MyCity » Ambulanta -> Arhiva Ambulante » KIS 7 firewall problem

KIS 7 firewall problem

Napisano na dan: 8.3.2009

KIS 7 firewall problem

Sledeća strana

Pagination

Odgovori

goust Poslao: 08 Mar 2009 21:16 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:07:43, on 3/8/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\WZCBDL Service\WZCBDLS.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Documents and Settings\Sasa\Desktop\New Folder (5)\TR3.exe..exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [Link mogu videti samo ulogovani korisnici] O17 - HKLM\System\CCS\Services\Tcpip\..\{452B4B9D-8E42-4A95-A1E3-ED449F0CE1ED}: NameServer = 89.216.49.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{709CB5D1-1D55-4427-8B76-774C76E980BA}: NameServer = 82.208.201.4 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: WZCBDL Service (WZCBDLService) - D-Link - C:\Program Files\WZCBDL Service\WZCBDLS.exe O24 - Desktop Component 0: (no name) - [Link mogu videti samo ulogovani korisnici] -- End of file - 7479 bytes

Profil

helen1 Poslao: 08 Mar 2009 21:26 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8653 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Koji je problem?

Profil

goust Poslao: 08 Mar 2009 21:37 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kompjuter mi je u trenutku instaliranja nekog grafickog programa gotovo potpuno blokirao da bi se zatim KIS iskljucio i na njegovom panelu pokazao da Firewall ne radi. Kako pokusam da startujem firewall istog trenutka se KIS sam iskljucuje i ponovo startuje, ali i dalje ne krece firewall zastita. Taj graficki program sam zatim deinstalirao i izbrisao sa harda, ali nema promena. Dopuna: 08 Mar 2009 21:37 KIS mi daje sledece obavestenje Firewal Intrusion Detection System Failed

Profil

helen1 Poslao: 08 Mar 2009 21:40 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8653 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pogledacu: * Klikni desnim tasterom na Kaspersky ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Pause Protection. * U prozoru koji se otvori, izaberi By User Request. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ---------------------- Ako ti je aktivan SpyBot uradi sledece: Pokrenite Spybot S&D Kliknite Mode stavku u meniju Odaberite Advance Mode Na traci levo kliknite na Tools Kliknite na Resident Destiklirajte Resident Tea-Timer Zatvorite Spybot S&D Restartujte kompjuter. - Zatim skinuti program sa ovog linka na Desktop. - Pokrenuti ga dvoklikom i ispratiti uputstva. Nemojte zaboraviti da ponovo ukljucite ove opcije kada zavrsimo ciscenje. ----------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

goust Poslao: 08 Mar 2009 22:51 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-03-06.02 - Sasa 2009-03-08 22:09:37.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.255.37 [GMT 1:00] Running from: c:\documents and settings\Sasa\Desktop\ComboFix.exe AV: Kaspersky Internet Security On-access scanning disabled (Updated) FW: Kaspersky Internet Security disabled . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\imgdoc2.dll C:\kmd.exe c:\windows\msnimport.exe c:\windows\system32\drivers\seneka.sys c:\windows\system32\drivers\senekadntpebif.sys c:\windows\system32\senekaawilmqvi.dat c:\windows\system32\senekadxbycceb.dat c:\windows\system32\senekaovwiyaig.dll c:\windows\system32\senekaqtbmwdxp.dll c:\windows\system32\senekaxflreafq.dll c:\windows\system32\Setup_ver1.1431.0.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SENEKA ((((((((((((((((((((((((( Files Created from 2009-02-08 to 2009-03-08 ))))))))))))))))))))))))))))))) . 2009-03-08 20:11 . 2009-03-08 20:11 <DIR> d-------- c:\documents and settings\Sasa\Application Data\MakeUpPilot 2009-03-03 13:26 . 2009-03-03 13:26 131,536 --a------ C:\sposinfo_smf1.sql 2009-03-01 15:29 . 2009-03-01 15:29 15,649 --a------ C:\index.php~ 2009-02-26 15:00 . 2009-02-26 15:02 56 --a------ c:\windows\UniqueGiftMaker.INI 2009-02-26 14:56 . 2009-03-08 20:33 <DIR> d-------- c:\program files\UniqueGiftMaker 2 VE 2009-02-26 14:56 . 2004-06-09 15:59 939,224 --a------ c:\windows\system32\flash.ocx 2009-02-19 15:18 . 2002-08-28 11:09 611,840 --a------ c:\windows\system32\vobhw.dll 2009-02-19 15:18 . 2002-09-26 17:34 153,088 --a------ c:\windows\system32\IWUninstall.exe 2009-02-19 15:18 . 2000-04-27 12:31 19,456 --a------ c:\windows\system32\asapi.dll 2009-02-19 15:18 . 2002-04-17 20:27 11,264 --a------ c:\windows\system32\drivers\asapi.sys 2009-02-19 15:17 . 2009-02-19 15:17 <DIR> d-------- c:\program files\VOB 2009-02-19 15:14 . 2009-03-08 20:25 <DIR> d-------- c:\program files\Steinberg 2009-02-14 15:31 . 2009-03-08 20:30 <DIR> d-------- c:\program files\Photo Effects Studio 2009-02-11 18:15 . 2009-02-11 18:16 1,374 --a------ c:\windows\imsins.BAK 2009-02-11 15:09 . 2009-02-19 12:15 <DIR> d-------- c:\documents and settings\Sasa\Application Data\Skype 2009-02-11 15:08 . 2009-02-11 15:08 <DIR> d-------- c:\program files\Common Files\Skype . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-08 21:21 16,067,104 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-03-08 21:19 608,288 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-03-08 21:17 60,116 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-03-08 21:17 229,760 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-03-08 20:50 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-03-08 20:44 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-08 19:26 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-08 19:21 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-03-06 20:05 1,248 --sha-w C:\4lxjovma.sys 2009-03-05 11:14 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-02-26 18:43 --------- d-----w c:\program files\Microsoft Silverlight 2009-02-19 10:48 --------- d-----w c:\documents and settings\Sasa\Application Data\skypePM 2009-02-17 21:05 --------- d-----w c:\program files\Windows Live 2009-02-11 14:08 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-11 14:08 --------- d-----r c:\program files\Skype 2009-02-07 16:19 --------- d-----w c:\program files\MusicLab 2009-02-06 21:20 --------- d-----w c:\documents and settings\Sasa\Application Data\Netscape 2009-02-06 21:18 --------- d-----w c:\program files\Photodex 2009-02-06 21:17 --------- d-----w c:\documents and settings\Sasa\Application Data\Photodex 2009-02-06 18:03 307,576 ----a-w c:\windows\WLXPGSS.SCR 2009-02-04 10:22 --------- d-----w c:\program files\Morpheus Photo Animation Suite 2009-02-04 10:22 --------- d-----w c:\documents and settings\Sasa\Application Data\Morpheus Software 2009-02-03 18:02 89,601 ----a-w c:\windows\system32\drivers\klick.dat 2009-02-03 18:02 101,287 ----a-w c:\windows\system32\drivers\klin.dat 2009-01-31 20:41 --------- d-----w c:\program files\Google 2009-01-30 10:07 --------- d-----w c:\program files\Lexmark X1100 Series 2009-01-27 20:39 --------- d-----w c:\program files\CCleaner 2009-01-22 14:32 --------- d-----w c:\program files\home plan software 2009-01-17 07:50 --------- d-----w c:\program files\URUSoft 2009-01-13 22:35 --------- d-----w c:\program files\GoldWave 2009-01-13 11:58 --------- d-----w c:\program files\Microsoft Office Outlook Connector 2009-01-13 11:58 --------- d-----w c:\program files\Microsoft 2009-01-13 11:55 --------- d-----w c:\program files\Microsoft Sync Framework 2009-01-13 11:52 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-01-13 11:49 --------- d-----w c:\program files\Windows Live SkyDrive . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-05-19 218640] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "msacm.divxa32"= divxa32.acm [HKLM\~\startupfolder\C:^Documents and Settings^Sasa^Start Menu^Programs^Startup^BWMeter.lnk] backup=c:\windows\pss\BWMeter.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Sasa^Start Menu^Programs^Startup^Corel Registration.lnk] backup=c:\windows\pss\Corel Registration.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Memory Improve Professional HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnsyslog HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP] --a------ 2007-05-19 22:36 218640 c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2008-04-14 05:42 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link Air Utility] --a--c--- 2003-06-26 18:13 2695168 c:\program files\D-Link\Air Utility\AirCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] --a------ 2009-02-06 18:08 454000 c:\program files\Windows Live\Family Safety\fsui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] --a----t- 2008-09-03 09:02 133104 c:\documents and settings\Sasa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series] --a------ 2003-08-19 15:43 57344 c:\program files\Lexmark X1100 Series\lxbkbmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2009-02-06 18:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a--c--- 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] -ra--c--- 2003-09-24 12:32 5033984 c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] -ra--c--- 2003-09-24 12:32 49152 c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a--c--- 2007-12-21 09:56 282624 c:\program files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rfagent] --a------ 2008-11-24 16:48 916800 c:\program files\RFA\rfagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2009-02-04 12:27 23975720 c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] -rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a--c--- 2007-09-25 01:11 132496 c:\program files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweeper.exe] --a--c--- 2006-06-02 22:42 176128 c:\program files\History Sweeper\sweeper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009] --a------ 2007-05-18 13:37 4243712 d:\sortirani softveri\Optimizeri\Uniblue\Registry_Booster_v2.0.1041.3208\registrybooster.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] -ra--c--- 2003-09-24 12:32 741376 c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] --a--c--- 2003-06-10 12:12 55296 c:\windows\soundman.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "EasyHideIP"=2 (0x2) "WLSetupSvc"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"= "c:\\totalcmd\\TOTALCMD.EXE"= "c:\\Program Files\\Microsoft Office\\OFFICE11\\POWERPNT.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2009-02-19 11264] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-01-13 55136] R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] R2 NIOC;NIOC Service;c:\windows\system32\NIOC.sys [2002-09-27 22912] R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 WZCBDLService;WZCBDL Service;c:\program files\WZCBDL Service\WZCBDLS.exe [2002-03-19 36864] R3 dsnpfd;DeskSoft Service;c:\windows\system32\drivers\dsnpfd.sys [2007-12-27 16896] R3 NETDLWL;D-Link Air Wireless Adapter(DL) NT Driver;c:\windows\system32\drivers\NETDLWL.sys [2007-12-20 159104] S1 SASDIFSV;SASDIFSV; [x] S1 SASKUTIL;SASKUTIL; [x] S2 ioloFileInfoList;iolo FileInfoList Service; [x] S2 ioloSystemService;iolo System Service; [x] S3 SASENUM;SASENUM; [x] S3 SetupNTGLM7X;SetupNTGLM7X; [x] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5be72ef6-7412-11dd-a6f5-000d8842d32c}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs . Contents of the 'Scheduled Tasks' folder 2009-03-08 c:\windows\Tasks\GoogleUpdateTaskUser.job - c:\documents and settings\Sasa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 09:02] 2009-03-07 c:\windows\Tasks\PerfectOptimzier_OneClick.job - c:\program files\Perfect Optimizer\PerfectOptimizer.exe [] . - - - - ORPHANS REMOVED - - - - WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) MSConfigStartUp-Microsoft WinUpdate - c:\windows\system32\Setup_ver1.1431.0.exe MSConfigStartUp-PerfectOptimizer - c:\program files\Perfect Optimizer\PerfectOptimizer.exe MSConfigStartUp-RamCleaner - c:\program files\RamCleaner\ramcore.exe MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe . ------- Supplementary Scan ------- . uLocal Page = c:\windows\PCHealth\HelpCtr\System\panels\blank.htm mLocal Page = c:\windows\PCHealth\HelpCtr\System\panels\blank.htm uInternet Settings,ProxyOverride = <local> uInternet Settings,ProxyServer = <local> uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] IE: Open using &Advanced JPEG Compressor TCP: {709CB5D1-1D55-4427-8B76-774C76E980BA} = 82.208.201.4 DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java FF - ProfilePath - c:\documents and settings\Sasa\Application Data\Mozilla\Firefox\Profiles\exj910z2.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - plugin: c:\documents and settings\Sasa\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npsabffx.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\windows\system32\SuperAdBlocker.com\npsabffx.dll ---- FIREFOX POLICIES ---- FF - user.js: network.proxy.type - 0 . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-03-08 22:20:07 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1320) c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll c:\windows\system32\klogon.dll - - - - - - - > 'lsass.exe'(1376) c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Photodex\ProShowProducer\scsiaccess.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2009-03-08 22:26:35 - machine was rebooted ComboFix-quarantined-files.txt 2009-03-08 21:26:30 Pre-Run: 3,954,348,032 bytes free Post-Run: 3,827,867,648 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn 261 --- E O F --- 2009-02-26 13:13:20 Dopuna: 08 Mar 2009 22:51 Ne znam sta si mu uradio, ali KIS sad radi sasvim ok.

Profil

helen1 Poslao: 09 Mar 2009 01:17 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8653 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Iskljuci ponovo zastitu: Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\4lxjovma.sys Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5be72ef6-7412-11dd-a6f5-000d8842d32c}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. -------------- Jel su ti ovi fajlovi poznati: C:\sposinfo_smf1.sql C:\index.php~

Profil

MyCity » Ambulanta -> Arhiva Ambulante » KIS 7 firewall problem

Ko je trenutno na forumu

Ukupno su 2887 korisnika na forumu :: 75 registrovanih, 6 sakrivenih i 2806 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., AleksSE, amonsrb, aramis s, asdfjklc, avijacija, Bane san, bavar357, Bobanzd, Bojan198527, bunker, BZ, carinko, cyprus, darkdruid72, Djokislav, djonsule, Dovla 1980, DragoslavS, DS01, Dukelander, dusanobr, Ercomero, Gagi193, Gall, GH69, Giskard, goran.vvv, gost321, gripen, Hemi, hnjo, Ivoo, Kajzer Soze, Khaless, Kozara1, krca73, krkalon, Kukuvaja, kybonacci, laganini123, Levi, lord sir giga, Maki1981, mango, markolopin, Mihajlo, Miki281, mix1, Mićko, mp7, okopanja, oldusername, Perudin_92, probisic, rakivan, Raso75, raster12, RJ, sale76, SamoGledam, saputnik plavetnila, sarma, Savantije, sekretar, Siti2, skylab1111, Tamna_strana_Meseca, tmanda323, TRAVUNIJA, Troja, volimpivuvolimrakiju, zemljanin, Žrnov, ČOBAN

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by