MyCity » Ambulanta -> Arhiva Ambulante » Jel tu sve ok?

Jel tu sve ok?

Napisano na dan: 6.8.2009

Jel tu sve ok?

Sledeća strana

Pagination

Odgovori

zakonce Poslao: 06 Avg 2009 02:09 Idi na vrh
offline zakonce Novi MyCity građanin Pridružio: 06 Avg 2009 Poruke: 2	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imao sam neki viruse, pa probao sam da gi ocistim.. jel je sada sve ok? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:59:49 AM, on 8/6/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5503) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Atheros\ACU.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: CCC.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: cru629.dat O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 4741 bytes ty

Profil

argus Poslao: 06 Avg 2009 09:30 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

zakonce Poslao: 06 Avg 2009 13:34 Idi na vrh
offline zakonce Novi MyCity građanin Pridružio: 06 Avg 2009 Poruke: 2	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 06 Avg 2009 12:29 evo : ComboFix 09-08-04.04 - amc 08/06/2009 12:19.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1375 [GMT 2:00] Running from: c:\documents and settings\amc\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\-1665576569 c:\documents and settings\amc\Local Settings\Temporary Internet Files\ikisaf.dll c:\documents and settings\amc\Local Settings\Temporary Internet Files\iruvinu.com c:\documents and settings\amc\Local Settings\Temporary Internet Files\xegapa.dat . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NWCWORKSTATION -------\Service_NWCWorkstation ((((((((((((((((((((((((( Files Created from 2009-07-06 to 2009-08-06 ))))))))))))))))))))))))))))))) . 2009-08-05 23:58 . 2009-08-05 23:58 -------- d-----w- c:\program files\Trend Micro 2009-08-05 19:58 . 2009-08-05 19:58 -------- d-----w- c:\documents and settings\amc\Application Data\Malwarebytes 2009-08-05 19:58 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-05 19:58 . 2009-08-05 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-05 19:58 . 2009-08-05 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-08-05 19:58 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-08-05 19:31 . 2009-08-05 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-08-05 19:31 . 2009-08-05 19:34 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-08-05 19:30 . 2009-07-03 14:49 15688 ----a-w- c:\windows\system32\lsdelete.exe 2009-08-05 17:47 . 2009-07-03 14:49 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys 2009-08-05 17:47 . 2009-08-05 17:47 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864} 2009-08-05 17:47 . 2009-07-08 17:28 2920112 -c--a-w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe 2009-08-05 17:46 . 2009-08-05 17:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-08-05 17:46 . 2009-08-05 17:46 -------- d-----w- c:\program files\Lavasoft 2009-08-01 15:52 . 2009-08-01 15:52 138944 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-01 15:52 . 2009-08-01 15:52 189784 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-01 15:39 . 2009-08-01 15:57 347200 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll 2009-08-01 15:39 . 2009-08-01 15:40 453696 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\baseq3\qagamex86.dll 2009-08-01 15:39 . 2009-08-01 15:39 -------- d-----w- c:\documents and settings\amc\Local Settings\Application Data\PunkBuster 2009-08-01 15:39 . 2009-08-01 15:57 179264 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\baseq3\uix86.dll 2009-08-01 15:39 . 2009-08-01 15:52 874660 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\pb\pbcl.dll 2009-08-01 15:39 . 2009-08-01 15:52 57344 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\pb\pbag.dll 2009-08-01 15:39 . 2009-08-01 15:52 2657344 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\baseq3\quakelive.dll 2009-08-01 15:32 . 2009-08-01 15:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-01 15:32 . 2009-08-01 15:32 -------- d-----w- c:\documents and settings\amc\Application Data\id Software 2009-08-01 15:32 . 2009-08-01 15:32 2373712 ----a-w- c:\windows\system32\pbsvc.exe 2009-08-01 15:32 . 2009-08-01 15:32 -------- d-----w- c:\documents and settings\All Users\Application Data\id Software 2009-08-01 12:23 . 2009-08-01 12:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET 2009-07-29 11:17 . 2009-07-29 11:17 -------- d-----w- c:\documents and settings\amc\Local Settings\Application Data\ESET 2009-07-29 11:16 . 2009-07-29 11:16 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2009-07-28 12:20 . 2009-07-28 12:20 625728 ----a-w- c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll 2009-07-12 10:02 . 2009-07-12 10:02 -------- d-----w- c:\documents and settings\amc\Local Settings\Application Data\Blizzard Entertainment . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-06 10:11 . 2009-06-25 14:22 -------- d-----w- c:\program files\World of Warcraft 2009-08-01 15:05 . 2009-06-19 11:26 -------- d-----w- c:\program files\Garena 2009-07-25 17:03 . 2009-07-01 12:08 -------- d-----w- c:\program files\BS_Player 2009-07-18 13:35 . 2009-07-18 12:57 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-07-18 13:34 . 2009-07-18 12:57 4096 ----a-w- c:\windows\system32\detoured.dll 2009-07-16 10:56 . 2009-07-01 12:08 -------- d-----w- c:\documents and settings\amc\Application Data\BSplayer 2009-07-06 12:01 . 2009-07-06 12:01 2373712 ----a-w- c:\documents and settings\All Users\Application Data\id Software\QuakeLive\pbsvc.exe 2009-07-03 02:54 . 2009-06-18 11:32 -------- d-----w- c:\program files\Warcraft III 2009-07-02 10:33 . 2009-06-05 13:15 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-01 12:08 . 2009-07-01 12:08 -------- d-----w- c:\program files\Conduit 2009-07-01 12:08 . 2009-07-01 12:08 -------- d-----w- c:\program files\Webteh 2009-07-01 12:08 . 2009-07-01 12:08 -------- d-----w- c:\documents and settings\amc\Application Data\BSplayer Pro 2009-07-01 12:05 . 2009-07-01 12:05 -------- d-----w- c:\documents and settings\amc\Application Data\CyberLink 2009-06-27 10:22 . 2009-06-05 13:16 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-27 10:22 . 2009-06-05 13:15 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-26 11:15 . 2009-06-26 11:15 0 ----a-w- c:\windows\nsreg.dat 2009-06-25 17:09 . 2009-06-25 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard 2009-06-25 14:56 . 2009-06-25 14:22 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2009-06-19 11:24 . 2009-06-19 10:57 77096 ----a-w- c:\windows\War3Unin.dat 2009-06-19 11:13 . 2009-06-19 10:57 2829 ----a-w- c:\windows\War3Unin.pif 2009-06-19 11:13 . 2009-06-19 10:57 139264 ----a-w- c:\windows\War3Unin.exe 2009-06-06 16:25 . 2009-06-05 14:44 42752 ----a-w- c:\documents and settings\amc\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-06 15:42 . 2009-06-05 12:31 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-06-05 14:42 . 2009-06-05 14:42 0 ----a-w- c:\windows\ativpsrm.bin 2009-06-05 14:26 . 2009-06-05 14:26 9158 ----a-r- c:\documents and settings\amc\Application Data\Microsoft\Installer\{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe 2009-06-05 14:26 . 2009-06-05 14:26 10134 ----a-r- c:\documents and settings\amc\Application Data\Microsoft\Installer\{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}\ARPPRODUCTICON.exe 2009-06-05 14:13 . 2009-06-05 14:13 319488 ----a-w- c:\windows\HideWin.exe 2009-06-05 13:15 . 2009-06-05 13:15 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-06-05 12:28 . 2009-06-05 12:28 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-05-19 09:27 . 2009-05-19 09:27 114688 ----a-w- c:\documents and settings\amc\Application Data\Mozilla\Firefox\Profiles\6f1ngijk.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\npmozax.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2009-07-25 2215960] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2009-07-25 2215960] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_1.dll" [2009-07-25 2215960] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-03-07 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe" [2004-11-02 32768] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-27 1948440] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "ACU"="c:\program files\Atheros\ACU.exe" [2008-09-26 450648] "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-09-03 630784] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-09 17021440] c:\documents and settings\amc\Start Menu\Programs\Startup\ CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2007-7-17 49152] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-06-27 10:22 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [8/5/2009 7:47 PM 64160] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/5/2009 3:15 PM 335752] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/5/2009 3:15 PM 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/5/2009 3:15 PM 298776] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [6/6/2009 6:19 PM 55152] R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [6/5/2009 4:33 PM 57408] S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2/6/2009 6:08 PM 533360] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [7/3/2009 4:49 PM 1029456] . Contents of the 'Scheduled Tasks' folder 2009-08-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\amc\Application Data\Mozilla\Firefox\Profiles\6f1ngijk.default\ FF - component: c:\documents and settings\amc\Application Data\Mozilla\Firefox\Profiles\6f1ngijk.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFAlert.dll FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-08-06 12:24 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1088-) c:\windows\system32\Ati2evxx.dll c:\windows\system32\l3codeca.acm c:\windows\system32\sirenacm.dll - - - - - - - > 'explorer.exe'(2780) c:\program files\Microsoft Office\OFFICE11\msohev.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\windows\system32\acs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\windows\system32\wscntfy.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe . ************************************************************************ . Completion time: 2009-08-06 12:26 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-06 10:26 Pre-Run: 130,704,822,272 bytes free Post-Run: 130,620,555,264 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 197 Dopuna: 06 Avg 2009 13:34 zaboravio sam da isklucim Anti virus.. i evo novi gde sam isklucio : ComboFix 09-08-04.04 - amc 08/06/2009 13:25.2.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1289 [GMT 2:00] Running from: c:\documents and settings\amc\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((( Files Created from 2009-07-06 to 2009-08-06 ))))))))))))))))))))))))))))))) . 2009-08-05 23:58 . 2009-08-05 23:58 -------- d-----w- c:\program files\Trend Micro 2009-08-05 19:58 . 2009-08-05 19:58 -------- d-----w- c:\documents and settings\amc\Application Data\Malwarebytes 2009-08-05 19:58 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-05 19:58 . 2009-08-05 19:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-05 19:58 . 2009-08-05 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-08-05 19:58 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-08-05 19:31 . 2009-08-05 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-08-05 19:31 . 2009-08-05 19:34 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-08-05 19:30 . 2009-07-03 14:49 15688 ----a-w- c:\windows\system32\lsdelete.exe 2009-08-05 17:47 . 2009-07-03 14:49 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys 2009-08-05 17:47 . 2009-08-05 17:47 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864} 2009-08-05 17:47 . 2009-07-08 17:28 2920112 -c--a-w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe 2009-08-05 17:46 . 2009-08-05 17:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-08-05 17:46 . 2009-08-05 17:46 -------- d-----w- c:\program files\Lavasoft 2009-08-01 15:52 . 2009-08-01 15:52 138944 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-01 15:52 . 2009-08-01 15:52 189784 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-01 15:39 . 2009-08-01 15:57 347200 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll 2009-08-01 15:39 . 2009-08-01 15:40 453696 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\baseq3\qagamex86.dll 2009-08-01 15:39 . 2009-08-01 15:39 -------- d-----w- c:\documents and settings\amc\Local Settings\Application Data\PunkBuster 2009-08-01 15:39 . 2009-08-01 15:57 179264 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\baseq3\uix86.dll 2009-08-01 15:39 . 2009-08-01 15:52 874660 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\pb\pbcl.dll 2009-08-01 15:39 . 2009-08-01 15:52 57344 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\pb\pbag.dll 2009-08-01 15:39 . 2009-08-01 15:52 2657344 ----a-w- c:\documents and settings\amc\Application Data\id Software\quakelive\home\baseq3\quakelive.dll 2009-08-01 15:32 . 2009-08-01 15:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-01 15:32 . 2009-08-01 15:32 -------- d-----w- c:\documents and settings\amc\Application Data\id Software 2009-08-01 15:32 . 2009-08-01 15:32 2373712 ----a-w- c:\windows\system32\pbsvc.exe 2009-08-01 15:32 . 2009-08-01 15:32 -------- d-----w- c:\documents and settings\All Users\Application Data\id Software 2009-08-01 12:23 . 2009-08-01 12:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET 2009-07-29 11:17 . 2009-07-29 11:17 -------- d-----w- c:\documents and settings\amc\Local Settings\Application Data\ESET 2009-07-29 11:16 . 2009-07-29 11:16 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2009-07-28 12:20 . 2009-07-28 12:20 625728 ----a-w- c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll 2009-07-12 10:02 . 2009-07-12 10:02 -------- d-----w- c:\documents and settings\amc\Local Settings\Application Data\Blizzard Entertainment . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-06 10:59 . 2009-06-25 14:22 -------- d-----w- c:\program files\World of Warcraft 2009-08-01 15:05 . 2009-06-19 11:26 -------- d-----w- c:\program files\Garena 2009-07-25 17:03 . 2009-07-01 12:08 -------- d-----w- c:\program files\BS_Player 2009-07-18 13:35 . 2009-07-18 12:57 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-07-18 13:34 . 2009-07-18 12:57 4096 ----a-w- c:\windows\system32\detoured.dll 2009-07-16 10:56 . 2009-07-01 12:08 -------- d-----w- c:\documents and settings\amc\Application Data\BSplayer 2009-07-06 12:01 . 2009-07-06 12:01 2373712 ----a-w- c:\documents and settings\All Users\Application Data\id Software\QuakeLive\pbsvc.exe 2009-07-03 02:54 . 2009-06-18 11:32 -------- d-----w- c:\program files\Warcraft III 2009-07-02 10:33 . 2009-06-05 13:15 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-01 12:08 . 2009-07-01 12:08 -------- d-----w- c:\program files\Conduit 2009-07-01 12:08 . 2009-07-01 12:08 -------- d-----w- c:\program files\Webteh 2009-07-01 12:08 . 2009-07-01 12:08 -------- d-----w- c:\documents and settings\amc\Application Data\BSplayer Pro 2009-07-01 12:05 . 2009-07-01 12:05 -------- d-----w- c:\documents and settings\amc\Application Data\CyberLink 2009-06-27 10:22 . 2009-06-05 13:16 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-27 10:22 . 2009-06-05 13:15 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-26 11:15 . 2009-06-26 11:15 0 ----a-w- c:\windows\nsreg.dat 2009-06-25 17:09 . 2009-06-25 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard 2009-06-25 14:56 . 2009-06-25 14:22 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2009-06-19 11:24 . 2009-06-19 10:57 77096 ----a-w- c:\windows\War3Unin.dat 2009-06-19 11:13 . 2009-06-19 10:57 2829 ----a-w- c:\windows\War3Unin.pif 2009-06-19 11:13 . 2009-06-19 10:57 139264 ----a-w- c:\windows\War3Unin.exe 2009-06-06 16:25 . 2009-06-05 14:44 42752 ----a-w- c:\documents and settings\amc\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-06 15:42 . 2009-06-05 12:31 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-06-05 14:42 . 2009-06-05 14:42 0 ----a-w- c:\windows\ativpsrm.bin 2009-06-05 14:26 . 2009-06-05 14:26 9158 ----a-r- c:\documents and settings\amc\Application Data\Microsoft\Installer\{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe 2009-06-05 14:26 . 2009-06-05 14:26 10134 ----a-r- c:\documents and settings\amc\Application Data\Microsoft\Installer\{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}\ARPPRODUCTICON.exe 2009-06-05 14:13 . 2009-06-05 14:13 319488 ----a-w- c:\windows\HideWin.exe 2009-06-05 13:15 . 2009-06-05 13:15 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-06-05 12:28 . 2009-06-05 12:28 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-05-19 09:27 . 2009-05-19 09:27 114688 ----a-w- c:\documents and settings\amc\Application Data\Mozilla\Firefox\Profiles\6f1ngijk.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\npmozax.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2009-07-25 2215960] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2009-07-25 2215960] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_1.dll" [2009-07-25 2215960] [HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-03-07 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe" [2004-11-02 32768] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-27 1948440] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "ACU"="c:\program files\Atheros\ACU.exe" [2008-09-26 450648] "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-09-03 630784] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-09 17021440] c:\documents and settings\amc\Start Menu\Programs\Startup\ CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2007-7-17 49152] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-06-27 10:22 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [8/5/2009 7:47 PM 64160] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/5/2009 3:15 PM 335752] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/5/2009 3:15 PM 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/5/2009 3:15 PM 298776] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [6/6/2009 6:19 PM 55152] R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [7/3/2009 4:49 PM 1029456] R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [6/5/2009 4:33 PM 57408] S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2/6/2009 6:08 PM 533360] . Contents of the 'Scheduled Tasks' folder 2009-08-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\amc\Application Data\Mozilla\Firefox\Profiles\6f1ngijk.default\ FF - component: c:\documents and settings\amc\Application Data\Mozilla\Firefox\Profiles\6f1ngijk.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFAlert.dll FF - plugin: c:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-08-06 13:28 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1088-) c:\windows\system32\Ati2evxx.dll c:\windows\system32\l3codeca.acm c:\windows\system32\sirenacm.dll . Completion time: 2009-08-06 13:29 ComboFix-quarantined-files.txt 2009-08-06 11:29 ComboFix2.txt 2009-08-06 10:26 Pre-Run: 130,018,668,544 bytes free Post-Run: 130,000,916,480 bytes free 162

Profil

argus Poslao: 06 Avg 2009 14:10 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada bi trebalo da je sve ok, imas li nesto da dodas ? Ako je sve u redu, uradi sledece: Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Jel tu sve ok?

Ko je trenutno na forumu

Ukupno su 1086 korisnika na forumu :: 38 registrovanih, 2 sakrivenih i 1046 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: amaterSRB, babaroga, Ben Roj, Bobrock1, bojank, Boris Bosiljčić, cenejac111, cifra, Dannyboy, darkstar101, djboj, doktor1964, draganl, dragoljub11987, Dukelander, gorican, goxin, ILGromovnik, Ivica1102, Joja, kinez88, kobaja77, m0nstrum_, mačković, Mercury, mile23, milenko crazy north, Milos82, Miškić, nenad81, radionica1, Romibrat, Srle993, Steeeefan, Valter071, Vatreni Zmaj, virked, Webb

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by