MyCity » Ambulanta -> Arhiva Ambulante » Pomoc

Pomoc

Napisano na dan: 26.3.2009
1

Pomoc

Idi na vrh

Poslao: 26 Mar 2009 22:32
Idi na vrh
offline
  • Pridružio: 30 Nov 2008
  • Poruke: 20

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:25:41, on 26.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 2521 bytes

Dopuna: 26 Mar 2009 22:32

moze pomoc? Smile



Poslao: 26 Mar 2009 22:36
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

Zdravo,

nisi ispostovao uputstvo kako treba.

Ovako ne valja:


Klikni desno dugme misa na ikonicu programa i odaberi opciju Rename:


Zadaj mu neko bezvezno ime, recimo GH5.EXE ili TR3.EXE, ili bilo sta drugo samo da se ne spominje HijackThis:



Preimenuj, i postavi mi novi log.



Poslao: 26 Mar 2009 22:45
Idi na vrh
offline
  • Pridružio: 30 Nov 2008
  • Poruke: 20

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:40:25, on 26.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 2482 bytes

Poslao: 26 Mar 2009 22:47
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

Ovako,

potrebno je da C:\Program Files\Trend Micro\HijackThis\HijackThis.exe promenis u neko drugo ime, pa onda skeniras.

Poslao: 26 Mar 2009 22:48
Idi na vrh
offline
  • Pridružio: 30 Nov 2008
  • Poruke: 20

problem je u tome cim udjem na my computer, nestane mi sve sa desktopa. sve se zatvori, i opet podigne.

Poslao: 26 Mar 2009 22:51
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

Ugasi Nod i uradi sledece:

Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Poslao: 26 Mar 2009 23:00
Idi na vrh
offline
  • Pridružio: 30 Nov 2008
  • Poruke: 20

ne mogu ga nikako iskljucit, jer ga nemam, ne mogu doci do njega ni na start, ni nigdje! u tom je problem! nemam ga dolje kod sata ni nigdje.

Poslao: 26 Mar 2009 23:03
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

Onda samo skini ComboFix i skeniraj, ukoliko je to moguce.

Poslao: 26 Mar 2009 23:10
Idi na vrh
offline
  • Pridružio: 30 Nov 2008
  • Poruke: 20

ComboFix 09-03-25.04 - Maja i Marko 2009-03-26 23:00:29.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.446.97 [GMT 1:00]
Running from: c:\documents and settings\Maja i Marko\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-02-26 to 2009-03-26 )))))))))))))))))))))))))))))))
.

2009-03-26 22:53 . 2009-03-26 22:53 <DIR> d-------- c:\windows\LastGood
2009-03-26 22:12 . 2009-03-26 22:12 <DIR> d-------- c:\program files\Trend Micro
2009-03-25 12:46 . 2009-03-25 12:46 <DIR> d--hs---- C:\FOUND.011
2009-03-24 20:40 . 2009-03-24 20:40 <DIR> d-------- c:\program files\Anti Trojan Elite
2009-03-24 20:28 . 2009-03-24 20:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\TEMP
2009-03-24 20:25 . 2009-03-24 20:25 <DIR> d-------- c:\program files\Trojan Remover
2009-03-24 20:05 . 2006-05-25 14:52 162,304 --a------ c:\windows\system32\ztvunrar36.dll
2009-03-24 20:05 . 2005-08-26 00:50 77,312 --a------ c:\windows\system32\ztvunace26.dll
2009-03-24 20:05 . 2002-03-06 00:00 75,264 --a------ c:\windows\system32\unacev2.dll
2009-03-24 20:05 . 2006-06-19 12:01 69,632 --a------ c:\windows\system32\ztvcabinet.dll
2009-03-24 20:04 . 2003-02-02 19:06 153,088 --a------ c:\windows\system32\unrar3.dll
2009-03-24 20:03 . 2009-03-24 20:03 <DIR> d-------- c:\documents and settings\Maja i Marko\Application Data\Simply Super Software
2009-03-24 20:03 . 2009-03-24 20:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-03-24 18:06 . 2009-03-24 18:06 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-03-24 18:06 . 2009-03-24 18:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-24 11:13 . 2009-03-24 11:13 <DIR> d-------- c:\documents and settings\Maja i Marko\Application Data\CyberLink
2009-03-23 21:01 . 2009-03-23 21:01 <DIR> d--hs---- C:\FOUND.010
2009-03-23 20:12 . 2009-03-23 20:12 <DIR> d--hs---- C:\FOUND.009
2009-03-20 17:35 . 2009-03-20 17:35 <DIR> d--hs---- C:\FOUND.008
2009-03-20 16:12 . 2009-03-20 16:12 <DIR> d--hs---- C:\FOUND.007
2009-03-20 16:07 . 2009-03-20 16:07 <DIR> d--hs---- C:\FOUND.006
2009-03-20 14:37 . 2006-05-10 16:14 <DIR> d-------- c:\documents and settings\Administrator\Application Data\ATI
2009-03-20 14:37 . 2009-03-20 14:37 <DIR> d-------- c:\documents and settings\Administrator
2009-03-19 22:01 . 2007-06-25 10:43 100,264 -ra------ c:\windows\system32\drivers\s117mgmt.sys
2009-03-19 22:01 . 2007-06-25 10:43 12,200 -ra------ c:\windows\system32\drivers\s117cmnt.sys
2009-03-19 22:01 . 2007-06-25 10:43 12,200 -ra------ c:\windows\system32\drivers\s117cm.sys
2009-03-19 21:49 . 2007-06-25 10:43 82,984 -ra------ c:\windows\system32\drivers\s117bus.sys
2009-03-19 21:49 . 2007-06-25 10:43 12,200 -ra------ c:\windows\system32\drivers\s117whnt.sys
2009-03-19 21:49 . 2007-06-25 10:43 12,200 -ra------ c:\windows\system32\drivers\s117wh.sys
2009-03-19 21:20 . 2009-03-19 21:20 <DIR> d-------- c:\program files\Sony Ericsson
2009-03-19 21:20 . 2009-03-19 21:20 <DIR> d-------- c:\program files\Sony
2009-03-19 21:17 . 2004-08-04 05:00 221,184 --a------ c:\windows\system32\wmpns.dll
2009-03-19 21:12 . 2009-03-19 21:12 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-03-19 10:47 . 2009-03-19 10:47 <DIR> d-------- c:\documents and settings\Maja i Marko\Application Data\AdobeUM
2009-03-15 14:23 . 2009-03-15 14:23 <DIR> d--hs---- C:\FOUND.005
2009-03-13 10:08 . 2009-03-13 10:08 <DIR> d--hs---- C:\FOUND.004
2009-03-12 22:02 . 2009-03-12 22:02 <DIR> d--hs---- C:\FOUND.003
2009-03-12 20:29 . 2009-03-12 20:29 <DIR> d-------- c:\windows\Sun
2009-03-12 20:28 . 2009-03-12 20:27 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-12 20:28 . 2009-03-12 20:27 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-12 20:27 . 2009-03-12 20:27 <DIR> d-------- c:\program files\Java
2009-03-12 20:05 . 2009-03-12 20:05 <DIR> d--hs---- C:\FOUND.002
2009-03-12 19:14 . 2009-03-12 19:14 <DIR> d--hs---- C:\FOUND.001
2009-03-07 11:15 . 2009-03-07 11:15 <DIR> d-------- C:\ConvertTemp
2009-03-07 11:12 . 2009-03-07 11:12 <DIR> d-------- c:\documents and settings\Maja i Marko\Application Data\Samsung
2009-03-07 11:11 . 2006-05-03 22:53 174,592 --a------ c:\windows\system32\framedyn.dll
2009-03-07 11:11 . 2007-07-03 16:58 106,792 --a------ c:\windows\system32\drivers\sscdmdm.sys
2009-03-07 11:11 . 2007-07-03 16:54 80,552 --a------ c:\windows\system32\drivers\sscdbus.sys
2009-03-07 11:11 . 2007-07-03 16:57 11,944 --a------ c:\windows\system32\drivers\sscdmdfl.sys
2009-03-07 11:11 . 2007-07-03 17:00 9,256 --a------ c:\windows\system32\drivers\sscdwhnt.sys
2009-03-07 11:11 . 2007-07-03 17:00 9,256 --a------ c:\windows\system32\drivers\sscdwh.sys
2009-03-07 11:11 . 2007-07-03 16:56 9,256 --a------ c:\windows\system32\drivers\sscdcmnt.sys
2009-03-07 11:11 . 2007-07-03 16:56 9,256 --a------ c:\windows\system32\drivers\sscdcm.sys
2009-03-07 11:10 . 2009-03-07 11:10 <DIR> d-------- c:\windows\system32\Samsung_USB_Drivers
2009-03-07 11:10 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico
2009-03-07 11:09 . 2006-07-24 16:05 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2009-03-07 11:08 . 2009-03-07 11:08 <DIR> d-------- c:\program files\Samsung
2009-03-04 20:45 . 2009-03-04 20:45 <DIR> d-------- c:\documents and settings\Maja i Marko\Application Data\Apple Computer
2009-03-04 20:44 . 2009-03-04 20:44 <DIR> d-------- c:\program files\iPod
2009-03-04 20:44 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2009-03-04 20:44 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-04 20:43 . 2009-03-04 20:43 <DIR> d-------- c:\program files\iTunes
2009-03-04 20:43 . 2009-03-04 20:43 <DIR> d-------- c:\program files\Bonjour
2009-03-04 20:43 . 2009-03-04 20:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-04 20:42 . 2009-03-04 20:42 <DIR> d-------- c:\program files\QuickTime
2009-03-04 20:42 . 2009-03-04 20:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-04 20:41 . 2009-03-04 20:41 <DIR> d-------- c:\program files\Apple Software Update
2009-03-04 20:41 . 2008-11-07 14:23 32,000 --a------ c:\windows\system32\drivers\usbaapl.sys
2009-03-04 20:40 . 2009-03-04 20:40 <DIR> d-------- c:\program files\Common Files\Apple
2009-03-04 20:40 . 2009-03-04 20:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2009-03-04 15:50 . 2009-03-04 15:50 <DIR> d-------- c:\documents and settings\Maja i Marko\Tracing
2009-03-04 15:46 . 2009-03-04 15:46 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-03-04 15:46 . 2009-03-04 15:46 <DIR> d-------- c:\program files\Windows Live
2009-03-04 15:46 . 2009-03-04 15:46 <DIR> d-------- c:\program files\Microsoft
2009-03-04 15:41 . 2009-03-04 15:41 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-03-03 23:22 . 2009-03-03 23:22 <DIR> d-------- c:\windows\system32\LogFiles
2009-03-02 15:51 . 2004-08-04 00:56 159,232 --a------ c:\windows\system32\ptpusd.dll
2009-03-02 15:51 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-03-02 15:51 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\dllcache\usbscan.sys
2009-03-02 15:51 . 2001-08-17 22:36 5,632 --a------ c:\windows\system32\ptpusb.dll
2009-03-02 13:19 . 2009-03-02 13:19 <DIR> d--hs---- C:\FOUND.000
2009-03-01 01:44 . 2009-03-01 01:44 <DIR> d-------- c:\program files\Marsu-Fix
2009-03-01 01:44 . 2009-03-01 01:44 159,847 --a------ c:\windows\Marsu-Fix Uninstaller.exe
2009-03-01 01:41 . 2009-03-01 01:41 <DIR> d-------- c:\program files\ESET
2009-03-01 01:41 . 2009-03-01 01:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET
2009-03-01 01:31 . 2009-03-01 01:31 92 --a------ c:\windows\GridV.UNI
2009-03-01 01:25 . 2006-06-13 14:42 602,112 --a------ c:\windows\system32\Acer.Empowering.Windows.Forms_v820.dll
2009-03-01 01:24 . 2006-06-01 20:47 1,168,896 --a------ c:\windows\system32\ERUpdateHidden.EXE
2009-03-01 01:24 . 2006-03-23 12:02 258,048 --a------ c:\windows\system32\Uninstall_eRecovery.exe
2009-03-01 01:24 . 2006-03-30 13:06 258,048 --a------ c:\windows\system32\CheckD2DSystem.exe
2009-03-01 01:24 . 2004-11-03 09:06 159,744 --a------ c:\windows\system32\CloseProcessWindow.dll
2009-03-01 01:24 . 2005-12-09 09:12 16,384 --a------ c:\windows\system32\ClearEvent.exe
2009-03-01 01:24 . 2006-02-24 11:28 552 --a------ c:\windows\system32\setup.iss
2009-03-01 01:21 . 2009-03-01 01:21 <DIR> d-------- c:\program files\Launch Manager
2009-03-01 01:21 . 2009-03-01 01:21 83 --a------ c:\windows\LManager.UNI
2009-03-01 01:20 . 2009-03-01 01:20 <DIR> d-------- c:\program files\Synaptics
2009-03-01 01:20 . 2006-03-03 12:52 192,672 --a------ c:\windows\system32\drivers\SynTP.sys
2009-03-01 01:20 . 2006-03-03 12:55 114,688 --a------ c:\windows\system32\SynCtrl.dll
2009-03-01 01:20 . 2006-03-03 12:55 94,298 --a------ c:\windows\system32\SynTPAPI.dll
2009-03-01 01:20 . 2006-03-03 12:55 82,013 --a------ c:\windows\system32\SynCOM.dll
2009-03-01 01:20 . 2006-03-03 13:10 81,920 --a------ c:\windows\system32\SynTPCo2.dll
2009-03-01 01:20 . 2006-03-03 13:08 69,722 --a------ c:\windows\system32\SynTPFcs.dll
2009-03-01 01:16 . 2006-05-16 03:04 2,879,488 --a------ c:\windows\SkyTel.exe
2009-03-01 01:16 . 2005-10-31 03:17 135,168 --a------ c:\windows\system32\RtlCPAPI.dll
2009-03-01 01:16 . 2005-05-03 03:43 69,632 --a------ c:\windows\Alcmtr.exe
2009-03-01 01:14 . 2005-09-14 17:03 53,248 --a------ c:\windows\system32\acpimof.dll
2009-03-01 01:14 . 2006-02-16 15:39 45,056 --a------ c:\windows\system32\Epm-Po.dll
2009-03-01 01:04 . 2009-03-01 01:04 <DIR> d-------- c:\windows\Acer
2009-03-01 01:04 . 2006-05-10 16:14 <DIR> d-------- c:\documents and settings\Maja i Marko\Application Data\ATI
2009-03-01 01:04 . 2009-03-01 01:04 <DIR> d-------- c:\documents and settings\Maja i Marko
2009-02-28 21:29 . 2009-02-28 21:29 <DIR> d-------- c:\documents and settings\Maja i Marko\Application Data\vlc
2009-02-28 21:28 . 2009-03-15 00:05 69 --a------ c:\windows\NeroDigital.ini
2009-02-28 21:27 . 2009-02-28 21:27 <DIR> d-------- c:\program files\Sega
2009-02-28 19:47 . 2009-02-28 19:47 <DIR> d-------- c:\program files\Winamp
2009-02-28 19:47 . 2009-02-28 19:47 <DIR> d-------- c:\documents and settings\Maja i Marko\Application Data\Winamp
2009-02-28 19:20 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2009-02-28 19:09 . 2009-02-28 19:09 <DIR> d-------- c:\program files\Microsoft Works
2009-02-28 19:08 . 2009-02-28 19:08 <DIR> d-------- c:\program files\MSBuild
2009-02-28 19:04 . 2009-02-28 19:04 <DIR> d-------- c:\program files\Microsoft.NET
2009-02-28 18:58 . 2009-02-28 18:58 <DIR> d-------- c:\windows\system32\CatRoot_bak
2009-02-28 18:58 . 2009-02-28 18:58 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2009-02-28 18:55 . 2009-02-28 18:55 <DIR> d-------- c:\windows\SHELLNEW
2009-02-28 18:53 . 2009-02-28 18:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-02-28 18:52 . 2009-02-28 18:52 <DIR> dr-h----- C:\MSOCache
2009-02-28 18:32 . 2009-02-28 18:32 <DIR> d---s---- c:\documents and settings\Maja i Marko\UserData

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-28 16:51 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2009-02-28 16:51 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2009-02-28 16:51 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2009-02-28 16:51 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2009-02-28 16:51 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= c:\progra~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\outlook.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\groove.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\onenote.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=

R4 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys --> c:\windows\system32\DRIVERS\epfwtdir.sys [?]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMON.sys [2009-03-24 5969]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\Maja i Marko\Application Data\Mozilla\Firefox\Profiles\nyaxrvab.default\
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-03-26 23:02:29
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-03-26 23:04:30
ComboFix-quarantined-files.txt 2009-03-26 22:04:28

Pre-Run: 13.282.148.352 bytes free
Post-Run: 13,281,132,544 bytes free

194

Poslao: 27 Mar 2009 14:32
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8652
  • Gde živiš: Novi Beograd

Izvini sto si cekao,

uploaduj mi: C:\WINDOWS\explorer.exe

preko sledeceg linka:

[Link mogu videti samo ulogovani korisnici]

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc

Ko je trenutno na forumu
 

Ukupno su 816 korisnika na forumu :: 144 registrovanih, 9 sakrivenih i 663 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 1MAP, airliners, AleksandarV, ALEKSICMILE, alkatraz080, amaterSRB, Apok, aramis s, Avalon015, babaroga, Beanara, berste23, Betty25, Bgd123, Bob.Rock, bojcistv, bokicacar, Bombona, Boris.A, boromir, bounty hunters, bpop, bpvl, BrcakRS, bufanje, celik, celt, Chainsaw, Colt D, comi, Crazzer, crnirocko, cvrle312, dankisha, Dannyboy, darkojbn, Doc, Dovla 1980, Draganeli, Dugme1984, DuškoMraz, Dzigy, efektiva, Fog of War, FOX, GazdaDjoka, Georgius, Geran136, Giskard, Glavni Oružni, Grochow, Hans Gajger, Heavy Jerk, icemilos, igorkozar83, istina, Ivan Germanovic, Jablan, Jeremiah, jodzula, Kalem, Komanca, komenski, Komentator, kripo, kunktator, kuntakinte, Kuroje, kybonacci, lafa008, lcc, Levi, Limeni91, mainstream, Malahit, marsi, matrix_1, Medojed, mercedesamg, Mikisha, Milan1996, milanpb, milanpetkovicv, milbos, milenko crazy north, Miler88, Miletić Zoran, MILO-VAN, milos1231, milutin134, Moldovan, mrzimregistraciju, Naj-Turs, narandzasti, Natuzzi, Naum T, nenad81, nevjerna beba, nikolapetkovic, Papadubi, partyzan, Patent, Pero, Povratak1912, prasinar, Prašinar, probisic, Radoslava, rebro1974, Remarqe, romark, royst33, ruma, S-lash, Samo gledam, Sharpshooter, silikon, Sir Budimir, Smajser, Smiljkovich, Snorks, Srle993, Str2022, svnedelja, tamno.nebo, Titan, Toper, troki1971, varda, VekiJ, vensla, vukajlo71, vzd1389, wulfy, Zastava, Zdenko, zdrebac, zil10, Zmaj Tolak, zoran-ruma, Zvlade, |_MeD_|, 787, 800077