MyCity » Ambulanta -> Arhiva Ambulante » Provjera Log-a

Provjera Log-a

Napisano na dan: 23.1.2009

Provjera Log-a

Sledeća strana

Pagination

Odgovori

Nyquist Poslao: 23 Jan 2009 18:52 Idi na vrh
offline Nyquist Građanin Pridružio: 20 Nov 2008 Poruke: 102 Gde živiš: Budva	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Danas sam bio kod druga i uporno prijavljuje virus 32/Bizex.worm.dll na njegov komp koji nema neta. Evo log: ComboFix 09-01-21.04 - Shizofrenia 2009-01-23 18:19:29.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.126 [GMT 1:00] Running from: c:\documents and settings\Shizofrenia\Desktop\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Updated) FW: Sygate Personal Firewall Pro enabled * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Shizofrenia\Favorites\Download programs.url c:\documents and settings\Shizofrenia\Favorites\Games.url c:\documents and settings\Shizofrenia\Favorites\Translator.url c:\documents and settings\Shizofrenia\Favorites\Videos.url c:\documents and settings\Shizofrenia\Start Menu\Programs\Adzgalore Games Collection c:\documents and settings\Shizofrenia\Start Menu\Programs\Adzgalore Games Collection\Bob and Bill adventures - Wild Hunting.lnk c:\documents and settings\Shizofrenia\Start Menu\Programs\Adzgalore Games Collection\Crazy Blocks.lnk c:\documents and settings\Shizofrenia\Start Menu\Programs\Adzgalore Games Collection\Lines.lnk c:\documents and settings\Shizofrenia\Start Menu\Programs\Adzgalore Games Collection\The Battles Of Helicopters.lnk c:\documents and settings\Shizofrenia\Start Menu\Programs\Adzgalore Games Collection\Video Pool.lnk c:\documents and settings\Shizofrenia\Start Menu\Programs\Download programs.url c:\documents and settings\Shizofrenia\Start Menu\Programs\Translator.url c:\documents and settings\Shizofrenia\Start Menu\Programs\Videos.url c:\program files\Adzgalore Games Collection c:\program files\Adzgalore Games Collection\BattlesOfHelicopters.exe c:\program files\Adzgalore Games Collection\BobAndBill.exe c:\program files\Adzgalore Games Collection\CrazyBlocks.exe c:\program files\Adzgalore Games Collection\Lines.exe c:\program files\Adzgalore Games Collection\uninstall.exe c:\program files\Adzgalore Games Collection\VideoPool.exe c:\windows\system32\Microsoft\backup.ftp . ((((((((((((((((((((((((( Files Created from 2008-12-23 to 2009-01-23 ))))))))))))))))))))))))))))))) . 2009-01-23 09:24 . 2009-01-23 09:24 <DIR> d-------- c:\windows\LastGood 2009-01-23 09:24 . 2009-01-23 09:24 <DIR> d-------- c:\program files\Symantec 2009-01-23 09:24 . 2009-01-23 09:24 <DIR> d-------- c:\program files\Common Files\Symantec Shared 2009-01-23 09:24 . 2009-01-23 09:24 124,464 --a------ c:\windows\system32\drivers\SYMEVENT.SYS 2009-01-23 09:24 . 2009-01-23 09:24 60,808 --a------ c:\windows\system32\S32EVNT1.DLL 2009-01-23 09:24 . 2009-01-23 09:23 35,888 -ra------ c:\windows\system32\drivers\SymIM.sys 2009-01-23 09:24 . 2009-01-23 09:24 10,635 --a------ c:\windows\system32\drivers\SYMEVENT.CAT 2009-01-23 09:24 . 2009-01-23 09:24 806 --a------ c:\windows\system32\drivers\SYMEVENT.INF 2009-01-23 09:18 . 2009-01-23 09:18 <DIR> d-------- c:\windows\system32\drivers\NIS 2009-01-23 09:18 . 2009-01-23 09:18 <DIR> d-------- c:\program files\Windows Sidebar 2009-01-23 09:18 . 2009-01-23 09:19 <DIR> d-------- c:\program files\Norton Internet Security 2009-01-23 09:18 . 2009-01-23 09:28 <DIR> d-------- c:\documents and settings\All Users\Application Data\Symantec 2009-01-23 09:18 . 2009-01-23 09:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\Norton 2009-01-23 09:17 . 2009-01-23 09:17 <DIR> d-------- c:\program files\NortonInstaller 2009-01-23 09:17 . 2009-01-23 09:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-01-23 08:53 . 2009-01-23 08:53 <DIR> d-------- c:\program files\Microsoft Silverlight 2009-01-22 19:06 . 2009-01-22 19:06 <DIR> d-------- c:\program files\Uniblue 2009-01-22 19:06 . 2009-01-22 19:06 <DIR> d-------- c:\documents and settings\Shizofrenia\Application Data\Uniblue 2009-01-22 19:05 . 2009-01-22 19:06 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81} 2009-01-21 19:51 . 2009-01-21 19:51 <DIR> d-------- c:\program files\ODEON 2009-01-21 19:07 . 2009-01-21 19:07 1,859,584 --a------ c:\windows\system32\FLSINST.DLL 2009-01-21 19:07 . 2009-01-21 19:07 4,263 --a------ c:\windows\system32\FLSINSTU.INI 2009-01-21 19:07 . 2008-08-19 10:53 1,115 --a------ c:\windows\setup.iss 2009-01-21 17:31 . 1999-05-10 13:16 29,246 -ra------ c:\windows\system32\DK2WN95.386 2009-01-21 17:31 . 2001-03-01 06:54 12,965 -ra------ c:\windows\system32\DK2DRVS.isu 2009-01-21 17:28 . 2009-01-21 17:28 <DIR> d-------- c:\program files\Common Files\DESkey 2009-01-21 17:28 . 2009-01-21 17:28 92,984 --a------ c:\windows\system32\DNClnt32.dll 2009-01-21 17:28 . 2009-01-21 17:28 92,984 --a------ c:\windows\system32\dkcpanel.exe 2009-01-21 17:28 . 2009-01-21 17:28 89,400 --a------ c:\windows\system32\DNCP32.DLL 2009-01-21 17:28 . 2009-01-21 17:28 64,312 --a------ c:\windows\system32\vercp32.dll 2009-01-21 17:28 . 2009-01-21 17:28 60,216 --a------ c:\windows\system32\DESkey32.cpl 2009-01-21 17:28 . 2009-01-21 17:28 14,856 --a------ c:\windows\system32\drivers\dkpccard.sys 2009-01-21 17:28 . 2009-01-21 17:28 11,576 --a------ c:\windows\system32\DKCLINST.DLL 2009-01-21 17:28 . 2009-01-21 17:28 9,227 --a------ c:\windows\system32\DNCP32.HLP 2009-01-21 17:28 . 2009-01-21 17:28 6,013 --a------ c:\windows\system32\DESkey32.hlp 2009-01-17 18:10 . 2009-01-17 18:35 <DIR> d-------- c:\documents and settings\Shizofrenia\Desktop(2) 2009-01-16 02:40 . 2009-01-16 03:08 285,548,739 --a------ C:\cs16full-v7.exe 2009-01-15 07:16 . 2009-01-15 07:16 <DIR> d-------- c:\program files\Common Files\Windows Live 2008-12-29 04:06 . 2009-01-23 05:08 <DIR> d-------- c:\documents and settings\Shizofrenia\Application Data\skypePM 2008-12-29 04:06 . 2008-12-29 04:06 56 --ah----- c:\windows\system32\ezsidmv.dat 2008-12-29 04:03 . 2009-01-23 05:09 <DIR> d-------- c:\documents and settings\Shizofrenia\Application Data\Skype 2008-12-29 04:02 . 2008-12-29 04:02 <DIR> d-------- c:\program files\Skype 2008-12-29 04:02 . 2008-12-29 04:02 <DIR> d-------- c:\program files\Common Files\Skype 2008-12-29 04:00 . 2008-12-29 04:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-23 17:25 --------- d-----w c:\program files\mIRC 2009-01-23 08:04 --------- d-----w c:\documents and settings\Shizofrenia\Application Data\uTorrent 2009-01-21 18:07 --------- d-----w c:\program files\Nokia 2009-01-20 19:14 --------- d-----w c:\program files\TuneUp Utilities 2007 2009-01-20 04:18 --------- d-----w c:\program files\DivX 2009-01-19 18:19 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-01-19 18:16 --------- d-----w c:\program files\Common Files\Nokia 2009-01-16 02:09 --------- d-----w c:\program files\Valve 2009-01-10 16:36 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-08 18:05 42,496 ----a-w c:\windows\system32\ftp.exe 2009-01-05 11:43 --------- d-----w c:\documents and settings\Shizofrenia\Application Data\mIRC 2008-12-22 11:26 410,984 ----a-w c:\windows\system32\deploytk.dll 2008-12-22 11:26 --------- d-----w c:\program files\Java 2008-12-14 04:12 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-12-14 00:32 --------- d-----w c:\program files\NJ Soft 2008-12-12 18:04 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2008-12-12 18:04 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2008-12-03 00:33 --------- d-----w c:\documents and settings\Shizofrenia\Application Data\Any Video Converter 2008-12-03 00:18 --------- d-----w c:\program files\Any Video Converter 2008-11-06 16:35 200,704 ----a-w c:\windows\system32\ssldivx.dll 2008-11-06 16:35 1,044,480 ----a-w c:\windows\system32\libdivx.dll 2008-10-23 12:51 284,160 ----a-w c:\windows\system32\gdi32.dll 2009-01-05 01:34 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll 2009-01-05 01:34 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll 2009-01-05 01:34 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll 2009-01-05 01:35 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll 2009-01-05 01:35 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll 2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll 2007-12-19 21:30 16,384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat 2007-12-19 21:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat 2007-12-19 21:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007121920071220\index.dat 2007-12-19 21:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat . ------- Sigcheck ------- 2008-04-14 01:12 14336 27c6d03bcdb8cfeb96b716f3d8be3e18 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 c:\windows\system32\svchost.exe 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 c:\windows\system32\dllcache\svchost.exe 2008-04-14 01:12 82432 2ccc474eb85ceaa3e1fa1726580a3e5a c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 c:\windows\system32\ws2_32.dll 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 c:\windows\system32\dllcache\ws2_32.dll 2008-06-20 12:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys 2008-06-20 12:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys 2007-03-21 11:10 360704 e6b15bcc470953e600ef7aded3cab142 c:\windows\$NtUninstallKB941644$\tcpip.sys 2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows\$NtUninstallKB951748$\tcpip.sys 2008-04-13 20:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys 2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\system32\dllcache\tcpip.sys 2008-06-20 11:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\system32\drivers\tcpip.sys 2008-04-14 01:12 507904 ed0ef0a136dec83df69f04118870003e c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe c:\windows\system32\winlogon.exe 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe c:\windows\system32\dllcache\winlogon.exe 2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\dllcache\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\drivers\ndis.sys 2008-04-13 19:53 36608 3bb22519a194418d5fec05d800a19ad0 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\dllcache\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\drivers\ip6fw.sys 2008-04-14 01:12 108544 0e776ed5f7cc9f94299e70461b7b8185 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\system32\services.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\system32\dllcache\services.exe 2008-04-14 01:12 13312 bf2466b3e18e970d8a976fb95fc1ca85 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 c:\windows\system32\lsass.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 c:\windows\system32\dllcache\lsass.exe 2008-04-14 01:12 15360 5f1d5f88303d4a4dbc8e5f97ba967cc3 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ctfmon.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 c:\windows\system32\ctfmon.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 c:\windows\system32\dllcache\ctfmon.exe 2008-04-14 01:12 26112 a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe 2004-08-04 00:56 24576 39b1ffb03c2296323832acbae50d2aff c:\windows\system32\userinit.exe 2004-08-04 00:56 24576 39b1ffb03c2296323832acbae50d2aff c:\windows\system32\dllcache\userinit.exe 2008-04-14 01:12 17408 50a166237a0fa771261275a405646cc0 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\powrprof.dll 2004-08-04 00:56 17408 1b5f6923abb450692e9fe0672c897aed c:\windows\system32\powrprof.dll 2004-08-04 00:56 17408 1b5f6923abb450692e9fe0672c897aed c:\windows\system32\dllcache\powrprof.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2007-03-21 1694208] "Google Update"="c:\documents and settings\Shizofrenia\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-20 133104] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320] "Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [2008-08-26 2019624] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-09-24 949376] "SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2005-09-27 2635472] "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-22 136600] "BearShare"="c:\program files\BearShare\BearShare.exe" [2006-07-26 3305472] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-10-29 4620288] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-10-29 86016] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576] "nwiz"="nwiz.exe" [2004-10-29 c:\windows\system32\nwiz.exe] "Realtime Audio Engine"="mmrtkrnl.exe" [2008-06-23 c:\windows\system32\mmrtkrnl.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "IE7-11"="advpack.dll" [2008-10-16 c:\windows\system32\advpack.dll] c:\documents and settings\Shizofrenia\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] c:\documents and settings\All Users\Start Menu\Programs\Startup\ America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2008-04-03 36953] AOL Companion.lnk - c:\program files\AOL Companion\companion.exe [2008-04-03 229450] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll "vidc.ffds"= c:\program files\ffdshow\ffdshow.ax [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.078\SymEFA.sys [2009-01-23 308064] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2007-09-24 77312] R0 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [2007-09-24 140800] R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [2007-09-24 5504] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.078\BHDrvx86.sys [2009-01-23 254512] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.078\ccHPx86.sys [2009-01-23 361320] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080822.001\IDSxpx86.sys [2009-01-23 274808] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-09-24 15424] R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] R4 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.120\ccSvcHst.exe [2009-01-23 115560] S1 dk2drv;DK2 WindowsNT Driver;\??\c:\windows\SYSTEM32\Drivers\dk2drv.sys --> c:\windows\SYSTEM32\Drivers\dk2drv.sys [?] S3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2007-08-02 22784] --- Other Services/Drivers In Memory --- NewlyCreated - BHDRVX86 NewlyCreated - CCHP NewlyCreated - IDSXPX86 NewlyCreated - NAVENG NewlyCreated - NAVEX15 NewlyCreated - NORTON_INTERNET_SECURITY NewlyCreated - SRTSP NewlyCreated - SRTSPX NewlyCreated - SYMDNS NewlyCreated - SYMEFA NewlyCreated - SYMEVENT NewlyCreated - SYMFW NewlyCreated - SYMIDS NewlyCreated - SYMNDIS NewlyCreated - SYMREDRV NewlyCreated - SYMTDI Deregistered - SYMDNS Deregistered - SYMFW Deregistered - SYMIDS Deregistered - SYMNDIS Deregistered - SYMREDRV HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f8cc6ee-24e0-11dd-89bc-00038a000015}] \Shell\Auto\command - E:\auto.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe \Shell\explore\Command - E:\RavMon.exe -e \Shell\open\Command - E:\RavMon.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbc54acf-5333-11dd-8a2b-00038a000015}] \Shell\AutoRun\command - D:\zerlsefl.exeqymubwzc.exe \Shell\explore\Command - D:\zerlsefl.exeqymubwzc.exe \Shell\open\Command - D:\zerlsefl.exeqymubwzc.exe . Contents of the 'Scheduled Tasks' folder 2009-01-23 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 18:35] 2009-01-17 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-57989841-839522115-1003.job - c:\documents and settings\Shizofrenia\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-20 01:37] 2009-01-23 c:\windows\Tasks\XoftSpySE 2.job - c:\program files\XoftSpySE\XoftSpy.exe [2007-09-24 05:41] 2009-01-20 c:\windows\Tasks\XoftSpySE.job - c:\program files\XoftSpySE\XoftSpy.exe [2007-09-24 05:41] . - - - - ORPHANS REMOVED - - - - HKLM-Run-Cmaudio - cmicnfg.cpl . ------- Supplementary Scan ------- . uStart Page = hxxp://www.msn.com mStart Page = hxxp://www.msn.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll TCP: {189CE2CD-8722-4DC0-ACBF-6BD9E2400BE6} = 195.160.66.1 TCP: {40658BEC-272C-4BF9-8528-E4209D6F7C1C} = 195.66.160.1 195.66.160.2 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab FF - ProfilePath - c:\documents and settings\Shizofrenia\Application Data\Mozilla\Firefox\Profiles\6c4eduxq.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p= FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-23 18:24:32 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.120\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.120\diMaster.dll\" /prefetch:1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant] "ImagePath"="" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(884) c:\windows\system32\imon.dll . Completion time: 2009-01-23 18:29:37 ComboFix-quarantined-files.txt 2009-01-23 17:29:31 Pre-Run: 43,166,941,184 bytes free Post-Run: 47,395,876,864 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 326 --- E O F --- 2008-12-21 04:01:37

Profil

dr_Bora Poslao: 23 Jan 2009 20:09 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Log? Piše negde da se postavi baš taj log? Pogledaj izdvojene teme... Isprati uputstvo za otvaranje teme. Pomoć dobiješ čim nam daš sve potrebne informacije za pružanje iste.

Profil

Nyquist Poslao: 23 Jan 2009 20:25 Idi na vrh
offline Nyquist Građanin Pridružio: 20 Nov 2008 Poruke: 102 Gde živiš: Budva	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Boro slobodno zatvori ovu temu, taj sistem više ne postoji. Drug ga je već reinstalirao uprkos mojem protivljenju da to ne radi a pošto je to njegov računar može da radi šta hoće i izvinjavam ti se zbog ne poštovanja pravila jer ih nisam pročitao bio.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera Log-a

Ko je trenutno na forumu

Ukupno su 953 korisnika na forumu :: 25 registrovanih, 9 sakrivenih i 919 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, Bobrock1, ccoogg123, darkojbn, DonRumataEstorski, Dukelander, Fabius, ginjica, hyla, kolle.the.kid, kuntalo, milutin134, pein, Rakenica, S-lash, S2M, Shinobi, Srle993, Trpe Grozni, Tvrtko I, vladaa012, ZetaMan, |_MeD_|, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by