Antivirus 2009

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

U redu!!!!!!!
Laku Noc!!!!!!!!!!!!!!!!!!

Dopuna: 18 Jan 2009 16:55

evo stigao sam,sta sada da radim?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da iskljucis Antivirus i postavis mi novi ComboFix log.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

mycity.rs/must-login.png

ComboFix 09-01-17.02 - Nesa Savkovic 2009-01-18 16:54:45.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.381.1033.18.1023.451 [GMT 1:00]
Running from: c:\documents and settings\Nesa Savkovic\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *enabled*

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-12-18 to 2009-01-18 )))))))))))))))))))))))))))))))
.

2009-01-17 22:30 . 2009-01-17 22:30 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Flock
2009-01-17 22:29 . 2009-01-17 23:01 <DIR> d-------- c:\program files\Flock
2009-01-17 21:42 . 2009-01-17 22:24 32,223,214 --------- c:\windows\wmp12.exe
2009-01-17 19:24 . 2009-01-17 19:24 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-17 19:24 . 2009-01-17 19:24 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Malwarebytes
2009-01-17 19:24 . 2009-01-17 19:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-17 19:24 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-17 19:24 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-17 17:35 . 2009-01-17 17:44 <DIR> d-------- c:\program files\Shock Utility
2009-01-17 17:34 . 2009-01-17 17:44 65,536 --a------ c:\windows\IFinst27.exe
2009-01-17 16:56 . 2009-01-17 16:56 <DIR> d-------- c:\program files\FogelSoft
2009-01-17 16:31 . 2009-01-17 16:31 <DIR> d-------- c:\windows\system32\XPSViewer
2009-01-17 16:30 . 2009-01-17 16:30 <DIR> d-------- c:\program files\MSBuild
2009-01-17 16:30 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-01-17 16:30 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-01-17 16:30 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-01-17 16:30 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-01-17 16:30 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-01-17 16:30 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-01-17 16:30 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-01-17 16:25 . 2009-01-17 16:25 <DIR> d-------- c:\program files\MSXML 6.0
2009-01-17 00:17 . 2009-01-17 00:18 <DIR> d-------- c:\program files\Swatians Team
2009-01-16 23:26 . 2008-09-19 22:57 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2009-01-16 23:26 . 2008-09-24 19:41 839,680 --a------ c:\windows\system32\lameACM.acm
2009-01-16 23:26 . 2004-01-25 17:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2009-01-16 23:26 . 2008-12-07 19:08 130,048 --a------ c:\windows\system32\xvidvfw.dll
2009-01-16 23:26 . 2007-09-21 01:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2009-01-16 23:26 . 2008-09-25 09:03 81,920 --a------ c:\windows\system32\dpl100.dll
2009-01-16 23:26 . 2008-10-03 13:30 414 --a------ c:\windows\system32\lame_acm.xml
2009-01-16 23:25 . 2009-01-16 23:26 <DIR> d-------- c:\program files\K-Lite Codec Pack
2009-01-16 23:25 . 2008-10-28 23:35 684,032 --a------ c:\windows\system32\divx.dll
2009-01-16 23:25 . 2008-12-08 12:53 57,344 --a------ c:\windows\system32\ff_vfw.dll
2009-01-16 23:25 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-01-16 17:45 . 2009-01-16 17:45 <DIR> d-------- c:\program files\Common Files\Adobe Systems Shared
2009-01-16 17:45 . 2009-01-16 17:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Macrovision
2009-01-16 14:54 . 2009-01-17 12:05 <DIR> d-------- c:\program files\vghd
2009-01-15 14:49 . 2009-01-15 15:04 <DIR> d-------- c:\program files\Serious Sam 2
2009-01-15 01:07 . 2009-01-15 01:07 98,304 --a------ c:\windows\system32\CmdLineExt.dll
2009-01-15 00:38 . 2009-01-15 00:38 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\MAGIX
2009-01-15 00:37 . 2009-01-15 00:37 <DIR> d-------- c:\program files\MAGIX
2009-01-15 00:37 . 2009-01-15 00:37 <DIR> d-------- c:\program files\Common Files\MAGIX Shared
2009-01-15 00:37 . 2009-01-15 00:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\MAGIX
2009-01-15 00:36 . 2009-01-15 00:38 <DIR> d-------- c:\windows\system32\MAGIX
2009-01-15 00:36 . 2007-12-04 15:20 700,416 --a------ c:\windows\system32\mgxoschk.dll
2009-01-15 00:36 . 2009-01-15 00:37 5,937 --a------ c:\windows\mgxoschk.ini
2009-01-14 21:29 . 2009-01-18 16:38 <DIR> d-------- c:\program files\MODEM Mobile Connection
2009-01-14 21:29 . 2008-07-15 11:39 104,960 --a------ c:\windows\system32\drivers\ZTEusbser6k.sys
2009-01-14 21:29 . 2008-07-15 11:39 104,960 --a------ c:\windows\system32\drivers\ZTEusbnmea.sys
2009-01-14 21:29 . 2008-07-15 11:39 104,960 --a------ c:\windows\system32\drivers\ZTEusbmdm6k.sys
2009-01-14 15:26 . 2009-01-16 15:01 5 --a------ c:\windows\sbacknt.bin
2009-01-14 15:24 . 2009-01-16 15:01 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\vghd
2009-01-14 15:24 . 2009-01-16 14:54 152,904 --a------ c:\windows\system32\vghd.scr
2009-01-14 01:47 . 2009-01-14 01:47 <DIR> d-------- c:\program files\EA GAMES
2009-01-14 01:47 . 2004-08-18 04:14 442,368 -ra------ c:\windows\system32\vp6vfw.dll
2009-01-14 01:21 . 2009-01-14 01:21 <DIR> d-------- c:\program files\Common Files\Ahead
2009-01-14 01:21 . 2001-07-06 05:41 569,344 --a------ c:\windows\system32\imagr5.dll
2009-01-14 01:21 . 2001-07-06 03:44 544,768 --a------ c:\windows\system32\imagx5.dll
2009-01-14 01:21 . 2001-07-06 09:24 283,920 --a------ c:\windows\system32\ImagXpr5.dll
2009-01-14 01:21 . 2008-05-09 21:13 155,648 --a------ c:\windows\system32\NeroCheck.exe
2009-01-14 01:21 . 2003-03-29 06:45 89,184 --------- c:\windows\system32\drivers\imagedrv.sys
2009-01-14 01:21 . 2003-05-26 05:12 57,344 --------- c:\windows\system32\ImageDrive.cpl
2009-01-14 01:21 . 2001-06-25 23:15 38,912 --a------ c:\windows\system32\picn20.dll
2009-01-13 23:40 . 2009-01-13 23:40 <DIR> d-------- c:\windows\Sun
2009-01-13 23:23 . 2009-01-13 23:23 <DIR> d-------- c:\program files\SopFilter
2009-01-13 23:14 . 2009-01-13 23:14 <DIR> d-------- C:\ProgramData
2009-01-13 23:02 . 2009-01-13 23:02 <DIR> d-------- c:\program files\Readon Technology
2009-01-13 22:17 . 2009-01-13 22:17 <DIR> d-------- c:\program files\AskBarDis
2009-01-13 22:03 . 2009-01-13 22:07 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\VoipDiscount
2009-01-13 22:02 . 2009-01-13 22:02 <DIR> d-------- c:\windows\PaltalkScene
2009-01-13 22:02 . 2009-01-14 21:24 <DIR> d-------- c:\program files\Paltalk Messenger
2009-01-13 22:02 . 2009-01-14 21:24 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Paltalk
2009-01-13 21:00 . 2009-01-15 15:23 <DIR> d-------- c:\program files\Steam
2009-01-13 20:21 . 2009-01-14 01:16 <DIR> d-------- c:\program files\SpeedBit Video Accelerator
2009-01-13 20:21 . 2009-01-13 20:21 <DIR> d-------- c:\program files\AskSBar
2009-01-13 20:15 . 2009-01-17 19:09 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-01-13 20:14 . 2009-01-14 01:16 <DIR> d-------- c:\program files\DAP
2009-01-13 19:47 . 2009-01-13 19:47 144 --a------ c:\windows\Eudcedit.ini
2009-01-13 19:16 . 2009-01-13 19:17 <DIR> d-------- c:\program files\CDCheck
2009-01-13 19:07 . 2009-01-13 19:07 <DIR> d-------- c:\program files\Skyler Lyon
2009-01-13 19:03 . 2009-01-18 00:35 <DIR> d---s---- c:\documents and settings\Nesa Savkovic\My Documents
2009-01-13 18:44 . 2009-01-13 18:44 <DIR> d-------- c:\documents and settings\Nesa Savkovic\EurekaLog
2009-01-13 18:41 . 2009-01-13 18:41 <DIR> d-------- c:\program files\Innovative Solutions
2009-01-13 18:34 . 2009-01-13 18:34 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Anonymizer
2009-01-13 18:33 . 2009-01-13 18:33 <DIR> d-------- c:\program files\Anonymizer
2009-01-13 18:33 . 2009-01-13 18:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\Anonymizer
2009-01-13 18:33 . 2009-01-13 18:34 <DIR> d--h----- c:\documents and settings\All Users\Application Data\{773E7240-B347-4DFF-A6EF-6E829EDD59DF}
2009-01-13 17:59 . 2009-01-13 18:01 69 --a------ c:\windows\NeroDigital.ini
2009-01-13 17:28 . 2009-01-17 14:09 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Nero
2009-01-13 16:50 . 2009-01-13 16:50 4,767 --a------ c:\windows\Irremote.ini
2009-01-13 16:46 . 2009-01-13 16:46 <DIR> d-------- c:\program files\Windows Sidebar
2009-01-13 16:27 . 2009-01-13 16:49 <DIR> d-------- c:\program files\Nero
2009-01-13 16:26 . 2009-01-13 17:25 <DIR> d-------- c:\program files\Common Files\Nero
2009-01-13 16:26 . 2009-01-13 16:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nero
2009-01-13 15:25 . 2009-01-13 15:25 <DIR> d-------- c:\program files\Reference Assemblies
2009-01-13 15:25 . 2009-01-13 15:25 <DIR> d-------- c:\program files\Microsoft.NET
2009-01-13 15:13 . 2009-01-13 15:13 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\DAEMON Tools Pro
2009-01-13 15:13 . 2009-01-13 15:13 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\DAEMON Tools
2009-01-13 15:11 . 2009-01-13 15:19 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
2009-01-13 15:11 . 2009-01-13 15:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-01-13 15:07 . 2009-01-13 15:14 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\DAEMON Tools Lite
2009-01-13 15:07 . 2009-01-13 15:07 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-01-12 19:38 . 2009-01-12 19:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Digsby
2009-01-12 19:31 . 2009-01-12 19:31 <DIR> d--hs---- c:\documents and settings\Nesa Savkovic\PrivacIE
2009-01-12 19:19 . 2009-01-12 19:19 <DIR> d--h-c--- c:\windows\ie8
2009-01-12 18:47 . 2009-01-12 18:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\Winferno
2009-01-12 18:44 . 2009-01-12 18:44 <DIR> d-------- c:\program files\Digsby
2009-01-12 18:44 . 2009-01-12 19:38 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Digsby
2009-01-12 18:41 . 2009-01-12 18:41 <DIR> d-------- c:\program files\Smart-Shopper
2009-01-12 18:41 . 2009-01-17 17:37 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Smart-Shopper
2009-01-12 01:24 . 2009-01-12 01:24 <DIR> d-------- c:\program files\Real
2009-01-12 01:24 . 2009-01-12 01:24 <DIR> d-------- c:\program files\Common Files\xing shared
2009-01-12 01:24 . 2009-01-12 01:24 <DIR> d-------- c:\program files\Common Files\Real
2009-01-12 00:51 . 2009-01-12 15:10 <DIR> d-------- c:\windows\SxsCaPendDel
2009-01-11 21:10 . 2009-01-11 21:10 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\vlc
2009-01-11 21:04 . 2009-01-11 21:04 <DIR> d-------- c:\program files\VideoLAN
2009-01-11 20:47 . 2008-07-31 23:17 9,200 --------- c:\windows\system32\drivers\cdralw2k.sys
2009-01-11 20:47 . 2008-07-31 23:17 9,072 --------- c:\windows\system32\drivers\cdr4_xp.sys
2009-01-11 20:46 . 2009-01-11 20:46 <DIR> d-------- c:\windows\system32\IOSUBSYS
2009-01-10 23:52 . 2009-01-10 23:52 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\CyberLink
2009-01-10 16:59 . 2009-01-10 16:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\CyberLink
2009-01-10 16:58 . 2009-01-10 16:58 <DIR> d-------- c:\program files\CyberLink
2009-01-10 16:03 . 2009-01-16 19:35 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\FaxCtr
2009-01-10 15:59 . 2009-01-10 15:59 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Lexmark Productivity Studio
2009-01-10 15:57 . 2009-01-10 15:57 <DIR> d-------- c:\program files\lx_cats
2009-01-10 15:56 . 2009-01-10 15:56 <DIR> d-------- C:\logs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-14 20:29 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-14 00:21 --------- d-----w c:\program files\Ahead
2009-01-13 19:14 --------- d-----w c:\program files\Google
2009-01-09 17:49 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-12-29 15:34 --------- d-----w c:\program files\Common Files\InstallShield
2008-12-29 11:08 --------- d-----w c:\program files\PowerQuest
2008-12-29 11:03 --------- d-----w c:\program files\ESET
2008-12-29 11:03 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\ESET
2008-12-29 11:00 --------- d-----w c:\program files\Microsoft ActiveSync
2008-12-29 10:46 --------- d-----w c:\documents and settings\All Users\Application Data\nView_Profiles
2008-12-29 10:39 --------- d-----w c:\program files\Realtek
2008-12-29 10:38 --------- d-----w c:\program files\totalcmd
2008-12-29 10:36 --------- d-----w c:\program files\Analog Devices
2008-12-29 10:27 --------- d-----w c:\program files\Intel
2008-12-29 10:18 --------- d-----w c:\program files\microsoft frontpage
.

------- Sigcheck -------

2004-08-04 09:56 974336 a5c1f2cf7c31874e66478910b43d6513 c:\windows\explorer.exe
2004-08-04 09:56 974336 a5c1f2cf7c31874e66478910b43d6513 c:\windows\system32\dllcache\explorer.exe

2004-08-04 09:56 100864 80cb133bd6c830e8ca7e90015e45c1cd c:\windows\system32\wuauclt.exe
2004-08-04 09:56 100864 80cb133bd6c830e8ca7e90015e45c1cd c:\windows\system32\dllcache\wuauclt.exe
.
((((((((((((((((((((((((((((( snapshot@2009-01-17_21.08.17.54 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-10-18 20:04:50 315,904 ----a-w c:\windows\inf\unregmp2.exe
+ 2006-11-03 09:01:20 317,952 ----a-w c:\windows\inf\unregmp2.exe
- 2008-12-29 10:21:05 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-01-17 20:40:01 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-12-29 10:21:05 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-01-17 20:40:01 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-12-29 10:21:05 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-17 20:40:01 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-10-18 20:04:54 1,669,120 -c--a-w c:\windows\system32\dllcache\setup_wm.exe
+ 2006-11-03 09:02:36 1,678,848 -c--a-w c:\windows\system32\dllcache\setup_wm.exe
- 2006-10-18 20:04:50 315,904 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
+ 2006-11-03 09:01:20 317,952 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
- 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-24 06:03:44 218,496 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2009-01-13 20:18:11 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-01-17 21:29:47 70,264 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2008-06-12 10:27:58 16,928 ------w c:\windows\system32\spmsg.dll
+ 2006-09-25 16:58:48 14,640 ------w c:\windows\system32\spmsg.dll
- 2006-10-18 21:47:20 8,231,936 ----a-w c:\windows\system32\wmploc.dll
+ 2008-01-15 16:34:26 16,561,664 ----a-w c:\windows\system32\wmploc.dll
- 2006-10-18 21:47:22 38,400 ------w c:\windows\system32\wpdshextres.dll
+ 2006-10-18 20:47:22 38,400 ------w c:\windows\system32\wpdshextres.dll
+ 2009-01-18 15:58:16 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7fc.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 17:20 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar1.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar1.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-02 3399727]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Google Update"="c:\documents and settings\Nesa Savkovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-01-13 119280]
"Anonymizer"="c:\program files\Anonymizer\Anonymizer Software\Anonymizer.exe" [2008-11-17 1557176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NodLogin"="c:\program files\ESET\ESET Smart Security\nodlogin.exe" [2008-06-19 358632]
"TrialReset"="c:\windows\fix.exe" [2008-04-28 208353]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-30 2595616]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-30 909208]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-30 140568]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-08 136600]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-06-10 1447168]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 925696]
"Launch Ai Booster"="c:\program files\ASUS\AI Booster\OverClk.exe" [2006-07-24 3712512]
"lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-06-11 291760]
"lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-04-30 20480]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2007-06-11 312240]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-12 185872]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2008-05-09 155648]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 c:\windows\system32\HdAShCut.exe]
"nwiz"="nwiz.exe" [2006-06-01 c:\windows\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 c:\windows\system32\nvmctray.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2006-06-01 10:22 7618560 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\WINDOWS\\system32\\lxddcoms.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\App4R.exe"=
"c:\\Documents and Settings\\Nesa Savkovic\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Nesa Savkovic\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2815:TCP"= 2815:TCP:*:Disabled:SolidNetworkManager
"2815:UDP"= 2815:UDP:*:Disabled:SolidNetworkManager

R4 AnonMgmtSvc;Anonymizer Management Service;c:\program files\Anonymizer\Anonymizer Software\Common\AnonMgmtSvc.exe [2008-11-17 37560]
R4 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-06-10 468224]
R4 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2009-01-15 1527900]
S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2009-01-15 544768]
S4 Adidrvqrsw;Adidrvqrsw; [x]
S4 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [2009-01-10 99248]
.
Contents of the 'Scheduled Tasks' folder

2009-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1425521274-839522115-1003.job
- c:\documents and settings\Nesa Savkovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-13 12:56]

2009-01-18 c:\windows\Tasks\User_Feed_Synchronization-{EFE6DB31-551B-458A-B3E5-2F7509E8D4CD}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 03:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.rs/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {4CF088BD-BE95-40a5-BE9B-677F8683EDEA} - c:\program files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
FF - ProfilePath - c:\documents and settings\Nesa Savkovic\Application Data\Mozilla\Firefox\Profiles\ef28r5vq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561457&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\documents and settings\Nesa Savkovic\Application Data\Mozilla\Firefox\Profiles\ef28r5vq.default\extensions\{b23920f4-4c2f-412b-9450-1d7028d5454e}\components\FFAlert.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\Mozilla Firefox 3.1 Beta 2\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\Nesa Savkovic\Application Data\Mozilla\Firefox\Profiles\ef28r5vq.default\extensions\SolidStateION@solidstatenetworks.com\plugins\npssn.dll
FF - plugin: c:\documents and settings\Nesa Savkovic\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Nesa Savkovic\Local Settings\Application Data\Google\Update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox 3.1 Beta 2\plugins\npvlc.dll

---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-01-18 16:58:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1288-)
c:\windows\system32\relog_ap.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxddcoms.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\slserv.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\windows\system32\rundll32.exe
c:\program files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Anonymizer\Anonymizer Software\Common\AnonProxy.exe
.
**************************************************************************
.
Completion time: 2009-01-18 17:01:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-01-18 16:01:43
ComboFix2.txt 2009-01-17 23:08:56
ComboFix3.txt 2009-01-17 20:08:59

Pre-Run: 16.403.718.144 bytes free
Post-Run: 16,390,119,424 bytes free

342

Dopuna: 18 Jan 2009 17:47

Jel sam sada cist?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

To bi bilo to.

Uradi jos ovo:

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi
Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji
Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

samo mi jos reci da li mije sada komp cist i da li je bilo neke zaraze?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Bilo je zaraze. Ali nista strasno.

Sad si cist.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hvala puno!!!!!!!!!