MyCity » Ambulanta -> Arhiva Ambulante » Molim vas pogledajte mi racunar...!!! Nesto nije u redu...!!

Molim vas pogledajte mi racunar...!!! Nesto nije u redu...!!

Napisano na dan: 1.9.2009

Molim vas pogledajte mi racunar...!!! Nesto nije u redu...!!

Sledeća strana

Pagination

Odgovori

50nE Poslao: 01 Sep 2009 18:29 Idi na vrh
offline 50nE Građanin Pridružio: 01 Nov 2008 Poruke: 87 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Imam veliki problem sa racunarom. Blokira,koci....Izlazi nesto "Low memory" net baguje...Znaci postoji problem sigurno....!!! idite sta je molim vas. DDS (Ver_09-07-30.01) - NTFSx86 Run by Tina&Mina at 17:48:41.51 on Tue 09/01/2009 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.191.28 [GMT 2:00] AV: Kaspersky Anti-Virus On-access scanning enabled (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} AV: ESET NOD32 Antivirus 3.0 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe C:\Documents and Settings\Tina&Mina\My Documents\Downloads\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uURLSearchHooks: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog1.dll BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog1.dll BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll TB: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog1.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [play type] c:\docume~1\tina&m~1\applic~1\twoaim~1\Safe ace city.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Google Update] "c:\documents and settings\tina&mina\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [VTTimer] VTTimer.exe mRun: [AudioDeck] c:\program files\viaudioi\sbadeck\ADeck.exe 1 mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice IE: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx IE: Download All Links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\tina&m~1\applic~1\mozilla\firefox\profiles\665e4exy.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/ FF - plugin: c:\documents and settings\tina&mina\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox 3.1 beta 2\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox 3.1 beta 2\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2007-11-14 30728] R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2007-11-14 455936] S2 73F22677;73F22677;c:\windows\system32\82c2866.exe -k --> c:\windows\system32\82C2866.EXE -k [?] S3 S3chipid;S3chipid;\??\c:\windows\temp\_istmp0.dir\s3chipid.sys --> c:\windows\temp\_istmp0.dir\S3chipid.sys [?] =============== Created Last 30 ================ 2009-09-01 01:57 <DIR> --d----- c:\windows\ServicePackFiles ==================== Find3M ==================== 2009-08-05 11:11 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-17 20:55 58,880 a------- c:\windows\system32\atl.dll 2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll 2009-06-26 18:18 659,456 a------- c:\windows\system32\wininet.dll 2009-06-26 18:18 81,920 a------- c:\windows\system32\ieencode.dll 2009-06-25 20:36 661,504 a------- c:\windows\system32\mqqm.dll 2009-06-25 20:36 517,120 a------- c:\windows\system32\mqsnap.dll 2009-06-25 20:36 471,552 a------- c:\windows\system32\mqutil.dll 2009-06-25 20:36 225,280 a------- c:\windows\system32\mqoa.dll 2009-06-25 20:36 186,880 a------- c:\windows\system32\mqtrig.dll 2009-06-25 20:36 177,152 a------- c:\windows\system32\mqrt.dll 2009-06-25 20:36 138,240 a------- c:\windows\system32\mqad.dll 2009-06-25 20:36 123,392 a------- c:\windows\system32\mqrtdep.dll 2009-06-25 20:36 95,744 a------- c:\windows\system32\mqsec.dll 2009-06-25 20:36 48,640 a------- c:\windows\system32\mqupgrd.dll 2009-06-25 20:36 47,104 a------- c:\windows\system32\mqdscli.dll 2009-06-25 20:36 16,896 a------- c:\windows\system32\mqise.dll 2009-06-22 13:49 117,248 a------- c:\windows\system32\mqtgsvc.exe 2009-06-22 13:49 19,968 a------- c:\windows\system32\mqbkup.exe 2009-06-22 13:49 4,608 a------- c:\windows\system32\mqsvc.exe 2009-06-16 16:55 119,808 a------- c:\windows\system32\t2embed.dll 2009-06-16 16:55 82,432 a------- c:\windows\system32\fontsub.dll 2009-06-12 13:50 80,896 a------- c:\windows\system32\tlntsess.exe 2009-06-12 13:50 76,288 a------- c:\windows\system32\telnet.exe 2009-06-10 16:21 84,992 a------- c:\windows\system32\avifil32.dll 2009-06-10 08:32 132,096 a------- c:\windows\system32\wkssvc.dll 2009-06-05 09:42 655,872 a------- c:\windows\system32\mstscax.dll 2009-06-03 21:27 1,290,752 a------- c:\windows\system32\quartz.dll 2009-05-24 20:10 81,920 a------- c:\docume~1\tina&m~1\applic~1\ezpinst.exe 2009-05-24 20:10 47,360 a------- c:\docume~1\tina&m~1\applic~1\pcouffin.sys ============= FINISH: 17:49:36.62 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

dr_Bora Poslao: 01 Sep 2009 23:31 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

50nE Poslao: 02 Sep 2009 19:43 Idi na vrh
offline 50nE Građanin Pridružio: 01 Nov 2008 Poruke: 87 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dobro vece. Evo log: ComboFix 09-09-01.07 - Tina&Mina 09/02/2009 19:31.1.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.191.66 [GMT 2:00] Running from: c:\documents and settings\Tina&Mina\Desktop\ComboFix.exe AV: AntiVir Desktop On-access scanning enabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: Kaspersky Anti-Virus On-access scanning enabled (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: COMODO Firewall Pro enabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf c:\windows\system32\C4C0130A.DLL . ((((((((((((((((((((((((( Files Created from 2009-08-02 to 2009-09-02 ))))))))))))))))))))))))))))))) . 2009-09-02 17:31 . 2009-09-02 17:31 6736 ----a-w- c:\windows\system32\drivers\PROCEXP90.SYS 2009-09-01 17:06 . 2009-09-01 17:06 -------- d-----w- c:\documents and settings\Tina&Mina\Application Data\Comodo 2009-09-01 17:06 . 2009-09-01 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\comodo 2009-09-01 17:06 . 2009-09-01 17:06 81272 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2009-09-01 17:06 . 2009-09-01 17:06 75384 ----a-w- c:\windows\system32\drivers\inspect.sys 2009-09-01 17:06 . 2009-09-01 17:06 23672 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2009-09-01 17:06 . 2009-09-01 17:06 139008 ----a-w- c:\windows\system32\guard32.dll 2009-09-01 17:06 . 2009-09-01 17:06 -------- d-----w- c:\program files\COMODO 2009-09-01 17:01 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-09-01 17:01 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-09-01 17:01 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-09-01 17:01 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-09-01 17:01 . 2009-09-01 17:01 -------- d-----w- c:\program files\Avira 2009-09-01 17:01 . 2009-09-01 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-09-01 16:37 . 2009-09-01 16:37 -------- d-----w- c:\documents and settings\Tina&Mina\Application Data\URSoft 2009-09-01 16:37 . 2009-09-02 15:22 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-01 16:37 . 2009-09-01 16:47 -------- d-----w- c:\program files\Your Uninstaller 2008 2009-08-31 23:57 . 2009-08-31 23:57 -------- d-----w- c:\windows\ServicePackFiles . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-02 17:21 . 2009-02-02 18:58 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 2 2009-09-02 14:52 . 2009-02-02 18:29 -------- d-----w- c:\documents and settings\Tina&Mina\Application Data\DMCache 2009-09-01 16:57 . 2009-02-02 18:29 -------- d-----w- c:\program files\Internet Download Manager 2009-08-28 16:41 . 2009-07-12 22:12 10 ----a-w- c:\windows\popcinfo.dat 2009-08-05 09:11 . 2004-08-03 22:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-17 18:56 . 2009-07-17 18:56 -------- d-----w- c:\program files\ClocX 2009-07-17 18:55 . 2004-08-03 22:56 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 08:08 . 2004-08-03 22:56 286720 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-12 12:38 . 2009-02-02 21:44 -------- d-----w- c:\program files\ToggleEN 2009-06-26 16:18 . 2004-08-03 22:56 659456 ----a-w- c:\windows\system32\wininet.dll 2009-06-26 16:18 . 2004-08-03 22:56 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-06-25 18:36 . 2004-08-03 22:56 95744 ----a-w- c:\windows\system32\mqsec.dll 2009-06-25 18:36 . 2004-08-03 22:56 661504 ----a-w- c:\windows\system32\mqqm.dll 2009-06-25 18:36 . 2004-08-03 22:56 517120 ----a-w- c:\windows\system32\mqsnap.dll 2009-06-25 18:36 . 2004-08-03 22:56 48640 ----a-w- c:\windows\system32\mqupgrd.dll 2009-06-25 18:36 . 2004-08-03 22:56 471552 ----a-w- c:\windows\system32\mqutil.dll 2009-06-25 18:36 . 2004-08-03 22:56 47104 ----a-w- c:\windows\system32\mqdscli.dll 2009-06-25 18:36 . 2004-08-03 22:56 225280 ----a-w- c:\windows\system32\mqoa.dll 2009-06-25 18:36 . 2004-08-03 22:56 186880 ----a-w- c:\windows\system32\mqtrig.dll 2009-06-25 18:36 . 2004-08-03 22:56 177152 ----a-w- c:\windows\system32\mqrt.dll 2009-06-25 18:36 . 2004-08-03 22:56 16896 ----a-w- c:\windows\system32\mqise.dll 2009-06-25 18:36 . 2004-08-03 22:56 138240 ----a-w- c:\windows\system32\mqad.dll 2009-06-25 18:36 . 2004-08-03 22:56 123392 ----a-w- c:\windows\system32\mqrtdep.dll 2009-06-22 11:49 . 2004-08-03 22:56 19968 ----a-w- c:\windows\system32\mqbkup.exe 2009-06-22 11:49 . 2004-08-03 22:56 117248 ----a-w- c:\windows\system32\mqtgsvc.exe 2009-06-22 11:49 . 2004-08-03 22:56 4608 ----a-w- c:\windows\system32\mqsvc.exe 2009-06-22 11:48 . 2004-08-03 20:58 91776 ----a-w- c:\windows\system32\drivers\mqac.sys 2009-06-19 20:57 . 2009-02-02 19:02 18048 ----a-w- c:\documents and settings\Tina&Mina\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-16 14:55 . 2004-08-03 22:56 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-16 14:55 . 2001-08-23 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-06-12 11:50 . 2004-08-03 22:56 80896 ----a-w- c:\windows\system32\tlntsess.exe 2009-06-12 11:50 . 2004-08-03 22:56 76288 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:21 . 2004-08-03 22:56 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 06:32 . 2004-08-03 22:56 132096 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-05 07:42 . 2009-02-02 18:05 655872 ----a-w- c:\windows\system32\mstscax.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTog1.dll" [2009-02-24 1882136] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] 2009-02-24 00:40 1882136 ----a-w- c:\program files\ToggleEN\tbTog1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTog1.dll" [2009-02-24 1882136] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{038CB5C7-48EA-4AF9-94E0-A1646542E62B}"= "c:\program files\ToggleEN\tbTog1.dll" [2009-02-24 1882136] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\ApexDC++\\ApexDC.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9/1/2009 7:06 PM 81272] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9/1/2009 7:06 PM 23672] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [9/1/2009 7:01 PM 108289] S2 73F22677;73F22677;c:\windows\system32\82C2866.EXE -k --> c:\windows\system32\82C2866.EXE -k [?] S3 S3chipid;S3chipid;\??\c:\windows\TEMP\_ISTMP0.DIR\S3chipid.sys --> c:\windows\TEMP\_ISTMP0.DIR\S3chipid.sys [?] . Contents of the 'Scheduled Tasks' folder 2009-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-796845957-682003330-1003Core.job - c:\documents and settings\Tina&Mina\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 12:31] 2009-09-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-796845957-682003330-1003UA.job - c:\documents and settings\Tina&Mina\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 12:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Tina&Mina\Application Data\Mozilla\Firefox\Profiles\665e4exy.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/ FF - plugin: c:\documents and settings\Tina&Mina\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-02 19:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):32,14,e3,3a,50,7c,d4,63,24,f2,19,dc,ed,a0,8d,da,08,b7,58,c6,5e, fd,37,ff,d2,7b,cf,39,fe,5a,bb,16,2f,7a,c9,1d,5e,db,94,1a,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{aa133bbb-e8ca-41ab-b3e2-e5432e352f0a}] @Denied: (Full) (Everyone) "Model"=dword:0000003d "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,40,02,13,ad,75,b8,fc,03,0e,19,9b,7e,c0,c3,5d,71,ae,29,89,e6,ae,dd,\ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(504) c:\windows\system32\guard32.dll - - - - - - - > 'lsass.exe'(560) c:\windows\system32\guard32.dll . Completion time: 2009-09-02 19:39 ComboFix-quarantined-files.txt 2009-09-02 17:39 Pre-Run: 276,459,520 bytes free Post-Run: 275,009,536 bytes free 157 --- E O F --- 2009-09-02 00:04

Profil

dr_Bora Poslao: 02 Sep 2009 20:35 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi Deljob. Dvoklikom pokreni deljob.exe Logfile logit.txt će se otvoriti u Notepad-u (file će se nalaziti u folderu u kojem je i deljob.exe) Iskopiraj sadržaj tog loga u temu na forumu

Profil

50nE Poslao: 02 Sep 2009 23:47 Idi na vrh
offline 50nE Građanin Pridružio: 01 Nov 2008 Poruke: 87 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo ga log...! -------------------------------------------------------- No LOP job-files found -------------------------------------------------------- Files in Windows Tasks folder GoogleUpdateTaskUserS-1-5-21-1708537768-796845957-682003330-1003Core.job GoogleUpdateTaskUserS-1-5-21-1708537768-796845957-682003330-1003UA.job -------------------------------------------------------- Export App Data folders -------------------------------------------------------- Volume in drive C has no label. Volume Serial Number is 3C5F-9DF3 Directory of C:\Documents and Settings\Tina&Mina\Application Data 09/01/2009 07:06 PM <DIR> . 09/01/2009 07:06 PM <DIR> .. 02/02/2009 09:35 PM <DIR> Adobe 02/02/2009 08:49 PM <DIR> AdobeUM 09/01/2009 07:06 PM <DIR> Comodo 02/23/2009 01:14 AM <DIR> CYBERL~1 CyberLink 02/22/2009 11:30 PM <DIR> DivX 09/02/2009 04:52 PM <DIR> DMCache 02/02/2009 08:16 PM <DIR> IDENTI~1 Identities 03/02/2009 12:29 AM <DIR> IDM 02/03/2009 08:30 PM <DIR> MACROM~1 Macromedia 04/12/2009 06:08 PM <DIR> MICROS~1 Microsoft 02/02/2009 08:58 PM <DIR> Mozilla 02/02/2009 09:18 PM <DIR> MSNINS~1 MSNInstaller 06/19/2009 03:31 PM <DIR> Skype 06/16/2009 07:54 PM <DIR> TWOAIM~1 TwoAimLoad 09/01/2009 06:37 PM <DIR> URSoft 05/24/2009 08:10 PM <DIR> Vso 0 File(s) 0 bytes 18 Dir(s) 292,884,480 bytes free Volume in drive C has no label. Volume Serial Number is 3C5F-9DF3 Directory of C:\Documents and Settings\All Users\Application Data 09/01/2009 07:06 PM <DIR> . 09/01/2009 07:06 PM <DIR> .. 02/02/2009 08:28 PM <DIR> Adobe 09/01/2009 07:01 PM <DIR> Avira 09/01/2009 07:11 PM <DIR> comodo 02/02/2009 08:37 PM <DIR> CYBERL~1 CyberLink 03/02/2009 09:31 PM <DIR> ESET 02/02/2009 10:59 PM <DIR> GREATC~1 great coal love default 06/19/2009 10:46 PM <DIR> MESSEN~1 Messenger Plus! 06/19/2009 10:55 PM <DIR> MICROS~1 Microsoft 02/02/2009 08:47 PM <DIR> Skype 09/02/2009 05:22 PM <DIR> TEMP 02/03/2009 12:01 AM <DIR> WINDOW~1 Windows Live Toolbar 0 File(s) 0 bytes 13 Dir(s) 292,884,480 bytes free -------------------------------------------------------- All User Accounts -------------------------------------------------------- All Users Tina&Mina --------------------------------------------------------

Profil

dr_Bora Poslao: 03 Sep 2009 16:14 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: C:\Documents and Settings\Tina&Mina\Application Data\TwoAimLoad C:\Documents and Settings\All Users\Application Data\great coal love default c:\program files\TwoAimLoad Driver:: 73F22677` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

50nE Poslao: 04 Sep 2009 16:29 Idi na vrh
offline 50nE Građanin Pridružio: 01 Nov 2008 Poruke: 87 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala brate.... Sad je sve ok.... HVALA PUNO!!!!!!!!!!!!!! Nisam vise znao sta da radim skinuo si mi veliki teret.Namucio sam se. Hvala jos jednom...Evo zawrsnog loga... ComboFix 09-09-01.07 - Tina&Mina 09/04/2009 15:48.2.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.191.26 [GMT 2:00] Running from: c:\documents and settings\Tina&Mina\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Tina&Mina\Desktop\CFScript.txt AV: AntiVir Desktop On-access scanning enabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: Kaspersky Anti-Virus On-access scanning enabled (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: COMODO Firewall Pro enabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\great coal love default c:\documents and settings\All Users\Application Data\great coal love default\lite up.exe c:\documents and settings\Tina&Mina\Application Data\TwoAimLoad c:\documents and settings\Tina&Mina\Application Data\TwoAimLoad\start okay bore extra.exe c:\program files\TwoAimLoad . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_73F22677 -------\Service_73F22677 ((((((((((((((((((((((((( Files Created from 2009-08-04 to 2009-09-04 ))))))))))))))))))))))))))))))) . 2009-09-03 11:47 . 2009-09-03 11:47 -------- d-----w- c:\documents and settings\Tina&Mina\Local Settings\Application Data\Help 2009-09-02 17:31 . 2009-09-04 13:48 6736 ----a-w- c:\windows\system32\drivers\PROCEXP90.SYS 2009-09-01 17:06 . 2009-09-01 17:06 -------- d-----w- c:\documents and settings\Tina&Mina\Application Data\Comodo 2009-09-01 17:06 . 2009-09-01 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\comodo 2009-09-01 17:06 . 2009-09-01 17:06 81272 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2009-09-01 17:06 . 2009-09-01 17:06 75384 ----a-w- c:\windows\system32\drivers\inspect.sys 2009-09-01 17:06 . 2009-09-01 17:06 23672 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2009-09-01 17:06 . 2009-09-01 17:06 139008 ----a-w- c:\windows\system32\guard32.dll 2009-09-01 17:06 . 2009-09-01 17:06 -------- d-----w- c:\program files\COMODO 2009-09-01 17:01 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-09-01 17:01 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-09-01 17:01 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-09-01 17:01 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-09-01 17:01 . 2009-09-01 17:01 -------- d-----w- c:\program files\Avira 2009-09-01 17:01 . 2009-09-01 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-09-01 16:37 . 2009-09-01 16:37 -------- d-----w- c:\documents and settings\Tina&Mina\Application Data\URSoft 2009-09-01 16:37 . 2009-09-04 13:37 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-01 16:37 . 2009-09-01 16:47 -------- d-----w- c:\program files\Your Uninstaller 2008 2009-08-31 23:57 . 2009-08-31 23:57 -------- d-----w- c:\windows\ServicePackFiles . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-03 11:53 . 2009-02-02 18:29 -------- d-----w- c:\documents and settings\Tina&Mina\Application Data\DMCache 2009-09-02 17:21 . 2009-02-02 18:58 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 2 2009-09-01 16:57 . 2009-02-02 18:29 -------- d-----w- c:\program files\Internet Download Manager 2009-08-28 16:41 . 2009-07-12 22:12 10 ----a-w- c:\windows\popcinfo.dat 2009-08-05 09:11 . 2004-08-03 22:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-17 18:56 . 2009-07-17 18:56 -------- d-----w- c:\program files\ClocX 2009-07-17 18:55 . 2004-08-03 22:56 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 08:08 . 2004-08-03 22:56 286720 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-12 12:38 . 2009-02-02 21:44 -------- d-----w- c:\program files\ToggleEN 2009-06-26 16:18 . 2004-08-03 22:56 659456 ------w- c:\windows\system32\wininet.dll 2009-06-26 16:18 . 2004-08-03 22:56 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-06-25 18:36 . 2004-08-03 22:56 95744 ----a-w- c:\windows\system32\mqsec.dll 2009-06-25 18:36 . 2004-08-03 22:56 661504 ----a-w- c:\windows\system32\mqqm.dll 2009-06-25 18:36 . 2004-08-03 22:56 517120 ----a-w- c:\windows\system32\mqsnap.dll 2009-06-25 18:36 . 2004-08-03 22:56 48640 ----a-w- c:\windows\system32\mqupgrd.dll 2009-06-25 18:36 . 2004-08-03 22:56 471552 ----a-w- c:\windows\system32\mqutil.dll 2009-06-25 18:36 . 2004-08-03 22:56 47104 ----a-w- c:\windows\system32\mqdscli.dll 2009-06-25 18:36 . 2004-08-03 22:56 225280 ----a-w- c:\windows\system32\mqoa.dll 2009-06-25 18:36 . 2004-08-03 22:56 186880 ----a-w- c:\windows\system32\mqtrig.dll 2009-06-25 18:36 . 2004-08-03 22:56 177152 ----a-w- c:\windows\system32\mqrt.dll 2009-06-25 18:36 . 2004-08-03 22:56 16896 ----a-w- c:\windows\system32\mqise.dll 2009-06-25 18:36 . 2004-08-03 22:56 138240 ----a-w- c:\windows\system32\mqad.dll 2009-06-25 18:36 . 2004-08-03 22:56 123392 ----a-w- c:\windows\system32\mqrtdep.dll 2009-06-25 08:44 . 2004-08-03 22:56 59392 ----a-w- c:\windows\system32\wdigest.dll 2009-06-25 08:44 . 2004-08-03 22:56 56320 ----a-w- c:\windows\system32\secur32.dll 2009-06-25 08:44 . 2004-08-03 22:56 168448 ----a-w- c:\windows\system32\schannel.dll 2009-06-25 08:44 . 2004-08-03 22:56 724480 ----a-w- c:\windows\system32\lsasrv.dll 2009-06-25 08:44 . 2004-08-03 22:56 298496 ----a-w- c:\windows\system32\kerberos.dll 2009-06-25 08:44 . 2004-08-03 22:56 133632 ----a-w- c:\windows\system32\msv1_0.dll 2009-06-22 11:49 . 2004-08-03 22:56 19968 ----a-w- c:\windows\system32\mqbkup.exe 2009-06-22 11:49 . 2004-08-03 22:56 117248 ----a-w- c:\windows\system32\mqtgsvc.exe 2009-06-22 11:49 . 2004-08-03 22:56 4608 ----a-w- c:\windows\system32\mqsvc.exe 2009-06-22 11:48 . 2004-08-03 20:58 91776 ----a-w- c:\windows\system32\drivers\mqac.sys 2009-06-22 11:34 . 2004-08-03 20:59 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-06-19 20:57 . 2009-02-02 19:02 18048 ----a-w- c:\documents and settings\Tina&Mina\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-16 14:55 . 2004-08-03 22:56 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-16 14:55 . 2001-08-23 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-06-12 11:50 . 2004-08-03 22:56 80896 ----a-w- c:\windows\system32\tlntsess.exe 2009-06-12 11:50 . 2004-08-03 22:56 76288 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:21 . 2004-08-03 22:56 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 06:32 . 2004-08-03 22:56 132096 ----a-w- c:\windows\system32\wkssvc.dll . ((((((((((((((((((((((((((((( SnapShot@2009-09-02_17.37.14 ))))))))))))))))))))))))))))))))))))))))) . + 2004-08-03 22:56 . 2009-06-25 08:44 59392 c:\windows\system32\dllcache\wdigest.dll + 2004-08-03 22:56 . 2009-06-25 08:44 56320 c:\windows\system32\dllcache\secur32.dll + 2004-08-03 20:59 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys + 2004-08-03 22:56 . 2009-06-25 08:44 168448 c:\windows\system32\dllcache\schannel.dll + 2004-08-03 22:56 . 2009-06-25 08:44 133632 c:\windows\system32\dllcache\msv1_0.dll + 2004-08-03 22:56 . 2009-06-25 08:44 724480 c:\windows\system32\dllcache\lsasrv.dll + 2004-08-03 22:56 . 2009-06-25 08:44 298496 c:\windows\system32\dllcache\kerberos.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTog1.dll" [2009-02-24 1882136] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] 2009-02-24 00:40 1882136 ----a-w- c:\program files\ToggleEN\tbTog1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "c:\program files\ToggleEN\tbTog1.dll" [2009-02-24 1882136] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{038CB5C7-48EA-4AF9-94E0-A1646542E62B}"= "c:\program files\ToggleEN\tbTog1.dll" [2009-02-24 1882136] [HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\ApexDC++\\ApexDC.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9/1/2009 7:06 PM 81272] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9/1/2009 7:06 PM 23672] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [9/1/2009 7:01 PM 108289] S3 S3chipid;S3chipid;\??\c:\windows\TEMP\_ISTMP0.DIR\S3chipid.sys --> c:\windows\TEMP\_ISTMP0.DIR\S3chipid.sys [?] . Contents of the 'Scheduled Tasks' folder 2009-09-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-796845957-682003330-1003Core.job - c:\documents and settings\Tina&Mina\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 12:31] 2009-09-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-796845957-682003330-1003UA.job - c:\documents and settings\Tina&Mina\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-01 12:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Tina&Mina\Application Data\Mozilla\Firefox\Profiles\665e4exy.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/ FF - plugin: c:\documents and settings\Tina&Mina\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-04 16:03 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\documents and settings\Tina&Mina\Application Data\Microsoft\MSN Messenger\sqmnoopt00.sqm 120 bytes scan completed successfully hidden files: 1 ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):32,14,e3,3a,50,7c,d4,63,24,f2,19,dc,ed,a0,8d,da,08,b7,58,c6,5e, fd,37,ff,d2,7b,cf,39,fe,5a,bb,16,2f,7a,c9,1d,5e,db,94,1a,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{aa133bbb-e8ca-41ab-b3e2-e5432e352f0a}] @Denied: (Full) (Everyone) "Model"=dword:0000003d "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,40,02,13,ad,75,b8,fc,03,0e,19,9b,7e,c0,c3,5d,71,ae,29,89,e6,ae,dd,\ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(696) c:\windows\system32\COMRes.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\COMODO\Firewall\cmdagent.exe c:\windows\system32\wdfmgr.exe c:\program files\Windows Live\Contacts\wlcomm.exe . ************************************************************************ . Completion time: 2009-09-04 16:08 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-04 14:08 ComboFix2.txt 2009-09-02 17:39 Pre-Run: 129,490,944 bytes free Post-Run: 177,483,776 bytes free 190 --- E O F --- 2009-09-03 14:40

Profil

dr_Bora Poslao: 04 Sep 2009 16:32 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. To bi bilo sve...

Profil

50nE Poslao: 04 Sep 2009 20:53 Idi na vrh
offline 50nE Građanin Pridružio: 01 Nov 2008 Poruke: 87 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! DONE ! tnx jos jednom...Xvala jos jednom...Pozzdrav iz KG-a....

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Molim vas pogledajte mi racunar...!!! Nesto nije u redu...!!

Ko je trenutno na forumu

Ukupno su 877 korisnika na forumu :: 59 registrovanih, 6 sakrivenih i 812 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., AC-DC, alkatraz080, Apok, Bane san, Boris Bosiljčić, Brana01, Bubimir, bufanje, cavatina, cvrle312, dankisha, darkangel, ddjxxi, dejanbenkovic, DejanSt, deLacy, djuradj, Dogma21, dulleo, Dvojac005, GandorCC, gomago, Hans Gajger, hologram, HrcAk47, jackreacher011011, Karla, Kazablankasrb, mantrox, MB120mm, milenko crazy north, Milometer, Motocar, mrav pesadinac, nenad81, novator, nuke92, opt1, Profica, radionica1, S2M, samsung, Sančo, savaskytec, Shinobi, Sirius, Steeeefan, strelac07, suton, TGKastela, uruk, vathra, virked, voja64, yrraf, zdrebac, zhuki8, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by