Problem sa MSN-om i misem

1

Problem sa MSN-om i misem

offline
  • Mladen Lukić
  • Pridružio: 02 Apr 2009
  • Poruke: 1450
  • Gde živiš: Arilje

Napisano: 26 Jan 2010 23:40

http://www.mycity.rs/Chat-klijenti/Problem-sa-MSN-om-10.html to mi je bila prva tema, a sad imam i problem sa misom...

Problem je nastao kada sam skinuo nesto sa sajta na kom je se nalazila moja slika ( kao! ).. A od tada mi i mis ne radi tj samo strelica stane, znaci ne radi ni klik ni na misu ni na TouchPadu ni nista i onda klinkem na Alt+CTRL+Del i onda ( koristim Win7 ) se pojavi neki novi prozor i tu kliknem Cancel i onda proradi tj. cim se to otvori ( cim tu uspem da otvorim Cancel )

Koristim Nod32! Update je od 3. januara 2010.god.

Imam Telekomov ADSL 2mbit/s

Znaci prvo sam to skinuo, i onda je Windows Live messenger poludeo tj. pocinjao je da blica na momente, i utvrdio sam da kada blicne posalje se ista poruka nekome ko je odstupan na MSN-u... Poruka glasi "Foto Very Happy ( i neki tamo link sa mojim mailom u sebi )





DDS (Ver_09-12-01.01) - NTFSx86
Run by Miki at 23:26:10,80 on uto 26.01.2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_16
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.1907 [GMT 1:00]

AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Windows\infocard.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\PROGRA~1\Bandoo\BndCore.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Miki\Desktop\dds.com
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.freeart1cile.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [HDMICtrlMan] c:\program files\toshiba\hdmictrlman\HDMICtrlMan.exe
mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
mRun: [Firewall Administrating] infocard.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\miki\appdata\roaming\mozilla\firefox\profiles\96vabj05.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: c:\users\miki\appdata\roaming\mozilla\firefox\profiles\96vabj05.default\extensions\firefox@bandoo.com\components\FFPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-6 176128]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 ekrn;Eset Service;c:\program files\eset\eset smart security\ekrn.exe [2007-12-21 468224]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2010-1-25 4096]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI32.sys [2009-12-6 487936]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2009-7-13 52768]
R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-4-9 8192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-14 135664]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-11 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-11 369688]

=============== Created Last 30 ================

2010-01-26 11:05:09 31 ----a-w- c:\windows\system32\bbcap.err
2010-01-25 21:19:04 0 d-----w- c:\users\miki\appdata\roaming\Blueberry
2010-01-25 21:18:43 4608 ----a-w- c:\windows\system32\bbchlp.dll
2010-01-25 21:18:43 4096 ----a-w- c:\windows\system32\drivers\bbcap.sys
2010-01-25 21:18:43 30720 ----a-w- c:\windows\system32\bbcap.dll
2010-01-25 21:18:29 0 d-----w- c:\users\miki\appdata\roaming\LogSys
2010-01-25 21:18:28 0 d-----w- c:\windows\system32\ShellDD
2010-01-25 21:18:28 0 d-----w- c:\programdata\LogSys
2010-01-25 21:18:19 0 d-----w- c:\program files\common files\Blueberry Software
2010-01-25 21:18:19 0 d-----w- c:\program files\Blueberry Software
2010-01-25 21:18:05 0 dc-h--w- c:\programdata\{A8BE947D-B37D-4AEE-9D42-E65E5AC9C1B1}
2010-01-24 12:31:34 123022 --sh--r- c:\windows\infocard.exe
2010-01-17 00:38:09 0 d--h--r- C:\'
2010-01-16 15:24:54 0 d-----w- c:\program files\URUSoft
2010-01-16 13:33:14 0 d-----w- c:\program files\VITSOFT
2010-01-14 13:41:46 0 d-----w- c:\program files\common files\Symantec Shared
2010-01-12 17:48:42 0 d-----w- c:\windows\system32\drivers\NSS
2010-01-12 17:48:42 0 d-----w- c:\programdata\Norton
2010-01-12 17:48:42 0 d-----w- c:\program files\Norton Security Scan
2010-01-12 17:48:41 0 d-----w- c:\programdata\Symantec
2010-01-12 17:48:40 0 d-----w- c:\programdata\NortonInstaller
2010-01-12 17:48:40 0 d-----w- c:\program files\NortonInstaller
2010-01-12 14:48:10 0 d-----w- c:\windows\system32\Adobe
2010-01-11 15:43:28 0 d-----w- c:\users\miki\appdata\roaming\Bandoo
2010-01-11 15:42:35 0 d-----w- c:\programdata\Bandoo
2010-01-11 15:42:03 0 d-----w- c:\program files\Bandoo
2010-01-09 16:24:13 0 d-----w- c:\program files\YouTube Downloader
2010-01-07 23:17:16 0 d-----w- c:\users\miki\appdata\roaming\LEGO Company
2010-01-07 23:17:09 0 d-----w- c:\program files\LEGO Company
2010-01-06 19:25:20 0 d-----w- c:\program files\WBFS
2010-01-05 12:06:37 0 d-----w- c:\program files\VirtualDub
2010-01-03 17:59:13 131072 ---ha-w- c:\windows\DUMP12ce.DMP
2010-01-03 00:32:14 131072 ---ha-w- c:\windows\DUMP6a50.DMP
2010-01-01 22:50:21 0 d-----w- c:\program files\Readon Technology
2009-12-31 00:26:15 0 d-----w- c:\users\miki\appdata\roaming\ABCMedia
2009-12-31 00:25:17 0 d-----w- c:\programdata\VOWSoft
2009-12-31 00:25:05 0 d-----w- c:\program files\All To Mobile Video Converter
2009-12-31 00:17:26 0 d-----w- c:\program files\YouTube Downloader 3000
2009-12-30 16:51:36 0 ---ha-w- c:\windows\SwSys2.bmp
2009-12-30 16:51:36 0 ---ha-w- c:\windows\SwSys1.bmp
2009-12-30 16:51:25 0 d-----w- c:\program files\Game_Maker7
2009-12-28 21:31:46 0 d-----w- c:\users\miki\appdata\roaming\Farm Mania
2009-12-28 21:31:14 0 d-----w- c:\program files\Farm Mania
2009-12-28 09:44:47 0 d-----w- c:\programdata\Kristanix Games
2009-12-28 09:44:17 0 d-----w- c:\program files\Games

==================== Find3M ====================

2009-12-06 17:26:58 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-06 16:48:20 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-02 19:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 04:48:52 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-29 04:48:52 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 23:26:46,52 ===============








https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 26 Jan 2010 23:46

http://www.mycity.rs/Ambulanta/MSN-virus-6.html Isti ovakav problem samo nisam skinuo sa istog linka...

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...




Arrow Preuzmi program OTM na Desktop.

Dvoklikom pokreni OTM.exe

U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:

:processes
infocard.exe

:files
c:\windows\infocard.exe

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Firewall Administrating"=-


Klikni MoveIt!

Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.


Ukoliko se pojavi upit:

Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?


kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.

Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.

offline
  • Mladen Lukić
  • Pridružio: 02 Apr 2009
  • Poruke: 1450
  • Gde živiš: Arilje

========== PROCESSES ==========
No active process named infocard.exe was found!
========== FILES ==========
File/Folder c:\windows\infocard.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Firewall Administrating not found.

OTM by OldTimer - Version 3.1.7.0 log created on 01272010_170514

I to je to... Inace ovaj upit za Restart se nije pojavljivao...

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Hajde da pogodim; PC si nečim skenirao nakon postavljanja logova?

offline
  • Mladen Lukić
  • Pridružio: 02 Apr 2009
  • Poruke: 1450
  • Gde živiš: Arilje

Nisam... Zadnje sto sam skenirao bilo je bas u vreme postavljanja moje prethodne teme...Tacno vreme i datum: 25 Jan 2010 22:39 ... I pre jedno 5 dana sa Vit Registry Fix-om... Jedino ako je NOD sam nasao i obrisao ( ako su to bili neki virusi? ) ... Inace danas ceo dan mi se mis nije kocio... Znaci zadnje kad je se kocio je bilo sinoc ...

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Postavi svež DDS.txt...

offline
  • Mladen Lukić
  • Pridružio: 02 Apr 2009
  • Poruke: 1450
  • Gde živiš: Arilje

DDS (Ver_09-12-01.01) - NTFSx86
Run by Miki at 20:15:53,74 on sre 27.01.2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_16
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.1933 [GMT 1:00]

AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\PROGRA~1\Bandoo\BndCore.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Miki\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.freeart1cile.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [HDMICtrlMan] c:\program files\toshiba\hdmictrlman\HDMICtrlMan.exe
mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\miki\appdata\roaming\mozilla\firefox\profiles\96vabj05.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: c:\users\miki\appdata\roaming\mozilla\firefox\profiles\96vabj05.default\extensions\firefox@bandoo.com\components\FFPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-6 176128]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 ekrn;Eset Service;c:\program files\eset\eset smart security\ekrn.exe [2007-12-21 468224]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2010-1-25 4096]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI32.sys [2009-12-6 487936]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2009-7-13 52768]
R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-4-9 8192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-14 135664]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-11 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-11 369688]

=============== Created Last 30 ================

2010-01-27 16:05:14 0 d-----w- C:\_OTM
2010-01-26 11:05:09 31 ----a-w- c:\windows\system32\bbcap.err
2010-01-25 21:19:04 0 d-----w- c:\users\miki\appdata\roaming\Blueberry
2010-01-25 21:18:43 4608 ----a-w- c:\windows\system32\bbchlp.dll
2010-01-25 21:18:43 4096 ----a-w- c:\windows\system32\drivers\bbcap.sys
2010-01-25 21:18:43 30720 ----a-w- c:\windows\system32\bbcap.dll
2010-01-25 21:18:29 0 d-----w- c:\users\miki\appdata\roaming\LogSys
2010-01-25 21:18:28 0 d-----w- c:\windows\system32\ShellDD
2010-01-25 21:18:28 0 d-----w- c:\programdata\LogSys
2010-01-25 21:18:19 0 d-----w- c:\program files\common files\Blueberry Software
2010-01-25 21:18:19 0 d-----w- c:\program files\Blueberry Software
2010-01-25 21:18:05 0 dc-h--w- c:\programdata\{A8BE947D-B37D-4AEE-9D42-E65E5AC9C1B1}
2010-01-17 00:38:09 0 d--h--r- C:\'
2010-01-16 15:24:54 0 d-----w- c:\program files\URUSoft
2010-01-16 13:33:14 0 d-----w- c:\program files\VITSOFT
2010-01-14 13:41:46 0 d-----w- c:\program files\common files\Symantec Shared
2010-01-12 17:48:42 0 d-----w- c:\windows\system32\drivers\NSS
2010-01-12 17:48:42 0 d-----w- c:\programdata\Norton
2010-01-12 17:48:42 0 d-----w- c:\program files\Norton Security Scan
2010-01-12 17:48:41 0 d-----w- c:\programdata\Symantec
2010-01-12 17:48:40 0 d-----w- c:\programdata\NortonInstaller
2010-01-12 17:48:40 0 d-----w- c:\program files\NortonInstaller
2010-01-12 14:48:10 0 d-----w- c:\windows\system32\Adobe
2010-01-11 15:43:28 0 d-----w- c:\users\miki\appdata\roaming\Bandoo
2010-01-11 15:42:35 0 d-----w- c:\programdata\Bandoo
2010-01-11 15:42:03 0 d-----w- c:\program files\Bandoo
2010-01-09 16:24:13 0 d-----w- c:\program files\YouTube Downloader
2010-01-07 23:17:16 0 d-----w- c:\users\miki\appdata\roaming\LEGO Company
2010-01-07 23:17:09 0 d-----w- c:\program files\LEGO Company
2010-01-06 19:25:20 0 d-----w- c:\program files\WBFS
2010-01-05 12:06:37 0 d-----w- c:\program files\VirtualDub
2010-01-03 17:59:13 131072 ---ha-w- c:\windows\DUMP12ce.DMP
2010-01-03 00:32:14 131072 ---ha-w- c:\windows\DUMP6a50.DMP
2010-01-01 22:50:21 0 d-----w- c:\program files\Readon Technology
2009-12-31 00:26:15 0 d-----w- c:\users\miki\appdata\roaming\ABCMedia
2009-12-31 00:25:17 0 d-----w- c:\programdata\VOWSoft
2009-12-31 00:25:05 0 d-----w- c:\program files\All To Mobile Video Converter
2009-12-31 00:17:26 0 d-----w- c:\program files\YouTube Downloader 3000
2009-12-30 16:51:36 0 ---ha-w- c:\windows\SwSys2.bmp
2009-12-30 16:51:36 0 ---ha-w- c:\windows\SwSys1.bmp
2009-12-30 16:51:25 0 d-----w- c:\program files\Game_Maker7
2009-12-28 21:31:46 0 d-----w- c:\users\miki\appdata\roaming\Farm Mania
2009-12-28 21:31:14 0 d-----w- c:\program files\Farm Mania

==================== Find3M ====================

2009-12-06 17:26:58 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-06 16:48:20 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-02 19:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 20:16:18,29 ===============


https://www.mycity.rs/must-login.png

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Crv koji je postojao, više nije tu, tako da... Reklo bi se da smo ovde gotovi.

offline
  • Mladen Lukić
  • Pridružio: 02 Apr 2009
  • Poruke: 1450
  • Gde živiš: Arilje

Je l' treba neka deinstalacija???

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ne, samo obriši korišćene programe.

Ko je trenutno na forumu
 

Ukupno su 1016 korisnika na forumu :: 57 registrovanih, 7 sakrivenih i 952 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, _Rade, arsa, babaroga, bojank, dane007, dankisha, DeerHunter, djboj, Djokkinen, Doca, doklevise, DonRumataEstorski, Dorcolac, dule10savic, GandorCC, gorican, havoc995, ikan, Istman, Još malo pa deda, Klecaviks, KOV, Krusarac, kunktator, kybonacci, lord sir giga, LUDI, Luka Blažević, mercedesamg, Metanoja, mgolub, milenko crazy north, MiroslavD, Misirac, mnn2, mrav pesadinac, Nemanja.M, nemkea71, Neretva, oldtimer, pein, S2M, sap, sasa87, slonic_tonic, Stoilkovic, tubular, vathra, VJ, vladulns, voja64, Volkhov-M, Wrangler, yufighter, zlaya011, 79693