admin\APPLIC~1\vcfive~1\yslnxone.exe C:\Program Files\vcfive~1 C:\DOCUME~1\Admin\Cookies\admin@install.winzix[2].txt C:\DOCUME~1\Admin\Cookies\admin@www.adserver5[1].txt C:\WINDOWS\Tasks\A62FFAED91846F69.job --------------------\\ Searching within the Registry [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Knob Mess Remote] "DisplayName"="CiD Help" "UninstallString"="C:\\DOCUME~1\\Admin\\APPLIC~1\\VCFIVE~1\\joy jugs.exe -uninstall" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "vga type"="C:\\DOCUME~1\\Admin\\APPLIC~1\\VCFIVE~1\\joy jugs.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Amok web bash obj"="C:\\Documents and Settings\\All Users\\Application Data\\seek film amok web\\Info Plus.exe" --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-11 17:29:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Searching for other infections --------------------\\ (zabranjeno)s & Keygens .. C:\DOCUME~1\Admin\Application Data\BitTorrent\Fruity Loops Studio 8.0 Full Producers Edition With (zabranjeno).torrent C:\DOCUME~1\Admin\Local Settings\Application Data\Opera\Opera\profile\images\(zabranjeno)dbs.com.idx C:\DOCUME~1\Admin\Local Settings\Application Data\Opera\Opera\profile\images\(zabranjeno)zplanet.net.idx C:\DOCUME~1\Admin\Local Settings\Application Data\Opera\Opera\profile\images\http%3A%2F%2F(zabranjeno)dbs.com%2Ffavicon.ico C:\DOCUME~1\Admin\Local Settings\Application Data\Opera\Opera\profile\images\http%3A%2F%2F(zabranjeno)zplanet.net%2Ffavicon.ico C:\DOCUME~1\Admin\Local Settings\Application Data\Opera\Opera\profile\images\http%3A%2F%2Foph(zabranjeno).sourceforge.net%2Ffavicon.png C:\DOCUME~1\Admin\Local Settings\Application Data\Opera\Opera\profile\images\oph(zabranjeno).sourceforge.net.idx [F:6][D:3]-> C:\DOCUME~1\Admin\LOCALS~1\Temp [F:74][D:0]-> C:\DOCUME~1\Admin\Cookies [F:14][D:4]-> C:\DOCUME~1\Admin\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - pet 11.09.2009\|17:31 - Option : [1] --------------------\\ Scan completed at 17:31:09

Profil

diarno Poslao: 11 Sep 2009 20:41 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\Tasks\A62FFAED91846F69.job Folder:: C:\DOCUME~1\ALLUSE~1\APPLIC~1\seek film amok web C:\DOCUME~1\Admin\APPLIC~1\vcfive~1 C:\Program Files\vcfive~1 Driver:: D0F9FD24 Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "vga type"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Amok web bash obj"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Uploaduj mi sledeci fajl: c:\windows\system32\drivers\jibgc.sys Preko : http://www.mycity.rs/ambulanta-upload.php

Profil

nemamIme:P Poslao: 12 Sep 2009 18:09 Idi na vrh
offline nemamIme:P Novi MyCity građanin Pridružio: 10 Sep 2009 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ComboFix 09-09-11.03 - Admin 12.09.2009 17:46.3.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.894.526 [GMT 2:00] Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Admin\Desktop\CFScript.txt AV: AntiVir Desktop On-access scanning enabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: "c:\windows\Tasks\A62FFAED91846F69.job" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\Admin\APPLIC~1\vcfive~1 c:\docume~1\Admin\APPLIC~1\vcfive~1\0 c:\docume~1\Admin\APPLIC~1\vcfive~1\DELETE FILM PLATFORM.exe c:\docume~1\Admin\APPLIC~1\vcfive~1\joy jugs.exe c:\docume~1\Admin\APPLIC~1\vcfive~1\yslnxone.exe c:\docume~1\ALLUSE~1\APPLIC~1\seek film amok web c:\docume~1\ALLUSE~1\APPLIC~1\seek film amok web\32 intra.dat c:\docume~1\ALLUSE~1\APPLIC~1\seek film amok web\Info Plus.dat c:\docume~1\ALLUSE~1\APPLIC~1\seek film amok web\Info Plus.exe c:\program files\vcfive~1 c:\windows\Tasks\A62FFAED91846F69.job . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_D0F9FD24 -------\Service_D0F9FD24 ((((((((((((((((((((((((( Files Created from 2009-08-12 to 2009-09-12 ))))))))))))))))))))))))))))))) . 2009-09-11 15:28 . 2009-09-12 15:30 -------- d-----w- C:\Lop SD 2009-09-10 22:06 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-09-10 22:06 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-09-10 22:06 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-09-10 22:06 . 2009-09-10 22:06 -------- d-----w- c:\program files\Avira 2009-09-10 22:06 . 2009-09-10 22:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-09-10 19:41 . 2009-09-10 19:41 -------- d-----w- c:\windows\system32\wbem\Repository 2009-09-10 19:40 . 2009-09-10 19:40 -------- d-----w- C:\games 2009-09-10 19:40 . 2009-09-10 19:40 -------- d-----w- c:\program files\Solsoft 2009-09-09 10:35 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-09-09 10:05 . 2009-06-21 22:04 153088 -c----w- c:\windows\system32\dllcache\triedit.dll 2009-09-08 20:55 . 2009-09-08 20:57 -------- d-----w- c:\program files\Multi Password Recovery 2009-09-08 20:46 . 2009-09-08 20:48 -------- d-----w- c:\windows\jibgc 2009-09-08 14:04 . 2009-09-08 14:04 -------- d-----w- c:\documents and settings\Admin\Application Data\TeamViewer 2009-09-08 14:04 . 2009-09-08 14:05 -------- d-----w- c:\program files\TeamViewer 2009-09-08 14:04 . 2009-09-08 14:04 -------- d-----w- c:\documents and settings\Admin\temp 2009-09-07 20:02 . 2009-09-07 20:02 -------- d-----w- c:\program files\Polyhedric Software 2009-09-07 20:02 . 1998-02-06 19:37 299520 ----a-w- c:\windows\uninst.exe 2009-09-07 20:02 . 2009-09-07 20:02 -------- d-----w- c:\documents and settings\Admin\WINDOWS 2009-09-07 19:59 . 2009-09-07 19:59 -------- d-----w- c:\documents and settings\Admin\Application Data\fltk.org 2009-09-06 10:54 . 2009-09-06 11:07 -------- d-----w- c:\program files\NetTVPlus Player 2009-08-15 08:45 . 2009-08-15 08:45 -------- d-----w- c:\windows\system32\XPSViewer 2009-08-15 08:45 . 2009-08-15 08:45 -------- d-----w- c:\program files\MSBuild 2009-08-15 08:45 . 2009-08-15 08:45 -------- d-----w- c:\program files\Reference Assemblies 2009-08-15 08:45 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-15 08:45 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-15 08:45 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-08-15 08:45 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-08-15 08:45 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-15 08:44 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-15 08:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-08-15 08:42 . 2009-08-15 08:42 -------- d-----w- c:\program files\MSXML 6.0 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-10 23:30 . 2009-04-21 17:45 -------- d-----w- c:\documents and settings\Admin\Application Data\DNA 2009-09-10 20:37 . 2005-10-03 19:44 -------- d-----w- c:\program files\Google 2009-09-10 20:02 . 2009-01-28 14:35 -------- d-----w- c:\program files\Valve 2009-09-10 19:43 . 2009-04-21 17:45 -------- d-----w- c:\program files\DNA 2009-09-10 19:36 . 2008-12-08 17:28 -------- d-----w- c:\documents and settings\Admin\Application Data\Desktopicon 2009-09-09 10:01 . 2009-01-31 16:23 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-08-18 22:28 . 2009-04-21 17:45 -------- d-----w- c:\documents and settings\Admin\Application Data\BitTorrent 2009-08-17 13:12 . 2005-10-03 20:53 39464 ----a-w- c:\documents and settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-05 09:11 . 2002-12-31 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-26 09:42 . 2008-12-08 17:28 -------- d-----w- c:\program files\VDOWNLOADER 2009-07-26 09:37 . 2009-07-26 09:37 -------- d-----w- c:\program files\WinPcap 2009-07-24 12:39 . 2009-07-24 12:33 -------- d-----w- c:\documents and settings\Admin\Application Data\Nokia 2009-07-24 12:34 . 2009-07-24 12:33 -------- d-----w- c:\documents and settings\Admin\Application Data\PC Suite 2009-07-24 12:34 . 2009-07-24 12:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-07-24 12:34 . 2009-07-24 12:34 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-07-24 12:33 . 2009-07-24 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2009-07-24 12:33 . 2008-09-03 03:05 -------- d-----w- c:\program files\DIFX 2009-07-24 12:32 . 2009-07-24 12:32 -------- d-----w- c:\program files\PC Connectivity Solution 2009-07-24 12:31 . 2009-07-24 12:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-07-17 18:55 . 2002-12-31 12:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 00:18 . 2002-12-31 12:00 233472 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-06 15:33 . 2008-10-04 11:29 41 ----a-w- c:\windows\popcinfo.dat 2009-06-26 16:18 . 2002-12-31 12:00 659456 ------w- c:\windows\system32\wininet.dll 2009-06-26 16:18 . 2002-12-31 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-06-25 18:36 . 2002-12-31 12:00 95744 ----a-w- c:\windows\system32\mqsec.dll 2009-06-25 18:36 . 2002-12-31 12:00 661504 ----a-w- c:\windows\system32\mqqm.dll 2009-06-25 18:36 . 2002-12-31 12:00 517120 ----a-w- c:\windows\system32\mqsnap.dll 2009-06-25 18:36 . 2002-12-31 12:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll 2009-06-25 18:36 . 2002-12-31 12:00 471552 ----a-w- c:\windows\system32\mqutil.dll 2009-06-25 18:36 . 2002-12-31 12:00 47104 ----a-w- c:\windows\system32\mqdscli.dll 2009-06-25 18:36 . 2002-12-31 12:00 225280 ----a-w- c:\windows\system32\mqoa.dll 2009-06-25 18:36 . 2002-12-31 12:00 186880 ----a-w- c:\windows\system32\mqtrig.dll 2009-06-25 18:36 . 2002-12-31 12:00 177152 ----a-w- c:\windows\system32\mqrt.dll 2009-06-25 18:36 . 2002-12-31 12:00 16896 ----a-w- c:\windows\system32\mqise.dll 2009-06-25 18:36 . 2002-12-31 12:00 138240 ----a-w- c:\windows\system32\mqad.dll 2009-06-25 18:36 . 2002-12-31 12:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll 2009-06-23 14:17 . 2009-06-23 14:17 0 ----a-w- c:\windows\nsreg.dat 2009-06-22 11:49 . 2002-12-31 12:00 19968 ----a-w- c:\windows\system32\mqbkup.exe 2009-06-22 11:49 . 2002-12-31 12:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe 2009-06-22 11:49 . 2002-12-31 12:00 4608 ----a-w- c:\windows\system32\mqsvc.exe 2009-06-22 11:48 . 2002-12-31 12:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys 2009-06-16 14:55 . 2002-12-31 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:55 . 2002-12-31 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll . ((((((((((((((((((((((((((((( SnapShot@2009-09-10_21.58.32 ))))))))))))))))))))))))))))))))))))))))) . + 2009-09-10 22:06 . 2009-05-11 08:12 28520 c:\windows\system32\drivers\ssmdrv.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-04-21 321344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-10-16 16855552] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-10-11 1826816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2002-12-31 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\WINDOWS\\system32\\rtcshare.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\WINDOWS\\system32\\ftp.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP::Disabled:@xpsp2res.dll,-22009 "19199:TCP"= 19199:TCP:BitComet 19199 TCP "19199:UDP"= 19199:UDP:BitComet 19199 UDP R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [1.9.2008 19:15 13696] R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [3.9.2008 23:50 8192] R1 jibgc;jibgc;c:\windows\system32\drivers\jibgc.sys [4.5.2009 11:37 195832] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11.9.2009 0:06 108289] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1.6.2008 9:13 34064] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [16.3.2009 12:54 24652] S3 BS_Flash;BS_Flash;c:\program files\BIOS\BIOS Flash\BS_Flash.sys [3.9.2008 5:00 3604] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [19.1.2007 13:54 97136] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.bearshare.com/intl/ uInternet Connection Wizard,ShellNext = iexplore IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm Name-Space Handler: ftp\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\GetRight\xx2gr.dll Name-Space Handler: http\GetRightIEClickCatcher - {73BA8F12-723E-11D1-A9E2-00403320FCF2} - c:\program files\GetRight\xx2gr.dll FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\ta7mzuo1.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJPI150_04.dll FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-12 17:56 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\ACPI\PNP0F13\3&2411e6fe&0\LogConf] @DACL=(02 0000) "BasicConfigVector"=hex(a):48,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00, 00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,01,00,01,00,01,00,00,00,00,02,\ "BootConfig"=hex(:01,00,00,00,0f,00,00,00,00,00,00,00,01,00,01,00,01,00,00, 00,02,01,01,00,0c,00,00,00,0c,00,00,00,ff,ff,ff,ff . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(588-) c:\windows\system32\msi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe c:\windows\system32\nvsvc32.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe . ************************************************************************ . Completion time: 2009-09-12 18:00 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-12 16:00 ComboFix2.txt 2009-09-10 21:59 Pre-Run: 4.602.392.576 bytes free Post-Run: 4.509.683.712 bytes free 213 --- E O F --- 2009-09-10 07:47 mycity.rs/must-login.png

Profil

diarno Poslao: 12 Sep 2009 18:14 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisi mi koji se sve fajlovi nalaze u sledecem folderu : c:\windows\jibgc Kakvo je stanje inace sad?

Profil

nemamIme:P Poslao: 12 Sep 2009 18:22 Idi na vrh
offline nemamIme:P Novi MyCity građanin Pridružio: 10 Sep 2009 Poruke: 24	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 12 Sep 2009 18:20 mail.flt msk.exe pktrainer.exe unins000.exe web.flt pa ... ne bih znala da ti kazem meni je super sad mislim bilo mi je i onda samo sto je bio problem za otvaranje lokalnih diskola ...al je sad koliko se kao nesto ''razumem'' bolje... Dopuna: 12 Sep 2009 18:22 hvala ti puno ... znaci ne znam kako da ti se zahvalim ... hvala na odvojenom vremenu ...

Profil

diarno Poslao: 12 Sep 2009 23:29 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nema na cemu Uradi jos ovo Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\drivers\jibgc.sys Driver:: jibgc Folder:: c:\windows\jibgc` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » ....

Ko je trenutno na forumu

Ukupno su 887 korisnika na forumu :: 41 registrovanih, 9 sakrivenih i 837 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, Andrija357, ccoogg123, CikaKURE, comi_pfc, d bos, Denaya, dika69, Duh sa sekirom, dushan, Excalibur13, FOX, Ivica1102, Kibice, krkalon, Krvava Devetka, ksyyaj, libellule_dk, Lieutenant, Marko Marković, Milos ZA, misa2, novator, ozzy, Petarvu, Pikac-47, proka89, radionica1, RJ, sevenino, Sirius, Srle993, ss10, stalja, stegonosa, Toper, vathra, vukovi, wizzardone, ZetaMan

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by