MyCity » Ambulanta -> Arhiva Ambulante » Potrebna pomoc oko MSN-a

Potrebna pomoc oko MSN-a

Napisano na dan: 27.2.2008

Strana:
1
2

Potrebna pomoc oko MSN-a

Pagination

Prethodna strana

Odgovori

Strana:
1
2

bolta Poslao: 27 Feb 2008 22:49 Idi na vrh
offline bolta Novi MyCity građanin Pridružio: 12 Maj 2007 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-02-25.3 - Bolta 2008-02-27 22:41:13.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.419 [GMT 1:00] Running from: C:\Documents and Settings\Bolta\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Bolta\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Bolta\Application Data\trustroad C:\Documents and Settings\Bolta\Application Data\trustroad\cityphoneerrorbin.exe C:\Documents and Settings\Bolta\Application Data\trustroad\PollFragEach.exe C:\Documents and Settings\Bolta\Application Data\trustroad\waunjhmt.exe C:\Program Files\Adverts C:\Program Files\Circle Developement C:\Program Files\Circle Developement\Uninstall.exe C:\Program Files\trustroad . ((((((((((((((((((((((((( Files Created from 2008-01-27 to 2008-02-27 ))))))))))))))))))))))))))))))) . 2008-02-27 20:40 . 2008-02-27 20:40 250 --a------ C:\WINDOWS\gmer.ini 2008-02-27 17:44 . 2008-02-27 17:48 <DIR> d-------- C:\ComboFix(2) 2008-02-27 14:10 . 2008-02-27 14:10 <DIR> d-------- C:\Program Files\THQ 2008-02-26 00:07 . 2008-02-26 00:07 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-26 00:07 . 2008-02-26 00:07 1,409 --a------ C:\WINDOWS\QTFont.for 2008-02-25 00:04 . 2008-02-25 00:04 <DIR> d-------- C:\Program Files\Creative 2008-02-25 00:04 . 2002-06-06 14:38 139,264 --a------ C:\WINDOWS\system32\eax.dll 2008-02-24 23:54 . 2008-02-25 00:16 <DIR> d-------- C:\Program Files\Mafia 2008-02-24 23:53 . 2003-04-09 10:28 233,472 -ra------ C:\WINDOWS\system32\MafiaSetup.exe 2008-02-24 10:30 . 2008-02-24 10:30 172 --ah----- C:\sqmnoopt03.sqm 2008-02-24 10:30 . 2008-02-24 10:30 172 --ah----- C:\sqmdata03.sqm 2008-02-24 10:26 . 2008-02-24 10:26 268 --ah----- C:\sqmdata02.sqm 2008-02-24 10:26 . 2008-02-24 10:26 244 --ah----- C:\sqmnoopt02.sqm 2008-02-24 00:43 . 2008-02-24 00:43 268 --ah----- C:\sqmdata00.sqm 2008-02-24 00:43 . 2008-02-24 00:43 244 --ah----- C:\sqmnoopt00.sqm 2008-02-24 00:43 . 2008-02-24 00:43 172 --ah----- C:\sqmnoopt01.sqm 2008-02-24 00:43 . 2008-02-24 00:43 172 --ah----- C:\sqmdata01.sqm 2008-02-22 23:11 . 2001-08-23 17:00 1,700,352 --a------ C:\WINDOWS\system32\gdiplus.dll 2008-02-22 22:48 . 2008-02-22 22:48 <DIR> d-------- C:\Program Files\Power Video Converter 2008-02-22 22:48 . 2008-02-22 22:48 <DIR> d-------- C:\movies 2008-02-22 22:48 . 2008-02-22 22:48 66 --a------ C:\WINDOWS\Power Video Converter.INI 2008-02-17 23:34 . 2008-02-17 23:34 <DIR> d-------- C:\Program Files\XviD 2008-02-17 23:33 . 2008-02-17 23:33 <DIR> d-------- C:\Program Files\DSD 2008-02-17 23:32 . 2008-02-17 23:32 <DIR> d-------- C:\Program Files\MatrixMixer 2008-02-17 23:32 . 2008-02-17 23:32 <DIR> d-------- C:\Program Files\AC3Filter 2008-02-17 23:32 . 2003-08-19 08:20 180,224 --a------ C:\WINDOWS\system32\ac3filter.cpl 2008-02-17 23:14 . 2008-02-17 23:14 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Media Player Classic 2008-02-15 19:25 . 2008-02-27 21:40 <DIR> d-------- C:\Program Files\GameSpy Arcade 2008-02-15 18:41 . 2008-02-15 18:41 <DIR> d-------- C:\Program Files\MC2 2008-02-15 15:21 . 2008-02-15 15:21 <DIR> d-------- C:\Program Files\LimeWire 2008-02-15 15:21 . 2008-02-26 00:00 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\LimeWire 2008-02-15 00:55 . 2008-02-22 23:00 <DIR> d-------- C:\Downloads 2008-02-14 03:20 . 2004-08-03 23:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-02-14 03:20 . 2008-02-22 22:48 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb 2008-02-14 03:20 . 2008-02-22 22:48 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb 2008-02-13 23:38 . 2008-02-21 23:53 <DIR> d-------- C:\Program Files\Super Internet TV 2008-02-13 23:38 . 2008-02-21 23:53 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-13 02:11 . 2002-02-18 10:22 139,536 --a------ C:\WINDOWS\system32\javaee.dll 2008-02-13 02:11 . 2002-02-18 10:23 46,352 --a------ C:\WINDOWS\setdebug.exe 2008-02-13 02:11 . 2002-02-18 07:55 7,315 --a------ C:\WINDOWS\system32\javasup.vxd 2008-02-13 02:11 . 2002-02-18 07:35 6,550 --a------ C:\WINDOWS\jautoexp.dat 2008-02-13 02:10 . 2008-02-13 02:10 <DIR> d-------- C:\Program Files\Microsoft VM 2008-02-13 02:10 . 2002-02-18 07:38 113 --a------ C:\WINDOWS\system32\zonedon.reg 2008-02-13 02:10 . 2002-02-18 07:38 113 --a------ C:\WINDOWS\system32\zonedoff.reg 2008-02-13 02:01 . 2008-02-13 02:01 <DIR> d-------- C:\WINDOWS\Sun 2008-02-13 01:56 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-02-13 01:55 . 2008-02-13 01:56 <DIR> d-------- C:\Program Files\Java 2008-02-13 01:50 . 2008-02-13 01:50 <DIR> d-------- C:\Program Files\Common Files\Java 2008-02-13 01:34 . 2008-02-13 01:34 <DIR> d-------- C:\Program Files\Common Files\PCSuite 2008-02-13 01:34 . 2008-02-13 01:34 <DIR> d-------- C:\Program Files\Common Files\Nokia 2008-02-13 01:32 . 2008-02-13 01:32 <DIR> d-------- C:\Program Files\PC Connectivity Solution 2008-02-13 01:31 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2008-02-13 01:31 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2008-02-13 01:31 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2008-02-13 01:31 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys 2008-02-13 01:31 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2008-02-13 01:28 . 2008-02-13 01:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations 2008-02-12 14:25 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb 2008-02-12 14:25 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb 2008-02-12 14:25 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb 2008-02-12 14:24 . 2008-02-13 15:26 <DIR> d-------- C:\Program Files\Windows Media Connect 2 2008-02-12 14:22 . 2008-02-26 00:06 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-02-11 01:50 . 2008-02-11 01:50 <DIR> d-------- C:\Program Files\FDRLab 2008-02-10 14:04 . 2008-02-11 20:29 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Screenshot Sender 2008-02-10 13:06 . 2008-02-25 15:47 <DIR> d-------- C:\Program Files\AIMP2 2008-02-10 08:51 . 2008-02-12 14:22 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-02-09 22:27 . 2008-02-11 01:07 <DIR> d-------- C:\Program Files\Soulseek 2008-02-09 20:06 . 2008-02-27 22:42 <DIR> d-------- C:\Program Files\FlashGet 2008-02-09 20:06 . 2004-08-03 22:14 359,040 --a------ C:\WINDOWS\system32\drivers\tcpip.sys.flg 2008-02-09 19:31 . 2008-02-09 19:31 <DIR> d-------- C:\Program Files\Messenger Plus! Live 2008-02-09 19:22 . 2008-02-09 19:22 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-02-09 18:48 . 2008-02-09 18:48 <DIR> d-------- C:\Program Files\Zone Labs 2008-02-09 18:47 . 2008-02-27 22:38 <DIR> d-------- C:\WINDOWS\Internet Logs 2008-02-09 17:36 . 2008-02-11 20:28 <DIR> d-------- C:\Documents and Settings\Bolta\Contacts 2008-02-09 17:10 . 2008-02-09 17:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2008-02-09 17:04 . 2008-02-13 02:02 1,279 --a------ C:\WINDOWS\mozver.dat 2008-02-09 17:00 . 2008-02-12 15:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-02-09 16:58 . 2008-02-09 17:31 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-02-09 16:58 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-02-09 16:58 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-02-09 16:58 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-02-09 16:57 . 2008-02-09 17:34 <DIR> d-------- C:\Program Files\Windows Live 2008-02-09 16:57 . 2008-02-09 17:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-09 16:36 . 2008-02-09 16:36 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\ICQ Toolbar 2008-02-09 16:27 . 2008-02-26 19:13 <DIR> d-------- C:\Program Files\ICQToolbar 2008-02-09 16:24 . 2008-02-09 16:24 <DIR> d-------- C:\Program Files\uTorrent 2008-02-09 16:23 . 2008-02-27 22:39 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\uTorrent 2008-02-09 16:05 . 2008-02-09 16:05 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Talkback 2008-02-09 16:05 . 2008-02-09 16:05 0 --a------ C:\WINDOWS\nsreg.dat 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\SpeedOptimizer 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\SpeedBit Video Accelerator 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\AskPBar 2008-01-28 19:11 . 2008-01-28 19:11 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Nokia Multimedia Player . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-27 13:09 6,572 ----a-w C:\WINDOWS\system32\drivers\CDSpace.cfg 2008-02-25 23:09 --------- d-----w C:\Documents and Settings\Bolta\Application Data\Nokia 2008-02-25 23:05 --------- d-----w C:\Documents and Settings\Bolta\Application Data\PC Suite 2008-02-25 23:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite 2008-02-20 01:30 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-17 22:33 --------- d-----w C:\Program Files\ffdshow 2008-02-17 22:32 --------- d-----w C:\Program Files\DivX 2008-02-15 19:50 --------- d-----w C:\Program Files\Winamp 2008-02-13 15:05 --------- d-----w C:\Program Files\Google 2008-02-13 00:36 --------- d-----w C:\Program Files\DIFX 2008-02-13 00:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-02-13 00:31 --------- d-----w C:\Program Files\Nokia 2008-02-11 21:28 --------- d-----w C:\Documents and Settings\Bolta\Application Data\AdobeUM 2008-02-11 14:44 --------- d-----w C:\Program Files\FLV Player 2008-02-09 18:40 --------- d-----w C:\Program Files\DAP 2008-02-09 16:53 --------- d-----w C:\Program Files\Real 2008-02-09 16:53 --------- d-----w C:\Program Files\Common Files\Real 2008-02-09 16:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-09 15:27 --------- d-----w C:\Program Files\ICQLite 2008-01-27 22:23 3,001 --sha-w C:\Documents and Settings\Bolta\ppUser.dat 2008-01-16 07:57 --------- d-----w C:\Documents and Settings\Bolta\Application Data\Yahoo! Messenger 2007-12-30 15:50 --------- d-----w C:\Program Files\EA GAMES 2007-12-30 15:49 --------- d-----w C:\Program Files\FireFly Studios 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-11-21 22:59 35,152 ----a-w C:\Documents and Settings\Bolta\Application Data\GDIPFONTCACHEV1.DAT 2004-09-26 06:08 8 --sh--r C:\WINDOWS\system32\CC68F50FD3.sys . ------- Sigcheck ------- 6a603809f598332dbedd535bdbce313e C:\WINDOWS\system32\drivers\tcpip.sys -c----w 332,928 2002-08-28 23:58:12 C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys ------w 359,040 2004-08-03 21:14:42 C:\WINDOWS\ServicePackFiles\i386\tcpip.sys ----a-w 359,040 2004-08-03 21:14:42 C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "SMSERIAL"="sm56hlpr.exe" [] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-02 23:19 98304] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480] "nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 09:44 249856] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44 81920] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-09 17:52 185896] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016] "Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-09-25 09:10 2007088] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "MessengerPlusUninstall"="C:\WINDOWS\system32\cmd.exe" [2004-08-03 23:56 388608] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 23:56 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-09-26 07:04:22 113664] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 00:01:04 83360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LCDPlayer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LCDPlayer.lnk backup=C:\WINDOWS\pss\LCDPlayer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Bolta^Favorites^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=C:\Documents and Settings\Bolta\Favorites\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] --a------ 2007-08-30 17:43 4670704 C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\SIERRA\\Half-Life\\hl.exe"= "C:\\Program Files\\Macromedia\\Flash MX\\Flash.exe"= "C:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"= "C:\\WINDOWS\\system32\\dplaysvr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Real\\RealOne Player\\realplay.exe"= "C:\\Program Files\\FlashGet\\flashget.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= R1 LIKECDN2;LIKECDN2;C:\WINDOWS\system32\DRIVERS\LIKECDN2.sys [2001-09-29 09:43] R2 XSPACEWG;XSPACEWG;C:\WINDOWS\system32\drivers\XSpaceWg.sys [2001-09-21 09:14] S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys [2002-05-10 22:31] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\Windows Live\Messenger\usnsvc.exe" [2007-10-18 11:31] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-02-27 22:45:53 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run SMSERIAL = sm56hlpr.exe? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-02-27 22:47:14 ComboFix-quarantined-files.txt 2008-02-27 21:46:54 . 2008-02-09 18:30:30 --- E O F ---

Profil

dr_Bora Poslao: 27 Feb 2008 23:21 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Potraži sledeći file: C:\WINDOWS\sm56hlpr.exe Ukoliko postoji, pošalji ga preko ranije korišćenog linka na proveru. Takođe, restartuj PC, privremeno isključi antivirus i ponovi Gmer/Rootkit skeniranje i napravi novi ComboFix log (samo pokreni CF i iskopiraj ovde log koji napravi).

Profil

bolta Poslao: 28 Feb 2008 00:05 Idi na vrh
offline bolta Novi MyCity građanin Pridružio: 12 Maj 2007 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.14.14116 - gmer.net Rootkit scan 2008-02-27 23:56:46 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- SSDT Vax347b.sys (Plug and Play BIOS Extension/ ) ZwClose [0xF77F3C58] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwConnectPort [0xF5A57040] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0xF5A53930] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateKey [0xF5A5EA80] SSDT Vax347b.sys (Plug and Play BIOS Extension/ ) ZwCreatePagingFile [0xF77E7C70] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0xF5A57510] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcess [0xF5A5D870] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcessEx [0xF5A5DAA0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateSection [0xF5A60FD0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0xF5A57600] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0xF5A53F20] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0xF5A5F6E0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteValueKey [0xF5A5F440] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDuplicateObject [0xF5A5D580] SSDT Vax347b.sys (Plug and Play BIOS Extension/ ) ZwEnumerateKey [0xF77E84FE] SSDT Vax347b.sys (Plug and Play BIOS Extension/ ) ZwEnumerateValueKey [0xF77F3D50] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0xF5A5F8B0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwMapViewOfSection [0xF5A61270] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0xF5A53D70] SSDT Vax347b.sys (Plug and Play BIOS Extension/ ) ZwOpenKey [0xF77F3BD4] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenProcess [0xF5A5D350] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenThread [0xF5A5D150] SSDT Vax347b.sys (Plug and Play BIOS Extension/ ) ZwQueryKey [0xF77E851E] SSDT Vax347b.sys (Plug and Play BIOS Extension/ ) ZwQueryValueKey [0xF77F3CA6] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRenameKey [0xF5A60250] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0xF5A5FCB0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRequestWaitReplyPort [0xF5A56C00] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRestoreKey [0xF5A60080] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSecureConnectPort [0xF5A57220] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0xF5A54120] SSDT Vax347b.sys (Plug and Play BIOS Extension/ ) ZwSetSystemPowerState [0xF77F34F0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetValueKey [0xF5A5F140] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwTerminateProcess [0xF5A5DCD0] ---- Kernel code sections - GMER 1.0.14 ---- .text ntoskrnl.exe!_abnormal_termination + 103 804E2DD4 16 Bytes [ 70, 7C, 7E, F7, 10, 75, A5, ... ] ? srescan.sys The system cannot find the file specified. ! ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F5A5BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F5A5C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F5A5C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F5A5BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F5A5BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F5A5BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F5A5C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F5A5C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F5A5BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F5A5C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F5A5C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F5A5BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F5A5C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F5A5BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F5A5C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateFile] [F5A69330] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F5A5BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F5A5BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F5A5C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F5A5C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F5A5BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F5A5BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F5A5C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F5A5C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtOpenFile] [F5A54670] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtSetInformationFile] [F5A545C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateFile] [F5A54770] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtCreateFile] [F5A542D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 83F83FB0 AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) Device \FileSystem\Fastfat \FatCdrom 83DB2DB0 Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \FileSystem\Rdbss \Device\FsWrap 83F6E980 Device \Driver\atapi \Device\Ide\IdePort0 83CEDCA8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 83CEDCA8 Device \Driver\atapi \Device\Ide\IdePort1 83CEDCA8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c 83CEDCA8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 83CEDCA8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 83CEDCA8 Device \FileSystem\Srv \Device\LanmanServer 83DE0308 Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 83DA1FB0 Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \FileSystem\MRxSmb \Device\LanmanRedirector 83DA1FB0 Device \FileSystem\Npfs \Device\NamedPipe 83DE0C98 Device \FileSystem\Msfs \Device\Mailslot 83E2F678 Device \Driver\Vax347s \Device\Scsi\Vax347s1 83D829E8 Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 83D829E8 Device \Driver\LIKECDN2 \Device\Scsi\LIKECDN21Port3Path0Target0Lun0 83DF3B48 Device \Driver\LIKECDN2 \Device\Scsi\LIKECDN21 83DF3B48 Device \FileSystem\Fastfat \Fat 83DB2DB0 AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer 83E1D328 Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer 83E1D328 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer 83E1D328 Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer 83E1D328 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer 83E1D328 Device \FileSystem\Cdfs \Cdfs 83F6E5C8 ---- Modules - GMER 1.0.14 ---- Module _________ F774A000-F7762000 (98304 bytes) ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40@ujdew 0x20 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40@ljej40 0x7D 0x5B 0x3D 0x69 ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}@DisplayName Alcohol 120% Reg HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE1126B64A90E8365B85CFCF6@ProductName Alcohol 120% ---- EOF - GMER 1.0.14 ---- Dopuna: 28 Feb 2008 0:05 ComboFix 08-02-25.3 - Bolta 2008-02-27 23:57:39.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.460 [GMT 1:00] Running from: C:\Documents and Settings\Bolta\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-01-27 to 2008-02-27 ))))))))))))))))))))))))))))))) . 2008-02-27 22:59 . 2008-02-27 22:59 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\trustroad 2008-02-27 20:40 . 2008-02-27 23:43 250 --a------ C:\WINDOWS\gmer.ini 2008-02-27 17:44 . 2008-02-27 17:48 <DIR> d-------- C:\ComboFix(2) 2008-02-27 14:10 . 2008-02-27 14:10 <DIR> d-------- C:\Program Files\THQ 2008-02-26 00:07 . 2008-02-26 00:07 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-26 00:07 . 2008-02-26 00:07 1,409 --a------ C:\WINDOWS\QTFont.for 2008-02-25 00:04 . 2008-02-25 00:04 <DIR> d-------- C:\Program Files\Creative 2008-02-25 00:04 . 2002-06-06 14:38 139,264 --a------ C:\WINDOWS\system32\eax.dll 2008-02-24 23:54 . 2008-02-25 00:16 <DIR> d-------- C:\Program Files\Mafia 2008-02-24 23:53 . 2003-04-09 10:28 233,472 -ra------ C:\WINDOWS\system32\MafiaSetup.exe 2008-02-24 10:30 . 2008-02-24 10:30 172 --ah----- C:\sqmnoopt03.sqm 2008-02-24 10:30 . 2008-02-24 10:30 172 --ah----- C:\sqmdata03.sqm 2008-02-24 10:26 . 2008-02-24 10:26 268 --ah----- C:\sqmdata02.sqm 2008-02-24 10:26 . 2008-02-24 10:26 244 --ah----- C:\sqmnoopt02.sqm 2008-02-24 00:43 . 2008-02-24 00:43 268 --ah----- C:\sqmdata00.sqm 2008-02-24 00:43 . 2008-02-24 00:43 244 --ah----- C:\sqmnoopt00.sqm 2008-02-24 00:43 . 2008-02-24 00:43 172 --ah----- C:\sqmnoopt01.sqm 2008-02-24 00:43 . 2008-02-24 00:43 172 --ah----- C:\sqmdata01.sqm 2008-02-22 23:11 . 2001-08-23 17:00 1,700,352 --a------ C:\WINDOWS\system32\gdiplus.dll 2008-02-22 22:48 . 2008-02-22 22:48 <DIR> d-------- C:\Program Files\Power Video Converter 2008-02-22 22:48 . 2008-02-22 22:48 <DIR> d-------- C:\movies 2008-02-22 22:48 . 2008-02-22 22:48 66 --a------ C:\WINDOWS\Power Video Converter.INI 2008-02-17 23:34 . 2008-02-17 23:34 <DIR> d-------- C:\Program Files\XviD 2008-02-17 23:33 . 2008-02-17 23:33 <DIR> d-------- C:\Program Files\DSD 2008-02-17 23:32 . 2008-02-17 23:32 <DIR> d-------- C:\Program Files\MatrixMixer 2008-02-17 23:32 . 2008-02-17 23:32 <DIR> d-------- C:\Program Files\AC3Filter 2008-02-17 23:32 . 2003-08-19 08:20 180,224 --a------ C:\WINDOWS\system32\ac3filter.cpl 2008-02-17 23:14 . 2008-02-17 23:14 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Media Player Classic 2008-02-15 19:25 . 2008-02-27 21:40 <DIR> d-------- C:\Program Files\GameSpy Arcade 2008-02-15 18:41 . 2008-02-15 18:41 <DIR> d-------- C:\Program Files\MC2 2008-02-15 15:21 . 2008-02-15 15:21 <DIR> d-------- C:\Program Files\LimeWire 2008-02-15 15:21 . 2008-02-26 00:00 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\LimeWire 2008-02-15 00:55 . 2008-02-22 23:00 <DIR> d-------- C:\Downloads 2008-02-14 03:20 . 2004-08-03 23:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-02-14 03:20 . 2008-02-22 22:48 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb 2008-02-14 03:20 . 2008-02-22 22:48 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb 2008-02-13 23:38 . 2008-02-21 23:53 <DIR> d-------- C:\Program Files\Super Internet TV 2008-02-13 23:38 . 2008-02-21 23:53 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-13 02:11 . 2002-02-18 10:22 139,536 --a------ C:\WINDOWS\system32\javaee.dll 2008-02-13 02:11 . 2002-02-18 10:23 46,352 --a------ C:\WINDOWS\setdebug.exe 2008-02-13 02:11 . 2002-02-18 07:55 7,315 --a------ C:\WINDOWS\system32\javasup.vxd 2008-02-13 02:11 . 2002-02-18 07:35 6,550 --a------ C:\WINDOWS\jautoexp.dat 2008-02-13 02:10 . 2008-02-13 02:10 <DIR> d-------- C:\Program Files\Microsoft VM 2008-02-13 02:10 . 2002-02-18 07:38 113 --a------ C:\WINDOWS\system32\zonedon.reg 2008-02-13 02:10 . 2002-02-18 07:38 113 --a------ C:\WINDOWS\system32\zonedoff.reg 2008-02-13 02:01 . 2008-02-13 02:01 <DIR> d-------- C:\WINDOWS\Sun 2008-02-13 01:56 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-02-13 01:55 . 2008-02-13 01:56 <DIR> d-------- C:\Program Files\Java 2008-02-13 01:50 . 2008-02-13 01:50 <DIR> d-------- C:\Program Files\Common Files\Java 2008-02-13 01:34 . 2008-02-13 01:34 <DIR> d-------- C:\Program Files\Common Files\PCSuite 2008-02-13 01:34 . 2008-02-13 01:34 <DIR> d-------- C:\Program Files\Common Files\Nokia 2008-02-13 01:32 . 2008-02-13 01:32 <DIR> d-------- C:\Program Files\PC Connectivity Solution 2008-02-13 01:31 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2008-02-13 01:31 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2008-02-13 01:31 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2008-02-13 01:31 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys 2008-02-13 01:31 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2008-02-13 01:28 . 2008-02-13 01:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations 2008-02-12 14:25 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb 2008-02-12 14:25 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb 2008-02-12 14:25 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb 2008-02-12 14:24 . 2008-02-13 15:26 <DIR> d-------- C:\Program Files\Windows Media Connect 2 2008-02-12 14:22 . 2008-02-26 00:06 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-02-11 01:50 . 2008-02-11 01:50 <DIR> d-------- C:\Program Files\FDRLab 2008-02-10 14:04 . 2008-02-11 20:29 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Screenshot Sender 2008-02-10 13:06 . 2008-02-25 15:47 <DIR> d-------- C:\Program Files\AIMP2 2008-02-10 08:51 . 2008-02-12 14:22 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-02-09 22:27 . 2008-02-11 01:07 <DIR> d-------- C:\Program Files\Soulseek 2008-02-09 20:06 . 2008-02-27 23:32 <DIR> d-------- C:\Program Files\FlashGet 2008-02-09 20:06 . 2004-08-03 22:14 359,040 --a------ C:\WINDOWS\system32\drivers\tcpip.sys.flg 2008-02-09 19:31 . 2008-02-09 19:31 <DIR> d-------- C:\Program Files\Messenger Plus! Live 2008-02-09 19:22 . 2008-02-09 19:22 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-02-09 18:48 . 2008-02-09 18:48 <DIR> d-------- C:\Program Files\Zone Labs 2008-02-09 18:47 . 2008-02-27 23:28 <DIR> d-------- C:\WINDOWS\Internet Logs 2008-02-09 17:36 . 2008-02-11 20:28 <DIR> d-------- C:\Documents and Settings\Bolta\Contacts 2008-02-09 17:10 . 2008-02-09 17:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2008-02-09 17:04 . 2008-02-13 02:02 1,279 --a------ C:\WINDOWS\mozver.dat 2008-02-09 17:00 . 2008-02-12 15:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-02-09 16:58 . 2008-02-09 17:31 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-02-09 16:58 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-02-09 16:58 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-02-09 16:58 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-02-09 16:57 . 2008-02-09 17:34 <DIR> d-------- C:\Program Files\Windows Live 2008-02-09 16:57 . 2008-02-09 17:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-09 16:36 . 2008-02-09 16:36 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\ICQ Toolbar 2008-02-09 16:27 . 2008-02-26 19:13 <DIR> d-------- C:\Program Files\ICQToolbar 2008-02-09 16:24 . 2008-02-09 16:24 <DIR> d-------- C:\Program Files\uTorrent 2008-02-09 16:23 . 2008-02-27 23:26 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\uTorrent 2008-02-09 16:05 . 2008-02-09 16:05 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Talkback 2008-02-09 16:05 . 2008-02-09 16:05 0 --a------ C:\WINDOWS\nsreg.dat 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\SpeedOptimizer 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\SpeedBit Video Accelerator 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\AskPBar 2008-01-28 19:11 . 2008-01-28 19:11 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Nokia Multimedia Player . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-27 22:28 1,447,149 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip 2008-02-27 13:09 6,572 ----a-w C:\WINDOWS\system32\drivers\CDSpace.cfg 2008-02-25 23:09 --------- d-----w C:\Documents and Settings\Bolta\Application Data\Nokia 2008-02-25 23:05 --------- d-----w C:\Documents and Settings\Bolta\Application Data\PC Suite 2008-02-25 23:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite 2008-02-20 01:30 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-17 22:33 --------- d-----w C:\Program Files\ffdshow 2008-02-17 22:32 --------- d-----w C:\Program Files\DivX 2008-02-15 19:50 --------- d-----w C:\Program Files\Winamp 2008-02-13 15:05 --------- d-----w C:\Program Files\Google 2008-02-13 00:36 --------- d-----w C:\Program Files\DIFX 2008-02-13 00:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-02-13 00:31 --------- d-----w C:\Program Files\Nokia 2008-02-11 21:28 --------- d-----w C:\Documents and Settings\Bolta\Application Data\AdobeUM 2008-02-11 14:44 --------- d-----w C:\Program Files\FLV Player 2008-02-09 18:40 --------- d-----w C:\Program Files\DAP 2008-02-09 16:53 --------- d-----w C:\Program Files\Real 2008-02-09 16:53 --------- d-----w C:\Program Files\Common Files\Real 2008-02-09 16:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-09 15:27 --------- d-----w C:\Program Files\ICQLite 2008-01-27 22:23 3,001 --sha-w C:\Documents and Settings\Bolta\ppUser.dat 2008-01-16 07:57 --------- d-----w C:\Documents and Settings\Bolta\Application Data\Yahoo! Messenger 2007-12-30 15:50 --------- d-----w C:\Program Files\EA GAMES 2007-12-30 15:49 --------- d-----w C:\Program Files\FireFly Studios 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-11-21 22:59 35,152 ----a-w C:\Documents and Settings\Bolta\Application Data\GDIPFONTCACHEV1.DAT 2004-09-26 06:08 8 --sh--r C:\WINDOWS\system32\CC68F50FD3.sys . ------- Sigcheck ------- 6a603809f598332dbedd535bdbce313e C:\WINDOWS\system32\drivers\tcpip.sys -c----w 332,928 2002-08-28 23:58:12 C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys ------w 359,040 2004-08-03 21:14:42 C:\WINDOWS\ServicePackFiles\i386\tcpip.sys ----a-w 359,040 2004-08-03 21:14:42 C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704] "Scr Less"="C:\DOCUME~1\Bolta\APPLIC~1\TRUSTR~1\PollFragEach.exe" [ ] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "SMSERIAL"="sm56hlpr.exe" [] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-02 23:19 98304] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480] "nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 09:44 249856] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44 81920] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-09 17:52 185896] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016] "Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-09-25 09:10 2007088] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 23:56 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-09-26 07:04:22 113664] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 00:01:04 83360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LCDPlayer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LCDPlayer.lnk backup=C:\WINDOWS\pss\LCDPlayer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Bolta^Favorites^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=C:\Documents and Settings\Bolta\Favorites\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] --a------ 2007-08-30 17:43 4670704 C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\SIERRA\\Half-Life\\hl.exe"= "C:\\Program Files\\Macromedia\\Flash MX\\Flash.exe"= "C:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"= "C:\\WINDOWS\\system32\\dplaysvr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Real\\RealOne Player\\realplay.exe"= "C:\\Program Files\\FlashGet\\flashget.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= R1 LIKECDN2;LIKECDN2;C:\WINDOWS\system32\DRIVERS\LIKECDN2.sys [2001-09-29 09:43] R2 XSPACEWG;XSPACEWG;C:\WINDOWS\system32\drivers\XSpaceWg.sys [2001-09-21 09:14] S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys [2002-05-10 22:31] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\Windows Live\Messenger\usnsvc.exe" [2007-10-18 11:31] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-02-27 23:59:04 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run SMSERIAL = sm56hlpr.exe? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-02-28 0:00:05 ComboFix-quarantined-files.txt 2008-02-27 22:59:38 . 2008-02-09 18:30:30 --- E O F ---

Profil

dr_Bora Poslao: 28 Feb 2008 20:09 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi li juče (pre poslednjeg pokretanja ComboFix-a) koristio System Restore za povratak sistema u neko ranije stanje?

Profil

bolta Poslao: 28 Feb 2008 23:56 Idi na vrh
offline bolta Novi MyCity građanin Pridružio: 12 Maj 2007 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nisam..ali sam reinstalirao MSN..

Profil

dr_Bora Poslao: 29 Feb 2008 19:02 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: Folder:: C:\Documents and Settings\Bolta\Application Data\trustroad C:\Program Files\AskPBar Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Scr Less"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SMSERIAL"=- [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{F4D76F01-7896-458a-890F-E1F05C46069F}"=- [-HKLM\SOFTWARE\Classes\CLSID\{F4D76F01-7896-458a-890F-E1F05C46069F}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

bolta Poslao: 29 Feb 2008 20:36 Idi na vrh
offline bolta Novi MyCity građanin Pridružio: 12 Maj 2007 Poruke: 15	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-03-01 - Bolta 2008-02-29 20:27:16.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.385 [GMT 1:00] Running from: C:\Documents and Settings\Bolta\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Bolta\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))) . 2008-02-29 14:53 . 2008-02-29 14:53 <DIR> d-------- C:\Program Files\SystemRequirementsLab 2008-02-29 14:53 . 2008-02-29 14:53 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\SystemRequirementsLab 2008-02-29 14:51 . 2008-02-29 14:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ubisoft 2008-02-29 14:24 . 2008-02-09 15:14 241,664 --a------ C:\Program Files\Uninstall Ask Toolbar.dll 2008-02-27 22:59 . 2008-02-27 22:59 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\trustroad 2008-02-27 20:40 . 2008-02-27 23:43 250 --a------ C:\WINDOWS\gmer.ini 2008-02-27 14:10 . 2008-02-27 14:10 <DIR> d-------- C:\Program Files\THQ 2008-02-25 00:04 . 2008-02-25 00:04 <DIR> d-------- C:\Program Files\Creative 2008-02-25 00:04 . 2002-06-06 14:38 139,264 --a------ C:\WINDOWS\system32\eax.dll 2008-02-24 23:53 . 2003-04-09 10:28 233,472 -ra------ C:\WINDOWS\system32\MafiaSetup.exe 2008-02-24 10:30 . 2008-02-24 10:30 172 --ah----- C:\sqmnoopt03.sqm 2008-02-24 10:30 . 2008-02-24 10:30 172 --ah----- C:\sqmdata03.sqm 2008-02-24 10:26 . 2008-02-24 10:26 268 --ah----- C:\sqmdata02.sqm 2008-02-24 10:26 . 2008-02-24 10:26 244 --ah----- C:\sqmnoopt02.sqm 2008-02-24 00:43 . 2008-02-24 00:43 268 --ah----- C:\sqmdata00.sqm 2008-02-24 00:43 . 2008-02-24 00:43 244 --ah----- C:\sqmnoopt00.sqm 2008-02-24 00:43 . 2008-02-24 00:43 172 --ah----- C:\sqmnoopt01.sqm 2008-02-24 00:43 . 2008-02-24 00:43 172 --ah----- C:\sqmdata01.sqm 2008-02-22 23:11 . 2001-08-23 17:00 1,700,352 --a------ C:\WINDOWS\system32\gdiplus.dll 2008-02-22 22:48 . 2008-02-22 22:48 <DIR> d-------- C:\Program Files\Power Video Converter 2008-02-22 22:48 . 2008-02-22 22:48 <DIR> d-------- C:\movies 2008-02-22 22:48 . 2008-02-22 22:48 66 --a------ C:\WINDOWS\Power Video Converter.INI 2008-02-17 23:34 . 2008-02-17 23:34 <DIR> d-------- C:\Program Files\XviD 2008-02-17 23:33 . 2008-02-17 23:33 <DIR> d-------- C:\Program Files\DSD 2008-02-17 23:32 . 2008-02-17 23:32 <DIR> d-------- C:\Program Files\MatrixMixer 2008-02-17 23:32 . 2008-02-17 23:32 <DIR> d-------- C:\Program Files\AC3Filter 2008-02-17 23:32 . 2003-08-19 08:20 180,224 --a------ C:\WINDOWS\system32\ac3filter.cpl 2008-02-17 23:14 . 2008-02-17 23:14 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Media Player Classic 2008-02-15 19:25 . 2008-02-29 16:46 <DIR> d-------- C:\Program Files\GameSpy Arcade 2008-02-15 18:41 . 2008-02-15 18:41 <DIR> d-------- C:\Program Files\MC2 2008-02-15 15:21 . 2008-02-15 15:21 <DIR> d-------- C:\Program Files\LimeWire 2008-02-15 15:21 . 2008-02-26 00:00 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\LimeWire 2008-02-15 00:55 . 2008-02-29 14:22 <DIR> d-------- C:\Downloads 2008-02-14 03:20 . 2004-08-03 23:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-02-14 03:20 . 2008-02-22 22:48 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb 2008-02-14 03:20 . 2008-02-22 22:48 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb 2008-02-13 23:38 . 2008-02-21 23:53 <DIR> d-------- C:\Program Files\Super Internet TV 2008-02-13 23:38 . 2008-02-21 23:53 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-13 02:11 . 2002-02-18 10:22 139,536 --a------ C:\WINDOWS\system32\javaee.dll 2008-02-13 02:11 . 2002-02-18 10:23 46,352 --a------ C:\WINDOWS\setdebug.exe 2008-02-13 02:11 . 2002-02-18 07:55 7,315 --a------ C:\WINDOWS\system32\javasup.vxd 2008-02-13 02:11 . 2002-02-18 07:35 6,550 --a------ C:\WINDOWS\jautoexp.dat 2008-02-13 02:10 . 2008-02-13 02:10 <DIR> d-------- C:\Program Files\Microsoft VM 2008-02-13 02:10 . 2002-02-18 07:38 113 --a------ C:\WINDOWS\system32\zonedon.reg 2008-02-13 02:10 . 2002-02-18 07:38 113 --a------ C:\WINDOWS\system32\zonedoff.reg 2008-02-13 02:01 . 2008-02-13 02:01 <DIR> d-------- C:\WINDOWS\Sun 2008-02-13 01:56 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-02-13 01:55 . 2008-02-13 01:56 <DIR> d-------- C:\Program Files\Java 2008-02-13 01:50 . 2008-02-13 01:50 <DIR> d-------- C:\Program Files\Common Files\Java 2008-02-13 01:34 . 2008-02-13 01:34 <DIR> d-------- C:\Program Files\Common Files\PCSuite 2008-02-13 01:34 . 2008-02-13 01:34 <DIR> d-------- C:\Program Files\Common Files\Nokia 2008-02-13 01:32 . 2008-02-13 01:32 <DIR> d-------- C:\Program Files\PC Connectivity Solution 2008-02-13 01:31 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2008-02-13 01:31 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2008-02-13 01:31 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2008-02-13 01:31 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys 2008-02-13 01:31 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2008-02-13 01:28 . 2008-02-13 01:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations 2008-02-12 14:25 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb 2008-02-12 14:25 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb 2008-02-12 14:25 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb 2008-02-12 14:24 . 2008-02-13 15:26 <DIR> d-------- C:\Program Files\Windows Media Connect 2 2008-02-12 14:22 . 2008-02-26 00:06 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-02-11 01:50 . 2008-02-11 01:50 <DIR> d-------- C:\Program Files\FDRLab 2008-02-10 14:04 . 2008-02-11 20:29 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Screenshot Sender 2008-02-10 13:06 . 2008-02-29 13:58 <DIR> d-------- C:\Program Files\AIMP2 2008-02-10 08:51 . 2008-02-12 14:22 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-02-09 22:27 . 2008-02-11 01:07 <DIR> d-------- C:\Program Files\Soulseek 2008-02-09 20:06 . 2008-02-29 20:25 <DIR> d-------- C:\Program Files\FlashGet 2008-02-09 20:06 . 2004-08-03 22:14 359,040 --a------ C:\WINDOWS\system32\drivers\tcpip.sys.flg 2008-02-09 19:31 . 2008-02-09 19:31 <DIR> d-------- C:\Program Files\Messenger Plus! Live 2008-02-09 19:22 . 2008-02-09 19:22 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-02-09 18:48 . 2008-02-09 18:48 <DIR> d-------- C:\Program Files\Zone Labs 2008-02-09 18:47 . 2008-03-01 20:27 <DIR> d-------- C:\WINDOWS\Internet Logs 2008-02-09 17:36 . 2008-02-11 20:28 <DIR> d-------- C:\Documents and Settings\Bolta\Contacts 2008-02-09 17:10 . 2008-02-09 17:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2008-02-09 17:04 . 2008-02-13 02:02 1,279 --a------ C:\WINDOWS\mozver.dat 2008-02-09 17:00 . 2008-02-12 15:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-02-09 16:58 . 2008-02-09 17:31 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-02-09 16:58 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-02-09 16:58 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-02-09 16:58 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-02-09 16:57 . 2008-02-09 17:34 <DIR> d-------- C:\Program Files\Windows Live 2008-02-09 16:57 . 2008-02-09 17:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-09 16:36 . 2008-02-09 16:36 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\ICQ Toolbar 2008-02-09 16:27 . 2008-02-28 20:40 <DIR> d-------- C:\Program Files\ICQToolbar 2008-02-09 16:24 . 2008-02-09 16:24 <DIR> d-------- C:\Program Files\uTorrent 2008-02-09 16:23 . 2008-03-01 20:27 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\uTorrent 2008-02-09 16:05 . 2008-02-09 16:05 <DIR> d-------- C:\Documents and Settings\Bolta\Application Data\Talkback 2008-02-09 16:05 . 2008-02-09 16:05 0 --a------ C:\WINDOWS\nsreg.dat 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\SpeedOptimizer 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\SpeedBit Video Accelerator 2008-02-09 15:14 . 2008-02-09 15:14 <DIR> d-------- C:\Program Files\AskPBar . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-29 13:36 --------- d-----w C:\Program Files\Sports Interactive 2008-02-29 13:31 --------- d-----w C:\Documents and Settings\Bolta\Application Data\NASA 2008-02-29 13:29 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-29 13:29 --------- d-----w C:\Program Files\Winamp 2008-02-27 22:28 1,447,149 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip 2008-02-27 13:09 6,572 ----a-w C:\WINDOWS\system32\drivers\CDSpace.cfg 2008-02-25 23:09 --------- d-----w C:\Documents and Settings\Bolta\Application Data\Nokia 2008-02-25 23:05 --------- d-----w C:\Documents and Settings\Bolta\Application Data\PC Suite 2008-02-25 23:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite 2008-02-20 01:30 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-17 22:33 --------- d-----w C:\Program Files\ffdshow 2008-02-17 22:32 --------- d-----w C:\Program Files\DivX 2008-02-13 15:05 --------- d-----w C:\Program Files\Google 2008-02-13 00:36 --------- d-----w C:\Program Files\DIFX 2008-02-13 00:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-02-13 00:31 --------- d-----w C:\Program Files\Nokia 2008-02-11 21:28 --------- d-----w C:\Documents and Settings\Bolta\Application Data\AdobeUM 2008-02-11 14:44 --------- d-----w C:\Program Files\FLV Player 2008-02-09 16:53 --------- d-----w C:\Program Files\Real 2008-02-09 16:53 --------- d-----w C:\Program Files\Common Files\Real 2008-02-09 15:27 --------- d-----w C:\Program Files\ICQLite 2008-01-28 18:11 --------- d-----w C:\Documents and Settings\Bolta\Application Data\Nokia Multimedia Player 2008-01-27 22:23 3,001 --sha-w C:\Documents and Settings\Bolta\ppUser.dat 2008-01-16 07:57 --------- d-----w C:\Documents and Settings\Bolta\Application Data\Yahoo! Messenger 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-11-21 22:59 35,152 ----a-w C:\Documents and Settings\Bolta\Application Data\GDIPFONTCACHEV1.DAT 2004-09-26 06:08 8 --sh--r C:\WINDOWS\system32\CC68F50FD3.sys . ------- Sigcheck ------- 6a603809f598332dbedd535bdbce313e C:\WINDOWS\system32\drivers\tcpip.sys -c----w 332,928 2002-08-28 23:58:12 C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys ------w 359,040 2004-08-03 21:14:42 C:\WINDOWS\ServicePackFiles\i386\tcpip.sys ----a-w 359,040 2004-08-03 21:14:42 C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] "Scr Less"="C:\DOCUME~1\Bolta\APPLIC~1\TRUSTR~1\PollFragEach.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "SMSERIAL"="sm56hlpr.exe" [] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-02 23:19 98304] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480] "nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 09:44 249856] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44 81920] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-09 17:52 185896] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016] "Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-09-25 09:10 2007088] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "MSConfig"="C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.exe" [2004-08-03 23:56 158208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 23:56 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-09-26 07:04:22 113664] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 00:01:04 83360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LCDPlayer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LCDPlayer.lnk backup=C:\WINDOWS\pss\LCDPlayer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Bolta^Favorites^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=C:\Documents and Settings\Bolta\Favorites\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] --a------ 2007-12-10 10:12 695808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] --a------ 2007-08-30 17:43 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\Macromedia\\Flash MX\\Flash.exe"= "C:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"= "C:\\WINDOWS\\system32\\dplaysvr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Real\\RealOne Player\\realplay.exe"= "C:\\Program Files\\FlashGet\\flashget.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= R1 LIKECDN2;LIKECDN2;C:\WINDOWS\system32\DRIVERS\LIKECDN2.sys [2001-09-29 09:43] R2 XSPACEWG;XSPACEWG;C:\WINDOWS\system32\drivers\XSpaceWg.sys [2001-09-21 09:14] R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\Windows Live\Messenger\usnsvc.exe" [2007-10-18 11:31] S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys [2002-05-10 22:31] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-03-01 20:32:33 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run SMSERIAL = sm56hlpr.exe? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-03-01 20:34:53 ComboFix-quarantined-files.txt 2008-03-01 19:33:31 . 2008-02-09 18:30:30 --- E O F ---

Profil

dr_Bora Poslao: 29 Feb 2008 21:11 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nešto nisi dobro uradio - molim te, da ponovi prethodni postupak.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Potrebna pomoc oko MSN-a

Ko je trenutno na forumu

Ukupno su 759 korisnika na forumu :: 53 registrovanih, 8 sakrivenih i 698 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., airsuba, aleksmajstor, alkatraz080, babaroga, BRATORIII, bufanje, cavatina, cifra, dane007, Denaya, DENIRO, djboj, Djokislav, doktor123, DonRumataEstorski, draganca, dulleo, Dvojac005, FOX, Gargantua, hyla, ivan1973, Kaplar2, Karla, kjkszpj, krkalon, Lubica, madza, Mercury, mikrimaus, Milan A. Nikolic, milenko crazy north, MiroslavD, nemkea71, nikoladim, opt1, Oscar, pacika, pein, Prometeus, rasok, repac, rovac, ruger357, S1Mk3, slonic_tonic, stankolich, uruk, Vatreni Zmaj, |_MeD_|, Žrnov

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by